last executing test programs:

7.337901886s ago: executing program 1 (id=609):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
memfd_secret(0x0)
pipe2$9p(&(0x7f0000000140), 0x80000)
r1 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x2b, @empty, @empty}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r5, 0x0, r0})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0)
fsopen(&(0x7f0000000580)='udf\x00', 0x0)

7.246235713s ago: executing program 1 (id=611):
fanotify_init(0x200, 0x0)
socket(0x11, 0x3, 0x80000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000640), 0x1c3241, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
recvmmsg(r2, &(0x7f0000000540)=[{{&(0x7f0000000100)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/120, 0x78}, {&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000380)=""/94, 0x5e}, {&(0x7f0000000400)=""/119, 0x77}, {&(0x7f0000000480)=""/191, 0xbf}], 0x5, &(0x7f0000000300)=""/23, 0x17}, 0xfffffff7}], 0x1, 0x40, &(0x7f0000000580))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000340)={0x0, 0x1, 0x0, &(0x7f0000001600)=""/118, 0x0, 0x3332f000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000008c0))
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38728a08344f0461d8994472397a34911700000020000100000000000000000000003f00110064766d7200"/52], 0x38}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000002000000000000000b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600fc"], 0x94}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x151641, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = dup(r6)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r8, 0x400448e6, &(0x7f0000000380)="dc")
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r7)
ioctl$sock_bt_hci(r8, 0x400448e7, &(0x7f0000000080))
r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r9, 0xc0045005, &(0x7f0000000300)=0x2000004)
mmap$dsp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x5, 0x12, r9, 0x300)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040))
close(0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))

