last executing test programs:

1m6.62328537s ago: executing program 1 (id=680):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x80000)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x40)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', 0x0, 0x8002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$cgroup_freezer_state(r4, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r6, &(0x7f00000000c0)='FROZEN\x00', 0x7)
r7 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
socket$kcm(0x2, 0x1000000000000005, 0x0)

1m5.704480917s ago: executing program 1 (id=684):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x149000, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r2, 0xc4c03d12, &(0x7f0000000040)={0x19, 0x1})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='trusted.syz\x00')
lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='system.posix_acl_default\x00')
syz_fuse_handle_req(r5, &(0x7f0000006400)="7f73a2cec5d0db4d420442fce4e4191e2ed112a607e662fc1eeef7926d41c5a0f91c64de08fcd231ba34fb2b58307d834cc83ce0f3908b5333fec9af958c900344d938cfa948f432dd5acb1a7a73bdba45cd411b82f7fed6fa3bf23c9abdc4f263fdf3fd68dcbd973b4dc2aef81c7296d7d08e562f89231f57d43e4d7458c8f389810e60c1c20bddfefcf1739824ad409148f4647b52cc98987f7c31bd6f7f44e39ac5f97f75f06dccd331d2828625fbfd3a65fd0d32871b92c0a6aa8895d3b467921c933eeb93cdbd7387abe27c4427d4ab77bbf9558a9a085a74170e875d83f8c5017d46901eb519854e8aaeaf94e6e050fec7c1afd81e26da117484dfb042805ed1ad3fc67a28636f5a35ad72f6106a5c3cbdd25048567ef13b229024142ebeb7a8bf518f017fd49dc31d8652ab7036107f8d5216a142e58f8ed850ba177786e911fa4f9ff952f8ddb66af705c7b97ed4b385d9ea3c0fecfdd5dcf168832726ced26b51f7a5911a35106aaee0e8662497f6c5dce5543690ea32505e79f13bace0f89ad9e8c551578eedc78028c414145dc3be2184e2055c037cc2ae07842a78910815c69d010bfbb850ec8f1a5da8b48ed2f75838dfe8657e5b1b59c561cd5d219a481802939c7abfb216e01173985e3436b7135d2377ba714281dcb3f82c064957e621464e5de29e8248d2400668e5775d8a75d23d7e3fd9fdce31aef258be698b121ac4ff319c6e4f872c4cf1b5f3ebbfb2ebabe113ccffe028d829922ea909a5522e5b632e3b99fb47ba9d0f8e15ca401e3ac671e80dcb56214330e7ffb3a415d6a0b84c56b056a6f2a4ffbb77130a5867b12e061a2539aaf67360af472c21a27855b5387e132ef9bac10b86b1f93974da52b3f4c48011c77eab7481e1838975fec2ae160f6b8c168b80dcfd3e03e8c1ec2a643cf850203e8254112c08ed4c2c6d0715b6bf5f281df7356cc2c9f8baac8b0dc574fc46eef5eaa9530dc0a6a88b3ad315d01a36282c5338cc5c399deb78cad23b22eb71b80d266fa904fc1a6d94f77a1e3a2173abe5dba58af48a75fbadd339eddfe7dc5ecf3fb85284e903ab70dc00663f0a5270ab805556aaf09223679845a1e091f24318d71dff015847107ffd9d7f789e8753abc2a51d5067da21c49fa8b8f66c89afb009cf17200753164786af597b8b6d5b5505d1d716c74fb26cd78679d77330c2cb2bd154423bd6e5b8972e2c576a89806e57686a7019a369de75c99e0bb6704f508adfd5394568a2f8c56a5333c861432e4ed056e5b8f20217c81563f0fb9efa6467459753832814e3118c24b634d6068b35871bcaaadda1d206584324a2bd35050f5fb993e898ca25fe82b3578e325658a4cb91ba32589c6d6720284c610569788acd2907091a968651b3978d797a5e808d4f33be1859de2bb57b5d249725f06d94e32ab46d1b7d1174703bf8dba02d4a5f5a16fb3878d6a2c915df4ea588ad8b0545b62308112d6c7f9bd93e5a51a45af9e990985f8d7dc8925ac1f63210cad488769d4957b03108e5e6f716d80a0bf88349d680067fb0a0bc59edd8ba646a2a86b4c32fd531dbc4879c86ab74e17f49f877c30a36279698a3420f3f236a69a84781fb981a2248bc0dd12dcc464f6b970b27ee634f0fa8c1338bdc3b4193b865727eb856995c08d9b88161b9a15245ec0967000f678e807c953f933edc6e80fcfe963663f7cc801927bc91c238d0b6f0c61ae66a8d210ca577b17677d79ffad404194d733dbcce9b2f163637b7ed1cf4f967ca680bf1db83b1b6f090dd99b8e0d49e7b3cac65864c32cb321d84bf43e7a300a6f4ac27c8091e39e4383fc99617f4b367d7a2e0041176dee5fa85ceb501c3d2a2efc1f489f83fbbbdc4af125fcac9a2ed8db3cc227543b195e36adef6a67a126a28be525e0441d3c5def236da4bb1d5cec084b1f08da02299f72b2a10ea7fdd5eb3c2f999740a287c179db7fa5766f8781b5147a6933623bbaec777152c4e65d262733ce7e864c5c79a56f60075662248f6b765562f718d0767a89de9bd3649957fa54bc9df603158d4ea631d71be5ea93ce64d4718abc196fdc85dddd8656806500660aaf5e3c5c74732872141cf9c542bd32f1ad210cae53fd91bce48a55afe056540d396b0930632d6b252833a91bb4d9020d5ed10d66d2467e324ee68f06926194d378da476f0d4dbb9c452475d938e8c774cc68bd291726a95223ae3866d9a2f3e4e6c319e2b4700ef4640ceedd9ab0a587bdaabd649363f0d93ec1afd6106e791f8d8f1a0d52c085a4c8a89a5c6d8443c63d3757dcca07e1f813aa6c7d007385b54b9a280713e80d8b61630360166c5ef66190fe367d7694112f340f790d8a9cf0f39eef719edbe914c9da3ecae2913a544cdce5bdb9fa462ef83bf3da34e76670612885e66c1cb13c76f72fa796ab1810f507be6dccdb66aad16e88168e0637ce5ea5bbb01ba6731052459600121734f1db7c610920e979e1f2c69be00a33a7cf14e5dec0626d3928040c75db097626e198c17114da8841c9e5cea3ba122dc119d6a2da3144993e7e023849f5360f299675f49353828a592aa8b6c2ec821b0991dc478024a6811656a265431f9aa56feda7e8267d6e3351ce340a79856e59de5db2c919c6726cff7ee678b95390d6c6ddd2ba323be59eb4c42f08a2f9973ff0c45820d59b50b6a153775ed0e9e73e73c6ccb98887bf70d35d97ae8d226c35b4fe8a5d4cda816eac80cdb962e8444a5cb4452ea83da83ccb437c7b00e146d7b71aa86a0933aced67fada0588dfd280066f5a735215691ecdcfd474dd0ae3c644af51a79f8fe7a84b0c2130e619dba270a101b0d1669c9317d5e548a2cc3755d5a37817d8eaae8059713854fb1b5b70991ac62db6453afc3bc4fb78a5cdd56e22b4d7abd70e6370ba28d5cba9478886f232a482cc4a1dda770c0458c8bef5ac19d8f4a24117d6ab0c7d37928c05a9b51cb6b2d8f5e422383dfae0f8152365fea2a948a12899aac9587a01ed162e6e70572d3eb02fec0cf0af4e65757f4bb535aa4fb82a193f79913b09e8a4d1ebe26eb4bd3d1549ecb20a08c501bfb5aa8ceb236a99d6ac3cf7be65475a867c27d301bd62a947c1d03e7247db527d9f7356bd59ea335f3c0afe3de183fc16c77e658aade451f036c34b9ee58ba53672994358355209728a760d76aa2f22d7d4e37732cca6404fde0d067bc97a4020a9f3946893743fe132704285a7e1b01403955d61aa22805dd592e4f4af41bd3c3f3ff2b1f0fa434c141261fc28b2bc1b104c78ed7f27cc9609a3d9ca2b8b976dd2374db05550e85032d7e080fac951aa68eac62a9de55565ab6201508cff33c38286494184219c919958415b50420756d32ea98cd04b6ac9c5f311fc933e48a597285c2f8a3dc008f174854b6ea186af6aa55aeecc10345b7d9bb9d2bbd3c0bb8153f6fbf080f4cd49e07dd850ab3a44cf505fecc8cb52b0540a60598ca941d40bda71b16f703bb30e344d3de13e540bc1205a1d9b3c94658b2199b2f2008c9f106eae565ef605278b8779ece25cda761069c7c72f020b820a39e6d0c441cdb00a41292c3146f39d2a5f7bb2fc8723a318fe3df11ce8a2e81eeabd0dd9245cb0f54a6d048c428c899182804cff8947361c01b009214b7d95617d312fbbfd379925f402bd9cc0cf5c25f14c24c64ccc7d87add9ce615711c9c6df6b0866d001f4669030abde15fd2e4059f25ad1c5543ededdf6d26c5a4f52d6c4448d105bbaad24a88cdc41b7e741c82973dc2578f9f1fd1faf4e522eb08c430f4efc4772fa4f6e504164b7b0b275635446c64fe3764cc13b1903b2a359eaa16c28abd331a34f78354ef286116c7b4a0ed3b8c38e8667f26a4ad8de9e205b9f1b24ec8c46a3c3578655f45d4356bd9504b2c4bceab55e7b02cd53139c1b5f044d9182b1e41c9020ad44eb31b8e8a7bf01e85c182ec849d7ed42d69eda8eb57d58c1c38e4ef4c3266fab97db4047eee31d289e91c53b243f5ad50af8de32c35cdd1165c894cfc9df5f59f55b2acdf81b6ee3db4eeed50c7cad36cf53dd10ad592c6d059f067d76711c067d42a148443a195512ea16f41589b3f1dace5e63d2c1255ea19c8ef1836ed19ff7ccaf96536548c06d4fdc76daf99d960c040e4df0e5a1f39f57bcd6dc294adff4af3a8ef364338049c5991d532a248aef4a0d166de764a4c3b583b6f8c30a8cad255f34f342f2b778fdda98766e11c21f4df0db226e6bfb66e71c342d904e99d506aea721d01456938e02f60e78b2652204819ed4595ee77e987d9646b2720ecdd41869653f7225e23dec28dbf0709a1da684693cb22f5b74f569f2d424499eb246ca8d8cf9ba86b2f1d25ac5e3707d46c46fa5d3008cc01aaf2e645b92dda134010df5ce5ad6ca03c2a30ae023a72688f766bcc821f24fb81d1c9edf5da5d96816476a3afcd4df699cc2b98664af0d1365e589673ee7272e3746d7e95ff6c87e1d5ae8055551724e3ad3c50d852eeac1333a4507d096687c6a7765accefc4b22dcc36a73f231d6c9dc242a5e7a0309415bb10455c2df3bf719c79d73e35ad068f5473b66c7e9bf769919b295d6c9dce8f774a21bb7878fd7d4b887bd2efaee03c73532a35bd23810dfe10e214d4f9cec03c72afa212f009e068852546eca171ce2c7070228901527621eca6771cb75b1613df30ad1582df923e12b91013f73102f130fb33b85d82f038bc1f54e6f126d5077262ca82ea7130995a5b24c4974ca8a1b1d4ae7c3417d05547cdf5e6030c4d02c6cfa0bec697be7df432b8d78926831d00e7bca1a5e67e6d55666cca07c6842950cd793ce986da89185efe61046e863add47c745775b8e3727b074434f1c14c502e44d276b73ad2faad946cef2435fbf1225076c461b76b3f83e24a05cbaf0fed70c3a05f4765c0499a9b7a80805be294053e7f27e2260e1ddd1737d535aeb7692a0c8c169b5c058a9d217776b1a9888dd8175477f4cfa44b83715ab4f6f212153628554f719fcdb6bd376c1d443c2692ba8f2db168c63723eb8c88e9a9612a0934ee66dd63daab19078d61fe68ab10a621460d98d12bd3cc6799b2c35eb1010a457e2f36fccf3b37a96233d844291bf798f630fec23525ffa41e64b17b895c28ff7699cf31e9faab9b2f515d2e14dd3981ac7c21dea76810ab33ac178648ecab1cb09b158f43d1d9a97ab05b52c322d02206922a719a400367796063570b480980d4f9347214d747ce0de4f56902df321e892bac8a79ededdac14b93682b9ca8b95452b68c8ec3fa1ed188237dd1f67a286d988fb8e43889c00f4a87a3e6416bfb34259646296cd5f73d0e00534309af6e8f5e0e54c63fca9822505237f4e3cd95b8adccf45f3709e8427da5d7c3c57c99286a2c094db3f815373a756e9ffd2af88d6e69a8829dd4a7cee75942aea8556ffcd82653fce46daeee574ed7502fb2b1e8dd8d60a5d46b898684a0d715f643ad91505747cca04968e6a1d0c447e036e1ca25419cd8bd785402d88bce5e40532b1806aee693f8b5030cfad71e9f52d0445304aa2af28893b1bc731f37b55bfc6e5846634482cfa3cee7e9d2c8a34a48fcca25393d7b3fe5c5a3c2d53de126654468984ab1777954272c6e25ba392f3c3c2a658518625921196839ddfbaa0bab14836ea12e63542a60db72048bc0770351cc2c30ed6185ce69b61f8160078415e86f9bab5f399bd7ed4b720fd19fa327f440f6054937b0dd6ef511849823e6162e0c7d1f846f9ebafc32583954e7b136303977a191d9974e939fc7cac14134026967b5408fa6907afbdfa41cf80a17c251fc1363725987819f165518f86fee07ca1660c25d04f157ecd43b8b92f93b2c6c02e0c1e715836d70c503e60ceaeaaac61f7b9e07d3fc9904ecfc81ece857754191e57a8991bd0042750b53722f35741641ebd5c5febee02d648fc1d048bf916a8d8f33227fca790602c02dfbd4aad34f2dc8e77e537ad4042a553e5e8a0a15dbee27da24ac13048378899c3a8772a0d8b85c442c8082f464b58fc016e845186bafa8fdf4f04d0d952136d4c7be90a909e3e6adcb3d74ed37da19769cb81114ead1a40dc0368169e5c230eb02a0d1c1a11ffd808f27159baeaa8879a034dcaf6a70b2f99e5859ad9c7465d61b4b51e993d8b93095ca63675dee276ba112bd2f469efdfb79fc8c97b809e0076001b98651bffa6829b2141fb3ff789d0ddc3d73b077d36521841ed9aa5a8a134f5875c444c62efa1f9b0d98a4bb4a62760a15d33824791420a5a89467ec364f30954db77219b849677e0f5bfea9c3d2a3a1e1e76ce3df4c8b9a6a3866b20566e7c68c6d32bad4d70fd2b9235fa7d38475ec1b9c9d746f55b02bdbdee6dcb6238caeed353de28d1e6e2d5126117e5fa82b9d57b703dd527736b51444b0d7d4b77562d4a370a202ed70b4940bf58ef3ff8801f78d632f2d2428fb133a910aaf4757b32d657d831c5575398aa88643e7fb1431ed0dec16a505e2d8583ef3d8787413bbdfe132c921d16cf272ca791e88e196824ea3a5c009a6a21b88dd1d6d6f87733528959ed24a4d3505d469d32a09b1970329add757c533afea8f8314c58400c0f3e25b703d9757c4b04f1b1bf293defb008ea60dcc77b0d3a6e9a1286c761bb3aa0c8f3aed74f8cab11094741c093e495867afb3857d3a92ef0fae7253b2bc3291a9ac0dcdb62c517ce2471ca23d985012f2e860238ccbec834039e8538de07f6086d1ac09027729bcc4e0bbd36e931be4242ec7135d16b01b3da39b1cd1c1d751017df8ffb31875f5a541a94099a4f035044f310fe5356d3b2d9a1eb5bcefd422e546bb3c169b8793df2764e6390dd161d90943a55d40f1984e1e211fd0227296e2b5c6485ad19675dcbce483a88f5c68d44b80ebb716c1aa0017ebafe340a0273b48979c7dd4e426f8c0a736e40c4f844a037742d00a73b67fba3c14051c6278c4dabdc4d8446ab5762e2d9d4f34359da34cdc333735b02e5deb9f71c8af1a5cea228eb70d0d8b371e378f5fd8172e60d9432e38e8eef54758d89e5413693ff2deb95fadfda6ecb6feb3adeae0c08860056a23d122e7b070568ca196b58cf0c5e737be9f2d9c66fa2be4f532c603ea8533cf06152d231cd2513cdcf212af2869ab96488f5cc484cf773c4d6eff8573b9487e51c84c3ea2e03e0bf3bea7717b8c92470a05d6e518265e8d31e23a22dbefbf82bb2a81d6c76372c5f41b19c5bcbea706ebd0b3cb7e52be6f8c70b7fbbfda4de69318cf9186aaba9d94c93b2df2310c44ed93d937db65b5f596dfaf6b52a7a4ae77c4b096d0075189cb568e4bbf6ce9c796839855440e6f060e241f295e4f76b0f162dacb2cb2e47a06961152e0057ed615fe14943822e8d6fa18636f3168f09ff2986dbf1904043ba4fee74b5c4706781568861df4c9b13bf2a815ba7c69a0b60114e19d817c3a038921fbb1b47acb8597bb38f7980f8b628f3565b09d7f7be504264ff143409b54516b4e79bdf7147eac7b1de7e43d76c558d6306bf780095f2bb5b9ffa3846df980001b22171d65463c17f4adbb95274abe315707946e65026a86d1b368586046e0cfd2a99352c16b9bbd91bb839c443e9962ae35a9d0dd6e2a48e773e6ac06597c6e428f5cc14836e6462135972bec63de2e7e3b5306704d44c2d9367308ffc4bb43cf839e37ee5fda8e50383aaf2eb67004645fad98662d6ce3d499ed921c9015ee5691b030f53cf95c346131097fd8fdbf257dbbb4410fb1dd14d64e384ad486ed5903866cb1982c606d41d611d4bb6298fb26cf965a7dbaf57309d46483fd5ff7c4782341446e7ad9695c52f7aa57a0c856214f67b7a7b8def0e915f5eb2ae457e4800d8791faac0133cb3851881aa429826cda874a42b7956a032f3d0615296c4f706ed649690d196ca6a6a2481be470c0a3922c7789276effa51e0221c8e163ce47dd8ba62391882338ad843d5579a6c3cd3ed711d770b8e0be9de4c91120bc01d69f457715fd770d6c335de853c87be3b638953faa0f2284d415c537e01285afe9b7f54d7a432bb7e16cd18621b6e5769b635dba997a5c65279bad6522d189da110e549f51fe20af42fcabf1a900cdea166bfe279855b8fdcb1bfb97049238dd17aec8093ea38b04e04bf43dd1b43658abab3b0b395cecf73d59279b9001e0d4ba93b95de101534ac718336a82216f2112b7aa0235c15594960f4771a0fdc21b4636ce3ddda5dd63291bfedce53347b725f8fe17848319b05cdf4c8d3d198b64deb3e10f6fab3db35ecce06908cd4f26cbda0f8c4a7deeb6ee12e0b5c13dd022851e6da21f44505697a4a974a10e57145bc75960ba59e189768938e89eb0c81071b45345ce428e90c4fc04ba11e75127f96698a4a2dba776a0f0a1576853d39e0ad3addb7bc1f3c030794d1fe621799d34582d07b80114df1039cd2866f1899f19fe34b946571c17f8b3efdc0e857fcf83f1ebc2b99ad59485fef3057e07534d36e7b4350dee86fe84f6f85f75330064301e2f055e017cc187f93bb8e92583b9e6e3999ae5c7ad1521ec77ee0ba476308242f9d6cad4d5ed385924c3806077f0d143bce70b9205b6d59f8f107f50133fd6fa87ddffaabab3a16156d353c28c5b3d92ba8643e4f06b866ea3f7ffc604a234750e5eba551e4787b340ddc90081b74a0d2e7df723e73b09e5cd38568993f171ecd6056aee45496c8d8fc458f8e2e721e359541cbb9dbcb1d801538cb84324fb090e960d53bc81c0020229e38e36c186cfaff1a1bc385e2d5338bd3bd9148730275b36f2dab198ee329b060159efb17ab00e40a940245d8ca47712921db546dde1100c29ff47dab5dd8cf10cca97565ed96901b0309841d7e3d746cde9fb1985cc276e4420636b145a2ee8720ad2fa2c256b995879b95e2e597f6d6fdeac1f2d349e3305322cd4b0df519abf958e874ed6d25bd4eb7418e9e45addd44e4a9e6cdf7b553cb48fc0c2d12683b2a83d2aeeaf03b6718abfaaffa59f38879a1b380668ade3e320ec2db4bdfa4409d09abf35fdd2ff501dafd55fbb2dd2ff2821a47ef41f644f4cc87d4a41576e2618a4da38302aa3ab38516e656b5a64f790a008d0200aede7267bea8bfe554e7d082d11d8ec186e314b070b5ea07b0ae722b4f2ab965bea7f906326710e0909eb1c0ba9959dd97a7b5331494d87b74c04587e4b78c420b8aa8ac99ad6c59d05d35a2e370b2126de5eb8901cc6ba879ee86de290bcf77e0bed67a74932794b3faaa187f5fd23a7932037f0a3d4517a1509eb981752492d13aa7d48d997fb71e65ee97db61d51ede49a215a158890bb60103f5502893a998be6ba800a07ecf9d8e5379b817621047933b3b314b7cb20abb6c30c6d490db451c7ee5c37942b5e886e0b43f21b9ff383ab80461e1a2c9c05f870111d023fc49dc425fae83e848eae43772902f83bdb1af645039e0cc961d6ce39588bd4b00e2a5e55ec02cfcc3ebe3783fbedab8ab64ed2d78202493ff6550471ba6196e73ad2b35f828eceaf8e340b78e9ff0fca04431e56cb7d0c3e366f938f0d7d966ba34458b0ac9dd6dd5c0034f73f902ed2183d7438377b72e81919ce168f294009c734220b4a501ec8e47b2d1f3f69605ce91fc825b5c4ac7b267718cf28c81d485aaa7de1d0dee66f677b6ee9ad02d75099c653decac58e0f1e13f414304b972d6e17d3d1fc0ff30591b82aa785a3dbf24c59bc8efc57fdef33c7c2d051214d9d8f48a9a71ed77ee6a3a2a699bd3882a4a71ccb714c8a911388be571a2a7136b9c308c5c854f6ed7bb74bab77076ff3d48ba989384ee4dc996262fc9e1585d2638107df8615d66f335d147efb64373ad8668fb50e00eba86ef4c65842cbf246496e997fcf0546c043740035af30e05f69d69ae06334e249fc828d5c3d1d58f31f2e439fd6d415be63ac6c88385935bdb11f4e8cba2f0209314253a0e5001fb029cfff63e012c379d8269611eb3868055868087f3916990089d3cb9dd201db0fbc4768a03b4c36c2a58511932468ce65f6b2d5fdaf3b1e669dbb7bd3ed2525d6f81944512d79918b1b14e17e225b3b7cce0bbcc073eec2ca8aa47a260d4842ab5a0e29b163d83ed1392ede695ad64e44f530af80aa4af328f8fbad8e4ea11f71bfc8418a145ae47612f9e7a7d4d037c3249e5d3a1feded9798dbd78af07990aa8d607254194256c1c662479a881f8bb6e6ecc4cb92aacd919fef13e78b58ad44ef3a3e7e0145950706e762c1ac44e78249cd1a29c5dd1f635c596c8046cc432024079ac0eb4b7376d89ac60485300594ce3a2498a374e0ef103a6aa5e0c42df5cbdb6da478bcfece47ff79e79cc2abaa7678a2d6f5f26bf3702d3b07cc5cdf5f402b2b5801c7d5489ecdef4477d111a5040f65cf7ba8586509151890a0a1ff2a093b1b969a4d01fbb29de063138d5407ff358d7c98a8ec79a424d3080d5b9b4533f23dc80ad3fd9baef5d1895576a8af9479c65f772874b9f7b0379d9212f386af9fbe816179316290746a973b5178601b861c1054e9d8f38426edfbe8206765314c723f262fe0e32950f68f00a45582e6e72d0140614035f58e3527eba96d29363f966bda6a29b4453285ad94b3eb51ebfbf5afba8bd6a89fc54e8cfc1d8b91555282e27ebcba8b2aa7f4d397b6b017bbcd80d30fc0180cd93b97541a0b127925d609baae79e4243c34b9660a17ff066c4b906ba554655dc30e47cca38f18e5190ff861dc3cb2bf777052da48bcac3925db0b9e9ce401c1cb2c2a1c51d0c420d357af3c939166cc01759d50f9e65fb04957c7c5c5ac46433e064ec563233d8dc7eea97d9f5c12b4a03a46ce306550f3bd4c7166dea3d4876f7a83b39b207654e6fd2a01abadfb2a3f19436c065088ea49859d5dbc8fdfcf1e0c4857cc512870795fe74989f674f40875a5104713ad3560ee1ce61df8fa6b97937703c7434fbf81009890d98f327954c3f7800e39fe5269e5b030b6cd8312bff2c0c44eb435ab1a3d861a0aaf01e992776d135d33e0b02fb28ca2d06c545366f222f55d28514d883e11aa255681ee7f20d61f73a5c20955ea919c557c1b7403401c34ceb76cde309ab991a13a5b6c3535dff4118b1162a22329be3efba01f08d3f0a9a68becd040c09bf6da005aea6c8120af5c6775925af7e042a1847087067c1b8e1527dc2b9ba6fc3082b47a9e42a7eddb980ecda3f66ab5af600b5f92d1db42032b1fb4a11ed8a4732ea3ec73454ebf0b84acd58a545ccc95b9f413044f47b9e40df58a8225651c379ace7b826cfe7f5bd5205917b606cc7fe266702918eb7da26be268e137aea627ba1b849961692ccc8a6fe2d42957601fc95e393a399c6199a2f1c0adf2187711b9e82023872a99fc25c7144131364ddb03d392961080734533c49911fc91e1a2d2b14f7db46d8133a9b2ab3824b53f620b659c877ca458c1c8d0cef838ec467bf67f2060b688fdb0f8ba0948da364a742d87e2eb2173b2cc019d1c76b53505a87ae986cab70db7885056a3989dd1a3abb6f21d3415f3e53aba7ed09b6864a", 0x2000, &(0x7f0000000440)={&(0x7f0000000200)={0x50, 0xffffffffffffffda, 0xffff, {0x7, 0x29, 0x7, 0x1021900, 0x5c9, 0x1, 0x8001, 0x5, 0x0, 0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7ffeffff}}}}]}, 0x44}}, 0x20040084)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x4c, 0x2c, 0xd27, 0x870bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xfff2, 0xa}, {}, {0x7, 0x1}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xc, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x3, 0x6}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r11 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r11, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x1})
io_setup(0x2ae1, &(0x7f0000000180)=<r12=>0x0)
r13 = eventfd2(0x10000, 0x0)
io_submit(r12, 0x3, &(0x7f0000000600)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x40, r11, &(0x7f00000001c0)="20520fdd26bf4a7ce6cdcbc4af395590c42900eee3a1669387719013b2b2a3b4", 0x20, 0x0, 0x0, 0x3, r13}, 0x0, 0x0])
ioctl$UFFDIO_REGISTER(r11, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x200, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x10)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5)
syz_io_uring_complete(r10)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1m4.739376592s ago: executing program 1 (id=689):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000000300), &(0x7f0000000340)=0x4)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$netlink(0x10, 0x3, 0x15)
ioctl$VT_ACTIVATE(r3, 0x5606, 0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r0, 0x0, 0x5004)
ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000400)={0x6, 0x7})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000240)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sync()
close(r5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv4_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x19, 0x3c}]}, 0x24}}, 0x48850)