7.171461969s ago: executing program 1 (id=612):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1a, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e76, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xc}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0x1}, 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001180)={0x11, 0x2a, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x300, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a30000000005c000000060a010400000000000000000100000008000b40000000000900010073797a300000000034000480300001800a0001"], 0xd0}}, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000000800010001"], 0x1c}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)="b1ff5cc982d34010b7cd6e11c50b9bd27a09463daa6ac6255411345692ea1f44220df660aec36c3da20cdf63882deea50aab4ae728b88be047e9c1de4d3428835edfece01a907acbebb734022a8738c0733177cf2bc7d61a3a791ad3e0972faf52b29d3476b8aff7e79275ad61b36971c0d2d8e1e242261dc50464a134b1a2e36243c3b5bb93a2e7a7087c254e0b5089100624eb5b273a62e5798cb0a4b96845ef45e0238d22062a8d5f43c3875d773c45e426dc162914e26ae112c5dfdef60f2f274ac96a6c77b37799cd03dc1c8ad69d1fcad1be379ad212ea51e0f272a3ec7bf0bdda2c7a15b3fb018cb2ce53c99b0af09b5c874cf4d79e13c7580d4ebc0669bb048863f28e8f00ea67d87e92c6fc4bc31a4a06b7344519d72e9662309dd51a02a7d295972dd1f63431968d9f5212daa47d49d85bf08190aef758e842da69375269c5f33bb0e60bb98abb2a51e8a89d7b4680185b9665d5da6254cb15392332b0e850169d90ac1374cf5346092b47f682c2f22c8cdcf98718bfa0ca4c5b50ebf8d6c53afa3830233a3e486a0d73fed67851403f72492feec1528cac329dd11f82cf149ec049e71b979ad055053dcf654f470f780f32b22dd6567401f94a94c592265a2dbdd3c5c88cfde1a6cc112231a5797e092a5040be19bde03dc2d9dc0078b42f27e168810770cd5b4c0f2073037e9a57e8148392a3063ee55ad9449fa6265189337777d7a605bb7cf51d682ac7823207343fa7328ce207029e7e9818d7fcff9b9e7ac731dc502ce7471cab17108e5614fdec649d35a6638928931f110d4608a9cf22868dd3bf764d5b09a5325bcf987546e3edf1df9f1866fa89fb99a7f945c853586b4e3344eb286067e7b42d79ed93baddc3e5bd47ca613d654d4d54ece371b699ca7f05677c48cdb8f265fb35e0ff7ec5da801ae4198c7d9290d2ddc3586bd1ba3e34e722c47c14e4f310029751fbdc75da8461356b7a6784b490810284bdc727061944a283b7276b6a0b679d74089c54db98c92c2e329248b07365f45b3511ac11f8483a3f0bec8e4ceae324640f5762444efa94207115b5550fb8e4a1277aee3f11f2e6cac543d2168a83cd0367b24859e1b8b9cb9a5beb2d9851124b9c74acf21ecb5ae5e31e29543638a1cebdd2384dda1b2d301e59ea092707cd68838f12a05f9ec25832ddf22e2a01a8a28ff5c4f925a09b18849c180f0fed6057fc68d473eddb467796f8c086475dc1444c7f879d842662da4e59fd3c02b6d54c822ae8aeb91aefde57008f7728f1d236bbcda61a5b2dfdc0648ba72229b764fbd43a2eabe639a49f44de663b2e4e244370c7681f130e4a7790924e0826c0ebe768996d22edf83088b18492ccaa1344f5b14aa4218e3204434e0483bb56043e63ae02d584fed308759840064686ebb7349aa85adc00ba9ac6ec3e895f6b6cb33902cfa04a5fe6946475775284ba5f00f31a37aca06ce7485acbbf8e66db1daa273025860d216eb69a71666c0e5e3dcb9054c7c5edb138893b22a6f80655aeecd0f59f3bba544ae9897d2e795d0ca5a124519712a54366dca8b20c2191d5515231d5066c9c9f2b5b180da10542d7911f688c3b0f07ffcfe249161590d95d445c5ce2c647b97ad45249226a04144d900de9496f8f85e4607e7907eb20a1856efa7b06de5334ed1ba34b1c6e30da7df850da42b728208b85510b9acdd9ffe22894ec97c832b65257fa72d7f77a02359fad7ea2465c53df34c391c617d2e02197f6b5ab4a152327f6ae4d1107f6e8b68ce43de174dd559fe3ec95f32bd1d9244943230654e68fc3237e17dbd131996202beaf1578a925ab94510fccfa2be306bce3bdbb413ec6e50e6b0081362999ce7991b2c384001fd74e9de82dba16df74529800a201d8bd35eb789527b1f2e2ea7a12fb2858e389b4e96b5a9e32838916f147c99e3fd723972930a2eb8422ac15a254bae41e604e5459f6f573f9ce9d94e9dcbcdd392e2ed35ab5c6673f69c711ff121a2f1b1421d4a70571a20c732b1c1af990795c10ee23a6b8b056f91a4aa32d118a71cad879d5883327e7347d3fc7de504d42162a16fcd2fde8035a54205da46ce06c1f66b6ddb43248cbd5347cb80aec30a88af4166dcf131b92568ffad2f3cdb2835264705025b612d8b82920a01b87b9781020c38f438330735966ff27488db4ea6e74fa9d0e9a0fa929d9585a4de92648839a971edb1d03945fc7d6f64bb194085f63ccf8ea52b90505f2809d0ddc40b59909fff3e0c3362934019dca2b8733a8fdddd978d0b264d4b0105d4f9db315cbc8a2426f494de1d2f1b73de816e561004be0430be083fc6179ebfdc9bfca85df6b2c81bc0bf4685cdf072ddb5f7a3183a226df665c95d86c6046be75fdd008b96ad5696cbd3182a01c6a80d1bd3f4a288c015355004e6bbc788aef9bf65fe691dd6777a531a040c9ec7754d0e746dd89521d2ae6df1b13fd9433b164ba014fa7b3d8e08b30fe54b3d0ea810cc5f436a0370fd976eb481a07b3f81469cd6ed490d687528bf470d3800893a718f1f6c970a130ab49e04e1dfe4d594927bb34247d1c25c75197807206242b0ff807cb8c6ca4d67acce16de41a663fe86eec015dde1d828ac3a63763c0fbeda90c824abeb593efa9e2df76b761fa0d25e70e4e8d888f8ca1fcf7e88d35064a73600d4cc98e75ed4dd7c05919dcfdd4bdfaccd4a0a33e11c55276e105338b13ba765b728d0ae08a03cf59f3212373be7c7f74601c325c605ccbdff2bd895f43303888f9f8609df38a52d718cfb423a580711886de8affaf997d85a23af0de249f92f0b04305f12cbbd19c271339988a0c3eada32416b880f1859ba58353675b45b177d4306bbbd4ad8890a1a06126fb069b06566d92b026337f2f9c9f1321fd9b427a57df9e68505cdbbe1c5807fe485a85693e39e09bb72c7e46c95277526db6ee949ba143e4d3027c84df4c483aa0e419e438741661bb4349dffd003baa6112db3c9f84b0438ed3af79b90f1cea1b8ec4943bc3ced5567eec6510e910c8f9346e74c338fcfc892aaf970691b60f5ea4c04a33954c280c0c28f5c4ed79a3d4cb09ac60dc00060b09afa42fe60a250bb0c7529b282714df7de4938f1c56241189a707a7091a1035d82c7d43c66e9abd92ceec9ec5c102df63d4a0b8eac16b618e97567a87296a42bb7a018204b3dcdcee5e5c758faf3172e8c6c50483f341c5656cb8df27c63c98e74d1b7312e49926d143817f8e9b4125406ab91242bdcba7ccc3db507ff994047b33ce9a59179d119991a161e8bd06e0f58d7bffe6457f531942cc46c88bfec69e0b995ac7e7ab04d270efe443541bc55f327ad8921c32bcadaa0e1ad8ac263a312f92f904b333becbdf4a102f5b379619c8204c3a18af91347fbb5eab64ff81a05f3b830f36691121f0a398405521c3dac1300a0db6e21e56ac8bd6a03923a3d8ed96d9df54b98b42b70a0a3ffa8291ceb0e607f0e2f8ce1832111051bb16bdc25d5a4af117634af898f5952f98a7b132cf140a79ccb80d1d9f1bb52c3aaf50b7232dba94e896295c5a6bf71ec63a2f95315b06b590c6965249d1ea7f7039344242bae628f7b1bd45d9ccd51183279863c640d8fd7127ca5e593d7ae02b8ecc77188389c766634b18e54ab9da7ea92e8101d6088a373c3da38941e566dae9c1b191b48f387ecf8b91c6e6f05c800cef4c39b11dad2e42f1b54a44204ffe29c84defd41a3ab9173957b3007cad89d259ba60cb320d26b1ce00453629af98ab9371d8e47854396009169ebef43f471c2b00e7298dfb61a42000b68c44dc2429233f5fa17c524856c6383ae4ffed02f566edb7eb961489b5cb677e568eba83885641486af623dafe8693ac6dd5df261294a9286e445bb91098b96d5b2e912c21d161c9d6a6c0882a5ccd68d3b0025546bb79ace81b3338bc613209bb48f725d144df39604111da9c775da5e5f911934fb719d5d2d73c4d083b644d81d5ef22b900c5e00a0646972fb9984bf8023be30af1a018d16e4a33c8f1e26f5fd1e344c164a88283dbbc66142b9cfffed194984dd288779638827a4435f749a50db79918f33d67adc4014754133437c9d2bb90246a33070216d80560e4fc33047f75418d4e8d88fb244aab374b60a2a71fe7b579a121edd7cabdd38c794ce3e486803d0eba379a41f074a7667790ef9acf99f7ea8856b9383498850404704655bdac133d26967fb1ef4a484780aab18e86e9f119a11e6195a40ed26b32054e0a1939dea8b2f3e5ab7d7bc5cb32895c069b84b2f0fc9291d4e35ca2a78108593e74ea25f81fa90f86c76fecc3fe193c13fb427ab6a0f5c540512309a9b4a96fb636b4275012157420c3efa09701d35ae2b06e96d4ebcfdaeb83d3ffa44c59b301243ceb33c115ced26656e15c244b4e677e981e7456950489396b83fd66746de97e41cecc8f14435ebe2f3437890fc31eb790df327cba7d40aa352911b36d71b2aafe495c9b82b790c97d3b5179ca47eddffe1f700f506491865c86e8dad4a2870efad0772b32d67d10498d5f1d4032d341078d2d5af3e9b7ef1fb7981cc1d50fe9cec2c037782ad472edb0be5cb870c203477e6df78762b1be15fb1648c6e1da3d1f95858b7a03dae9dd6fdc82d0c4434961550aa8991c73a6df1fe5cbe815a1e2c0add62f5b340e262bb369dfbced592b77df8ce5d694a59a5125b72a7d70cbcd7fcad1f8e85fbc632c21903c611744955dc7bcfa3a83b87c7dff38516e2e8974dd8f6835b5a681ab0cfe5b72b42d63047983a6ac6efeea069e12428f2d07965ea369635390f6459b1407fa5a0c5967fb119186e665e71b9b0b386f9cd690990eda4adff85cc484874265e2a9ff6573ee8d083bfdb45325dbfc452c33e92a19d024c0841892d43f4dec71b185dad3731ca647a2ffa2c80e008a8dc25667e63f8bda20806bc1a1adb93674cbcc548ba8ca7af22df43f7a41ad774e95bb8fbcf03845d5cdfb808387fc6a4d4676ea6e01c2f39836a77852ce97bd69e92865b54bc4876f0f4243db0de84d469676bb82e43bdaaa362ce99368a7ab30b8d92611ab053fb40523658884efe299a562dc0cf6b5bf996cf05a7e03ca369754968b6c317e740679b0dfe60133414932c1ae75ca0d26cd8cfbc78989de4eb37f64cbf3a14d2a72a24fbcf4c559f261115ccb4002d8d9590a5819d04869a5bebca4cac2901c2262a49b5a86ab0a3ba33942f7b94107a5ae35afd247485786e7b23c5d008ab0d9c1ca51cc86ba7bbc596a788251a8b1ef9817191c1c0dabd1e9d826f3c451b5ea73d6b74300873e34c216d21a869ed06a0d9c3be9024be3e24828393e0635a614d78eb0abcf44bfe8c8c860027c9cee58b5e41d5f1209e48253281b18727dfb926ac3687df56217241c872a5a39f65251b5ca032bfaca2c9fe662584bcb6cb3fe9be2ae57be0655586a8c704ae915f284adac8d85174799ebf9e16c43b74a154a4524e6f33467e13a121a255acfb592d47eaf13cd538de15327151ad74f578bbbfdfde82fd6afb592b7933b52241f182cb65778e3628f177eaa8c8ecc970e82a2aa52f3b7d534748b35fa1dbc0f58ede3df5ddf1f1202290a74f4a871802d1f970de3ea5553f35456e2596669c00404337f6d394fb68c588effe8987f18b04b1b52eca71062b722b2cc44e4805abf6347715a3c9e5e9b9376a45fed63b494781a4905f9ff6d898e48c5f1279fb2f4c3af50d54204d0ab410415fcb28a1b4dc0afdcce76f19f60f65534d802ee8c", 0x1000}, {&(0x7f0000000000)='4', 0x1}], 0x2)
write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)