1m3.086760939s ago: executing program 1 (id=697):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x2005, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0xf, 0x1, 0x0, "ff3a55f32eb68900d10052d0002000000000000400f3f7ffffffffffff00ffe8"})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000f, 0x13, r1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$poke(0x4, r2, &(0x7f0000000080), 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x141)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x103)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x2000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0)
read$FUSE(r4, &(0x7f0000008340)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f0000004300)="00e7a0633e8438bafa888b9b02144af32e296a0a01dc194d649b6fa26d6d5e63bac4a04baeeb8aacb22c6eec461b67db6a737737c6d2687acb00572f92e3fdb5d0cb2f11121c557a943020200755bcab77b39c406b733239e2bb1175b9322ba39dc7d67da8f77aed1714dae2e6c24c3ea96be9d151c6ab7b3c54bbe507b8b2461fb4be8dc90042184af6d48f8ace16abb5e3fc943cf61cdb75624a259bdb5f7829b9775820f85f2d1a6ee6c6c2af4fd41ab8a41ecb2612abf13cd2c6f9f3e6db505e4bbe68cc000cf5fa6d5636191a4b366ab59af52132a3f9678d4ed1bd577bacffb3b52850804005eebf3dfa4763168ff30490a11acdbbf4c3312a45f30139f6b72b1e7cdec185006bb30e0e8fa88da2cefc718cae7e9830f7ca101e4e23c6bd16bfacf4a9927fb13af4b79c86ab999beda4ad396abdda354a42fb4ef21d6749175dc21a0cf9191aa4f90d274b50370a580ad8dcd166d2b06c0d8b071973c3fde30f7e2bc371a51ca5866bf8b24eaac75bf482dd4436b214ff62d32e20df223b0b680ede28b3a49e66e330a8a3ecace0db9855d235d5ff23765e742d1a739c2ac8743f4c62664a3b347279da55a1a5b16e1e2828b584a013577d50f890e3894d9e8d6bfccdfb2b70221f12a7fac24b7a8818edce72b65f622c77bf1312771a2c0d805ec9a25c536c91868762032255be78903b77b2c1a773a03996fabba69214e76f5df6df0375b592692a2c3c86c75a3be56fe598ddaea0b9901d20db7e43e128e04e5509283f833c24c625887288459db5727210ba9a301fb8c934dd1d8dca68039fe5b2e1a8d7cdfc6d875e5851098100c3cd42544ed90bb55b58d20a501fabbc485d148c615a3b070fa0520da2ed68ee115a4411d5418b47f3d95616096f67a7a36d68f1e8df82eca8ef96fb4a96b3422fe046a37ea5f5967513a559bd770fecab7228b0692f439765c9e9c6ea4fc608e0b27f9b49064dd2f9ac06f83f6d87ebc61fa3a29bb5ed39641245ce8cf43770df32a84838802b0827ca5a40e2003915e2ed108a005637bb028d29bd2cfd28a1bd55e67ed1b6b7b72163c27c4b0e36d1b134d6dfdb165a66fb46498fc04bb8053b84098af5b18758631d1318d625a6fa4d3ce5a4d3a90e10c6363a26b5ae96c2d56f87ad21a6118af6847d041f88f852ddc3f250c088ef5cb31198f3ac81cff9a5bab26ed56c09f8416188974e08349f7da28fc754b98c1ac4ea0060ac1e1b1c49f7dbadbc59254b265dc418cab9ac14e2bbecc4c3103543e37984efb1f61315e10d2b422732217d3a9b0cfe4561f3765d3bda60be239e02bdc164dd631582e8c87dd8fa60d63dcf9e7f3dadc4ce5e4433a42425b8ee8cb8a2defab0bf9b6109c90b5655b79b18c06884f2670a985d454e08e54de69f645cb0cbb70620bd988ee717c310ae77b4abe81c01c6e7f47268ee20bc30b9062830917705682eba2c5ef966b877f33294aa5f8b29d3dd5ed92302087f34fa18d19a005de05f925e3e93c8c0f24507ff20cd23d9ae5452c32ff58c78ccdb1ab32c98edfaa6d2c3971934ca8f849ac360c286566eb72b0793f12cef84bd282368d533247ee750f18aeda484167f3d680e4aaa3aa0694441d4ff6a71531f1a30f87eeb71afd04c5d686e1f86f27586f4e2c8ff77c09612ba1af9b3fb93efd31af42f8e0498f35d07c662b743a08f2839cad8f95b90cbb4fc0ed2ca45dd093a549cde4c6ff08ce09a2cbc6f9f78b6f96643357f92f8f403202742057731fd3e343a87c0affe803cfdbddb8c2694ab63f2dc35da705624747e30a943000fc82c40f10e1975d2e2ec15aefd531b6dbc053606b054dc976f44d5b5a5f37e9c08532ce16cf8bca55ab6c814ceb855ab50b8b52620f8645a9dc25fcb732080d84bf39c3ebb235b4d96da527b64ec4b72f69e91d16a4efcaf76f2e1f968ca68a06f60b01ec7becc9ffd7877c0992cb0f80fb3daabc039513896bd7697843be06aba53e7761e11e075c61ef2d897d4d9f90041c14283746feeb3f0d456ba4be27843350fe43e7c1110b4439489139f6dae01c43f23ec71f08d3042663c65e059d368e4e2c6e49de45bf078d3182a1bc1208bc59379e705aa3309579947409f2a8b3d79099c8619f916e7a6fa333d2312a274247156b8c25cbcfcc59ef13339c700f56a8691dff39bd4338789001872c0d90929037dc0ad99b380a6ba73f331f73f9274f4c2bf5233d7482edf37bf6ffed4f2c0ee44a1d57cae0d644f25591dc03bf837571a82d0c31b61be7ff85a5b3843e8f96a50eaa43f5c137ecfc4e4530d08a2afa4ba02fcc50117a4ad0d5862302017639344c82749f673dbd650e49b35302d0acbab45c0973198291bb42b4cfcd3b0c252074341ea8eca19e122cd234da6d41bf5eedb706e16c17687ed8b84db67130796d26b94eac83bbcd785b603242bd6252c155711efd7dd22cc54e1eaf6d910d0f22c701f3d4da0314dd2829c6ee13bbcbd126558b47b8066bf0766c792a012315bd29bfeda8f28a2c1f4e638b701758e19a0e5bd5b4f19048b00a877d956292e345f8a3a8367892f955bcb5e50ca145ec5e2c9309e25941bd277e393aaad38f9b72a42514b27da6856223c37a1fc1327fa760551d3fdeb0b222ab180b16c9eea138cf4f327e88fdfee293c5b6b007028eb796a60772148282dcd17ffc1c90ed8b6540ede933545ed5a5301d6ff39734444ff3d85cda4ac3befa5083a4685e9e231eba4a91a35f4f7f48fd5ac2447c64c010e2a9f8e80691c95460e1995444466ec5f3cd71fe509a26ff0b7f3254bc8c3255e903834e841b37c70b267fb33deb0d1ed4ea84a869453ba508fc255b12cf847103d5195046c930ae4a75c956f22fcfe4186d547686b54bd7a534940d5d62216994eac0e8ed3bd2bd59354e6b9c6b5b10511d54a8b928040f1e13c4a423b0cf519fc6e9673df5c48c0778c7edb8fa8d8ace77463a77d2d6313160e1ee72742953e433b670400d59c93464fd91520847db238610ed0c289fc55647881a7d6257cf28090c75a6f19df079cfd35742a74a5ab270314f7c8039c20ff0f3f543d029b75a741b5dc6425241ac2ffabf1f96288e6d4ba34da09fb6049c2c8753fbd41fdb4bc68c57bf374ef4feb0df00c41319debb26afba2ff39e1799a1c2137f4e920ee5b02d93789b6b0c853e8143dae5b08ee85da2ea7c31803610ce797293ea95c16ade6dae2afb008e59d8b9505737f008b5227df5f1e4eb5d707f502698a17ead9b1f5ec09dff34248ff2fb153dc6df4812e39754a4baa42e1d8b77fbddef3ca091701ac28ae5fd422dbd8db5b122d3965383abc37a52d2fca5ce56eba974dba3d059cefe40e3c35c9daa8ae31198214303c1dcb90d58fc983ccfd504fa43925636f94b128d44e8aa5cd3ecfabd50a84062d03f7508a0575ab65ecc749d3ef566fdbc529a8139b7a7fb3a9bd784df52cddc6f2699044ba47615163fbbe19f3d88d38a8b71fe52b2611ca74341429d1cef1a7e350545be29d2caa560e60352cab074c298c44ca2c07f9795ce52f10aa3e2fcdef371f24e309b19e52218881f25a4674527edbe3b3bd0b9b536d810c6f9500c0c81bcfd9a440dd91c1d35c52758d2b2ae1a8497bb394c4f09d3947cf777727b0d1daf5ac4fe4fa3c247a791702cb84b96321b7fec81bf549d4eb5d6dafe019b26187417c68b064e4308908535a3e77b6cd3e28caaf12d726f15590b7958e40134d045a38cbb689131a7e85532f1c63dd4bac9e4d00645cd7b2b71704563f3738b92044a8153f6ba717800ab7cb238175c376d7add2c5ec38e4c856f1ab9c3ee33f6ca6d576ae908dd290e4bae23470182e253765e04e8eb02a791c4396a511ef467879a9e2818b8a4b1b0b39a6c44e816e3ebf6e3be93929dfcb38d5dad7d20b60215447674d0608b8b02331ac20e57083cb9b4449fecbb149441aea0ad82f00a82d87d743fc80d410922bc20923516885440f43c9f32beb81ce148def6140952583a7825c2d2fe012d52d30ef66d32a8a0864ac5c1737e2506228d41ff0515ee80be4cf012927dde0fd2a07cac68eff8c4437f2844d4df07936fd8753e5909f962c5c767f8719cc295bdfa8a16f3f36ff56e34d7b14b6b8c46d5af248b04a9c5396f84990e23d145670950bce5f5638e5e2cea37c371a4483729338f1305cbb32fa1c05dd9d21d2a69e5fa3abe9a2dad2237be20b4088393c04aa66cf13718de4bffac72f641a8c017a1d5568fa15a6a06e4dc833874ec95af6f115bdadf15179bfc8c4e3e64f26f1299e282c4ab397340934efc1e601afc630fe195e8ae7d8da1310568cab4f2fad085d0ec39710d8b7c812b3fd55c6f50925bcfc90fbcb35b8daa0f1e1f69d82fae2034039f7ad6921694ed48a55a68bc541e6d86f1e33c261a92d48b50eb58a03d8e31b2f6564a4ddc3ee988d0dc47b4b610a9a9dcb87571b5c1edb3362df0ec3d58872157e0f7247dfa8100b4478b705702a5620c9201010f40232327550db333e845dbecd6aadbd0a94c064862b1100b6dd45ece811b8c0275e3753e11b4bcd8bc5ed7668e72afa5bc5cc17b4c313273755f532ecfdefdf2d5c47999453a3b7c158d98332f0bd3a820cfb2c8c3bcd43197e7395a032cec6e41662079f2f654965aebc393e22b5c8516d9b8ad01e33ee481a4ac46a2df304dadeaa9e5274d340aaebe14dcea315fe1279f1a41a5c7aa8c94bf4b3d48757503171f53488e01210145e62c0de7c39737848dbdb1b207d4d33b8de180b020e8a76b1b521905e5e3ce97292f8558fb68efdee774681bfffcf1dc3eef35f660dd1659a32950de2d50e762313beee330d9c2a9fe8ce5e4e61ddd86378d3551335f6ef62053d3b248a8c33a11abdf3f3aa1975a15f4a6957a13d5b12a44d0f2b52b9a2d996e98c630c0f2abca80c7ae89efcf81ae284a0d19582cb1319d207077e5657d245533181ed6e07e0f7647123fc46c37bd75b4f4d181112b4a08acdcf445332cb9dde69a0923dd9244dd2ecd818b19588939922e3b2d8dd9d9fed95fa55b0e4564b38aca2c4d24eebc634664400177fbdeaeb278bb1d8eb11baf4be5c87d4f8d9a855bfa75df4c51fb4eec87a27c59df9a47d82523b08022a1c0fb22ff6f93c3d2cc22a4111a6ec5be428cba33617be65739c2240248f3a02d01ddf2d6aca9e537a2296b16d082d2b868504371dd5e41898885b03ebfaca73b40e8924ece83c1c80de6ce14943e1199c6f81bf359f44c3ed5ae3c6eacb730b1039f0b6555347bd566dfff45a7a2176420ab2b40916a73b66a3ad07af6e1ac5597393d203fa1ad34d4564af956a0a3e2997e27a4e5eff67dd89cce8875d995e00c1858234f149f6ad4cac2b8056966f726df57b8c4ee8f22f23097ba1471b1f1036e3a499400fccdb75b56eb13e9eca1407d5bff4b075b06d00fcbfcafc28431eb33156232e73c6577e3eca437330c494ede57b9609e1f40634918dea767338b5542197410cdc000143ace89ca0b7bf645b3267f74767d7c7fce05d2f59c137204e56bfa711f66903c511f681cf7a1b4f9fc0f42b7c438ff8957e1059375321df5b0c5c884f46d94c21686e1300582d34928bc398653118f79bfeea2e7cfbbf31a7718f4aab50fae57db94203d43e060365c9a7455241be03d82dffc3783d0f6aa170c0866eb0dad07485831526922d8348a7a16e2e9903a2ac93c58c6dce83127fab17703ec004a519ae5675baffb31bf4b52f9ca992a84017a44d68dc693abd829947342f277fdcbc87168bcc03c32b8b1e81a1915af2517c464af07d52b79d1b0e53164c82ba049f81e92ed1dc20a88fd72e9ce7aa4b22a7cc57dc5527d14f62bc29cfc9d57ed26fd523cac39ac00ba12d3a49d694709924275fc0793d56acf9558818dc9eb210749fa5307d45886b879257d627cee0542b51c2ce6ce134100efb47c92456ece5b73cdc051f570810a8d534222649eb56cf73a377162b753de6c282bcd4a25dda21dd10901bd8dfe8fd4ba8a70811c39707beded23dd60f23e2933372e3a6bce099899b07f0a4c4956fd98e956a8649622c77717de099463c0c6c9389ab4a1ae10f8ddd086d876af2943ee0b6b402ae5f89e09922e8c510ec0caa0a83e366e916400bfec88a52ab457037a35ddc6a8e2289c33684a5915c37bf5d227cbc65a737b52bdcb4fbbb7b4e7f965db116b46044d0870846c730dce12e120b1fe6dd5798ced24cad72c59a3f44de4978b8bc05a1dbeb766be6e2abf6ef46c67a58a370e54e92d89e5f44525e82b94a388d8d0cb20c3469a258c1633c9dddb6854aee255f93f59435ff317622f6899250aa185c207644275278580c5d32401741fe264a2e03b80f442ed58fd0704ebac923ac6a5abb7f0c695252f82e3fbcf2b99d721589a8fe3fad4d5926aee3d7bfafb6739e525faae3d25b12841fa2cc61dddc44d36acb9a8b72d60ecdd9c8cf04f9bac341b5e0f9bc59042db8126324888b07afe72b18cce36d61eec975b6b4ef5dc4a16ac14440cf770599bd4db630bd110eb63a03a80cd95c16d314a4de60cc5115bf0754cb7ab84a827ecefafa96069c721a5979f227fdc2467b4cd1975dafb5b28e1d6f3c1c3a2816ad831dd98c1378a03798c128f176426eaa0e361571e758d54bf4ec2c988355f016e16d6cd5cf97bb4891ab33f5623b7e796af313cc7a9e2f9510cd2bead1ea5dd080d9de1f595b2629ebccf69a0feaed3963ae8a6c89edd66fbf6e566379898185828925f8669668d6bddff961b08aaedbbe7fc196931a887ec740da6bcdab8f826a34aa2aa1e406a258558f3baf022a64222df4d6ee8726c79ba3dd6e11a19e4b4bb49b4a8cd99c189e6392f08ad731e415b65d0ccb919dca46efe9f79e21437111ab09e926d3038182044ae047bf1cc92e2d2644c528985719667a1a8abaf65d0f211172ea789b2fa016e1a88325d1ed706239da4dbb9e2079e3598b4ae5885667587ba1e0921c9ba55d7a3be4c47bc2f2f3547ce9efe32e5a22855f761bd4cbe1cd9337eda4bd7d82a918084d7e116b656104ca87e64b1b8c62323c3c296c5b5b98051feb607b872edf9f789744aff710c4b7279711182bcac6b76c05f5cd982f52f451e7e29046550e012e01d8cdd3e305427030f4247488c9136303084c12175c5c781cdd08aede5a356ea0ccdd05a460be3c7b4bfd62c3ce9ab68e285a36c1546d0b18edad71f69f5bedb340772e1bbb035514b085067259e39f59dc292a12557350c66904b253efee29a5eb7a6920f583c899dc46a1d3e2af2db3a3d1a0e8d1f98722a16c6cc1e401058d60c8c436d8f1166ba53bdde5810f9d0288528affd486c266546a864c92af3df8abd451cc1e0d6bfea534865cea9d49b3ea5e390fa823118df8a61e31022f5fbb8ceee870bf2e60890263c4d14e24d053d0fddf665ff80a66fa00a5957f8a30fe82a4b82cf2f6b4d49def98f66bfcdaa0aef13314e950ca9f3849b1edf3b82eaf74a0dbcf45c3dba9bd2d853281a78484f1efaf4150da1207ec3cb61fbcbf759f8182b7052b28d7164b73197b0a440759fe9d5ddf827f1897a174e82fb968a9a07c61bee44bc1f7f9ee5c6de04c02d57735c5fab741b36aec7c8642e56cba932a08b8e8a9d3eb066a4ee7cbf22e5abbd4346de59eca1f24ad9f7f9ff7621e5f30dd08f4cddda8e80e496908109f5212a72bab1378d1237def07bdda4178719975346c68405de15153031fb17535894e5e3c1de6fdd507333f0226b78ba7cae509cfb48d6735ede9392650bf85ac1db919b1e9fe0a823119d8253204dbb2f7a8f524be6d419f3a45c5051a7a88ef0bd41586d90c11a894d647f03895f671a6e19f1c70e32668653aba8366a3d372522f49844081a9637db080663ab02f4a8af502955d5411461b62f85308c91852f8fb9f0bdddd500b4a133791d3a2f91a82dc4b09f5ad2196a9172ab0cd3fafe7266e9f6d159110d99ca8da8a34b17be17a04ad4509a9fffab1e45e10f10e0cf9cfbd9c761ad044064c07e473fdc626289cfb88b13a11455c069b70aa02426d9119ac878a14c9483be9c0d5bcbb5fa76c8d06531f59c7cf7c26372e750e2f332418ca769e5e7fbeb3ada7bb58b573a0635e2e3ad9a53ddb809ea01086a3fa993ad57e89da6f9c5e61bd0f8ba69212a386b2aa1ae17520d7fb989dbe14021885eb50fa3048aebd42c861a09a308b660d382c0480ead8a52a1e14927c7c77957f94bb59ccfd557f8c4a7af23360a298a603d20ebc386db041d8c306b3e32b0bff541bdec5ff75c3b40950815cf9f89d48a382f67e44c409d046c01fb1262aca0df6f5238a3c3c09977261494f7361ba326815d6e23f49e4d6d4b54665081067332265fff59cf54af9da0db9d19bc611cbcb6e6f3f1e2e1ffb6cdd6253578d78d06a2ff5f9250f1994c5749e3ce49231fbd63bba28e948f9150933e3ae31299babaa41043b181a100882e613b4b4b8f49ceeb742d22f860853a9b917f5a323a8a1fb1f3363a7be4407fba44b408f259b5db79a055b92ce3d7a0649cc59f4afa2b1f69959d5c6f5eef1fa7987a47bee4491f685c52e9db1ee1a231ab5a4bae1019c97868a409dd0d57b32525394a233023c4a7ac429808bbcb57a34b41883202744c3bdebc0a637773273f19c2be6e806bef7fc1002846db762ee4e16867773808c5477987d5851d5b1641d070feabc203cb3d7943ffb206272fcac1bccb616352d85975f5a22c0f247548535ad9fb83fb2be17689453f10691143c060cd964df63c3c70e7b1cfc7e2b468015f327f9869353477bfeeed330b03ddd9e4e0a2441182244da283d7a59d2b2b20e6de3e3a47c26aeef4944c1190bba674523a6c3c4ed6bac53b9edffcb0e9fb19d8bf36949d03ef6a7e59eb903a00d9614f642d1932c766421906f5b177963c71e881453560e3ffcec792e8dc46b1832a8fcb2ab2268a9c1fb648d1c6fa1c8cbd50d5a2d8264fbc6c063e6daac5519d362da389dcd3d12c8039f991de91e728abf5bab95c3aef66dd8cc36c60e73cb10afb02eff6df20ff12c59b142b07fc48fe94612de80b8b958f78256fd7cf3c6f79a83867f3bb5f70da392957badadecefdf7b6e4ebd39ff945397c7d302ca0a5a3918d8abb893cd9cdd680916a50fe19699ff0476ad82e6ba46523f26ccc5eb65313c1df1077c8876d2b73bf86ba311862d12b0c557a92ef827197121512e87f817167d4b17c7e225a48b3f8fbbf4187438e0e9b78e905cdbeb72e80dfb37ec0104f5186b39b4ff34f0cdf4b74dc915acd3f98874cd6a67308d0ad9697121ac477550b1affe004f433705933f9647522be65cb5a7471120ec942aeb956f195be0c1783102cf7d842f2968222ae1a7fa6513f200d3fa85d71724956ed697f0673ee3b40a4d46ba4850439ec125b708ed52b52b9f72906477d520c90a9f5dd49a7a33a328137a183f439895532b78ae451a8c3db789bc862fbc37241d523027e1a008629c969380f6eb55f9cf3f0675bca6851f00df6aaf90de9f62d5c179945ef81d1073850301f97e379ea415d830e3f3751cf83e2dba541cb6cdd89e6b674f2c53e329e5f3dd418d534ada6469a5b3bca5b7cfbdfdd6df4abaf77d4520d0311e801145c91b52586a56086e663841b702f52cef9fff8cfb7b33dfa125688ba6b4fadd1dca8defaf4259ca85323b23d3bbb45933562c25af3e8d7bc6ad4a50ae974f8d207994b3bd74a6812ab6a40fcaf96bb4e17bd20d742b14c72226caef3e0f5c56c4930071e9f9a894f18650fbb785c6f707605c86b634c9722c8690cf3a954f68d7c2db3a257339ade67a41259f6f878dd0ab7876deffa77f6f00819282a8f4c4da84c6cf4f335cd0410770a2b1a1fbb3f85f4489eeceb78bbfddb2d1866c57b41f6ed179a0bc3750a486403d23473f2feef43ebc5af1018d9c20089e277d77fb9c34f425c8f8af4c49864b57572fa8c232e61ef37194251a1ddc2f73ffecd57e638751cb72bcb2c40d22540166ca1e8588f24b010c9fbd962e3a2c23a7e93f131df61b8703ce326ed80cc87912d3c6aaa27574bbe8d65bcaecd660c31cead132a44b1d0e4a53cacc0b82a263c4e7783944af0af08ea9e68e8e25ed9111cfef841f1b2fd24164f9097f70efe09b1109e5cb91fe68a2760381fd63a7fd422dd578a60661abc9ee3a5db1c2cde2fb21f2040f1ed3fc27b99e254256949d0560e8b98fa028fca50768caa951a87bf8969af498d50a9ee773c9caa7d9f7d8e1955506013f198cda316d79b177e59f233b98f727afd2494fc18642f0015adab756ea6742690c7d00f28655b915ce4eb8b3ba2e8559ba23e1ff1ccc9f79ae2df85f924459c56715dec78ef4592352eb1a850cd65ecd36e1a9121e888586b7b2fa84da920b8cf44480433e61ab076b10171c0537524bb170a4b99b0b0c437418a665b7ef909652b6483b20362e557c1480c2a2a0efa221fc59054a48122b52d38245f9bd026001635be5b155f5c766a59306fbde231fa72b4d74449a2fe8fb969496ee26af5881adaafb4189b439877ab8f78709cfd32c10ea576a010bfc137b7a4aae137ea3d29070ce3bc8dbe6655e967115ca3461ad9d28b9cf8af07441e68a54ec5e889846f3978f07ba51f7d5af5da78c5c675dc5d0c1a4a399ff4247203573a46fb903eaf7bc886e6cbd3126fa4a3fe3bb13bbdfea7da871f6563aa750f6ad7895b34b2809563dcf5ed30f1c60cef4138aa49d4f55e396534ed10cf4d857723a2b442f47d79de162c30ec6c4daf939b4c88649494e3682d1da81b4a5928d8e18a16c46707a685305e592589acb484e28e9d5af89c44b6e563d125ec97c0155410527406d94b90bc9576a662db99da1cb82b04d610d02187ce08f22ea0e8fd31919d53fa6aaf980e31ca7f8610e695a41919c24136a8406c62d5f15fca365892a2b54ece17664b5247583ad60d863f283f3c288946139575dcaedc978762e85f534e56334ef0221c34ffae054ddf79339b8f08701e9699b11041df8f518dd33203363c8098fbefb01555bcc2542422777b38d8dff11b15aadb0c251ce2c5b32f8735b3cb784f2e5731b48feb5a0e791a1106abdea0f7d1f087737cbe7fdf523fa14c9be2a2987511004c5b7ac1814ef6961db16799698242452c469a07c30e4a1f73193c74a41bdd88aef50035e4648bc9dfa276951798420a45e4085932bdb9381af3cc4678bd962af616549e4020d2c9fd25e2117a6d8934fde2218273d7833d60ea492e251417a27e7fb32012a940a6b6487af4b64958bf05f1b1107732149d227eeda5ca5a43cf583dc297d66072a1acd75e93a7caefd36a0d581e21d5cb08654c4ecef46ebac5391546e0b7d2a6418548d8f816446bcf237f676e873e6bae9107234abe5ab24c53ea472ad10653cef068fd9f4e729fc0d526e489f8df13af5575f1e70e0ec22899728b0659d70fc2dd509d9df3ec170638f89e540f4d3f02aa9b1b1819f84da596e0d7b45a5818061728f8eeccd2bea0f460dd7e18cb95f2364c50e351f0690e184eb63ebbb14a0b4b2117e44f3b2b3", 0x2000, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x130, 0x0, 0x4fcb6233, {0x0, 0x0, 0x0, '\x00', {0x7ff, 0x801, 0xadf, 0x804, 0xee01, 0x0, 0x2000, '\x00', 0x6, 0x8, 0x1, 0x41, {0x800000000006, 0xf}, {0x4000000000006, 0x7}, {0x1, 0xd}, {0x1000000000, 0xa00}, 0x80008005, 0xa, 0xffeffffe, 0xffffffe4}}}})
write$FUSE_INIT(r4, &(0x7f0000001200)={0x50, 0x0, r5, {0x7, 0x29, 0x0, 0x22000100}}, 0x50)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r6 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
readv(r6, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000300)=""/61, 0x3d}], 0x2)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
socket$inet6_tcp(0xa, 0x1, 0x0)