6.154456993s ago: executing program 1 (id=615):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cdrom(0xffffff9c, &(0x7f0000000040), 0x408d80, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001d00010000000000000000000a001000c3"], 0x1c}}, 0x0)

6.08719863s ago: executing program 1 (id=616):
write$bt_hci(0xffffffffffffffff, 0x0, 0x8)
openat$vicodec1(0xffffff9c, 0x0, 0x2, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000009c0)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x80045b10, 0x0)

5.747191856s ago: executing program 2 (id=618):
userfaultfd(0x80001)
socket(0xa, 0x3, 0xff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x80)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
r3 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bind$inet6(r2, 0x0, 0x0)
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1200000004000000080000000280000000000000", @ANYRES32, @ANYBLOB="000000000000f6ff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r6, 0x0, 0x0}, 0x20)
bind$l2tp6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r2, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r2, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(r0, 0x0, 0x90)
r7 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
lseek(r7, 0x5, 0x4)
getdents(r7, 0x0, 0x0)
read$char_usb(r7, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'syz_tun\x00', &(0x7f0000000540)=@ethtool_rxnfc={0x7, 0x8, 0x400, {0xd, @udp_ip6_spec={@empty, @mcast2, 0x4e24, 0x4e21, 0xfe}, {0x0, @broadcast, 0x2, 0x7, [0xe3e, 0xec4]}, @esp_ip6_spec={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x0, 0x5}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x33}, 0x7, 0x4, [0xb, 0x3]}, 0x5, 0x3fc000}}})

4.577114817s ago: executing program 2 (id=621):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_pressure(r0, &(0x7f00000000c0)='cpu.pressure\x00', 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2d, 0x25dfdbfe, {0x60, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0xd, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa, 0x0, 0x6}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040004}, 0x8810)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$cgroup_procs(r4, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x0, 0x0)
getdents64(r6, &(0x7f00000001c0)=""/147, 0x93)
r7 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io$printer(r7, 0x0, &(0x7f0000000480)={0x34, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newnexthop={0x28, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_FDB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, ')'}]}}, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$EVIOCGMASK(r8, 0x80015b1a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x810c5a, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0x4}, [], {}, [], {0x10, 0x6}, {0x20, 0x1}}, 0x24, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000001000400000000000400000000000000100006000000000020000100000000004ea49044728917d3865fa7cb9eccdd698c4fbb2f6acc6249adbd26f8f8aea7b108eeb55cdb39a8078cc99c1ff16811d1c492a39a5890b55880602b724fe3ba87e1621933c0cf5bb9f2a7160540230e1aa8ee20a1e67ef95333be3ad1ac25c736d411ac3bbf989f601b9c6aa4495b0abb313dface16768148e9768cc995c307faffab9b22d3b3439e17aeb8d09d72be8c28c29e84460e1e3c022077f0881ef9015a5506edc5ee5fe9ea2e1da29b88e724e6988d5f72233457df050cdc862e76df8380dd24a54b633cb6e9ff9883e206ba4f77faa69f2bdaf8fc14"], 0x24, 0x1)
write$cgroup_pid(r5, &(0x7f0000000380), 0x12)

4.147851539s ago: executing program 3 (id=625):
io_submit(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2c, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r2=>0x0})
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}], 0x0, 0x1}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180), 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=r2], 0x3c}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x100000c, 0x204031, 0xffffffffffffffff, 0xcbc8f000)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000001c0))

3.245089577s ago: executing program 3 (id=627):
r0 = memfd_secret(0x80000)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00=', @ANYRES16=r3, @ANYBLOB="699026bd700000000000250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=r1, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
mmap$snddsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000002, 0x12, r0, 0xd000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r4 = socket(0x2d, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x100000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x561a, &(0x7f0000000400)={0x0, 0xc890, 0x4000, 0x0, 0x301}, 0x0, 0x0)
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f00000000c0)=0x1)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000240)={0x0, 0x8d2dc, 0x0, 0x2, 0x3}, &(0x7f00000003c0)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x6080, 0x0)
io_setup(0x1, &(0x7f0000000040)=<r11=>0x0)
io_submit(r11, 0x2, &(0x7f00000001c0)=[&(0x7f0000000200)={0x0, 0x0, 0x2, 0x0, 0x0, r10, &(0x7f0000000000)='%', 0x104000}, 0x0, 0x0])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r6, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r7, 0x47f5, 0x0, 0x0, 0x0, 0x0)
r12 = openat$cdrom(0xffffff9c, &(0x7f0000005fc0), 0x0, 0x0)
ioctl$CDROM_GET_CAPABILITY(r12, 0x5331)
socket$inet_tcp(0x2, 0x1, 0x0)

3.084328919s ago: executing program 0 (id=630):
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257035bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000006000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf528666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebdb638d91dbef661935839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dc7718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x2000007, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x2e00, 0x4000000}, 0x28)
setresuid(0x0, r4, r4)
r6 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r6, 0x0, 0x0, 0x1, 0x3000)
msgrcv(r6, 0x0, 0x0, 0x2, 0x1000)
msgctl$IPC_SET(r6, 0x1, &(0x7f0000000680)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x34, 0xa}, 0x0, 0x0, 0x0, 0x19, 0x5, 0x2bde, 0xffffffffffffff27, 0xc7, 0x2, 0x9})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
r7 = creat(&(0x7f0000000280)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000280)={[{@upperdir={'upperdir', 0x3d, './file1'}}]})
semctl$GETALL(0x0, 0x0, 0xd, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_RELOAD_REGDB(r7, &(0x7f00000005c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x400, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x84)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="020f00000d000000000000000000000005000500000000000a0000040000000000000000080000000000000000000000000000000000000005000600000000000a00000000000000ff020000000000000000000000000001000000000000000001001800023f0000"], 0x68}}, 0x0)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r8, 0x8949, &(0x7f0000000000))

2.96820595s ago: executing program 2 (id=631):
syz_open_dev$sndctrl(0x0, 0x0, 0x801)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, &(0x7f0000000240))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0x9, 0x0, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r6=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r6, @ANYBLOB="06f60662ae50fbffff0200fffbe38ba7"], 0x50}, 0x4, 0x700000000000000}, 0x0)
syz_io_uring_setup(0x5ce, 0x0, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), r5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.878257942s ago: executing program 1 (id=632):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000006c0)='syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000700)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r2 = syz_usb_connect(0x0, 0x371, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r2, &(0x7f00000003c0)={0xc, &(0x7f00000002c0)={0x20, 0x8, 0x8d, {0x8d, 0x10, "3417380afcc3ff963ceb65b7615417a14833e5f03e3d3b67166a89d7a6db86b685da60dde9d84cd47e10a059eae549c5425eda6272efc742a309b6cbee1914c4b180772abc9167b7be1276c2fe5660edec38f2c8f79617281867093de80a869096892897758491acef5df81c46458fc25162939347200ce6455f39ac08a4a652e040feb32ab873ab18ae81"}}, &(0x7f0000000380)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000640)={0x10, &(0x7f0000000500)={0x20, 0x0, 0xcd, "a12d15cd810aecf613129c027fc3da10820bdda072a99ec9afc8ab1a8d741e9e8cdf5592c38a16ec05539ec666375f6410456555092dc53d074da4d759861b83fc394e905394f05ecfec82ef1f03392eab787de5cbd761f669f3bb8f437d3642eb2aef3078f6b41dd1d9608f2e1614e7ad6f371eb93271fa478a8169fe1bb270c273f71e5477258f8fa7059b672c496ae05d92c87f749cae039e76b44fc685abd248d1d1da5b6d11f019aa64ca7c98b2b0fc738bbb1c39531a69e40264adb2e2ab1833916289e4fb5dbac1647d"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000600)={0x0, 0x8, 0x1, 0xb}})
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x304, 0x0, 0x150, 0x150, 0x0, 0xf8010000, 0x23c, 0x238, 0x238, 0x23c, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @private2, [], [], 'team_slave_0\x00', 'hsr0\x00', {0xff}, {}, 0x84}, 0x0, 0x10c, 0x174, 0x0, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'snmp\x00'}}, @inet=@rpfilter={{0x24}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@empty, @mcast1, [0x0, 0x0, 0x0, 0xff000000], [0x0, 0x0, 0xff000000, 0x43cdeb732741cf8f], 'batadv_slave_0\x00', 'gre0\x00', {}, {}, 0x87, 0x0, 0x4}, 0x0, 0xa4, 0xc8}, @common=@inet=@SYNPROXY={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x360)
recvmmsg(r3, &(0x7f0000001100)=[{{&(0x7f0000000740)=@sco={0x1f, @none}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000007c0)=""/69, 0x45}, {&(0x7f0000000840)=""/200, 0xc8}, {&(0x7f0000000680)=""/46, 0x2e}, {&(0x7f0000000940)=""/61, 0x3d}, {&(0x7f0000000980)=""/37, 0x25}], 0x5, &(0x7f0000000a00)=""/75, 0x4b}, 0x951}, {{&(0x7f0000000a80)=@vsock, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000b00)=""/50, 0x32}, {&(0x7f0000000b40)=""/75, 0x4b}, {&(0x7f0000000bc0)=""/128, 0x80}, {&(0x7f0000000c40)=""/103, 0x67}, {&(0x7f0000000cc0)=""/43, 0x2b}], 0x5}, 0x9}, {{&(0x7f0000000d40)=@phonet, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000dc0)=""/74, 0x4a}, {&(0x7f0000000e40)=""/168, 0xa8}, {&(0x7f0000000f00)=""/42, 0x2a}, {&(0x7f0000000f40)=""/87, 0x57}], 0x4, &(0x7f0000001000)=""/251, 0xfb}, 0x1}], 0x3, 0x0, &(0x7f0000001180)={0x0, 0x3938700})
r4 = socket$unix(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x28}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bind$unix(r4, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000027c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x2d, 0x20040040)
ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f0000000100))
connect$unix(r5, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
syz_usb_disconnect(r2)
close_range(r1, 0xffffffffffffffff, 0x0)