1m2.129916843s ago: executing program 1 (id=700):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0xffffffffffffff49, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r2}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00'}, 0x94)

1m2.058331124s ago: executing program 1 (id=703):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=@newtaction={0x18c, 0x30, 0x2, 0x0, 0x0, {}, [{0x178, 0x1, [@m_mirred={0x12c, 0x7, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x517, 0x1, 0xffffff80, 0x7}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x49, 0xfffffffffffffff0, 0x8, 0x36ee}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10000, 0x69da, 0x7, 0xa1ed, 0xb3a}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x1, 0x6, 0xe810, 0x4}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xd, 0x200, 0x5, 0x0, 0x10000}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x9c1e, 0x20000000, 0x8, 0x9}, 0x7}}]}, {0x3e, 0x6, "5deea7cdd136ac470824a0920ac5eccfa36a2c75f072ead94175fc984f7d8b6d2fbd83c5e1aab81fda838d9742d0c460aba7b00302ed3325a4b7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r3, 0x0, 0x2d, 0x0, @void}, 0x10)
r4 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r4, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x4cbe8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r5, 0x40383d0c, &(0x7f0000000040)={{0x200000000000000, 0xfffffff8}, {0x3, 0x109003ff}, 0xc, 0x8})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)={0x774, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0x728, 0x8, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xcb20}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3e03}, @WGPEER_A_ALLOWEDIPS={0x68, 0x9, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_ALLOWEDIPS={0x4}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0x630, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x3ff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x0, @local}}, @WGPEER_A_ALLOWEDIPS={0x5a8, 0x9, 0x0, 0x1, [{0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x3}}]}, {0x4}, {0xb8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x6}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x1}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x34}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x34}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x27}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x5}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}]}]}]}, 0x774}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000005c0), &(0x7f0000000600)=0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="1802000000000000000000000000000070120b0000000000950000000000000088d70660245b32fd4285b45710d5587d54715d6a86d65f6254fc1808b65b28500c60db0d9b3d0e8b43543b8a9c955b80deaa411874cc182ed84994259a4f7a9a77acaa70a8b67f1d79e39eeff3894af93bfc7cea3155d58ccb7f950c95ec3a9cf84e315252d3f9ea27a0957d8feb52e0fb28571b2bf3315a3f0330fa2d8fe6eea32c36f3f02bd8163dc369b1046a2d5b65692e3d4efe0452a6f9c10772dccead9aab598e85b5b089014924bf585848b70bf3ec00a1841123c86af188f03218eae6796f10bfca1d185eb334902c0406ee0a766f9442ab1b003b50df580b3e323653f36b4b8d7955be9a"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@volatile}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$nl_route(0x10, 0x3, 0x0)

1m1.672505313s ago: executing program 32 (id=703):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=@newtaction={0x18c, 0x30, 0x2, 0x0, 0x0, {}, [{0x178, 0x1, [@m_mirred={0x12c, 0x7, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x517, 0x1, 0xffffff80, 0x7}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x49, 0xfffffffffffffff0, 0x8, 0x36ee}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10000, 0x69da, 0x7, 0xa1ed, 0xb3a}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x1, 0x6, 0xe810, 0x4}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xd, 0x200, 0x5, 0x0, 0x10000}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x9c1e, 0x20000000, 0x8, 0x9}, 0x7}}]}, {0x3e, 0x6, "5deea7cdd136ac470824a0920ac5eccfa36a2c75f072ead94175fc984f7d8b6d2fbd83c5e1aab81fda838d9742d0c460aba7b00302ed3325a4b7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r3, 0x0, 0x2d, 0x0, @void}, 0x10)
r4 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r4, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x4cbe8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r5, 0x40383d0c, &(0x7f0000000040)={{0x200000000000000, 0xfffffff8}, {0x3, 0x109003ff}, 0xc, 0x8})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)={0x774, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0x728, 0x8, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xcb20}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3e03}, @WGPEER_A_ALLOWEDIPS={0x68, 0x9, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_ALLOWEDIPS={0x4}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0x630, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x3ff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x0, @local}}, @WGPEER_A_ALLOWEDIPS={0x5a8, 0x9, 0x0, 0x1, [{0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x3}}]}, {0x4}, {0xb8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x6}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x1}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x34}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x34}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x27}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x5}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}]}]}]}, 0x774}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000005c0), &(0x7f0000000600)=0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="1802000000000000000000000000000070120b0000000000950000000000000088d70660245b32fd4285b45710d5587d54715d6a86d65f6254fc1808b65b28500c60db0d9b3d0e8b43543b8a9c955b80deaa411874cc182ed84994259a4f7a9a77acaa70a8b67f1d79e39eeff3894af93bfc7cea3155d58ccb7f950c95ec3a9cf84e315252d3f9ea27a0957d8feb52e0fb28571b2bf3315a3f0330fa2d8fe6eea32c36f3f02bd8163dc369b1046a2d5b65692e3d4efe0452a6f9c10772dccead9aab598e85b5b089014924bf585848b70bf3ec00a1841123c86af188f03218eae6796f10bfca1d185eb334902c0406ee0a766f9442ab1b003b50df580b3e323653f36b4b8d7955be9a"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@volatile}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
socket$nl_route(0x10, 0x3, 0x0)

9.132923396s ago: executing program 4 (id=997):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0xabd7, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000240)={0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = socket(0x2, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000280)={'bridge0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x37, 0x2, 0xfffffffffffffffe}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1c0002, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xd28e, @mcast1, 0xbfd}}, {{0xa, 0x4e24, 0x20, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfdfffe01}}}, 0x108)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r4, 0x54a3)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f00000002c0)={0x3, {{0xa, 0x4e20, 0x7, @mcast1, 0xffffffff}}, {{0xa, 0x4e20, 0x5e14, @mcast1, 0x5}}}, 0x108)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x20004804}, 0x4000800)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380))
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000340)={0x0, 0x9}, &(0x7f00000003c0)=0x8)
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58)
syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x24f}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)

7.925882291s ago: executing program 4 (id=1005):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000a40)='d'})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x44, 0x0, &(0x7f0000000740)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) (fail_nth: 5)

5.790172722s ago: executing program 2 (id=1015):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(r0, 0x4, &(0x7f00000001c0)={0x6, 0x6400}, &(0x7f0000000280))
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_SETGAMMA(r6, 0xc02064a5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}]}}, 0x0, 0x42}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff)

4.85019844s ago: executing program 4 (id=1018):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x2, @thr={&(0x7f00000028c0)="8c1e02f4e7a84318985ca28a2e381173b15b5e1b56d85abdf002c3a8e7a9ea8b990c48931525b90375a7406e8ff617488433d145bc7f9abd517208451c068a9c758f0b33b8aeb6b8e6de91a93f9e28cb76d7bacfccd7d0f658c84451c5c6f74c57e6836a1df042fa59330006185d5de68a953eebe42496c574df3cbe64e4c5873da3070497ada8a5b38a8a2c6461079be82538becbea6d12113f2f1860f8419f1e076902b9278441278a8e4b189bc984fdb2ceb143fb494a0201bf97ea723b73ba675cfaf08b2cb9f4b3d620da337504c24631ae9a000671f045705b33141106c863dbed76b0c8428344519dbf167607ee0ef88ab837585f220ba720161624f2617f16b537a0e78a9500fa99b92c6a4ff71560026e19dbdf2bb55020afb263f6e4fe4ed6f1d5e74cca2a088efae9e70a48672155c020c9271818db0b634bad095babc017f0ae09e4c242bafa0e2ea77354bbfcc532ddcff890a04b6b9ce0b4ff8862057e80191ca93ce1729c6fa70f375d2a87993d32b2a39ef894e2d40918a29fcbdeec1df414d38a466195359922f41a0358214fe6be96234c3a40b2b952baef53aed68a91948eed35eb87af412c43d5a20efd9c5ea5626f1658dbc58204507e26a859f5838a353e42d9c2c50f6b27cd1549570c59b1bf35d2ae8c8ab9a2726d40fe506ece70ed9f737013d6255107224133f735698b3b436568c77b3bd48a09d13538063327fb38a292993e32548b9aa1cefb95555b5c84512b5552222039b5bf7013da6d1d524ef7c0e1239bdbc0db1513157120c715427c2decc4c2ec542085dc4d04cd322bb74d950cf8b5025c4499a3c73138dc2927bd4e8000d9b6dda2339257b0e36e75f56854322b7aa3ad54665be67d5b56dad70cab00895a455932a843a5be9cbff735274bde6723d8ec519cd670119a6cb7b265469223cf226b359783263610d0069fa474b4f57adedb84c92b69a55669658445fd30d9740824902c889268b94fe85cc84958e1dddf613609bce644d9a720fbb322168029f331af0bb9515ca4065965e95c39b9ee1aa90e5665360f3ab8dd00b0b39f2b361e92a641489cf9ee91107c6beff71394d79d0e078304e9492f71453ba4523128a58fff54082bf686e18715790402762d56953d7706a1c2746e23c33e3c313d56b0edc6a378ee02e8d19058c6c17e8a83d9625b0e93d4d8bd048a8bda593d2c0fcc264ea519ba7d69d9c3b3bcbe481aba06212c9a49f2591efc4a55211da453da2d07a43865a9bd6f303e26a136b38e84432d637b0f64fa7fbc891f4e4027e9ca6f86f5ad4897880149759b75a8008d32fdcadf8a5280eb69ee9ffe2f44bf20915a93db0d2c30e72670850ec02670cc481b175bed57102ca5ec018bfac0de3ab6e6f804d5d59ad361cebbf485fa83abb5c21525ca0f1173ab8bc5ef893596796ba86dfdbd2cefc8a4c8a613eb3862e1587af334b53ee5fb9f500027d447b47917e456c4b6607888747f6db31efd69619d4f72a548ac1584a746175ac4058ebc189fc3d63cc8747032620e97345212578e5ed22ef99bad578e2314f5c08d3dba5e0ee33391469a0800b83d2d1d73976f819a66c81da1ae0fd8c55e15df12106b3af3bbe19dad236076704a41160241402f9a081cb74ed6c9858473bb548efb767ad964b33fc814322daa73d6b45a38dcec27b320997479cf642b7033e9f5a8da4410a0fd71e102635adfe3085362703ac43faef936f3aa8b3e004792b9c1b0ca12a14ebf9f9215aceb9c2129d7d9270213a23894db46e6343f1980213b181e52ce21f8ada8f0462243b22b69633e2a1158462c372826d24631094ceb111c11d6e97c0a20bd48a79e4a87acc8712c289259781b60809da55130947a21d5357d9355cefe7e5e9a08ba8b01ab00b6fdbe7dd7c2ae1a3b72d7ae291063be4ad47e49752005137795949ce89f9f80e5b8a0d192fb1ceab79530e33771fd78d16fa5bf141099bbd1499835f060dad719e2883ec1d03133e73e6f98cf9934897e483f98f01c60ac95a550be9a15dc397dd2187f4fdd35724614a1d136b8354e2ff18747a91376593953f2e2a928df2df1310f63e1653d3a46633b2160a5340526f7b64a68cbe3e75edfb119bc7d27e9c96d4f350d4005c9cf038d946974bb7069fec3f2719a98e5dd72cfe77eb5b4f5c93ba65050980083ff28dcaf10e3b05aae235ebc6beb213a63590df8b7b6170d1181e959f200d8f778ce754c8b4c13a7884f67df79517df1351a70071feb89001c59e033566bf3c88d700db44551f135354d772a2544bf6b472b3b7b77cf234ff7acb6d6c46955bb525c9034ece8c674c79a31b8b6e8c0d34a2f1ea463a5251c753bd1420e87b5e267e7ce3f7b08ba9edda79ea0de85a66efb5caea2fbdd3069dc919fcef6c34b5a4843fddfe1af0b9dc6ba8d768d3311c6b9e01ca18a74e552c1c66108e20fdc93fae862caa7073dbe3f029d4a569c46dae5e571e79b3535a9369d2f397b78c4e3ca0e71f34592e335bb3fdd4b70caa2dab01924ba315a56413413efe89eeb7216ea60f0967164028c368ef4eb03bd1e5e22fb19e5572e0de54cf8ff49d1cec24bfcfb41c0778a8d7a61e9ac76ea81b0517a82b1e658381b4fb020a00dc4183aabaf544e189cb9d393506670ba54735f5ecf71527ce89119726c85c3ba346b08839f53cf8a1303fafbdbbc99b138a1f02c8b31d1494071ef814e39ddc7fb51f2ce26110d05147c70a15a412708719c9c2576628c9fe2e0d20bd8b25e9b7b3e5ada15eefbd7c3efdcdfe67f812ff055678c1f72aa1dc85ce9c4541387ecb7c2678575197ccaaddd921d532b82de57a1c7405e1a88d02e185802924bc635649348ff2901461d7d4186f4434c7a68b64e904333a843e43a5934b46c73742b7a6252ea83c38f7df4844c39eb5cf21cdad0fbd5f74f9e2bdcd5a023eddcc3fa11fb7369c6eedf014437df26a1ca1fe9123e1ef7593c000b8f7a1822e4d5a41ce0e845a2c2151a96c3ca0703ce65d496d700be8afb4855d118c59582a43317cb6978d11bcabb938ce0429f112a239cd1ccb5546276a02bc702e179468627cf413a8708cfa5ddaec37e5be1f6a03ac2dde3543226259205d692858a25e7ab325c3dbf13c64abb22f7e60d1c4e82a7d5ad9328f4319f7f44b62a1f8010cccf46f5f78a87204208327d67f77a8e28f938a461f293aa94fdcf5e3295abd2995be620bcff40681ee3c0f6cb8ac7fafd6f7c2f11f63316f5ed4da065c03e66d6f357182f71db07d13fb90a9e1b75d53fe058c7ed41c35bcc93a02378dce717e1f29ab15cdc6d452c94967814469851b599c20e027934584e37d67b3679e016c4d1039b61d622e905cb2f459e73b0d361c12015e782c3f5bce7cf4cf11a0c3b16bd4e73814916a9ebecdec7361b52cc11991f1a8987d7f417e4a0ebbaed27eb0a296c6d9f8e01515db861a251905cda2f339ebac2ead9835256c306fb9aaa9117414787f61d00e27b73aaa18f6618db8b576687d09c1ee3389c370b88008089d346610a199bab93846e0957ba241b5bcd65807e97e7b71351145172ef5778c8c705c034f554c1babca202e4dba2360513c16358bd5824b6cbab83a2d79e959fac5c0bf76d6cd04805f1c51090429f25e55723486e97fdfb797b84816688dfcae8c6cd0f8a55c73975485e4d000bfa3b4363d1f152241dcb5fb564c4916c492b9d7bce27a24b785e5a945553bcbc6d24623f3ab9e9f11a569149af6a9fd2281d46d6ed9b773a6c47b94b64c3d13e53f79808da29437d1f0ef98918bb9cd63e3fa8d5933116fcf19de3f6e5e4229a14c9b52a127facbe855a8d5ec3f01d6ab340b0d4507ea3078c9b986ded87d1039d78f7ecd81e87b5a8fb2ad045c36724e8bd0ea222cf00a1b8e89ecc28174d2812aaac70172dc06efe2234b0350c39336ba2839da6ba059fb75cf0ffd7d0cdd04e19028ae3a388277ae64cc178956965c71db0461ea117d01f6e71eea269b0f3ed1747820a9e1f619e70c749a7f03010536bf42b4d1ad2f5b73f03acf9ec79e11607c3216a2e021dff5c3644a790e3acdd949629848df0928d3cae20ab304e5967479b19aae01dd5616e4ca835bb13fb234318b958692ac4f9ebbd4a534e8515a767fe9f9edadc3a9639db596fdca0b85534ea33b93705b0c24ca28f022c023528f4d86be496aa4a553fd5b9711b5e03b0d99ab9c57355cea78b25bda46164ce3d1502d0ea370067fd488368b9dfa1dd3fb336455f59689e5e94e809987cdeb9f1fa562ebdac57d796cfcd3fb7e30574131cd419deb7bcc1bf5bda9553879d950d9bd5215769a4de2309b3b306d36a7862655a4a11dac18809f65af76308fb8240537516cdee3e36b3570aa8f92b6a317cc15ea88c233acbf523ded1a161154b6c20d075a9e40289080954551ee843f1aadd0d84556083c4d7bbfe3929823319b1f155fa8241e6154858e731c383cfe4f813a3a611184dee1e676011b8c5feb220089b3b01c60128bf736641cbbad664df902dcbaf282fa4740b8139a770e79bf398bc240b5b237c2201075493994c60c570a79286e123a8b0d42a0d2ed8cc281219d472ae65702438d4d52744348ceb84ecef6c61726dafb694e72c8b1df5d5d8bc106ea3d787ad571e00c534531df899cfe95fd3a8487479c6b224da7d1a3dc947e7988a75421b4cba9e8670f150d6bd70259ffb70317abb77a13bd7d707f159513269998f6a8434c6a0baca2ce43f4ff698e5cd90f61f522333c046537cdb293175d64d9138ee2ad314ddda9580edefbd7730af84b9e6f8082c25ecb8920bac67f128de87feab237d76ce92e8fb376138739c99120583ba468a9b7377bcfc3f96ae453179eb5fe5b00701e8d6511e1534e955d4bbb967c31f602d449bec6ca3b298fab1452f00aa5028ca8a1cc52f8ac21c4a159ee85f2b42ad37a3ec0093fbdf1b87b05b4292f45809e62029fb1040cb713e9d735f5be1822823ac59dcf3e9248ac9499c08a68a1004c4cd44732ac00b7547745499d34fe7202dc8697b12d105b37f0a1efe884a3338ce82de2df4d8820c5bee591ccd400a5f00ea3e2f66d88e5a5da0626d79fd243180ddb517bb279eb18cd138eefe6c3d5e1c99831edf967db3443da426c6ec91db17c5bb6799b0430f2d930e5094c8bf269c7a70a21cc31015e0d48ea7c399ac0f008f651af765f778cbea6691f4051be07eca15284ead780561dad0c55c8e6340b605a5f47d5ae823d17ffc6f0e3db6526916344272ef8bdecd585ec4c2bc183e48703645c97a2707f87d761deafee379abfda4ceb78585445e302ae741475d05300687e51437a2f033d49f7aa9f20610cfe4d34a04ac7bcd374246479040c533d2c2234ee2f911386c21b4d3b3f9ed101428c4b774ac68380cc27c3081a397d0bbd5573bb4c614ca418278973a602dc7af5c744066a64f06400dadf5bbc15e7e55a21532a334762ab452c8fbbbd00e12240ee550bc9dd28bef77380d546459e5461d6d039370b77cb8ae7fdd87ed8519a08c9eb5b595e0f930e097dc9aa2d52a9d4f6746978ecb47608ce9b011510609633a3ae7e6d7965673499860125a54ebc5bba6d6aaabae557845455ed3f1d0ef1880c223860982801eaed0bf7063b8ea99e252942dff9721313066bb8d521145bccbe83d2a010341f2316b50e5807c21416775b20c93f9dc2feff921de7035aea188d1f879a8c38325aae5e721adbffe5f5afa08f9a536f1603895d1a1f3f92df7f122500022bb4889a8f55bfbae35923c05c888fe1e9c40de0ecdb6671e1cce3c16ad641f2de7a9e0eb16622900b7bce90f2f6bc1c9c2aff80326b22cfb1613ec9edefc8ce65f291e48133df77008cd3f5804b3956686dbdfd5e7104db3c218353f34daa60bc2d9b62b5863f27d8326ad32f0357d8bc8ab908b3268eddd60ec875686381cbfc82a6f231a78b9028b69f260e0c72d4bc6559c60156d9a6ad8142b13879a03e17ea8a9b32972144680da529ca7017284e8eaa2175f86e38eecd828589727ddcab7204e898b2f8f6fc407ad3326a9823c6bd480762092b923795f116fc93ba1fbc83d59a028a9519b1a9fa07ddbe5023fcef2579896255d101950c0c063e78f44404abc918e37d72bcd32f2a02a77348dce06c84dcc9e4d13ff28abda63b64f19d947a6a4b53b457487d24d5a6cc40bb5e064540c32a81d587b6251eb8f85c38f181769f2ad2c1faa5610517d5b58eaac85c550327e94e570a8adcb11da76253adfa0937ba925855ae39fd3b92b18", &(0x7f0000000140)="af85f928eebb65518e42917298c2cedfc645208cf7fbfe828edfa1c6a8c6209d004896a3c0bc07665b6090a25f460b7feb922f20ba60d7cb39defd106a14d8dc924458d9b49c3412a91d0010fd4bfaed8082a8fd2d342d3d9acbfdecc94dbd62ffe7a6eb0d63d4c46c3894c2d4d1b2edf2caf4bfa36aa8ae6730d6be3120efe6465074bf7f06886bbbc49cee527e12fa25324a495257031ac26f2dca8debf6f8899b781897dba95cd9e942711b3061befd527eb34cb35908ee"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb143, 0x1000, 0x2, 0x196})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
recvmmsg(r1, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
close_range(r0, r1, 0x0)
socket(0x2b, 0x80801, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000480)=ANY=[@ANYBLOB="28000000120001"], 0x28}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, &(0x7f0000000700)=ANY=[@ANYBLOB="56c78e3c733d76697274676f2c6e6f65bc33dbde548d51f5638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000300)='./file0\x00')
r3 = socket(0x2, 0x80805, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x7a, 0x0, &(0x7f0000000000))
write$nbd(r4, 0x0, 0x1010)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f00000002c0)=""/166)