2.185994604s ago: executing program 0 (id=633):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x10000, &(0x7f0000000180)={[{@xino_auto}], [{@smackfsfloor}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}]})
lsetxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@xino_off}]})

1.601600976s ago: executing program 3 (id=634):
r0 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='qnx4\x00', 0x1a088c8, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3aee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d320f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c16af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61dbf5769b483c2a9f6bec666dae4e81960e9bad7f17cfc3d5bcc7b7f437110ca8ffa908c12086b2227eb202a8d56e0925ba994b05c98c39de44d25932449ddf08e5377814a40877eab4440ca01b3f50d2014a61a7d32105254b424238122386424efa3a7041254f686a5faac120942287f75e8e3db569ce47b120059d774a37e11d013be50cd2cbb00f6d2a23af61ec7d30bb7dc33a92f900b6ff1d29dc61cc40b846040dbafd00c6bcfbcf700"/1664], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffffe}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x702, 0xe, 0x0, &(0x7f0000000380)="e460334470b8d480eb00c1520800", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x7feff, 0x20008, 0x0, 0x1}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9bc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f00000003c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf1}, 0x94)

1.600775174s ago: executing program 0 (id=635):
r0 = accept4$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x80000)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000280)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)="ad59a89433f8aad6793a4228851d71cd2ca0eff18e674fba275dbd654397fc4c21d7368f0710ab8cd0", 0x29}, {&(0x7f0000000440)="5188263d51d8a5d77f6dae155faa4a9a8b90abf12cadec987f48f01c4d599af0d84b35d9f7088a65ce852a76d9f0d5c29bf6a5d685fee5ad013490189d0fc380f28c269d81f7afcb7c62086e375dffc44ba6e223b93f8a151585b024e0c3e8fecc4beb5f5162fd254e942e762d4ebaf6f5f8859f13cd2ea25626a17bf14884d4c15dd02987aff424bd2a99417b8b", 0x8e}, {&(0x7f0000000580)="d03d12b7d2259abfaa909979dc87ca299e2c96494d73f841305482da0c7efde230e7ec00b57517a83210159c3b1e751a80c0c06d9976cd2afcabb1f94a0c5a34ddbe44ad2c97f865420aa59ab0981405206090991a615e065ef2479ca985e0ed3fdd286160da8747a3ccfa55745cf931bd33d37e90e84e7650a6b8b01c7f07d36182a35439a8c7e0e350d187a1434da7e51ad3b7a98f16f8e156baff23f2c6349f3a335f8a49272154e0c87fd8e2575d8aa3a8c4f2ad52e1539bc6323555c3c0c47033c108f35df8f376812ad71f1ca29768ba871a9b43c68af28114245c5fe1", 0xe0}], 0x3}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r4=>0x0})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x6a6f396b, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=@migrate={0xcc, 0x21, 0x1, 0x0, 0x4, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@mcast2, @in=@private=0xa010100, @in=@private=0xa010100, @in=@rand_addr=0x6, 0x3c, 0x0, 0x0, 0x0, 0xa, 0xa}]}, @user_kmaddress={0x2c, 0x13, {@in=@loopback, @in=@multicast1, 0x0, 0xa}}]}, 0xcc}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, r4, {0x0, 0x7}, {0x0, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r9=>0x0})
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r10, 0x107, 0xd, &(0x7f0000000700)=@req={0x4, 0x4, 0x7fff, 0x80000001}, 0x10)
r11 = syz_open_dev$evdev(&(0x7f0000000000), 0x9ba, 0x100)
ioctl$EVIOCSCLOCKID(r11, 0x400445a0, &(0x7f0000000040)=0x1)
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010800040000fcdbdf250b00000008000300", @ANYRES32=r9, @ANYBLOB="200050800800030007ac0f000500020004000000090001"], 0x3c}}, 0x0)
sendmsg$NL80211_CMD_DISASSOCIATE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, r7, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x32}}}}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$netlink(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="2400000076001f0300"], 0x24}], 0x1}, 0x0)