4.689884531s ago: executing program 4 (id=1019):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(r0, 0x4, &(0x7f00000001c0)={0x6, 0x6400}, &(0x7f0000000280))
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_SETGAMMA(r6, 0xc02064a5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}]}}, 0x0, 0x42}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff)

4.321426702s ago: executing program 2 (id=1020):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x2010, 0xffffffffffffffff, 0x0)
write$UHID_SET_REPORT_REPLY(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\b'], 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000000000)={0x0, 0x2710}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0xa, &(0x7f0000000200)=0x100000001, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)

4.302464416s ago: executing program 0 (id=1021):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0xabd7, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000240)={0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1c0002, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xd28e, @mcast1, 0xbfd}}, {{0xa, 0x4e24, 0x20, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfdfffe01}}}, 0x108)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f00000002c0)={0x3, {{0xa, 0x4e20, 0x7, @mcast1, 0xffffffff}}, {{0xa, 0x4e20, 0x5e14, @mcast1, 0x5}}}, 0x108)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004804}, 0x4000800)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000180))
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380))
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000340)={0x0, 0x9}, &(0x7f00000003c0)=0x8)
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58)
syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x24f}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)

3.360251147s ago: executing program 2 (id=1022):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
keyctl$dh_compute(0x17, &(0x7f0000000800), 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}, 0x0, 0x14})

3.360081556s ago: executing program 2 (id=1023):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@delpolicy={0x74, 0x27, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0xffffffffffffffff}}, [@lifetime_val={0x24, 0x9, {0x1, 0x3, 0x9, 0x2}}]}, 0x74}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@delpolicy={0x74, 0x27, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0xffffffffffffffff}}, [@lifetime_val={0x24, 0x9, {0x1, 0x3, 0x9, 0x2}}]}, 0x74}}, 0x0) (async)

3.269818626s ago: executing program 2 (id=1024):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
chdir(&(0x7f0000000540)='./cgroup\x00')
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fsopen(&(0x7f0000000100)='binder\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f00000004c0)={0x0, 0xf0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000010000000500050001000000080004000000000005000600010000000800030001000000fef4f49de1c46bab09ceaa5bb83f7a17b9862f611bf0f51a6f9e8638ffccfdffe47c32fd1ec40202baca63d3038e29d1f472c49700d459fc97705d866e433c1910f67c66a7b57caad1806b9b"], 0x34}}, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(r5, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x68, r7, 0x0, 0x70bd26, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @local}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x7, 0x8, 0x7, 0xd4f]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x4]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}]}, 0x68}}, 0x20000080)
landlock_restrict_self(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r8, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x448d0)

3.269241034s ago: executing program 0 (id=1025):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0xfb, 0x3, 0x2, 0x9}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa5a}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x84}, 0x8000)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0) (fail_nth: 5)

3.140229278s ago: executing program 4 (id=1026):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r3, @ANYBLOB="000024000000000024001200140001006272696467655f736c617665800000000c0005"], 0x3}, 0x1, 0x0, 0x0, 0x40900}, 0x0)
splice(r0, 0x0, r2, 0x0, 0x10d00, 0xf)

2.989853555s ago: executing program 4 (id=1027):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000082"], 0x34}}, 0x0)
r0 = syz_io_uring_setup(0x4a60, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0xfffffffe, 0x1b3}, &(0x7f00000004c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000000})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x15)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r4, 0x0, 0x5004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r9, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)

2.929831719s ago: executing program 0 (id=1028):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
setgroups(0x0, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x16, &(0x7f0000000e00)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x2}, 0x10}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond_slave_1\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r2, @ANYBLOB="000024000000000024001200140001006272696467655f736c617665800000000c0005"], 0x3}, 0x1, 0x0, 0x0, 0x40900}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000000c001a80080000000000000001c1a1b1a9c680b722eeb27b8388ccae13e0951d7d9b5816811088828bfaf78a8cd3b2bef2557cb70c1449f723442ceac14a3dbd08acf533e745bf75e749eee3e17d2579081974b82fd1d8e8e9c0af8072c40f04587fb3f0fc37680ac09fa4875dc52a8305792063649e60240f1dbc67543c31faffffff7ad4ca6e670000000000000000"], 0x44}}, 0x0)
splice(r0, 0x0, r2, 0x0, 0x10d00, 0xf)

2.849865258s ago: executing program 0 (id=1029):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0xfb, 0x3, 0x2, 0x9}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa5a}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x84}, 0x8000)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0)

2.719308761s ago: executing program 3 (id=1030):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r3, @ANYBLOB="000024000000000024001200140001006272696467655f736c617665800000000c0005"], 0x3}, 0x1, 0x0, 0x0, 0x40900}, 0x0)
splice(r0, 0x0, r2, 0x0, 0x10d00, 0xf) (fail_nth: 3)

2.606185649s ago: executing program 0 (id=1031):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d37, 0x100, 0x10, 0x3fffffe})
sendmmsg$unix(r4, &(0x7f0000001000)=[{{&(0x7f0000000300)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000100)=[{0x0}], 0x1, &(0x7f0000000640)=[@cred={{0x18, 0x1, 0x2, {r3}}}], 0x18, 0x42}}, {{&(0x7f00000007c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000f40), 0x0, 0x0, 0x0, 0x854}}], 0x2, 0x24040014)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000280)=@newtaction={0x60, 0x30, 0x9, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x800, 0x0, 0x7}}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0)
fchdir(0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x50, 0x0, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xe}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x7}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x24040000)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x48)
write$cgroup_int(r8, &(0x7f0000000000)=0xfe8e, 0x12)
socketpair(0x23, 0x2, 0x1, &(0x7f0000000040))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x3fee, <r9=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="850800b4760000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x5}, 0x18)
symlink(&(0x7f0000000880)='.\x00', &(0x7f00000008c0)='./file0\x00')

2.542328031s ago: executing program 3 (id=1032):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e00000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
keyctl$dh_compute(0x17, &(0x7f0000000800), 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}, 0x0, 0x14})

2.542009885s ago: executing program 3 (id=1033):
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, 0x0, 0x4000800)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000b00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000005a00)={0x38, r0, 0x1, 0x70bd28, 0x2, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1ff3692e}]}]}, 0x38}}, 0x20000000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = socket$inet6_sctp(0xa, 0x4, 0x84)
sendmsg$inet6(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="5ebd870b4e1c8b795e5aad2eb8f4c295fcdfb99f632c18d6c033f351e5c55ee30fe604a3f4f9116576c3da3142b81f5fee5435f97dacb4e7b949951221b23800b3655dca825c0fe8f9292f05b231f0233b13e63d52c91f820c302d80042f73debcd7a5", 0x63}, {&(0x7f0000000500)="62b889208dc593f20e135c7eaf1cc47637204e9eed090b33810f3a6daf25afdc98d685b6bafb0b1b5b3098217ae1f086ca52cea8c8708d604fd110e8fe62340e4c8b5227403e0dc7b9f44ca6455fe9ac487f01cab3c05bf81b2f1ede7a0732e1bc54100119e7cc7ef9580f0b76359e0234075d4e1b769fccd6ac001cb5f2bf2a8ef171a98a415fb849a2db28be1941c5a25576c98b74a886cce56a4e97edb2ae88bedb7f259e9b144b1367a2ff3e4cab5e4cf8dd2f2212a5", 0xb8}], 0x2}, 0x80)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000040)='a,\x00')
mremap(&(0x7f0000ff1000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08001400fc000000080011000700000008000e00800000000800", @ANYRES64], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r5 = syz_io_uring_setup(0xd38, &(0x7f0000000280)={0x0, 0x7732, 0x80, 0x1, 0x350}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000440)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x36, 0x0, 0x0, 0x4, 0x0, 0x1, 0x20})
io_uring_enter(r5, 0x47bc, 0x3000000, 0x0, 0x0, 0x0)

1.379775779s ago: executing program 0 (id=1034):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(r0, 0x4, &(0x7f00000001c0)={0x6, 0x6400}, &(0x7f0000000280))
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_SETGAMMA(r6, 0xc02064a5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}]}}, 0x0, 0x42}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff)

317.647658ms ago: executing program 2 (id=1035):
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x7}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xa0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @private=0xa010101}], 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0xfa9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}], 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x9)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000140), 0xd16e, 0x48021)
ioctl$USBDEVFS_DISCSIGNAL(r4, 0x8010550e, &(0x7f00000001c0)={0xd55, 0x0})
write(r3, &(0x7f0000000240)="aefc00001a0025f01d85bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000080), 0x619}, 0x38)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000440)={&(0x7f0000000300)=[0x0, 0x0], &(0x7f00000007c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000340), &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xc, 0x0, 0x2})
ioctl$DRM_IOCTL_MODE_GETENCODER(r5, 0xc01464a6, &(0x7f00000001c0))
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', &(0x7f0000000280), 0x800, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00')
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000100)=0xfffffffd)
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f0000000040)={0x0, 0x2, 0xad8})

270.163344ms ago: executing program 3 (id=1036):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='rtc_irq_set_state\x00', r1, 0x0, 0xd}, 0x18)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_PIE_ON(r2, 0x7005)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000003d000900000000000000000701000000040000000800018004001080080002"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

184.27347ms ago: executing program 3 (id=1037):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0xfb, 0x3, 0x2, 0x9}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa5a}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x84}, 0x8000)
r4 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x500)

0s ago: executing program 3 (id=1038):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000100)='sys_exit\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
chmod(&(0x7f0000000540)='./file0\x00', 0x120)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x7}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='vegas', 0x5)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000000)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0b2c6ed515651056c705918431d6a", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffffffffffc, 0xb, 0x3, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e450ab8bca3cc5d0de67e2", &(0x7f0000000380)=""/148, 0x0, 0x1, 0x1, 0x0})
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0)
r5 = syz_open_dev$hiddev(&(0x7f00000002c0), 0x0, 0x0)
ioctl$HIDIOCSFLAG(r5, 0x4004480f, &(0x7f0000000000)=0x3)
sendto$inet(r1, &(0x7f0000000580)="17", 0x1, 0x10008015, 0x0, 0x0)

kernel console output (not intermixed with test programs):