1.600203247s ago: executing program 2 (id=636):
r0 = syz_open_dev$sndctrl(&(0x7f0000002b80), 0x1, 0x8000)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x2}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x4, &(0x7f00000001c0)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
setpriority(0x1, r1, 0x8)
bind$can_j1939(r4, &(0x7f0000000040)={0x1d, r5, 0x8000000000000003}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc2c45513, &(0x7f0000002e00)={{0x9, 0x7, 0x3, 0x2, 'syz0\x00', 0x7b}, 0x0, [0x4, 0x200000a, 0x1000, 0x0, 0x1d1, 0x7fffffff, 0x5, 0x5, 0xbc0, 0x7, 0x15f, 0x7, 0x5944, 0x5, 0x7, 0x8004a7, 0x9, 0x5, 0xb, 0x3, 0x6, 0x400, 0x2000040, 0x10040002, 0x7, 0x0, 0x2, 0xbf, 0x7, 0x3, 0x4, 0x6, 0x6, 0xfff, 0x3ff, 0x1, 0x8, 0x3, 0x5, 0x6, 0x3, 0x78a, 0xbfff8007, 0x200000e, 0xe, 0x0, 0x3, 0x5, 0x100, 0x4, 0x9, 0x80000001, 0x400, 0x1ff, 0x9, 0xfffff647, 0x488, 0x4, 0x4000001, 0x9, 0x5, 0x9, 0x5, 0x8, 0x98, 0xbe, 0x1, 0xa, 0x7, 0x80000000, 0x81, 0x10001, 0x2, 0x80000001, 0x4, 0xb, 0x7000000, 0x1, 0x8, 0x7ff, 0x7, 0x4, 0x1d1, 0x8, 0xfffffffd, 0x6, 0x6, 0x8, 0x0, 0x4, 0xef, 0xfd, 0x3, 0xffffffff, 0x9, 0x58a0, 0x1, 0x9, 0x895, 0x6, 0x3, 0x89, 0xfffffffe, 0xa1a9, 0xe0b2, 0x9, 0xfffff561, 0x13, 0x3, 0x3, 0xfffffffa, 0x103, 0x2, 0x1, 0x2ba, 0x4, 0x12, 0x5, 0xc, 0x2, 0x2, 0x4, 0x1ff, 0x7, 0x101, 0x7, 0x5, 0x8ff]})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x129080, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
readv(r6, 0x0, 0x0)
write$binfmt_script(r6, 0x0, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f00000000c0)={0xbe, 0x0, 0x1})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)

1.599888247s ago: executing program 3 (id=637):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000080)={0xd, 0x18, 0x3, 0x0, 0x0, 0x1000}) (fail_nth: 6)

1.59977296s ago: executing program 0 (id=638):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000800000034030000020000838500000073000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
process_madvise(0xffffffffffffffff, &(0x7f0000001d40)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x9, 0x0)

1.599625429s ago: executing program 0 (id=639):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='tlb_flush\x00', r1}, 0x10)
r2 = userfaultfd(0x80001)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='f'])
mount$9p_fd(0x0, 0x0, 0x0, 0x80000, &(0x7f0000000540)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}})
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x3000, 0x0, 0x2})
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4, 0x1}, 0x3, 0x800})

1.599270837s ago: executing program 0 (id=640):
write$bt_hci(0xffffffffffffffff, 0x0, 0x8)
openat$vicodec1(0xffffff9c, 0x0, 0x2, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000009c0)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x80045b10, 0x0)