80.010770][ T6008] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  180.010784][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.012027][ T6008] usb 8-1: config 0 descriptor??
[  180.026601][ T8201] netlink: zone id is out of range
[  180.028295][ T8201] netlink: zone id is out of range
[  180.029895][ T8201] netlink: zone id is out of range
[  180.554194][ T8178] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.558600][ T8178] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.566340][ T8178] netlink: 20 bytes leftover after parsing attributes in process `syz.3.590'.
[  180.569798][ T8178] netlink: 20 bytes leftover after parsing attributes in process `syz.3.590'.
[  180.597234][ T6008] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  180.790850][ T8178] netlink: 40 bytes leftover after parsing attributes in process `syz.3.590'.
[  180.856253][ T6008] usb 8-1: USB disconnect, device number 31
[  180.921978][ T6121] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  180.927966][ T6121] usb 7-1: USB disconnect, device number 15
[  180.952571][ T8208] netlink: 320 bytes leftover after parsing attributes in process `syz.1.598'.
[  180.957263][ T8210] fido_id[8210]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb7/report_descriptor': No such file or directory
[  181.945121][ T8230] netlink: 4 bytes leftover after parsing attributes in process `syz.1.604'.
[  181.984874][   T13] smc: removing ib device syz1
[  182.005109][ T6008] syz1: Port: 1 Link DOWN
[  182.375669][ T8241] netlink: 320 bytes leftover after parsing attributes in process `syz.2.607'.
[  182.631735][ T5969] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  183.021769][ T6013] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  183.173277][ T6013] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  183.176989][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  183.180437][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  183.184584][ T6013] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  183.189886][ T6013] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  183.193613][ T6013] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.197563][ T6013] usb 7-1: config 0 descriptor??
[  183.435156][ T5969] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  183.439165][ T5969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  183.442465][ T5969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  183.445400][ T5969] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  183.449513][ T5969] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  183.452545][ T5969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.490426][ T5969] usb 5-1: config 0 descriptor??
[  183.614324][ T6013] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  183.661799][   T53] vhci_hcd: vhci_device speed not set
[  183.669421][ T8268] bond0: option mode: unable to set because the bond device has slaves
[  183.726880][ T8269] netlink: 'syz.1.616': attribute type 10 has an invalid length.
[  183.729844][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.732454][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.737816][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.740064][ T8269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.742580][ T8269] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.744804][ T8269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.749603][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.752285][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.864352][ T6121] usb 7-1: USB disconnect, device number 16
[  183.905006][ T8273] netlink: 8 bytes leftover after parsing attributes in process `syz.1.618'.
[  183.907889][ T8273] netlink: 28 bytes leftover after parsing attributes in process `syz.1.618'.
[  183.915288][ T8273] ip6gretap1: entered allmulticast mode
[  183.918937][ T5969] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  183.967853][ T8279] net_ratelimit: 18 callbacks suppressed
[  183.967864][ T8279] netlink: zone id is out of range
[  183.971234][ T8279] netlink: zone id is out of range
[  183.973240][ T8279] netlink: zone id is out of range
[  183.975329][ T8279] netlink: zone id is out of range
[  183.976947][ T8279] netlink: zone id is out of range
[  183.978678][ T8279] netlink: zone id is out of range
[  183.980223][ T8279] netlink: zone id is out of range
[  184.184855][ T7338] usb 5-1: USB disconnect, device number 9
[  184.430439][ T8292] dvmrp1: entered allmulticast mode
[  184.726293][ T8297] netlink: 64 bytes leftover after parsing attributes in process `syz.0.626'.
[  184.729565][ T8297] block nbd0: not configured, cannot reconfigure
[  185.618389][ T8307] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  185.620517][ T8307] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  185.628005][ T8307] vhci_hcd vhci_hcd.0: Device attached
[  185.635720][ T8309] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  185.637804][ T8309] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  185.641947][ T8309] vhci_hcd vhci_hcd.0: Device attached
[  185.843322][ T8311] vhci_hcd: connection closed
[  185.843605][ T1141] vhci_hcd: stop threads
[  185.846982][ T1141] vhci_hcd: release socket
[  185.848567][ T1141] vhci_hcd: disconnect device
[  185.871714][   T53] usb 39-1: new low-speed USB device number 6 using vhci_hcd
[  185.874528][   T53] usb 39-1: enqueue for inactive port 0
[  185.901716][ T6121] usb 43-1: new low-speed USB device number 6 using vhci_hcd
[  185.942505][   T53] vhci_hcd: vhci_device speed not set
[  186.007725][ T8310] vhci_hcd: connection reset by peer
[  186.009740][   T13] vhci_hcd: stop threads
[  186.011427][   T13] vhci_hcd: release socket
[  186.013349][   T13] vhci_hcd: disconnect device
[  186.138282][ T8321] netlink: 64 bytes leftover after parsing attributes in process `syz.2.632'.
[  186.141117][ T8321] block nbd0: not configured, cannot reconfigure
[  186.541968][ T6013] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  186.703155][ T6013] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.707033][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  186.710646][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  186.713967][ T6013] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  186.718206][ T6013] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  186.721130][ T6013] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.725947][ T6013] usb 7-1: config 0 descriptor??
[  187.012650][ T8347] all: renamed from lo (while UP)
[  187.085479][ T8341] lo speed is unknown, defaulting to 1000
[  187.087331][ T8341] lo speed is unknown, defaulting to 1000
[  187.089857][ T8341] lo speed is unknown, defaulting to 1000
[  187.093479][ T8341] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  187.099544][ T8341] infiniband syz: RDMA CMA: cma_listen_on_dev, error -98
[  187.110497][ T8341] lo speed is unknown, defaulting to 1000
[  187.113567][ T8341] lo speed is unknown, defaulting to 1000
[  187.116127][ T8341] lo speed is unknown, defaulting to 1000
[  187.118588][ T8341] lo speed is unknown, defaulting to 1000
[  187.141721][ T6013] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  187.392872][ T8354] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  187.395716][ T8354] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  187.398552][ T8354] vhci_hcd vhci_hcd.0: Device attached
[  187.401149][ T7338] usb 7-1: USB disconnect, device number 17
[  187.925582][ T8366] netlink: 64 bytes leftover after parsing attributes in process `syz.0.648'.
[  187.929395][ T8366] block nbd0: not configured, cannot reconfigure
[  188.113333][ T8355] vhci_hcd: connection closed
[  188.116230][   T62] vhci_hcd: stop threads
[  188.122848][   T62] vhci_hcd: release socket
[  188.125546][   T62] vhci_hcd: disconnect device
[  188.456833][ T8377] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  188.458907][ T8377] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  188.469146][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.650'.
[  188.476149][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.650'.
[  188.479449][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.650'.
[  188.483344][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.650'.
[  188.494837][ T8384] veth0: entered allmulticast mode
[  188.521849][ T8377] vhci_hcd vhci_hcd.0: Device attached
[  188.723954][ T8392] exFAT-fs (nbd2): mounting with "discard" option, but the device does not support discard
[  188.728185][ T8392] exFAT-fs (nbd2): unable to read boot sector
[  188.730697][ T8392] exFAT-fs (nbd2): failed to read boot sector
[  188.732994][ T8392] exFAT-fs (nbd2): failed to recognize exfat type
[  188.827695][ T8382] vhci_hcd: connection closed
[  188.827993][   T46] vhci_hcd: stop threads
[  188.831867][   T46] vhci_hcd: release socket
[  188.833469][   T46] vhci_hcd: disconnect device
[  188.882078][   T53] usb 37-1: new low-speed USB device number 12 using vhci_hcd
[  188.885302][   T53] usb 37-1: enqueue for inactive port 0
[  188.951873][   T53] vhci_hcd: vhci_device speed not set
[  188.991783][ T6008] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  189.061224][ T8405] netlink: 'syz.3.661': attribute type 5 has an invalid length.
[  189.146021][ T6008] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  189.150289][ T6008] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  189.155848][ T6008] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  189.159034][ T6008] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  189.163623][ T6008] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  189.166662][ T6008] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.170702][ T6008] usb 6-1: config 0 descriptor??
[  189.493519][ T8418] comedi comedi3: comedi_config --init_data is deprecated
[  189.497408][ T8420] comedi comedi3: comedi_config --init_data is deprecated
[  189.609555][ T6008] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  189.822741][ T8430] netlink: 64 bytes leftover after parsing attributes in process `syz.0.667'.
[  189.826263][ T8430] block nbd0: not configured, cannot reconfigure
[  189.837722][ T8431] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  189.840424][ T8431] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  189.847708][ T5969] usb 6-1: USB disconnect, device number 10
[  189.868502][ T8431] vhci_hcd vhci_hcd.0: Device attached
[  190.038593][ T8440] FAULT_INJECTION: forcing a failure.
[  190.038593][ T8440] name failslab, interval 1, probability 0, space 0, times 0
[  190.043899][ T8440] CPU: 3 UID: 0 PID: 8440 Comm: syz.0.669 Not tainted syzkaller #0 PREEMPT(full) 
[  190.043923][ T8440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.043934][ T8440] Call Trace:
[  190.043940][ T8440]  <TASK>
[  190.043947][ T8440]  dump_stack_lvl+0x16c/0x1f0
[  190.043976][ T8440]  should_fail_ex+0x512/0x640
[  190.043993][ T8440]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  190.044012][ T8440]  should_failslab+0xc2/0x120
[  190.044029][ T8440]  kmem_cache_alloc_noprof+0x75/0x6e0
[  190.044051][ T8440]  ? skb_clone+0x190/0x3f0
[  190.044103][ T8440]  ? skb_clone+0x190/0x3f0
[  190.044127][ T8440]  skb_clone+0x190/0x3f0
[  190.044152][ T8440]  netlink_deliver_tap+0xabd/0xd30
[  190.044184][ T8440]  netlink_unicast+0x64c/0x870
[  190.044205][ T8440]  ? __pfx_netlink_unicast+0x10/0x10
[  190.044219][ T8440]  ? __asan_memset+0x23/0x50
[  190.044240][ T8440]  ? __build_skb_around+0x278/0x3b0
[  190.044265][ T8440]  ? is_vmalloc_addr+0x86/0xa0
[  190.044289][ T8440]  netlink_sendmsg+0x8c8/0xdd0
[  190.044311][ T8440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.044330][ T8440]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  190.044354][ T8440]  sock_sendmsg+0x3cc/0x470
[  190.044375][ T8440]  ? __pfx_sock_sendmsg+0x10/0x10
[  190.044392][ T8440]  ? is_bpf_text_address+0x8a/0x1a0
[  190.044428][ T8440]  splice_to_socket+0xaf4/0x1110
[  190.044466][ T8440]  ? __pfx_splice_to_socket+0x10/0x10
[  190.044496][ T8440]  ? __lock_acquire+0x622/0x1c90
[  190.044534][ T8440]  ? common_file_perm+0x1a9/0x340
[  190.044556][ T8440]  ? bpf_lsm_file_permission+0x9/0x10
[  190.044580][ T8440]  ? security_file_permission+0x71/0x210
[  190.044605][ T8440]  ? __pfx_splice_to_socket+0x10/0x10
[  190.044645][ T8440]  do_splice+0x1478/0x1fc0
[  190.044670][ T8440]  ? __lock_acquire+0x622/0x1c90
[  190.044696][ T8440]  ? __pfx_do_splice+0x10/0x10
[  190.044716][ T8440]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  190.044739][ T8440]  ? find_held_lock+0x2b/0x80
[  190.044765][ T8440]  __do_splice+0x32a/0x360
[  190.044791][ T8440]  ? __pfx___do_splice+0x10/0x10
[  190.044821][ T8440]  __ia32_sys_splice+0x189/0x250
[  190.044860][ T8440]  __do_fast_syscall_32+0x7c/0x300
[  190.044879][ T8440]  do_fast_syscall_32+0x32/0x80
[  190.044896][ T8440]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.044917][ T8440] RIP: 0023:0xf700d579
[  190.044931][ T8440] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.044947][ T8440] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  190.044963][ T8440] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  190.044974][ T8440] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000010d00
[  190.044982][ T8440] RBP: 000000000000000f R08: 0000000000000000 R09: 0000000000000000
[  190.044991][ T8440] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.045000][ T8440] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.045025][ T8440]  </TASK>
[  190.168155][    C3] vkms_vblank_simulate: vblank timer overrun
[  190.190650][ T8440] netlink: 'syz.0.669': attribute type 5 has an invalid length.
[  190.259750][ T8446] FAULT_INJECTION: forcing a failure.
[  190.259750][ T8446] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.265201][ T8446] CPU: 2 UID: 0 PID: 8446 Comm: syz.0.671 Not tainted syzkaller #0 PREEMPT(full) 
[  190.265216][ T8446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.265222][ T8446] Call Trace:
[  190.265226][ T8446]  <TASK>
[  190.265231][ T8446]  dump_stack_lvl+0x16c/0x1f0
[  190.265251][ T8446]  should_fail_ex+0x512/0x640
[  190.265263][ T8446]  _copy_from_user+0x2e/0xd0
[  190.265274][ T8446]  get_user_ifreq+0x116/0x1c0
[  190.265285][ T8446]  sock_ioctl+0x586/0x6b0
[  190.265304][ T8446]  ? __pfx_sock_ioctl+0x10/0x10
[  190.265317][ T8446]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  190.265333][ T8446]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  190.265348][ T8446]  compat_sock_ioctl+0x58b/0x730
[  190.265362][ T8446]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  190.265374][ T8446]  ? hook_file_ioctl_common+0x145/0x410
[  190.265391][ T8446]  ? __fget_files+0x20e/0x3c0
[  190.265409][ T8446]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  190.265421][ T8446]  __ia32_compat_sys_ioctl+0x242/0x370
[  190.265435][ T8446]  __do_fast_syscall_32+0x7c/0x300
[  190.265446][ T8446]  do_fast_syscall_32+0x32/0x80
[  190.265456][ T8446]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.265469][ T8446] RIP: 0023:0xf700d579
[  190.265477][ T8446] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.265488][ T8446] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  190.265498][ T8446] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f3
[  190.265504][ T8446] RDX: 0000000080001a80 RSI: 0000000000000000 RDI: 0000000000000000
[  190.265510][ T8446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.265516][ T8446] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.265522][ T8446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.265536][ T8446]  </TASK>
[  190.380862][ T8449] netlink: zone id is out of range
[  190.382665][ T8449] netlink: zone id is out of range
[  190.384326][ T8449] netlink: zone id is out of range
[  190.386046][ T8449] netlink: zone id is out of range
[  190.387635][ T8449] netlink: zone id is out of range
[  190.389317][ T8449] netlink: zone id is out of range
[  190.390900][ T8449] netlink: zone id is out of range
[  190.407026][ T8451] netlink: zone id is out of range
[  190.408677][ T8451] netlink: zone id is out of range
[  190.410674][ T8451] netlink: zone id is out of range
[  190.471342][ T8432] vhci_hcd: connection closed
[  190.471575][   T13] vhci_hcd: stop threads
[  190.475081][   T13] vhci_hcd: release socket
[  190.477277][   T13] vhci_hcd: disconnect device
[  191.025582][ T8465] comedi comedi3: comedi_test: 6 microvolt, 2047 microsecond waveform attached
[  191.072772][ T6121] vhci_hcd: vhci_device speed not set
[  191.393442][ T8471] netlink: 'syz.0.679': attribute type 5 has an invalid length.
[  191.741755][ T1021] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  191.893097][ T1021] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  191.896689][ T1021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  191.900007][ T1021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  191.903439][ T1021] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  191.907409][ T1021] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  191.910275][ T1021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.922233][ T1021] usb 5-1: config 0 descriptor??
[  192.341086][ T1021] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  192.585322][ T1021] usb 5-1: USB disconnect, device number 10
[  192.763974][ T8503] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  192.766213][ T8503] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  192.768663][ T8503] vhci_hcd vhci_hcd.0: Device attached
[  193.031822][   T10] usb 41-1: new low-speed USB device number 5 using vhci_hcd
[  193.135832][   T40] kauditd_printk_skb: 38 callbacks suppressed
[  193.135844][   T40] audit: type=1326 audit(1760803293.116:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.149399][   T40] audit: type=1326 audit(1760803293.116:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.161326][   T40] audit: type=1326 audit(1760803293.116:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.170012][   T40] audit: type=1326 audit(1760803293.116:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.179829][   T40] audit: type=1326 audit(1760803293.116:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.190962][   T40] audit: type=1326 audit(1760803293.116:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.202892][   T40] audit: type=1326 audit(1760803293.116:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.210570][   T40] audit: type=1326 audit(1760803293.116:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.219511][   T40] audit: type=1326 audit(1760803293.116:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.227049][   T40] audit: type=1326 audit(1760803293.116:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8507 comm="syz.0.688" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  193.422625][ T8504] vhci_hcd: connection reset by peer
[  193.434576][   T62] vhci_hcd: stop threads
[  193.436110][   T62] vhci_hcd: release socket
[  193.437685][   T62] vhci_hcd: disconnect device
[  193.449851][ T8521] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  193.452225][ T8521] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  193.456545][ T8521] vhci_hcd vhci_hcd.0: Device attached
[  193.784528][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  193.786634][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  194.142059][   T53] usb 40-1: SetAddress Request (22) to port 0
[  194.144427][   T53] usb 40-1: new SuperSpeed USB device number 22 using vhci_hcd
[  194.216914][ T8522] vhci_hcd: connection reset by peer
[  194.220646][ T1148] vhci_hcd: stop threads
[  194.222409][ T1148] vhci_hcd: release socket
[  194.224577][ T1148] vhci_hcd: disconnect device
[  194.621801][ T6007] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  194.774205][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  194.785701][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  194.791412][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  194.795225][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  194.800746][ T6007] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  194.804751][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.811216][ T6007] usb 7-1: config 0 descriptor??
[  194.841615][ T8549] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  194.845857][ T8549] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  195.233596][ T6007] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  195.529989][ T6007] usb 7-1: USB disconnect, device number 18
[  195.836525][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.915959][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.996366][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.083267][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.180491][   T46] bridge_slave_1: left allmulticast mode
[  196.183757][   T46] bridge_slave_1: left promiscuous mode
[  196.186834][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.194145][   T46] bridge_slave_0: left allmulticast mode
[  196.196574][   T46] bridge_slave_0: left promiscuous mode
[  196.199085][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.253749][ T8571] netlink: 'syz.0.705': attribute type 1 has an invalid length.
[  196.256244][ T8571] netlink: 236 bytes leftover after parsing attributes in process `syz.0.705'.
[  196.419731][ T5941] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  196.429294][ T5941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  196.434502][ T5941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  196.437805][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  196.441848][ T5941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  196.693988][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  196.700143][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  196.706526][   T46] bond0 (unregistering): Released all slaves
[  196.713292][   T46] bond1 (unregistering): Released all slaves
[  196.765940][ T8577] lo speed is unknown, defaulting to 1000
[  197.041920][ T8577] chnl_net:caif_netlink_parms(): no params data found
[  197.134408][   T46] hsr_slave_0: left promiscuous mode
[  197.141842][   T46] hsr_slave_1: left promiscuous mode
[  197.144950][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.149061][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.163909][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.166997][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  197.193740][   T46] veth1_macvtap: left promiscuous mode
[  197.196176][   T46] veth0_macvtap: left promiscuous mode
[  197.198413][   T46] veth1_vlan: left promiscuous mode
[  197.200619][   T46] veth0_vlan: left promiscuous mode
[  197.652145][ T6007] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  197.876095][ T6007] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  197.885256][ T6007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  197.890584][ T6007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  197.891805][ T6007] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  197.891848][ T6007] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  197.891868][ T6007] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.896123][ T6007] usb 5-1: config 0 descriptor??
[  198.077581][   T46] team0 (unregistering): Port device team_slave_1 removed
[  198.173100][   T10] vhci_hcd: vhci_device speed not set
[  198.177411][   T46] team0 (unregistering): Port device team_slave_0 removed
[  198.346100][ T6007] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  198.512265][ T5941] Bluetooth: hci0: command tx timeout
[  198.583342][ T6121] usb 5-1: USB disconnect, device number 11
[  198.755394][ T8577] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.757698][ T8577] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.759938][ T8577] bridge_slave_0: entered allmulticast mode
[  198.762908][ T8577] bridge_slave_0: entered promiscuous mode
[  198.766324][ T8577] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.768572][ T8577] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.770812][ T8577] bridge_slave_1: entered allmulticast mode
[  198.775069][ T8577] bridge_slave_1: entered promiscuous mode
[  198.816699][ T8577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.833077][ T8577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.833258][ T8624] lo speed is unknown, defaulting to 1000
[  198.876137][ T8577] team0: Port device team_slave_0 added
[  198.884738][ T8577] team0: Port device team_slave_1 added
[  198.944407][ T8577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.947797][ T8577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  198.962556][ T8577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.967227][ T8577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.970173][ T8577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  198.978711][ T8577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.124710][ T8639] block nbd0: Unsupported socket: should be TCP or UNIX.
[  199.128026][ T8577] hsr_slave_0: entered promiscuous mode
[  199.131343][ T8577] hsr_slave_1: entered promiscuous mode
[  199.133658][ T8577] debugfs: 'hsr0' already exists in 'hsr'
[  199.135444][ T8577] Cannot create hsr debugfs directory
[  199.224778][   T53] usb 40-1: device descriptor read/8, error -110
[  199.637899][   T53] usb usb40-port1: attempt power cycle
[  199.826462][ T8577] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  199.832078][ T8577] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  199.844965][ T8577] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  199.856136][ T8577] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  199.908457][ T8659] net_ratelimit: 11 callbacks suppressed
[  199.908468][ T8659] netlink: zone id is out of range
[  199.920504][ T8659] netlink: zone id is out of range
[  199.924344][ T8659] netlink: zone id is out of range
[  199.925864][ T8659] netlink: zone id is out of range
[  199.927390][ T8659] netlink: zone id is out of range
[  199.929479][ T8659] netlink: zone id is out of range
[  199.931067][ T8659] netlink: zone id is out of range
[  199.957079][ T8577] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.980707][ T8577] 8021q: adding VLAN 0 to HW filter on device team0
[  199.999219][ T1203] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.002254][ T1203] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.025729][ T1203] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.028761][ T1203] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.253222][ T8577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.292609][   T53] usb usb40-port1: unable to enumerate USB device
[  200.506238][ T8577] veth0_vlan: entered promiscuous mode
[  200.522407][ T8577] veth1_vlan: entered promiscuous mode
[  200.554275][ T8577] veth0_macvtap: entered promiscuous mode
[  200.560866][ T8577] veth1_macvtap: entered promiscuous mode
[  200.571548][ T8577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.578032][ T8577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.581931][ T5941] Bluetooth: hci0: command tx timeout
[  200.587498][ T1148] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.591243][ T1148] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.603592][ T1148] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.615110][ T1148] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.641260][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.645735][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.659234][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.663622][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.099117][ T8704] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  201.101852][ T8704] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  201.105511][ T8704] vhci_hcd vhci_hcd.0: Device attached
[  201.401734][   T53] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  201.672344][ T8705] vhci_hcd: connection reset by peer
[  201.675115][ T1203] vhci_hcd: stop threads
[  201.676964][ T1203] vhci_hcd: release socket
[  201.678917][ T1203] vhci_hcd: disconnect device
[  201.948834][ T8722] netlink: 320 bytes leftover after parsing attributes in process `syz.2.731'.
[  202.353442][ T8728] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  202.357688][ T8728] block device autoloading is deprecated and will be removed.
[  202.416707][ T8730] netlink: zone id is out of range
[  202.418934][ T8730] netlink: zone id is out of range
[  202.421107][ T8730] netlink: zone id is out of range
[  202.661771][ T5941] Bluetooth: hci0: command tx timeout
[  202.992308][ T8745] FAULT_INJECTION: forcing a failure.
[  202.992308][ T8745] name fail_futex, interval 1, probability 0, space 0, times 1
[  202.996559][ T8745] CPU: 1 UID: 0 PID: 8745 Comm: syz.4.736 Not tainted syzkaller #0 PREEMPT(full) 
[  202.996573][ T8745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.996579][ T8745] Call Trace:
[  202.996584][ T8745]  <TASK>
[  202.996588][ T8745]  dump_stack_lvl+0x16c/0x1f0
[  202.996608][ T8745]  should_fail_ex+0x512/0x640
[  202.996621][ T8745]  get_futex_key+0x1d0/0x1560
[  202.996640][ T8745]  ? __pfx_get_futex_key+0x10/0x10
[  202.996658][ T8745]  ? futex_private_hash+0x198/0x470
[  202.996674][ T8745]  ? futex_private_hash+0x324/0x470
[  202.996692][ T8745]  futex_wait_multiple_setup+0x13c/0x7b0
[  202.996711][ T8745]  futex_wait_multiple+0xe6/0x480
[  202.996726][ T8745]  ? __pfx_futex_wait_multiple+0x10/0x10
[  202.996739][ T8745]  ? __do_sys_futex_waitv+0x221/0x2c0
[  202.996753][ T8745]  __do_sys_futex_waitv+0x17f/0x2c0
[  202.996764][ T8745]  ? __pfx___do_sys_futex_waitv+0x10/0x10
[  202.996781][ T8745]  ? rcu_is_watching+0x12/0xc0
[  202.996797][ T8745]  __do_fast_syscall_32+0x7c/0x300
[  202.996808][ T8745]  do_fast_syscall_32+0x32/0x80
[  202.996818][ T8745]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  202.996831][ T8745] RIP: 0023:0xf706d579
[  202.996840][ T8745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  202.996850][ T8745] RSP: 002b:00000000f53ea55c EFLAGS: 00000296 ORIG_RAX: 00000000000001c1
[  202.996860][ T8745] RAX: ffffffffffffffda RBX: 0000000080000180 RCX: 0000000000000001
[  202.996866][ T8745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  202.996872][ T8745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  202.996878][ T8745] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  202.996884][ T8745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  202.996896][ T8745]  </TASK>
[  203.001854][ T1021] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  203.202617][ T1021] usb 8-1: device descriptor read/64, error -71
[  203.216512][ T8750] netlink: 12 bytes leftover after parsing attributes in process `syz.4.739'.
[  203.313925][ T8758] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  203.323224][ T8758] kvm: pic: non byte read
[  203.326209][ T8758] kvm: pic: level sensitive irq not supported
[  203.326507][ T8758] kvm: pic: non byte read
[  203.334438][ T8758] kvm: pic: level sensitive irq not supported
[  203.334720][ T8758] kvm: pic: non byte read
[  203.378482][   T62] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  203.391255][   T62] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  203.395623][   T62] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  203.400448][   T62] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  203.425796][ T8754] fuse: Unknown parameter 'ft'
[  203.441762][ T1021] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  203.571819][ T1021] usb 8-1: device descriptor read/64, error -71
[  203.682047][ T1021] usb usb8-port1: attempt power cycle
[  204.742296][ T5941] Bluetooth: hci0: command tx timeout
[  204.841772][ T1021] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  204.862536][ T1021] usb 8-1: device descriptor read/8, error -71
[  205.111828][ T1021] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  205.132251][ T1021] usb 8-1: device descriptor read/8, error -71
[  205.171713][ T6121] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  205.242081][ T1021] usb usb8-port1: unable to enumerate USB device
[  205.302112][   T10] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  205.344011][ T6121] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  205.348221][ T6121] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  205.351984][ T6121] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  205.355429][ T6121] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  205.359508][ T6121] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  205.362665][ T6121] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.366842][ T6121] usb 5-1: config 0 descriptor??
[  205.463433][   T10] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  205.467007][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  205.470227][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  205.473194][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  205.476994][   T10] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  205.480346][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.484148][   T10] usb 7-1: config 0 descriptor??
[  205.780383][ T6121] plantronics 0003:047F:FFFF.0026: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  205.844152][ T8798] tipc: Started in network mode
[  205.845835][ T8798] tipc: Node identity 7a7a6693fbb7, cluster identity 4711
[  205.848950][ T8798] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  205.852785][ T8801] tipc: Started in network mode
[  205.854848][ T8801] tipc: Node identity ce8f199879f6, cluster identity 4711
[  205.857385][ T8801] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  205.859754][ T8797] tipc: Resetting bearer <eth:syzkaller0>
[  205.899215][   T10] plantronics 0003:047F:FFFF.0027: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  206.039675][ T7338] usb 5-1: USB disconnect, device number 12
[  206.096537][   T10] usb 7-1: USB disconnect, device number 19
[  206.503771][   T53] vhci_hcd: vhci_device speed not set
[  206.746676][ T8797] tipc: Disabling bearer <eth:syzkaller0>
[  206.753353][ T8800] tipc: Resetting bearer <eth:syzkaller0>
[  206.863855][ T1021] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  206.909853][   T10] tipc: Node number set to 3078166936
[  207.043580][ T1021] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  207.047076][ T1021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  207.050509][ T1021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  207.053514][ T1021] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  207.057428][ T1021] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  207.060161][ T1021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.064358][ T1021] usb 5-1: config 0 descriptor??
[  207.472185][ T8810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.480582][ T8810] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.485455][ T8810] netlink: 20 bytes leftover after parsing attributes in process `syz.0.759'.
[  207.650043][ T1021] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  207.725617][ T8800] tipc: Disabling bearer <eth:syzkaller0>
[  207.758112][ T8810] netlink: 20 bytes leftover after parsing attributes in process `syz.0.759'.
[  207.762013][ T8816] lo speed is unknown, defaulting to 1000
[  207.768016][ T8817] lo speed is unknown, defaulting to 1000
[  207.823739][ T8827] net_ratelimit: 12 callbacks suppressed
[  207.823750][ T8827] netlink: zone id is out of range
[  207.827071][ T8827] netlink: zone id is out of range
[  207.828826][ T8827] netlink: zone id is out of range
[  207.830626][ T8827] netlink: zone id is out of range
[  207.832447][ T8827] netlink: zone id is out of range
[  207.834397][ T8827] netlink: zone id is out of range
[  207.836193][ T8827] netlink: zone id is out of range
[  207.847794][ T8810] netlink: 40 bytes leftover after parsing attributes in process `syz.0.759'.
[  207.927135][ T1021] usb 5-1: USB disconnect, device number 13
[  209.367025][ T8854] FAULT_INJECTION: forcing a failure.
[  209.367025][ T8854] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  209.372980][ T8854] CPU: 2 UID: 0 PID: 8854 Comm: syz.2.771 Not tainted syzkaller #0 PREEMPT(full) 
[  209.372995][ T8854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.373001][ T8854] Call Trace:
[  209.373005][ T8854]  <TASK>
[  209.373010][ T8854]  dump_stack_lvl+0x16c/0x1f0
[  209.373031][ T8854]  should_fail_ex+0x512/0x640
[  209.373050][ T8854]  should_fail_alloc_page+0xe7/0x130
[  209.373062][ T8854]  prepare_alloc_pages+0x3c2/0x610
[  209.373072][ T8854]  ? __lock_acquire+0x622/0x1c90
[  209.373085][ T8854]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  209.373100][ T8854]  ? __lock_acquire+0x622/0x1c90
[  209.373116][ T8854]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  209.373131][ T8854]  ? find_held_lock+0x2b/0x80
[  209.373145][ T8854]  ? is_bpf_text_address+0x8a/0x1a0
[  209.373159][ T8854]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  209.373176][ T8854]  ? is_bpf_text_address+0x94/0x1a0
[  209.373187][ T8854]  ? kernel_text_address+0x8d/0x100
[  209.373200][ T8854]  ? __kernel_text_address+0xd/0x40
[  209.373213][ T8854]  ? unwind_get_return_address+0x59/0xa0
[  209.373228][ T8854]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  209.373243][ T8854]  ? policy_nodemask+0xea/0x4e0
[  209.373254][ T8854]  alloc_pages_mpol+0x1fb/0x550
[  209.373265][ T8854]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  209.373279][ T8854]  folio_alloc_mpol_noprof+0x36/0x2f0
[  209.373292][ T8854]  vma_alloc_folio_noprof+0xed/0x1e0
[  209.373304][ T8854]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  209.373321][ T8854]  do_pte_missing+0x2202/0x3ba0
[  209.373334][ T8854]  ? find_held_lock+0x2b/0x80
[  209.373352][ T8854]  __handle_mm_fault+0x1556/0x2aa0
[  209.373366][ T8854]  ? mt_find+0x3e2/0xa20
[  209.373377][ T8854]  ? __pfx___handle_mm_fault+0x10/0x10
[  209.373388][ T8854]  ? __pfx_mt_find+0x10/0x10
[  209.373405][ T8854]  ? find_vma+0xbf/0x140
[  209.373420][ T8854]  ? __pfx_find_vma+0x10/0x10
[  209.373437][ T8854]  handle_mm_fault+0x589/0xd10
[  209.373450][ T8854]  ? __pkru_allows_pkey+0x11/0xb0
[  209.373463][ T8854]  do_user_addr_fault+0x7a6/0x1370
[  209.373478][ T8854]  ? rcu_is_watching+0x12/0xc0
[  209.373495][ T8854]  exc_page_fault+0x64/0xc0
[  209.373510][ T8854]  asm_exc_page_fault+0x26/0x30
[  209.373520][ T8854] RIP: 0010:_copy_to_iter+0x4e6/0x1710
[  209.373532][ T8854] Code: 45 e8 8e b3 14 fd 48 8b 4c 24 18 48 8b 44 24 28 89 ee 4c 8d 34 01 4c 89 f7 e8 d6 4c 7c fd 0f 01 cb 48 89 e9 4c 89 ff 4c 89 f6 <f3> a4 0f 1f 00 0f 01 ca 48 89 e8 48 29 eb 48 29 c8 48 01 44 24 28
[  209.373542][ T8854] RSP: 0018:ffffc900044cf9e0 EFLAGS: 00050297
[  209.373551][ T8854] RAX: 0000000000000001 RBX: 000000000000006c RCX: 000000000000006c
[  209.373557][ T8854] RDX: ffffed10046260ed RSI: ffff888023130700 RDI: 00000000800012c0
[  209.373564][ T8854] RBP: 000000000000006c R08: 0000000000000000 R09: ffffed10046260ed
[  209.373570][ T8854] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000
[  209.373576][ T8854] R13: ffffc900044cfd50 R14: ffff888023130700 R15: 00000000800012c0
[  209.373592][ T8854]  ? find_held_lock+0x2b/0x80
[  209.373606][ T8854]  ? __pfx__copy_to_iter+0x10/0x10
[  209.373617][ T8854]  ? find_held_lock+0x2b/0x80
[  209.373635][ T8854]  kernfs_fop_read_iter+0x3a6/0x610
[  209.373650][ T8854]  ? __pfx_sysfs_kf_bin_read+0x10/0x10
[  209.373666][ T8854]  do_iter_readv_writev+0x743/0x9e0
[  209.373682][ T8854]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  209.373700][ T8854]  ? rw_verify_area+0xcf/0x6c0
[  209.373714][ T8854]  vfs_readv+0x4cb/0x8b0
[  209.373731][ T8854]  ? __pfx_vfs_readv+0x10/0x10
[  209.373744][ T8854]  ? find_held_lock+0x2b/0x80
[  209.373766][ T8854]  ? __fget_files+0x20e/0x3c0
[  209.373784][ T8854]  ? do_preadv+0x1a6/0x270
[  209.373797][ T8854]  do_preadv+0x1a6/0x270
[  209.373810][ T8854]  ? __pfx_do_preadv+0x10/0x10
[  209.373825][ T8854]  ? rcu_is_watching+0x12/0xc0
[  209.373841][ T8854]  __do_fast_syscall_32+0x7c/0x300
[  209.373852][ T8854]  do_fast_syscall_32+0x32/0x80
[  209.373862][ T8854]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.373874][ T8854] RIP: 0023:0xf7f62579
[  209.373882][ T8854] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.373891][ T8854] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  209.373900][ T8854] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  209.373906][ T8854] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  209.373912][ T8854] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.373918][ T8854] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.373923][ T8854] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.373937][ T8854]  </TASK>
[  209.522128][    C2] vkms_vblank_simulate: vblank timer overrun
[  209.527528][ T8855] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  209.529448][ T8855] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  209.532589][ T8855] vhci_hcd vhci_hcd.0: Device attached
[  209.666915][ T8871] FAULT_INJECTION: forcing a failure.
[  209.666915][ T8871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.672238][ T8871] CPU: 0 UID: 0 PID: 8871 Comm: syz.2.777 Not tainted syzkaller #0 PREEMPT(full) 
[  209.672253][ T8871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.672260][ T8871] Call Trace:
[  209.672264][ T8871]  <TASK>
[  209.672269][ T8871]  dump_stack_lvl+0x16c/0x1f0
[  209.672289][ T8871]  should_fail_ex+0x512/0x640
[  209.672302][ T8871]  _copy_to_user+0x32/0xd0
[  209.672314][ T8871]  simple_read_from_buffer+0xcb/0x170
[  209.672329][ T8871]  proc_fail_nth_read+0x197/0x240
[  209.672345][ T8871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  209.672360][ T8871]  ? rw_verify_area+0xcf/0x6c0
[  209.672373][ T8871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  209.672388][ T8871]  vfs_read+0x1e4/0xcf0
[  209.672405][ T8871]  ? __pfx_vfs_read+0x10/0x10
[  209.672418][ T8871]  ? find_held_lock+0x2b/0x80
[  209.672437][ T8871]  ? __fget_files+0x20e/0x3c0
[  209.672455][ T8871]  ksys_read+0x12a/0x250
[  209.672469][ T8871]  ? __pfx_ksys_read+0x10/0x10
[  209.672483][ T8871]  ? fput+0x9b/0xd0
[  209.672493][ T8871]  ? rcu_is_watching+0x12/0xc0
[  209.672510][ T8871]  __do_fast_syscall_32+0x7c/0x300
[  209.672521][ T8871]  do_fast_syscall_32+0x32/0x80
[  209.672531][ T8871]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.672544][ T8871] RIP: 0023:0xf7f62579
[  209.672552][ T8871] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.672563][ T8871] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  209.672573][ T8871] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5456620
[  209.672579][ T8871] RDX: 000000000000000f RSI: 00000000f73f5ff4 RDI: 0000000000000000
[  209.672585][ T8871] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  209.672591][ T8871] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  209.672597][ T8871] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.672611][ T8871]  </TASK>
[  209.821727][   T53] usb 43-1: new low-speed USB device number 7 using vhci_hcd
[  209.854311][ T8877] syzkaller1: entered promiscuous mode
[  209.856659][ T8877] syzkaller1: entered allmulticast mode
[  210.146112][ T8858] vhci_hcd: connection reset by peer
[  210.148529][ T1148] vhci_hcd: stop threads
[  210.150005][ T1148] vhci_hcd: release socket
[  210.151492][ T1148] vhci_hcd: disconnect device
[  210.380522][ T8887] : entered promiscuous mode
[  211.309235][ T8911] tipc: Started in network mode
[  211.312151][ T8911] tipc: Node identity , cluster identity 4711
[  211.314653][ T8911] tipc: Failed to obtain node identity
[  211.316626][ T8911] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  211.320244][ T8911] syzkaller0: entered promiscuous mode
[  211.324161][ T8911] syzkaller0: entered allmulticast mode
[  211.425520][ T8918] netlink: 64 bytes leftover after parsing attributes in process `syz.2.786'.
[  212.088581][ T8956] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_1, syncid = 0, id = 0
[  212.476866][ T8973] FAULT_INJECTION: forcing a failure.
[  212.476866][ T8973] name failslab, interval 1, probability 0, space 0, times 0
[  212.481833][ T8973] CPU: 3 UID: 0 PID: 8973 Comm: syz.2.795 Not tainted syzkaller #0 PREEMPT(full) 
[  212.481849][ T8973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.481855][ T8973] Call Trace:
[  212.481860][ T8973]  <TASK>
[  212.481864][ T8973]  dump_stack_lvl+0x16c/0x1f0
[  212.481897][ T8973]  should_fail_ex+0x512/0x640
[  212.481908][ T8973]  ? fs_reclaim_acquire+0xae/0x150
[  212.481919][ T8973]  should_failslab+0xc2/0x120
[  212.481930][ T8973]  __kmalloc_noprof+0xdd/0x880
[  212.481944][ T8973]  ? tomoyo_encode2+0x100/0x3e0
[  212.481961][ T8973]  ? tomoyo_encode2+0x100/0x3e0
[  212.481974][ T8973]  tomoyo_encode2+0x100/0x3e0
[  212.481990][ T8973]  tomoyo_encode+0x29/0x50
[  212.482004][ T8973]  tomoyo_realpath_from_path+0x18f/0x6e0
[  212.482023][ T8973]  tomoyo_path_number_perm+0x245/0x580
[  212.482035][ T8973]  ? tomoyo_path_number_perm+0x237/0x580
[  212.482051][ T8973]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  212.482077][ T8973]  ? find_held_lock+0x2b/0x80
[  212.482092][ T8973]  ? hook_file_ioctl_common+0x145/0x410
[  212.482109][ T8973]  ? __fget_files+0x20e/0x3c0
[  212.482125][ T8973]  security_file_ioctl_compat+0x9b/0x240
[  212.482140][ T8973]  __ia32_compat_sys_ioctl+0xc3/0x370
[  212.482155][ T8973]  __do_fast_syscall_32+0x7c/0x300
[  212.482166][ T8973]  do_fast_syscall_32+0x32/0x80
[  212.482175][ T8973]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.482188][ T8973] RIP: 0023:0xf7f62579
[  212.482196][ T8973] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.482206][ T8973] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  212.482217][ T8973] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004601
[  212.482224][ T8973] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  212.482230][ T8973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.482235][ T8973] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  212.482241][ T8973] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.482255][ T8973]  </TASK>
[  212.483235][ T8973] ERROR: Out of memory at tomoyo_realpath_from_path.
[  212.949853][ T8998] netlink: 220 bytes leftover after parsing attributes in process `syz.3.799'.
[  212.954948][ T8998] netlink: 220 bytes leftover after parsing attributes in process `syz.3.799'.
[  212.966760][ T8998] @: renamed from vlan0 (while UP)
[  213.254763][ T9009] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  213.256843][ T9009] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  213.260689][ T9009] vhci_hcd vhci_hcd.0: Device attached
[  213.501713][ T1328] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[  213.503082][ T9018] FAULT_INJECTION: forcing a failure.
[  213.503082][ T9018] name failslab, interval 1, probability 0, space 0, times 0
[  213.507939][ T9018] CPU: 0 UID: 0 PID: 9018 Comm: syz.3.802 Not tainted syzkaller #0 PREEMPT(full) 
[  213.507953][ T9018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.507960][ T9018] Call Trace:
[  213.507964][ T9018]  <TASK>
[  213.507968][ T9018]  dump_stack_lvl+0x16c/0x1f0
[  213.507988][ T9018]  should_fail_ex+0x512/0x640
[  213.507998][ T9018]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  213.508015][ T9018]  should_failslab+0xc2/0x120
[  213.508025][ T9018]  kmem_cache_alloc_node_noprof+0x78/0x770
[  213.508039][ T9018]  ? __alloc_skb+0x2b2/0x380
[  213.508058][ T9018]  ? __alloc_skb+0x2b2/0x380
[  213.508071][ T9018]  __alloc_skb+0x2b2/0x380
[  213.508086][ T9018]  ? __pfx___alloc_skb+0x10/0x10
[  213.508101][ T9018]  ? mark_held_locks+0x49/0x80
[  213.508113][ T9018]  ? __lock_acquire+0x622/0x1c90
[  213.508125][ T9018]  alloc_skb_with_frags+0xe0/0x860
[  213.508139][ T9018]  sock_alloc_send_pskb+0x7f9/0x980
[  213.508159][ T9018]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  213.508178][ T9018]  ? __local_bh_enable_ip+0xa4/0x120
[  213.508196][ T9018]  j1939_sk_sendmsg+0x6bc/0x13d0
[  213.508210][ T9018]  ? __pfx_aa_sk_perm+0x10/0x10
[  213.508223][ T9018]  ? find_held_lock+0x2b/0x80
[  213.508239][ T9018]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  213.508249][ T9018]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  213.508262][ T9018]  ____sys_sendmsg+0xa98/0xc70
[  213.508276][ T9018]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.508287][ T9018]  ? get_compat_msghdr+0x11a/0x170
[  213.508309][ T9018]  ___sys_sendmsg+0x134/0x1d0
[  213.508326][ T9018]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.508348][ T9018]  ? find_held_lock+0x2b/0x80
[  213.508371][ T9018]  __sys_sendmsg+0x16d/0x220
[  213.508387][ T9018]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.508409][ T9018]  ? rcu_is_watching+0x12/0xc0
[  213.508426][ T9018]  __do_fast_syscall_32+0x7c/0x300
[  213.508437][ T9018]  do_fast_syscall_32+0x32/0x80
[  213.508447][ T9018]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.508460][ T9018] RIP: 0023:0xf7ff7579
[  213.508469][ T9018] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  213.508479][ T9018] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  213.508490][ T9018] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  213.508496][ T9018] RDX: 00000000000000ee RSI: 0000000000000000 RDI: 0000000000000000
[  213.508502][ T9018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.508508][ T9018] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  213.508514][ T9018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.508540][ T9018]  </TASK>
[  213.630559][ T9020] netlink: 'syz.3.803': attribute type 1 has an invalid length.
[  213.634768][ T9020] netlink: 236 bytes leftover after parsing attributes in process `syz.3.803'.
[  213.759304][ T9010] vhci_hcd: connection reset by peer
[  213.762262][ T1144] vhci_hcd: stop threads
[  213.764006][ T1144] vhci_hcd: release socket
[  213.765694][ T1144] vhci_hcd: disconnect device
[  213.935730][ T9026] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  213.941851][ T7338] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  214.092937][ T7338] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  214.097170][ T7338] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  214.100662][ T7338] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  214.103690][ T7338] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  214.107937][ T7338] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  214.110925][ T7338] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.115144][ T7338] usb 7-1: config 0 descriptor??
[  214.280792][ T9035] netlink: zone id is out of range
[  214.282856][ T9035] netlink: zone id is out of range
[  214.285711][ T9035] netlink: zone id is out of range
[  214.292380][ T9035] netlink: zone id is out of range
[  214.296708][ T9035] netlink: zone id is out of range
[  214.301978][ T9035] netlink: zone id is out of range
[  214.306620][ T9035] netlink: zone id is out of range
[  214.526565][ T7338] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  214.775653][ T6013] usb 7-1: USB disconnect, device number 20
[  214.981761][   T53] vhci_hcd: vhci_device speed not set
[  216.262006][   T53] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  216.411727][   T53] usb 7-1: Using ep0 maxpacket: 8
[  216.429506][   T53] usb 7-1: unable to get BOS descriptor or descriptor too short
[  216.451838][   T53] usb 7-1: too many configurations: 48, using maximum allowed: 8
[  216.455115][   T53] usb 7-1: unable to read config index 0 descriptor/start: -71
[  216.457458][   T53] usb 7-1: can't read configurations, error -71
[  216.834776][ T9072] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  216.836868][ T9072] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  216.840991][ T9072] vhci_hcd vhci_hcd.0: Device attached
[  217.112559][ T6072] usb 43-1: new low-speed USB device number 8 using vhci_hcd
[  217.544656][ T9073] vhci_hcd: connection reset by peer
[  217.547064][ T1141] vhci_hcd: stop threads
[  217.548464][ T1141] vhci_hcd: release socket
[  217.549987][ T1141] vhci_hcd: disconnect device
[  218.364975][   T34] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  218.407560][ T9091] team0 (unregistering): Port device team_slave_0 removed
[  218.412434][ T9091] team0 (unregistering): Port device team_slave_1 removed
[  218.437970][ T9093] syzkaller0: entered promiscuous mode
[  218.439728][ T9093] syzkaller0: entered allmulticast mode
[  218.543710][   T34] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  218.550535][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  218.555030][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  218.558239][   T34] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  218.562919][   T34] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  218.565718][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.569525][   T34] usb 9-1: config 0 descriptor??
[  218.651895][ T1328] vhci_hcd: vhci_device speed not set
[  218.821805][ T7338] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  218.982992][ T7338] usb 8-1: Using ep0 maxpacket: 8
[  218.988319][ T7338] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  218.991313][   T34] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  218.995299][ T7338] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  219.000080][ T7338] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  219.003598][ T7338] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  219.006858][ T7338] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  219.010791][ T7338] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  219.013650][ T7338] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.224761][ T7338] usb 8-1: usb_control_msg returned -32
[  219.226549][ T7338] usbtmc 8-1:16.0: can't read capabilities
[  219.233361][ T6013] usb 9-1: USB disconnect, device number 2
[  219.441465][ T9107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.447061][ T9107] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.485204][   T53] usb 8-1: USB disconnect, device number 36
[  220.044072][ T9122] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.046528][ T9122] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.055254][ T9125] FAULT_INJECTION: forcing a failure.
[  220.055254][ T9125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.059714][ T9125] CPU: 3 UID: 0 PID: 9125 Comm: syz.3.831 Not tainted syzkaller #0 PREEMPT(full) 
[  220.059728][ T9125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.059735][ T9125] Call Trace:
[  220.059739][ T9125]  <TASK>
[  220.059743][ T9125]  dump_stack_lvl+0x16c/0x1f0
[  220.059763][ T9125]  should_fail_ex+0x512/0x640
[  220.059776][ T9125]  _copy_to_user+0x32/0xd0
[  220.059807][ T9125]  simple_read_from_buffer+0xcb/0x170
[  220.059831][ T9125]  proc_fail_nth_read+0x197/0x240
[  220.059855][ T9125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  220.059875][ T9125]  ? rw_verify_area+0xcf/0x6c0
[  220.059888][ T9125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  220.059902][ T9125]  vfs_read+0x1e4/0xcf0
[  220.059920][ T9125]  ? __pfx_vfs_read+0x10/0x10
[  220.059933][ T9125]  ? find_held_lock+0x2b/0x80
[  220.059951][ T9125]  ? __fget_files+0x20e/0x3c0
[  220.059964][ T9125]  ? handle_mm_fault+0x1f0/0xd10
[  220.059980][ T9125]  ksys_read+0x12a/0x250
[  220.059994][ T9125]  ? __pfx_ksys_read+0x10/0x10
[  220.060010][ T9125]  ? rcu_is_watching+0x12/0xc0
[  220.060027][ T9125]  __do_fast_syscall_32+0x7c/0x300
[  220.060039][ T9125]  do_fast_syscall_32+0x32/0x80
[  220.060048][ T9125]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.060066][ T9125] RIP: 0023:0xf7ff7579
[  220.060075][ T9125] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  220.060089][ T9125] RSP: 002b:00000000f54e6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  220.060103][ T9125] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f54e6620
[  220.060109][ T9125] RDX: 000000000000000f RSI: 00000000f7485ff4 RDI: 0000000000000000
[  220.060115][ T9125] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  220.060121][ T9125] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  220.060127][ T9125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.060141][ T9125]  </TASK>
[  220.168900][ T9122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.176986][ T9122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.278675][ T1141] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.281492][ T1141] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.286279][ T1141] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.301760][ T1141] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.390421][ T9134] sctp: [Deprecated]: syz.0.834 (pid 9134) Use of int in max_burst socket option deprecated.
[  220.390421][ T9134] Use struct sctp_assoc_value instead
[  220.512176][ T9138] netlink: zone id is out of range
[  220.516016][ T9138] netlink: zone id is out of range
[  220.521720][ T9138] netlink: zone id is out of range
[  220.526478][ T9138] netlink: zone id is out of range
[  220.527255][ T9141] FAULT_INJECTION: forcing a failure.
[  220.527255][ T9141] name failslab, interval 1, probability 0, space 0, times 0
[  220.528485][ T9138] netlink: zone id is out of range
[  220.528495][ T9138] netlink: zone id is out of range
[  220.528502][ T9138] netlink: zone id is out of range
[  220.540396][ T9141] CPU: 1 UID: 0 PID: 9141 Comm: syz.4.833 Not tainted syzkaller #0 PREEMPT(full) 
[  220.540419][ T9141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.540429][ T9141] Call Trace:
[  220.540436][ T9141]  <TASK>
[  220.540443][ T9141]  dump_stack_lvl+0x16c/0x1f0
[  220.540471][ T9141]  should_fail_ex+0x512/0x640
[  220.540493][ T9141]  should_failslab+0xc2/0x120
[  220.540512][ T9141]  kmem_cache_alloc_noprof+0x75/0x6e0
[  220.540533][ T9141]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  220.540554][ T9141]  ? __lock_acquire+0x622/0x1c90
[  220.540570][ T9141]  ? sctp_get_port_local+0x54d/0x1670
[  220.540601][ T9141]  ? sctp_get_port_local+0x54d/0x1670
[  220.540625][ T9141]  sctp_get_port_local+0x54d/0x1670
[  220.540659][ T9141]  ? __pfx_sctp_get_port_local+0x10/0x10
[  220.540682][ T9141]  ? sctp_bind_addr_match+0x193/0x300
[  220.540709][ T9141]  ? sctp_bind_addr_match+0x19d/0x300
[  220.540736][ T9141]  sctp_do_bind+0x223/0x700
[  220.540761][ T9141]  sctp_connect_new_asoc+0x5e7/0x770
[  220.540789][ T9141]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  220.540814][ T9141]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  220.540842][ T9141]  sctp_sendmsg+0x1557/0x1e00
[  220.540870][ T9141]  ? __pfx_sctp_sendmsg+0x10/0x10
[  220.540889][ T9141]  ? __pfx___might_resched+0x10/0x10
[  220.540919][ T9141]  ? aa_sk_perm+0x2f4/0xb10
[  220.540944][ T9141]  ? __pfx_aa_sk_perm+0x10/0x10
[  220.540964][ T9141]  ? find_held_lock+0x2b/0x80
[  220.540994][ T9141]  ? __pfx_sctp_sendmsg+0x10/0x10
[  220.541014][ T9141]  inet_sendmsg+0x11c/0x140
[  220.541038][ T9141]  ____sys_sendmsg+0x973/0xc70
[  220.541062][ T9141]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.541080][ T9141]  ? get_compat_msghdr+0x11a/0x170
[  220.541110][ T9141]  ? __pfx__kstrtoull+0x10/0x10
[  220.541137][ T9141]  ___sys_sendmsg+0x134/0x1d0
[  220.541165][ T9141]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.541189][ T9141]  ? __lock_acquire+0x622/0x1c90
[  220.541235][ T9141]  __sys_sendmmsg+0x2f9/0x420
[  220.541265][ T9141]  ? __pfx___sys_sendmmsg+0x10/0x10
[  220.541299][ T9141]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  220.541335][ T9141]  ? fput+0x9b/0xd0
[  220.541354][ T9141]  ? ksys_write+0x1ac/0x250
[  220.541377][ T9141]  ? __pfx_ksys_write+0x10/0x10
[  220.541405][ T9141]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  220.541431][ T9141]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  220.541460][ T9141]  __do_fast_syscall_32+0x7c/0x300
[  220.541476][ T9141]  do_fast_syscall_32+0x32/0x80
[  220.541488][ T9141]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.541503][ T9141] RIP: 0023:0xf706d579
[  220.541514][ T9141] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  220.541526][ T9141] RSP: 002b:00000000f541b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  220.541540][ T9141] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080014980
[  220.541548][ T9141] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  220.541556][ T9141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  220.541563][ T9141] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  220.541570][ T9141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.541588][ T9141]  </TASK>
[  220.701152][ T9144] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  220.703896][ T9144] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  220.707245][ T9144] vhci_hcd vhci_hcd.0: Device attached
[  220.735075][ T9145] vhci_hcd: connection closed
[  220.735806][ T1141] vhci_hcd: stop threads
[  220.739702][ T1141] vhci_hcd: release socket
[  220.741751][ T1141] vhci_hcd: disconnect device
[  221.333682][ T9153] netlink: 24 bytes leftover after parsing attributes in process `syz.3.838'.
[  221.621845][   T10] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  221.773916][   T10] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  221.777654][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  221.780968][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  221.791171][   T10] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  221.796341][   T10] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  221.799397][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.815377][   T10] usb 9-1: config 0 descriptor??
[  222.237567][   T10] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  222.272526][ T6072] vhci_hcd: vhci_device speed not set
[  223.112428][ T6013] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  223.271745][ T6013] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  223.276837][ T6013] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  223.280926][ T6013] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  223.285178][ T6013] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  223.289929][ T6013] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  223.293666][ T6013] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.311487][ T6013] usb 8-1: config 0 descriptor??
[  223.430581][ T9195] netlink: 3 bytes leftover after parsing attributes in process `syz.2.850'.
[  223.440549][ T9195] batadv1: entered allmulticast mode
[  223.488146][ T9196] input: syz1 as /devices/virtual/input/input49
[  223.673130][   T24] usb 9-1: reset high-speed USB device number 3 using dummy_hcd
[  223.735910][ T9180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.741091][ T9180] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.756498][ T9180] netlink: 20 bytes leftover after parsing attributes in process `syz.3.846'.
[  223.760938][ T9180] netlink: 20 bytes leftover after parsing attributes in process `syz.3.846'.
[  223.896405][ T6013] plantronics 0003:047F:FFFF.002C: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  223.978834][ T9180] netlink: 40 bytes leftover after parsing attributes in process `syz.3.846'.
[  224.006678][   T10] usb 8-1: USB disconnect, device number 37
[  224.157823][ T5953] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  224.192876][ T5953] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  224.196451][ T5953] Bluetooth: hci0: Injecting HCI hardware error event
[  224.640254][ T9222] netlink: zone id is out of range
[  224.642145][ T9222] netlink: zone id is out of range
[  224.643856][ T9222] netlink: zone id is out of range
[  225.051314][ T1021] usb 9-1: USB disconnect, device number 3
[  225.382660][   T24] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  225.533220][   T24] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  225.537690][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  225.543146][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  225.546980][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  225.552973][   T24] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  225.556572][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.561248][   T24] usb 7-1: config 0 descriptor??
[  225.988858][ T9230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.993801][ T9230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.005782][ T9230] netlink: 20 bytes leftover after parsing attributes in process `syz.2.861'.
[  226.008935][ T9230] netlink: 20 bytes leftover after parsing attributes in process `syz.2.861'.
[  226.025660][   T24] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  226.224961][ T9230] netlink: 40 bytes leftover after parsing attributes in process `syz.2.861'.
[  226.474055][ T1021] usb 7-1: USB disconnect, device number 23
[  226.511834][ T7338] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  226.664518][ T7338] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  226.668929][ T7338] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  226.673804][ T7338] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  226.677947][ T7338] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  226.683483][ T7338] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  226.687258][ T7338] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.694722][ T7338] usb 9-1: config 0 descriptor??
[  227.117950][ T7338] plantronics 0003:047F:FFFF.002E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  228.156900][ T9272] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  228.268729][ T9280] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  228.271508][ T9280] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  228.275263][ T9280] vhci_hcd vhci_hcd.0: Device attached
[  228.372836][ T9286] ieee802154 phy0 wpan0: encryption failed: -22
[  228.481779][   T53] usb 9-1: reset high-speed USB device number 4 using dummy_hcd
[  228.531818][ T6072] usb 41-1: new low-speed USB device number 6 using vhci_hcd
[  228.591734][ T6007] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  228.780522][ T9281] vhci_hcd: connection reset by peer
[  228.783212][ T1203] vhci_hcd: stop threads
[  228.785560][ T1203] vhci_hcd: release socket
[  228.788012][ T1203] vhci_hcd: disconnect device
[  229.023406][ T6007] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  229.028211][ T6007] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  229.033541][ T6007] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  229.037658][ T6007] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  229.043047][ T6007] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  229.046844][ T6007] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.052346][ T6007] usb 8-1: config 0 descriptor??
[  229.164873][   T40] kauditd_printk_skb: 68 callbacks suppressed
[  229.164885][   T40] audit: type=1326 audit(2000000019.369:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.173119][ T9290] netlink: 'syz.0.879': attribute type 3 has an invalid length.
[  229.173660][   T40] audit: type=1326 audit(2000000019.369:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.176541][ T9290] netlink: 64 bytes leftover after parsing attributes in process `syz.0.879'.
[  229.185321][   T40] audit: type=1326 audit(2000000019.369:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=151 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.188925][ T9290] block nbd0: not configured, cannot reconfigure
[  229.197686][   T40] audit: type=1326 audit(2000000019.369:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.209196][   T40] audit: type=1326 audit(2000000019.369:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.217930][   T40] audit: type=1326 audit(2000000019.369:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.226613][   T40] audit: type=1326 audit(2000000019.369:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.234843][   T40] audit: type=1326 audit(2000000019.369:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.243385][   T40] audit: type=1326 audit(2000000019.369:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.252046][   T40] audit: type=1326 audit(2000000019.369:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf700d579 code=0x7ffc0000
[  229.459036][ T9288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.463879][ T9288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.467555][ T9288] netlink: 20 bytes leftover after parsing attributes in process `syz.3.878'.
[  229.470778][ T9288] netlink: 20 bytes leftover after parsing attributes in process `syz.3.878'.
[  229.482930][ T6007] plantronics 0003:047F:FFFF.002F: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  229.676891][ T9288] netlink: 40 bytes leftover after parsing attributes in process `syz.3.878'.
[  229.756577][ T9306] net_ratelimit: 4 callbacks suppressed
[  229.756589][ T9306] netlink: zone id is out of range
[  229.759944][ T9306] netlink: zone id is out of range
[  229.761553][ T9306] netlink: zone id is out of range
[  229.763282][ T9306] netlink: zone id is out of range
[  229.764899][ T9306] netlink: zone id is out of range
[  229.766419][ T7338] usb 8-1: USB disconnect, device number 38
[  229.769435][ T9306] netlink: zone id is out of range
[  229.771071][ T9306] netlink: zone id is out of range
[  230.062272][ T1328] usb 9-1: USB disconnect, device number 4
[  230.266607][ T9309] netlink: zone id is out of range
[  230.268863][ T9309] netlink: zone id is out of range
[  230.271061][ T9309] netlink: zone id is out of range
[  231.350548][ T9327] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  231.353513][ T9327] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  231.361264][ T9327] vhci_hcd vhci_hcd.0: Device attached
[  231.603173][ T1328] usb 37-1: new low-speed USB device number 13 using vhci_hcd
[  231.618461][ T9337] input: syz1 as /devices/virtual/input/input54
[  231.646865][ T9337] lo speed is unknown, defaulting to 1000
[  231.839029][ T9328] vhci_hcd: connection reset by peer
[  231.842182][ T1148] vhci_hcd: stop threads
[  231.843984][ T1148] vhci_hcd: release socket
[  231.846042][ T1148] vhci_hcd: disconnect device
[  231.934348][ T7338] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[  232.093502][ T7338] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  232.098104][ T7338] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  232.103120][ T7338] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  232.106474][ T7338] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  232.110901][ T7338] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  232.114889][ T7338] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.119433][ T7338] usb 8-1: config 0 descriptor??
[  232.274707][ T9350] FAULT_INJECTION: forcing a failure.
[  232.274707][ T9350] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  232.279734][ T9350] CPU: 1 UID: 0 PID: 9350 Comm: syz.2.896 Not tainted syzkaller #0 PREEMPT(full) 
[  232.279753][ T9350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.279759][ T9350] Call Trace:
[  232.279764][ T9350]  <TASK>
[  232.279768][ T9350]  dump_stack_lvl+0x16c/0x1f0
[  232.279788][ T9350]  should_fail_ex+0x512/0x640
[  232.279800][ T9350]  _copy_from_user+0x2e/0xd0
[  232.279811][ T9350]  get_compat_msghdr+0xa7/0x170
[  232.279828][ T9350]  ? __pfx_get_compat_msghdr+0x10/0x10
[  232.279844][ T9350]  ? __pfx__kstrtoull+0x10/0x10
[  232.279859][ T9350]  ___sys_sendmsg+0x1ae/0x1d0
[  232.279878][ T9350]  ? __pfx____sys_sendmsg+0x10/0x10
[  232.279894][ T9350]  ? __lock_acquire+0x622/0x1c90
[  232.279916][ T9350]  ? __pfx___might_resched+0x10/0x10
[  232.279934][ T9350]  __sys_sendmmsg+0x2f9/0x420
[  232.279952][ T9350]  ? __pfx___sys_sendmmsg+0x10/0x10
[  232.279972][ T9350]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  232.279994][ T9350]  ? fput+0x9b/0xd0
[  232.280005][ T9350]  ? ksys_write+0x1ac/0x250
[  232.280020][ T9350]  ? __pfx_ksys_write+0x10/0x10
[  232.280037][ T9350]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  232.280053][ T9350]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  232.280070][ T9350]  __do_fast_syscall_32+0x7c/0x300
[  232.280081][ T9350]  do_fast_syscall_32+0x32/0x80
[  232.280090][ T9350]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  232.280103][ T9350] RIP: 0023:0xf7f62579
[  232.280112][ T9350] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  232.280122][ T9350] RSP: 002b:00000000f541455c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  232.280132][ T9350] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000080005240
[  232.280138][ T9350] RDX: 0000000004000095 RSI: 000000000401eb94 RDI: 0000000000000000
[  232.280144][ T9350] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  232.280150][ T9350] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  232.280156][ T9350] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  232.280169][ T9350]  </TASK>
[  232.349608][    C1] vkms_vblank_simulate: vblank timer overrun
[  232.430675][ T9352] netlink: 64 bytes leftover after parsing attributes in process `syz.0.897'.
[  232.434676][ T9352] block nbd0: not configured, cannot reconfigure
[  232.533330][ T9342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.537650][ T9342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.555492][ T9342] netlink: 20 bytes leftover after parsing attributes in process `syz.3.895'.
[  232.562651][ T9342] netlink: 20 bytes leftover after parsing attributes in process `syz.3.895'.
[  232.578178][ T7338] plantronics 0003:047F:FFFF.0030: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  232.778566][ T9342] netlink: 40 bytes leftover after parsing attributes in process `syz.3.895'.
[  232.821901][ T9366] input: syz1 as /devices/virtual/input/input56
[  232.836884][ T6099] udevd[6099]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  232.845856][ T6007] usb 8-1: USB disconnect, device number 39
[  233.611974][ T6072] vhci_hcd: vhci_device speed not set
[  234.701780][ T7338] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  234.863757][ T7338] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  234.867410][ T7338] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  234.870884][ T7338] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  234.874326][ T7338] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  234.878582][ T7338] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  234.881487][ T7338] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.885835][ T7338] usb 9-1: config 0 descriptor??
[  235.303218][ T9402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.326611][ T9402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.348727][ T9402] netlink: 20 bytes leftover after parsing attributes in process `syz.4.912'.
[  235.352808][ T9402] netlink: 20 bytes leftover after parsing attributes in process `syz.4.912'.
[  235.453927][ T7338] plantronics 0003:047F:FFFF.0031: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  235.595322][ T9402] netlink: 40 bytes leftover after parsing attributes in process `syz.4.912'.
[  235.672103][   T53] usb 9-1: USB disconnect, device number 5
[  235.819755][ T9420] fido_id[9420]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb9/report_descriptor': No such file or directory
[  236.409542][ T9447] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  236.413203][ T9447] syzkaller0: entered promiscuous mode
[  236.415316][ T9447] syzkaller0: entered allmulticast mode
[  236.420358][ T9447] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  236.428456][ T9447] net_ratelimit: 4 callbacks suppressed
[  236.428469][ T9447] syzkaller0: mtu less than device minimum
[  236.434475][ T9446] tipc: Resetting bearer <eth:syzkaller0>
[  236.445486][ T9446] tipc: Disabling bearer <eth:syzkaller0>
[  236.936869][ T1328] vhci_hcd: vhci_device speed not set
[  237.001745][ T7338] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  237.593734][ T7338] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  237.597337][ T7338] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  237.600691][ T7338] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  237.603773][ T7338] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  237.607740][ T7338] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  237.610534][ T7338] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.614400][ T7338] usb 7-1: config 0 descriptor??
[  237.831763][ T6007] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  237.992969][ T6007] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  237.996739][ T6007] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  238.000275][ T6007] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  238.003582][ T6007] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  238.007764][ T6007] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  238.010658][ T6007] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.016025][ T6007] usb 9-1: config 0 descriptor??
[  238.434283][ T9462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.439430][ T7338] plantronics 0003:047F:FFFF.0032: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  238.446667][ T7338] usb 7-1: USB disconnect, device number 24
[  238.449816][ T9462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  238.457174][ T9462] netlink: 20 bytes leftover after parsing attributes in process `syz.4.929'.
[  238.459989][ T9462] netlink: 20 bytes leftover after parsing attributes in process `syz.4.929'.
[  238.472841][ T6007] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  238.489150][ T9486] fido_id[9486]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb7/report_descriptor': No such file or directory
[  238.666057][ T9462] netlink: 40 bytes leftover after parsing attributes in process `syz.4.929'.
[  238.707028][ T9490] netlink: 84 bytes leftover after parsing attributes in process `syz.0.937'.
[  238.724333][ T6007] usb 9-1: USB disconnect, device number 6
[  239.262675][ T9499] xt_CT: You must specify a L4 protocol and not use inversions on it
[  239.554605][ T9506] vlan2: entered allmulticast mode
[  239.559015][ T9506] hsr0: entered allmulticast mode
[  239.560682][ T9506] hsr_slave_0: entered allmulticast mode
[  239.564437][ T9506] hsr_slave_1: entered allmulticast mode
[  240.030207][ T9514] ubi31: attaching mtd0
[  240.050718][ T9514] ubi31: scanning is finished
[  240.057159][ T9514] ubi31: empty MTD device detected
[  240.301776][ T1328] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  240.341618][ T9521] netlink: 64 bytes leftover after parsing attributes in process `syz.4.947'.
[  240.345127][ T9521] netlink: 32 bytes leftover after parsing attributes in process `syz.4.947'.
[  240.348022][ T9521] netlink: 64 bytes leftover after parsing attributes in process `syz.4.947'.
[  240.365046][ T9514] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  240.373806][ T9514] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  240.378272][ T9514] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  240.383967][ T9514] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  240.388977][ T9514] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  240.394756][ T9514] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  240.399417][ T9514] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4211489957
[  240.406277][ T9514] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  240.417928][ T9522] ubi31: background thread "ubi_bgt31d" started, PID 9522
[  240.472992][ T1328] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  240.480429][ T1328] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  240.491727][ T1328] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  240.494764][ T1328] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  240.500128][ T1328] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  240.511713][ T1328] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.515538][ T1328] usb 7-1: config 0 descriptor??
[  240.931210][ T1328] plantronics 0003:047F:FFFF.0034: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  240.992197][   T24] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  241.144046][   T24] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  241.147704][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  241.151082][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  241.154240][   T24] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  241.158250][   T24] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  241.161047][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.164802][   T24] usb 9-1: config 0 descriptor??
[  241.183487][ T1021] usb 7-1: USB disconnect, device number 25
[  241.204161][ T9543] netlink: 'syz.0.954': attribute type 10 has an invalid length.
[  241.206908][ T9543] netlink: 'syz.0.954': attribute type 10 has an invalid length.
[  241.209389][ T9543] netlink: 2 bytes leftover after parsing attributes in process `syz.0.954'.
[  241.572228][ T9528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  241.576084][ T9528] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  241.581176][ T9528] netlink: 20 bytes leftover after parsing attributes in process `syz.4.949'.
[  241.584849][ T9528] netlink: 20 bytes leftover after parsing attributes in process `syz.4.949'.
[  241.598197][   T24] plantronics 0003:047F:FFFF.0035: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  241.801116][ T9528] netlink: 40 bytes leftover after parsing attributes in process `syz.4.949'.
[  241.975133][ T7338] usb 9-1: USB disconnect, device number 7
[  242.196000][ T9556] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  242.198629][ T9556] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  242.202593][ T9556] vhci_hcd vhci_hcd.0: Device attached
[  242.519833][ T1328] usb 38-1: SetAddress Request (6) to port 0
[  242.521871][ T1328] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[  242.628835][ T9560] netlink: zone id is out of range
[  242.630996][ T9560] netlink: zone id is out of range
[  242.633788][ T9560] netlink: zone id is out of range
[  242.636102][ T9560] netlink: zone id is out of range
[  242.638241][ T9560] netlink: zone id is out of range
[  242.640339][ T9560] netlink: zone id is out of range
[  242.642528][ T9560] netlink: zone id is out of range
[  242.644967][ T9562] 9pnet_fd: Insufficient options for proto=fd
[  242.714132][ T9557] vhci_hcd: connection reset by peer
[  242.716823][   T46] vhci_hcd: stop threads
[  242.718271][   T46] vhci_hcd: release socket
[  242.719794][   T46] vhci_hcd: disconnect device
[  243.211948][ T6007] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  243.292911][ T9578] netlink: 64 bytes leftover after parsing attributes in process `syz.0.964'.
[  243.296559][ T9578] block nbd0: not configured, cannot reconfigure
[  243.360580][ T9580] 8021q: adding VLAN 0 to HW filter on device bond1
[  243.367110][ T9580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.965'.
[  243.373972][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  243.377849][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  243.381343][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  243.386903][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  243.391073][ T6007] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  243.395043][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.413884][ T6007] usb 7-1: config 0 descriptor??
[  243.841737][   T24] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  243.859353][ T6007] plantronics 0003:047F:FFFF.0036: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  243.993138][   T24] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  243.996728][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  244.000163][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  244.004203][   T24] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  244.009261][   T24] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  244.013175][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.022221][   T24] usb 9-1: config 0 descriptor??
[  244.097130][ T1021] usb 7-1: USB disconnect, device number 26
[  244.268301][ T9594] SET target dimension over the limit!
[  244.271026][ T9594] netlink: 132 bytes leftover after parsing attributes in process `syz.0.970'.
[  244.432419][ T9589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.437115][ T9589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.441408][ T9589] netlink: 20 bytes leftover after parsing attributes in process `syz.4.968'.
[  244.444237][ T9589] netlink: 20 bytes leftover after parsing attributes in process `syz.4.968'.
[  244.455370][   T24] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  244.649847][ T9589] netlink: 40 bytes leftover after parsing attributes in process `syz.4.968'.
[  244.672272][ T9606] netlink: zone id is out of range
[  244.673905][ T9606] netlink: zone id is out of range
[  244.675503][ T9606] netlink: zone id is out of range
[  244.716227][   T24] usb 9-1: USB disconnect, device number 8
[  245.188087][ T9613] binder: 9612:9613 ioctl c0306201 80000680 returned -14
[  245.190313][ T9613] FAULT_INJECTION: forcing a failure.
[  245.190313][ T9613] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.194398][ T9613] CPU: 0 UID: 0 PID: 9613 Comm: syz.0.976 Not tainted syzkaller #0 PREEMPT(full) 
[  245.194412][ T9613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.194419][ T9613] Call Trace:
[  245.194424][ T9613]  <TASK>
[  245.194428][ T9613]  dump_stack_lvl+0x16c/0x1f0
[  245.194448][ T9613]  should_fail_ex+0x512/0x640
[  245.194460][ T9613]  _copy_to_user+0x32/0xd0
[  245.194473][ T9613]  simple_read_from_buffer+0xcb/0x170
[  245.194488][ T9613]  proc_fail_nth_read+0x197/0x240
[  245.194503][ T9613]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  245.194519][ T9613]  ? rw_verify_area+0xcf/0x6c0
[  245.194532][ T9613]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  245.194546][ T9613]  vfs_read+0x1e4/0xcf0
[  245.194564][ T9613]  ? __pfx_vfs_read+0x10/0x10
[  245.194577][ T9613]  ? find_held_lock+0x2b/0x80
[  245.194595][ T9613]  ? __fget_files+0x20e/0x3c0
[  245.194613][ T9613]  ksys_read+0x12a/0x250
[  245.194627][ T9613]  ? __pfx_ksys_read+0x10/0x10
[  245.194641][ T9613]  ? fput+0x9b/0xd0
[  245.194651][ T9613]  ? rcu_is_watching+0x12/0xc0
[  245.194668][ T9613]  __do_fast_syscall_32+0x7c/0x300
[  245.194679][ T9613]  do_fast_syscall_32+0x32/0x80
[  245.194689][ T9613]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  245.194703][ T9613] RIP: 0023:0xf700d579
[  245.194711][ T9613] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  245.194721][ T9613] RSP: 002b:00000000f53fd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  245.194744][ T9613] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f53fd620
[  245.194751][ T9613] RDX: 000000000000000f RSI: 00000000f73a5ff4 RDI: 0000000000000000
[  245.194757][ T9613] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  245.194763][ T9613] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  245.194768][ T9613] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  245.194782][ T9613]  </TASK>
[  245.334806][ T9617] binder: BINDER_SET_CONTEXT_MGR already set
[  245.337679][ T9617] binder: 9616:9617 ioctl 4018620d 80000100 returned -16
[  245.400675][ T9617] binder: BINDER_SET_CONTEXT_MGR already set
[  245.403349][ T9617] binder: 9616:9617 ioctl 4018620d 800002c0 returned -16
[  245.556999][ T9620] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  245.559645][ T9620] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  245.681789][ T9620] vhci_hcd vhci_hcd.0: Device attached
[  245.867107][ T9627] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  245.869214][ T9627] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  245.871953][ T9627] vhci_hcd vhci_hcd.0: Device attached
[  245.995103][   T53] usb 45-1: new low-speed USB device number 4 using vhci_hcd
[  246.231764][ T6072] usb 43-1: new low-speed USB device number 9 using vhci_hcd
[  246.414127][ T9641] ubi: mtd0 is already attached to ubi31
[  246.416495][ T9641] FAULT_INJECTION: forcing a failure.
[  246.416495][ T9641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.421281][ T9641] CPU: 0 UID: 0 PID: 9641 Comm: syz.0.983 Not tainted syzkaller #0 PREEMPT(full) 
[  246.421301][ T9641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  246.421312][ T9641] Call Trace:
[  246.421318][ T9641]  <TASK>
[  246.421324][ T9641]  dump_stack_lvl+0x16c/0x1f0
[  246.421353][ T9641]  should_fail_ex+0x512/0x640
[  246.421372][ T9641]  _copy_to_user+0x32/0xd0
[  246.421390][ T9641]  simple_read_from_buffer+0xcb/0x170
[  246.421412][ T9641]  proc_fail_nth_read+0x197/0x240
[  246.421435][ T9641]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  246.421458][ T9641]  ? rw_verify_area+0xcf/0x6c0
[  246.421478][ T9641]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  246.421499][ T9641]  vfs_read+0x1e4/0xcf0
[  246.421531][ T9641]  ? __pfx_vfs_read+0x10/0x10
[  246.421551][ T9641]  ? find_held_lock+0x2b/0x80
[  246.421578][ T9641]  ? __fget_files+0x20e/0x3c0
[  246.421606][ T9641]  ksys_read+0x12a/0x250
[  246.421626][ T9641]  ? __pfx_ksys_read+0x10/0x10
[  246.421662][ T9641]  ? fput+0x9b/0xd0
[  246.421678][ T9641]  ? rcu_is_watching+0x12/0xc0
[  246.421717][ T9641]  __do_fast_syscall_32+0x7c/0x300
[  246.421735][ T9641]  do_fast_syscall_32+0x32/0x80
[  246.421750][ T9641]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  246.421770][ T9641] RIP: 0023:0xf700d579
[  246.421783][ T9641] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  246.421799][ T9641] RSP: 002b:00000000f53fd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  246.421814][ T9641] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53fd620
[  246.421824][ T9641] RDX: 000000000000000f RSI: 00000000f73a5ff4 RDI: 0000000000000000
[  246.421833][ T9641] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  246.421842][ T9641] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  246.421851][ T9641] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  246.421872][ T9641]  </TASK>
[  246.519302][ T9621] vhci_hcd: connection reset by peer
[  246.521384][   T46] vhci_hcd: stop threads
[  246.523109][ T9628] vhci_hcd: connection reset by peer
[  246.525901][   T46] vhci_hcd: release socket
[  246.527881][   T46] vhci_hcd: disconnect device
[  246.529683][   T46] vhci_hcd: stop threads
[  246.531117][   T46] vhci_hcd: release socket
[  246.532924][   T46] vhci_hcd: disconnect device
[  247.432917][ T9649] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.435929][ T9649] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.470232][ T9659] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  247.470232][ T9659]    program syz.2.985 not setting count and/or reply_len properly
[  247.478444][ T9659] __nla_validate_parse: 2 callbacks suppressed
[  247.478459][ T9659] netlink: 68 bytes leftover after parsing attributes in process `syz.2.985'.
[  247.494636][ T9668] tmpfs: Unknown parameter '00000000000000000000000'
[  247.497570][ T9649] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  247.508129][ T9649] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  247.538454][ T9649] vlan1: left promiscuous mode
[  247.540286][ T9649] vlan1: left allmulticast mode
[  247.542147][ T9649] veth0_vlan: left allmulticast mode
[  247.625965][ T1328] usb 38-1: device descriptor read/8, error -110
[  247.636933][ T1141] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  247.639998][ T1141] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  247.655882][ T1141] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  247.659724][ T1141] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  247.731769][ T7338] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  247.892036][ T7338] usb 5-1: Using ep0 maxpacket: 16
[  247.910895][ T7338] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  247.914610][ T7338] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  247.917422][ T7338] usb 5-1: Product: syz
[  247.919060][ T7338] usb 5-1: Manufacturer: syz
[  247.920648][ T7338] usb 5-1: SerialNumber: syz
[  247.937205][ T7338] usb 5-1: config 0 descriptor??
[  248.022369][ T1328] usb usb38-port1: attempt power cycle
[  248.180420][ T7338] usb 5-1: USB disconnect, device number 14
[  249.174578][ T1328] usb usb38-port1: unable to enumerate USB device
[  250.007965][ T9702] syzkaller0: left promiscuous mode
[  250.012244][ T9702] syzkaller0: left allmulticast mode
[  250.028920][   T62] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.033574][   T62] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  250.036881][ T9711] FAULT_INJECTION: forcing a failure.
[  250.036881][ T9711] name failslab, interval 1, probability 0, space 0, times 0
[  250.040777][ T9711] CPU: 3 UID: 0 PID: 9711 Comm: syz.4.1005 Not tainted syzkaller #0 PREEMPT(full) 
[  250.040790][ T9711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.040797][ T9711] Call Trace:
[  250.040801][ T9711]  <TASK>
[  250.040806][ T9711]  dump_stack_lvl+0x16c/0x1f0
[  250.040826][ T9711]  should_fail_ex+0x512/0x640
[  250.040836][ T9711]  ? __kmalloc_cache_noprof+0x5f/0x780
[  250.040850][ T9711]  should_failslab+0xc2/0x120
[  250.040861][ T9711]  __kmalloc_cache_noprof+0x72/0x780
[  250.040874][ T9711]  ? binder_transaction+0x6d8/0x9d10
[  250.040889][ T9711]  ? binder_transaction+0x6d8/0x9d10
[  250.040899][ T9711]  binder_transaction+0x6d8/0x9d10
[  250.040919][ T9711]  ? __lock_acquire+0x622/0x1c90
[  250.040933][ T9711]  ? __lock_acquire+0x622/0x1c90
[  250.040943][ T9711]  ? __pfx_binder_transaction+0x10/0x10
[  250.040962][ T9711]  ? __lock_acquire+0xb8a/0x1c90
[  250.040979][ T9711]  ? find_held_lock+0x2b/0x80
[  250.040993][ T9711]  ? __might_fault+0xe3/0x190
[  250.041006][ T9711]  ? __might_fault+0xe3/0x190
[  250.041018][ T9711]  ? __might_fault+0x13b/0x190
[  250.041036][ T9711]  binder_thread_write+0x1417/0x4e70
[  250.041049][ T9711]  ? __kasan_save_free_info+0x3b/0x60
[  250.041066][ T9711]  ? __pfx_binder_thread_write+0x10/0x10
[  250.041077][ T9711]  ? binder_debug+0xde/0x1a0
[  250.041097][ T9711]  ? find_held_lock+0x2b/0x80
[  250.041111][ T9711]  ? __might_fault+0xe3/0x190
[  250.041123][ T9711]  ? __might_fault+0x13b/0x190
[  250.041140][ T9711]  ? __pfx_binder_ioctl+0x10/0x10
[  250.041151][ T9711]  binder_ioctl+0x26db/0x73b0
[  250.041166][ T9711]  ? tomoyo_path_number_perm+0x295/0x580
[  250.041181][ T9711]  ? tomoyo_path_number_perm+0x18d/0x580
[  250.041194][ T9711]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  250.041207][ T9711]  ? __pfx_binder_ioctl+0x10/0x10
[  250.041221][ T9711]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  250.041236][ T9711]  ? do_vfs_ioctl+0x128/0x14f0
[  250.041248][ T9711]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  250.041263][ T9711]  ? find_held_lock+0x2b/0x80
[  250.041276][ T9711]  ? hook_file_ioctl_common+0x145/0x410
[  250.041293][ T9711]  ? __fget_files+0x20e/0x3c0
[  250.041308][ T9711]  ? __pfx_binder_ioctl+0x10/0x10
[  250.041319][ T9711]  compat_ptr_ioctl+0x6e/0xa0
[  250.041329][ T9711]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  250.041340][ T9711]  __ia32_compat_sys_ioctl+0x242/0x370
[  250.041354][ T9711]  __do_fast_syscall_32+0x7c/0x300
[  250.041365][ T9711]  do_fast_syscall_32+0x32/0x80
[  250.041374][ T9711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.041387][ T9711] RIP: 0023:0xf706d579
[  250.041395][ T9711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.041405][ T9711] RSP: 002b:00000000f543c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  250.041416][ T9711] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c0306201
[  250.041423][ T9711] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  250.041429][ T9711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.041435][ T9711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  250.041441][ T9711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.041453][ T9711]  </TASK>
[  250.168577][ T1141] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.172385][ T1141] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  250.175730][ T1141] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.178967][ T1141] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  250.183150][ T1141] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.186976][ T1141] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  250.499109][ T9721] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  250.501216][ T9721] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  250.506182][ T9721] vhci_hcd vhci_hcd.0: Device attached
[  250.622592][ T9724] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  250.624694][ T9724] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  250.627216][ T9724] vhci_hcd vhci_hcd.0: Device attached
[  250.741839][ T1328] usb 41-1: new low-speed USB device number 7 using vhci_hcd
[  251.141853][   T53] vhci_hcd: vhci_device speed not set
[  251.292310][ T9725] vhci_hcd: connection closed
[  251.292773][   T62] vhci_hcd: stop threads
[  251.296320][   T62] vhci_hcd: release socket
[  251.298191][   T62] vhci_hcd: disconnect device
[  251.300543][ T9722] vhci_hcd: connection reset by peer
[  251.303969][   T62] vhci_hcd: stop threads
[  251.305941][   T62] vhci_hcd: release socket
[  251.308097][   T62] vhci_hcd: disconnect device
[  251.381981][ T6072] vhci_hcd: vhci_device speed not set
[  252.331927][ T6007] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[  252.357321][ T9748] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  252.359418][ T9748] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  252.362078][ T9748] vhci_hcd vhci_hcd.0: Device attached
[  252.459236][ T9746] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.462986][ T9746] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.483275][ T6007] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  252.487825][ T9746] veth0: left allmulticast mode
[  252.490017][ T6007] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  252.498085][ T6007] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  252.504269][ T6007] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  252.510919][ T6007] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  252.520081][ T6007] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.529539][ T6007] usb 8-1: config 0 descriptor??
[  252.555888][ T9746] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.640700][   T24] lo speed is unknown, defaulting to 1000
[  252.644596][ T1144] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.644624][   T24] syz: Port: 1 Link DOWN
[  252.647670][ T1144] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.652274][ T1144] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.655289][ T1144] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.713087][ T9754] net_ratelimit: 4 callbacks suppressed
[  252.713099][ T9754] netlink: zone id is out of range
[  252.716556][ T9754] netlink: zone id is out of range
[  252.718223][ T9754] netlink: zone id is out of range
[  252.719919][ T9754] netlink: zone id is out of range
[  252.721579][ T9754] netlink: zone id is out of range
[  252.724354][ T9754] netlink: zone id is out of range
[  252.726051][ T9754] netlink: zone id is out of range
[  252.950249][ T9749] vhci_hcd: connection closed
[  252.950497][   T62] vhci_hcd: stop threads
[  252.950558][ T6007] plantronics 0003:047F:FFFF.0038: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  252.952348][   T62] vhci_hcd: release socket
[  252.960204][   T62] vhci_hcd: disconnect device
[  253.064896][ T9760] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1018'.
[  253.085676][ T9760] netfs: Couldn't get user pages (rc=-14)
[  253.514093][ T9764] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  253.516187][ T9764] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  253.518569][ T9764] vhci_hcd vhci_hcd.0: Device attached
[  253.569718][ T7338] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  253.577201][ T7338] hid-generic 0000:0000:0000.0039: hidraw2: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  253.801872][ T6072] usb 45-1: new low-speed USB device number 5 using vhci_hcd
[  254.147062][ T9765] vhci_hcd: connection reset by peer
[  254.152066][ T1144] vhci_hcd: stop threads
[  254.154625][ T1144] vhci_hcd: release socket
[  254.158165][ T1144] vhci_hcd: disconnect device
[  254.468508][ T7338] usb 8-1: reset high-speed USB device number 40 using dummy_hcd
[  254.549573][ T9779] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1023'.
[  254.552371][ T9779] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1023'.
[  254.555060][ T9779] unsupported nlmsg_type 40
[  254.557626][ T9780] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1023'.
[  254.561585][ T9780] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1023'.
[  254.645732][ T9784] FAULT_INJECTION: forcing a failure.
[  254.645732][ T9784] name failslab, interval 1, probability 0, space 0, times 0
[  254.661786][ T9784] CPU: 0 UID: 0 PID: 9784 Comm: syz.0.1025 Not tainted syzkaller #0 PREEMPT(full) 
[  254.661809][ T9784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.661819][ T9784] Call Trace:
[  254.661826][ T9784]  <TASK>
[  254.661833][ T9784]  dump_stack_lvl+0x16c/0x1f0
[  254.661863][ T9784]  should_fail_ex+0x512/0x640
[  254.661878][ T9784]  ? __kmalloc_cache_noprof+0x5f/0x780
[  254.661903][ T9784]  should_failslab+0xc2/0x120
[  254.661920][ T9784]  __kmalloc_cache_noprof+0x72/0x780
[  254.661943][ T9784]  ? fw_change+0x266/0x1060
[  254.661971][ T9784]  ? fw_change+0x266/0x1060
[  254.661994][ T9784]  fw_change+0x266/0x1060
[  254.662023][ T9784]  ? __pfx_fw_change+0x10/0x10
[  254.662047][ T9784]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  254.662086][ T9784]  ? __pfx_fw_change+0x10/0x10
[  254.662109][ T9784]  tc_new_tfilter+0xa35/0x2340
[  254.662140][ T9784]  ? unwind_get_return_address+0x59/0xa0
[  254.662164][ T9784]  ? arch_stack_walk+0xa6/0x100
[  254.662188][ T9784]  ? __pfx_tc_new_tfilter+0x10/0x10
[  254.662231][ T9784]  ? find_held_lock+0x2b/0x80
[  254.662255][ T9784]  ? __pfx_tc_new_tfilter+0x10/0x10
[  254.662271][ T9784]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  254.662289][ T9784]  ? __pfx_tc_new_tfilter+0x10/0x10
[  254.662307][ T9784]  rtnetlink_rcv_msg+0x95e/0xe90
[  254.662326][ T9784]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  254.662347][ T9784]  ? __lock_acquire+0x622/0x1c90
[  254.662369][ T9784]  netlink_rcv_skb+0x158/0x420
[  254.662384][ T9784]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  254.662402][ T9784]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  254.662428][ T9784]  ? netlink_deliver_tap+0x1ae/0xd30
[  254.662461][ T9784]  netlink_unicast+0x5aa/0x870
[  254.662482][ T9784]  ? __pfx_netlink_unicast+0x10/0x10
[  254.662508][ T9784]  netlink_sendmsg+0x8c8/0xdd0
[  254.662530][ T9784]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.662547][ T9784]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  254.662570][ T9784]  ____sys_sendmsg+0xa98/0xc70
[  254.662593][ T9784]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.662612][ T9784]  ? get_compat_msghdr+0x11a/0x170
[  254.662651][ T9784]  ? __pfx__kstrtoull+0x10/0x10
[  254.662678][ T9784]  ___sys_sendmsg+0x134/0x1d0
[  254.662708][ T9784]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.662732][ T9784]  ? __lock_acquire+0x622/0x1c90
[  254.662780][ T9784]  __sys_sendmmsg+0x2f9/0x420
[  254.662809][ T9784]  ? __pfx___sys_sendmmsg+0x10/0x10
[  254.662844][ T9784]  ? bpf_trace_run2+0x26b/0x590
[  254.662875][ T9784]  ? __might_fault+0xe3/0x190
[  254.662897][ T9784]  ? __might_fault+0xe3/0x190
[  254.662916][ T9784]  ? __might_fault+0x13b/0x190
[  254.662945][ T9784]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  254.662973][ T9784]  __do_fast_syscall_32+0x7c/0x300
[  254.662991][ T9784]  do_fast_syscall_32+0x32/0x80
[  254.663007][ T9784]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.663029][ T9784] RIP: 0023:0xf700d579
[  254.663041][ T9784] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  254.663056][ T9784] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  254.663074][ T9784] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800000c0
[  254.663084][ T9784] RDX: 0000000092492627 RSI: 0000000000000000 RDI: 0000000000000000
[  254.663094][ T9784] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.663103][ T9784] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  254.663113][ T9784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.663136][ T9784]  </TASK>
[  254.819011][ T9787] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1026'.
[  255.107711][ T9797] FAULT_INJECTION: forcing a failure.
[  255.107711][ T9797] name failslab, interval 1, probability 0, space 0, times 0
[  255.114228][ T9797] CPU: 3 UID: 0 PID: 9797 Comm: syz.3.1030 Not tainted syzkaller #0 PREEMPT(full) 
[  255.114251][ T9797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.114261][ T9797] Call Trace:
[  255.114267][ T9797]  <TASK>
[  255.114274][ T9797]  dump_stack_lvl+0x16c/0x1f0
[  255.114303][ T9797]  should_fail_ex+0x512/0x640
[  255.114318][ T9797]  ? __kmalloc_cache_noprof+0x5f/0x780
[  255.114340][ T9797]  should_failslab+0xc2/0x120
[  255.114356][ T9797]  __kmalloc_cache_noprof+0x72/0x780
[  255.114376][ T9797]  ? rtnl_newlink+0x11b/0x2000
[  255.114394][ T9797]  ? __pfx_rtnl_newlink+0x10/0x10
[  255.114421][ T9797]  ? rtnl_newlink+0x11b/0x2000
[  255.114436][ T9797]  rtnl_newlink+0x11b/0x2000
[  255.114450][ T9797]  ? __lock_acquire+0x622/0x1c90
[  255.114475][ T9797]  ? __pfx_rtnl_newlink+0x10/0x10
[  255.114494][ T9797]  ? find_held_lock+0x2b/0x80
[  255.114515][ T9797]  ? is_bpf_text_address+0x8a/0x1a0
[  255.114532][ T9797]  ? bpf_ksym_find+0x124/0x1c0
[  255.114555][ T9797]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  255.114584][ T9797]  ? __lock_acquire+0x622/0x1c90
[  255.114599][ T9797]  ? rcu_is_watching+0x12/0xc0
[  255.114628][ T9797]  ? find_held_lock+0x2b/0x80
[  255.114647][ T9797]  ? __pfx_rtnl_newlink+0x10/0x10
[  255.114661][ T9797]  ? __pfx_rtnl_newlink+0x10/0x10
[  255.114673][ T9797]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  255.114688][ T9797]  ? __pfx_rtnl_newlink+0x10/0x10
[  255.114703][ T9797]  rtnetlink_rcv_msg+0x95e/0xe90
[  255.114721][ T9797]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  255.114734][ T9797]  ? netlink_alloc_large_skb+0xba/0x140
[  255.114748][ T9797]  ? netlink_sendmsg+0x698/0xdd0
[  255.114761][ T9797]  ? sock_sendmsg+0x3cc/0x470
[  255.114785][ T9797]  ? do_splice+0x1478/0x1fc0
[  255.114809][ T9797]  ? __lock_acquire+0x622/0x1c90
[  255.114829][ T9797]  netlink_rcv_skb+0x158/0x420
[  255.114844][ T9797]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  255.114860][ T9797]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  255.114884][ T9797]  ? netlink_deliver_tap+0x1ae/0xd30
[  255.114913][ T9797]  netlink_unicast+0x5aa/0x870
[  255.114932][ T9797]  ? __pfx_netlink_unicast+0x10/0x10
[  255.114945][ T9797]  ? __asan_memset+0x23/0x50
[  255.114965][ T9797]  ? __build_skb_around+0x278/0x3b0
[  255.114986][ T9797]  ? is_vmalloc_addr+0x86/0xa0
[  255.115009][ T9797]  netlink_sendmsg+0x8c8/0xdd0
[  255.115028][ T9797]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.115045][ T9797]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  255.115067][ T9797]  sock_sendmsg+0x3cc/0x470
[  255.115085][ T9797]  ? __pfx_sock_sendmsg+0x10/0x10
[  255.115101][ T9797]  ? is_bpf_text_address+0x8a/0x1a0
[  255.115133][ T9797]  splice_to_socket+0xaf4/0x1110
[  255.115165][ T9797]  ? __pfx_splice_to_socket+0x10/0x10
[  255.115193][ T9797]  ? __lock_acquire+0x622/0x1c90
[  255.115228][ T9797]  ? common_file_perm+0x1a9/0x340
[  255.115248][ T9797]  ? bpf_lsm_file_permission+0x9/0x10
[  255.115270][ T9797]  ? security_file_permission+0x71/0x210
[  255.115293][ T9797]  ? __pfx_splice_to_socket+0x10/0x10
[  255.115317][ T9797]  do_splice+0x1478/0x1fc0
[  255.115339][ T9797]  ? __lock_acquire+0x622/0x1c90
[  255.115363][ T9797]  ? __pfx_do_splice+0x10/0x10
[  255.115382][ T9797]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  255.115403][ T9797]  ? find_held_lock+0x2b/0x80
[  255.115435][ T9797]  __do_splice+0x32a/0x360
[  255.115481][ T9797]  ? __pfx___do_splice+0x10/0x10
[  255.115513][ T9797]  __ia32_sys_splice+0x189/0x250
[  255.115540][ T9797]  __do_fast_syscall_32+0x7c/0x300
[  255.115558][ T9797]  do_fast_syscall_32+0x32/0x80
[  255.115573][ T9797]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.115594][ T9797] RIP: 0023:0xf7ff7579
[  255.115607][ T9797] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.115623][ T9797] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  255.115639][ T9797] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  255.115647][ T9797] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000010d00
[  255.115655][ T9797] RBP: 000000000000000f R08: 0000000000000000 R09: 0000000000000000
[  255.115663][ T9797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.115670][ T9797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.115690][ T9797]  </TASK>
[  255.274087][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  255.274949][    C3] vkms_vblank_simulate: vblank timer overrun
[  255.276323][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  255.504811][ T9807] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  255.506884][ T9807] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  255.510182][ T9807] vhci_hcd vhci_hcd.0: Device attached
[  255.555946][ T9812] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  255.992385][   T34] usb 8-1: USB disconnect, device number 40
[  257.531726][ T1328] vhci_hcd: vhci_device speed not set
[  257.639423][ T9820] openvswitch: : Dropping previously announced user features
[  257.733255][ T9816] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  257.735473][ T9816] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  257.754320][ T9816] vhci_hcd vhci_hcd.0: Device attached
[  257.890248][ T9828] netlink: 'syz.2.1035': attribute type 16 has an invalid length.
[  257.898133][ T9828] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.1035'.
[  258.001818][ T1021] usb 37-1: new low-speed USB device number 14 using vhci_hcd
[  258.011116][ T9823] vhci_hcd: connection reset by peer
[  258.015176][ T1203] vhci_hcd: stop threads
[  258.016644][ T1203] vhci_hcd: release socket
[  258.018536][ T1203] vhci_hcd: disconnect device
[  258.105568][ T9809] vhci_hcd: connection closed
[  258.106072][ T1141] vhci_hcd: stop threads
[  258.109513][ T1141] vhci_hcd: release socket
[  258.111565][ T1141] vhci_hcd: disconnect device
[  258.141832][   T34] usb 8-1: new high-speed USB device number 41 using dummy_hcd
[  258.293257][   T34] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  258.296947][   T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  258.300527][   T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  258.303873][   T34] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  258.307866][   T34] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  258.310388][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.318192][   T34] usb 8-1: config 0 descriptor??
[  258.421991][ T5941] Bluetooth: hci0: hardware error 0x00
[  258.437568][ T7338] ==================================================================
[  258.441024][ T7338] BUG: KASAN: slab-use-after-free in __mutex_lock+0xe87/0x1060
[  258.444221][ T7338] Read of size 8 at addr ffff88802010a320 by task kworker/3:4/7338
[  258.448234][ T7338] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  258.449822][ T7338] CPU: 3 UID: 0 PID: 7338 Comm: kworker/3:4 Not tainted syzkaller #0 PREEMPT(full) 
[  258.449843][ T7338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.449854][ T7338] Workqueue: events l2cap_chan_timeout
[  258.449880][ T7338] Call Trace:
[  258.449887][ T7338]  <TASK>
[  258.449893][ T7338]  dump_stack_lvl+0x116/0x1f0
[  258.449917][ T7338]  print_report+0xcd/0x630
[  258.449931][ T7338]  ? __virt_addr_valid+0x81/0x610
[  258.449948][ T7338]  ? __phys_addr+0xe8/0x180
[  258.449963][ T7338]  ? __mutex_lock+0xe87/0x1060
[  258.449977][ T7338]  kasan_report+0xe0/0x110
[  258.449992][ T7338]  ? __mutex_lock+0xe87/0x1060
[  258.450008][ T7338]  ? l2cap_chan_timeout+0x6d/0x310
[  258.450028][ T7338]  __mutex_lock+0xe87/0x1060
[  258.450043][ T7338]  ? l2cap_chan_timeout+0x6d/0x310
[  258.450063][ T7338]  ? irqentry_exit+0x3b/0x90
[  258.450087][ T7338]  ? __pfx___mutex_lock+0x10/0x10
[  258.450105][ T7338]  ? lock_acquire+0x62/0x350
[  258.450124][ T7338]  ? l2cap_chan_timeout+0x6d/0x310
[  258.450144][ T7338]  l2cap_chan_timeout+0x6d/0x310
[  258.450166][ T7338]  process_one_work+0x9cf/0x1b70
[  258.450190][ T7338]  ? __pfx_process_one_work+0x10/0x10
[  258.450212][ T7338]  ? assign_work+0x1a0/0x250
[  258.450230][ T7338]  worker_thread+0x6c8/0xf10
[  258.450251][ T7338]  ? __kthread_parkme+0x19e/0x250
[  258.450275][ T7338]  ? __pfx_worker_thread+0x10/0x10
[  258.450294][ T7338]  kthread+0x3c5/0x780
[  258.450311][ T7338]  ? __pfx_kthread+0x10/0x10
[  258.450329][ T7338]  ? rcu_is_watching+0x12/0xc0
[  258.450350][ T7338]  ? __pfx_kthread+0x10/0x10
[  258.450367][ T7338]  ret_from_fork+0x675/0x7d0
[  258.450384][ T7338]  ? __pfx_kthread+0x10/0x10
[  258.450401][ T7338]  ret_from_fork_asm+0x1a/0x30
[  258.450422][ T7338]  </TASK>
[  258.450427][ T7338] 
[  258.516779][ T7338] Allocated by task 9091:
[  258.518529][ T7338]  kasan_save_stack+0x33/0x60
[  258.520483][ T7338]  kasan_save_track+0x14/0x30
[  258.522675][ T7338]  __kasan_kmalloc+0xaa/0xb0
[  258.524270][ T7338]  l2cap_conn_add.part.0+0x60/0xa60
[  258.525818][ T7338]  l2cap_chan_connect+0x15e5/0x2020
[  258.527883][ T7338]  lowpan_control_write+0x3c9/0x740
[  258.530043][ T7338]  full_proxy_write+0x131/0x1a0
[  258.532043][ T7338]  vfs_write+0x2a0/0x11d0
[  258.533883][ T7338]  ksys_write+0x12a/0x250
[  258.535773][ T7338]  __do_fast_syscall_32+0x7c/0x300
[  258.537879][ T7338]  do_fast_syscall_32+0x32/0x80
[  258.539909][ T7338]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.542583][ T7338] 
[  258.543650][ T7338] Freed by task 5941:
[  258.545375][ T7338]  kasan_save_stack+0x33/0x60
[  258.547424][ T7338]  kasan_save_track+0x14/0x30
[  258.549431][ T7338]  __kasan_save_free_info+0x3b/0x60
[  258.551631][ T7338]  __kasan_slab_free+0x5f/0x80
[  258.553732][ T7338]  kfree+0x2b8/0x6d0
[  258.555381][ T7338]  l2cap_conn_del+0x59c/0x730
[  258.557438][ T7338]  l2cap_disconn_cfm+0x96/0xd0
[  258.559490][ T7338]  hci_conn_hash_flush+0x10e/0x260
[  258.561634][ T7338]  hci_dev_close_sync+0x602/0x11d0
[  258.563820][ T7338]  hci_dev_do_close+0x2e/0x90
[  258.565932][ T7338]  hci_error_reset+0xbf/0x320
[  258.567964][ T7338]  process_one_work+0x9cf/0x1b70
[  258.570069][ T7338]  worker_thread+0x6c8/0xf10
[  258.572055][ T7338]  kthread+0x3c5/0x780
[  258.573721][ T7338]  ret_from_fork+0x675/0x7d0
[  258.575695][ T7338]  ret_from_fork_asm+0x1a/0x30
[  258.577750][ T7338] 
[  258.578779][ T7338] The buggy address belongs to the object at ffff88802010a000
[  258.578779][ T7338]  which belongs to the cache kmalloc-1k of size 1024
[  258.584571][ T7338] The buggy address is located 800 bytes inside of
[  258.584571][ T7338]  freed 1024-byte region [ffff88802010a000, ffff88802010a400)
[  258.590265][ T7338] 
[  258.591308][ T7338] The buggy address belongs to the physical page:
[  258.593889][ T7338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888020108800 pfn:0x20108
[  258.597220][ T7338] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  258.600619][ T7338] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  258.604126][ T7338] page_type: f5(slab)
[  258.605836][ T7338] raw: 00fff00000000240 ffff88801b442dc0 ffffea00004b9610 ffffea0000939210
[  258.609411][ T7338] raw: ffff888020108800 000000000010000a 00000000f5000000 0000000000000000
[  258.612841][ T7338] head: 00fff00000000240 ffff88801b442dc0 ffffea00004b9610 ffffea0000939210
[  258.616469][ T7338] head: ffff888020108800 000000000010000a 00000000f5000000 0000000000000000
[  258.620065][ T7338] head: 00fff00000000003 ffffea0000804201 00000000ffffffff 00000000ffffffff
[  258.623640][ T7338] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  258.627167][ T7338] page dumped because: kasan: bad access detected
[  258.629828][ T7338] page_owner tracks the page as allocated
[  258.632234][ T7338] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5946, tgid 5946 (syz-executor), ts 48182484244, free_ts 27048632265
[  258.640900][ T7338]  post_alloc_hook+0x1c0/0x230
[  258.642955][ T7338]  get_page_from_freelist+0x10a3/0x3a30
[  258.645305][ T7338]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  258.647824][ T7338]  alloc_pages_mpol+0x1fb/0x550
[  258.649866][ T7338]  new_slab+0x24a/0x360
[  258.651662][ T7338]  ___slab_alloc+0xdc4/0x1ae0
[  258.653664][ T7338]  __slab_alloc.constprop.0+0x63/0x110
[  258.655953][ T7338]  __kmalloc_node_noprof+0x4dd/0x8a0
[  258.658229][ T7338]  qdisc_alloc+0xbb/0xc50
[  258.660098][ T7338]  qdisc_create_dflt+0x94/0x490
[  258.662200][ T7338]  dev_activate+0x63f/0x12d0
[  258.664185][ T7338]  __dev_open+0x432/0x7c0
[  258.666058][ T7338]  __dev_change_flags+0x55d/0x720
[  258.668213][ T7338]  netif_change_flags+0x8d/0x160
[  258.670315][ T7338]  do_setlink.constprop.0+0xb53/0x4380
[  258.672656][ T7338]  rtnl_newlink+0x1446/0x2000
[  258.674618][ T7338] page last free pid 5353 tgid 5353 stack trace:
[  258.677244][ T7338]  __free_frozen_pages+0x7df/0x1160
[  258.679367][ T7338]  __put_partials+0x130/0x170
[  258.681014][ T7338]  qlist_free_all+0x4d/0x120
[  258.682434][ T7338]  kasan_quarantine_reduce+0x195/0x1e0
[  258.684118][ T7338]  __kasan_slab_alloc+0x69/0x90
[  258.685592][ T7338]  __kmalloc_noprof+0x2e8/0x880
[  258.687116][ T7338]  tomoyo_realpath_from_path+0xc2/0x6e0
[  258.689281][ T7338]  tomoyo_path_perm+0x274/0x460
[  258.691338][ T7338]  security_inode_getattr+0x116/0x290
[  258.693572][ T7338]  vfs_fstat+0x4b/0xe0
[  258.695261][ T7338]  __do_sys_newfstat+0x87/0x100
[  258.697244][ T7338]  do_syscall_64+0xcd/0xfa0
[  258.699066][ T7338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.701369][ T7338] 
[  258.702311][ T7338] Memory state around the buggy address:
[  258.704569][ T7338]  ffff88802010a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  258.707896][ T7338]  ffff88802010a280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  258.711225][ T7338] >ffff88802010a300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  258.714567][ T7338]                                ^
[  258.716712][ T7338]  ffff88802010a380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  258.719412][ T7338]  ffff88802010a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  258.722744][ T7338] ==================================================================
[  258.725512][    C3] vkms_vblank_simulate: vblank timer overrun
[  258.727986][ T7338] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  258.730498][ T7338] CPU: 3 UID: 0 PID: 7338 Comm: kworker/3:4 Not tainted syzkaller #0 PREEMPT(full) 
[  258.734057][ T7338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.738306][ T7338] Workqueue: events l2cap_chan_timeout
[  258.740431][ T7338] Call Trace:
[  258.741888][ T7338]  <TASK>
[  258.743153][ T7338]  dump_stack_lvl+0x3d/0x1f0
[  258.745151][ T7338]  vpanic+0x640/0x6f0
[  258.746895][ T7338]  panic+0xca/0xd0
[  258.748498][ T7338]  ? __pfx_panic+0x10/0x10
[  258.750369][ T7338]  ? check_panic_on_warn+0x1f/0xb0
[  258.752561][ T7338]  check_panic_on_warn+0xab/0xb0
[  258.754667][ T7338]  end_report+0x107/0x170
[  258.756500][ T7338]  kasan_report+0xee/0x110
[  258.758369][ T7338]  ? __mutex_lock+0xe87/0x1060
[  258.760386][ T7338]  ? l2cap_chan_timeout+0x6d/0x310
[  258.762535][ T7338]  __mutex_lock+0xe87/0x1060
[  258.764467][ T7338]  ? l2cap_chan_timeout+0x6d/0x310
[  258.766561][ T7338]  ? irqentry_exit+0x3b/0x90
[  258.768553][ T7338]  ? __pfx___mutex_lock+0x10/0x10
[  258.770698][ T7338]  ? lock_acquire+0x62/0x350
[  258.772683][ T7338]  ? l2cap_chan_timeout+0x6d/0x310
[  258.774825][ T7338]  l2cap_chan_timeout+0x6d/0x310
[  258.776936][ T7338]  process_one_work+0x9cf/0x1b70
[  258.779046][ T7338]  ? __pfx_process_one_work+0x10/0x10
[  258.781308][ T7338]  ? assign_work+0x1a0/0x250
[  258.783012][ T7338]  worker_thread+0x6c8/0xf10
[  258.784906][ T7338]  ? __kthread_parkme+0x19e/0x250
[  258.787047][ T7338]  ? __pfx_worker_thread+0x10/0x10
[  258.789226][ T7338]  kthread+0x3c5/0x780
[  258.790890][ T7338]  ? __pfx_kthread+0x10/0x10
[  258.792391][ T7338]  ? rcu_is_watching+0x12/0xc0
[  258.794028][ T7338]  ? __pfx_kthread+0x10/0x10
[  258.795964][ T7338]  ret_from_fork+0x675/0x7d0
[  258.797750][ T7338]  ? __pfx_kthread+0x10/0x10
[  258.799337][ T7338]  ret_from_fork_asm+0x1a/0x30
[  258.801380][ T7338]  </TASK>
[  258.803316][ T7338] Kernel Offset: disabled
[  258.804716][ T7338] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:02:38  Registers:
info registers vcpu 0

CPU#0
RAX=00000000005e6e77 RBX=0000000000000000 RCX=ffffffff8b6382a9 RDX=0000000000000000
RSI=ffffffff8db00db1 RDI=ffffffff8bf1ef40 RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff90836fd0 R15=0000000000000000
RIP=ffffffff8b636d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977df000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000f000 CR3=000000005dde6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffc90003060000 RDX=1ffff9200060be7f
RSI=ffffc9000305f7c0 RDI=ffffc9000305f7c0 RBP=ffff8880130c2440 RSP=ffffc9000305f348
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=000000000001195c
R12=ffffc9000305f3f8 R13=ffffc9000305f3b8 R14=ffffc9000305f7c0 R15=ffffc9000305f3ec
RIP=ffffffff816c24e2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978df000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c289116 CR3=000000005dde6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000020000 RBX=0000000000000003 RCX=0000000000020000 RDX=0000000000020007
RSI=0000000000000000 RDI=0000000000000007 RBP=ffff888024f58000 RSP=ffffc9000351f638
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000078 R11=0000000000000001
R12=ffff888024f58b30 R13=ffff888024f58ba8 R14=0000000000000000 R15=ffffffff8e3c42e0
RIP=ffffffff81988f0c RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979df000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f16e40 CR3=00000000243ee000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73b5ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff852e20d5 RDI=ffffffff9adf3e80 RBP=ffffffff9adf3e40 RSP=ffffc90006dff520
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000033333754
R12=0000000000000000 R13=0000000000000033 R14=ffffffff9adf3e40 R15=ffffffff852e2070
RIP=ffffffff852e20ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097adf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f54e5510 CR3=0000000049f25000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcfeffd0 Opmask01=0000000000000003 Opmask02=00000000ffff7fdf Opmask03=0000000020400004
Opmask04=00000000ffffefff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056073f0f99d0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056073f0e9f00
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f05bad52c80
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3130323a30696368 2f306963682f6874 6f6f7465756c622f 6c6175747269762f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056073f0d7560 000056025f7ccce1 0000000000000021 000000000000302e
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f05badf1b50 000056073f12f3e0 0000000000000041 0000003177617264
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a302e30312d3533 712d63707276703a 29393030322c3948 43492b3533512843
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50647261646e6174 536e703a554d4551 6e76733a302e3072 623a343130322f31
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302f343064623a31 2b32316f70627e32 2d332e36312e312d 6e61696265642d33
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000