1.458058518s ago: executing program 3 (id=641):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1a, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e76, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xc}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0x1}, 0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001180)={0x11, 0x2a, &(0x7f0000001640)=ANY=[@ANYBLOB="49c5951fdc17ebee29ea3e90df9625bf0c4fb30b14398c57560c3725ca76de262b0280416105801b77a5e1d5ca0a5a1b120f9753a70ced265eba2c8bb40bbd86779e7f9bb1337ff94b0758deaf3a73842dd92f2414c6083f7b6749f74df85a7f126ee5bfd3ec32a1c18f71b2fb689cb4acd3f764723b50d6b0d30dd67ab49d8403d206af5ac286cdfc80aae9097abfcfdf6da35577e2dead8f51d9394989c3a74e13ac95ea4c5349c798b5270a19775dc8ee07b5b5b7f956d4de780ca6eed553c88f82666175d61d686160d2f387ae61002737c6111a2cffc46c0f1748c94bfc3f7eec19aa532ed52546effb4c01a82ddca465ab15e8da1180ae2edbb64fde2d", @ANYBLOB="731182bb6255c5f6189eca7b4320cc0c07834e0e1ba67a54b0ce2afe3a7c44e4c8808ef3667b5e0ab9711dfcbced0608b80cf9856105df027f84f720df3231ef24", @ANYBLOB="000000000000fa00b703000000010000850000000c000000b700000000000000184200000800000000000000000000008520000005000200b7080000000080007a8af8ff00000000b7080000000140007b8af0ff00000000bfa100000000ef6a68220000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC, @ANYBLOB="0000000000000000b705000052b6956e44104f4579a53427e5ac0800000085000000a5000000950000000000000018fd00000200000000000000000000008500000064000000b7080000000000007b8af8ff000000b860c874a340ff59007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8=r1], &(0x7f0000000300)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x300, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a30000000005c000000060a010400000000000000000100000008000b40000000000900010073797a300000000034000480300001800a0001"], 0xd0}}, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000000800010001"], 0x1c}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)="b1ff5cc982d34010b7cd6e11c50b9bd27a09463daa6ac6255411345692ea1f44220df660aec36c3da20cdf63882deea50aab4ae728b88be047e9c1de4d3428835edfece01a907acbebb734022a8738c0733177cf2bc7d61a3a791ad3e0972faf52b29d3476b8aff7e79275ad61b36971c0d2d8e1e242261dc50464a134b1a2e36243c3b5bb93a2e7a7087c254e0b5089100624eb5b273a62e5798cb0a4b96845ef45e0238d22062a8d5f43c3875d773c45e426dc162914e26ae112c5dfdef60f2f274ac96a6c77b37799cd03dc1c8ad69d1fcad1be379ad212ea51e0f272a3ec7bf0bdda2c7a15b3fb018cb2ce53c99b0af09b5c874cf4d79e13c7580d4ebc0669bb048863f28e8f00ea67d87e92c6fc4bc31a4a06b7344519d72e9662309dd51a02a7d295972dd1f63431968d9f5212daa47d49d85bf08190aef758e842da69375269c5f33bb0e60bb98abb2a51e8a89d7b4680185b9665d5da6254cb15392332b0e850169d90ac1374cf5346092b47f682c2f22c8cdcf98718bfa0ca4c5b50ebf8d6c53afa3830233a3e486a0d73fed67851403f72492feec1528cac329dd11f82cf149ec049e71b979ad055053dcf654f470f780f32b22dd6567401f94a94c592265a2dbdd3c5c88cfde1a6cc112231a5797e092a5040be19bde03dc2d9dc0078b42f27e168810770cd5b4c0f2073037e9a57e8148392a3063ee55ad9449fa6265189337777d7a605bb7cf51d682ac7823207343fa7328ce207029e7e9818d7fcff9b9e7ac731dc502ce7471cab17108e5614fdec649d35a6638928931f110d4608a9cf22868dd3bf764d5b09a5325bcf987546e3edf1df9f1866fa89fb99a7f945c853586b4e3344eb286067e7b42d79ed93baddc3e5bd47ca613d654d4d54ece371b699ca7f05677c48cdb8f265fb35e0ff7ec5da801ae4198c7d9290d2ddc3586bd1ba3e34e722c47c14e4f310029751fbdc75da8461356b7a6784b490810284bdc727061944a283b7276b6a0b679d74089c54db98c92c2e329248b07365f45b3511ac11f8483a3f0bec8e4ceae324640f5762444efa94207115b5550fb8e4a1277aee3f11f2e6cac543d2168a83cd0367b24859e1b8b9cb9a5beb2d9851124b9c74acf21ecb5ae5e31e29543638a1cebdd2384dda1b2d301e59ea092707cd68838f12a05f9ec25832ddf22e2a01a8a28ff5c4f925a09b18849c180f0fed6057fc68d473eddb467796f8c086475dc1444c7f879d842662da4e59fd3c02b6d54c822ae8aeb91aefde57008f7728f1d236bbcda61a5b2dfdc0648ba72229b764fbd43a2eabe639a49f44de663b2e4e244370c7681f130e4a7790924e0826c0ebe768996d22edf83088b18492ccaa1344f5b14aa4218e3204434e0483bb56043e63ae02d584fed308759840064686ebb7349aa85adc00ba9ac6ec3e895f6b6cb33902cfa04a5fe6946475775284ba5f00f31a37aca06ce7485acbbf8e66db1daa273025860d216eb69a71666c0e5e3dcb9054c7c5edb138893b22a6f80655aeecd0f59f3bba544ae9897d2e795d0ca5a124519712a54366dca8b20c2191d5515231d5066c9c9f2b5b180da10542d7911f688c3b0f07ffcfe249161590d95d445c5ce2c647b97ad45249226a04144d900de9496f8f85e4607e7907eb20a1856efa7b06de5334ed1ba34b1c6e30da7df850da42b728208b85510b9acdd9ffe22894ec97c832b65257fa72d7f77a02359fad7ea2465c53df34c391c617d2e02197f6b5ab4a152327f6ae4d1107f6e8b68ce43de174dd559fe3ec95f32bd1d9244943230654e68fc3237e17dbd131996202beaf1578a925ab94510fccfa2be306bce3bdbb413ec6e50e6b0081362999ce7991b2c384001fd74e9de82dba16df74529800a201d8bd35eb789527b1f2e2ea7a12fb2858e389b4e96b5a9e32838916f147c99e3fd723972930a2eb8422ac15a254bae41e604e5459f6f573f9ce9d94e9dcbcdd392e2ed35ab5c6673f69c711ff121a2f1b1421d4a70571a20c732b1c1af990795c10ee23a6b8b056f91a4aa32d118a71cad879d5883327e7347d3fc7de504d42162a16fcd2fde8035a54205da46ce06c1f66b6ddb43248cbd5347cb80aec30a88af4166dcf131b92568ffad2f3cdb2835264705025b612d8b82920a01b87b9781020c38f438330735966ff27488db4ea6e74fa9d0e9a0fa929d9585a4de92648839a971edb1d03945fc7d6f64bb194085f63ccf8ea52b90505f2809d0ddc40b59909fff3e0c3362934019dca2b8733a8fdddd978d0b264d4b0105d4f9db315cbc8a2426f494de1d2f1b73de816e561004be0430be083fc6179ebfdc9bfca85df6b2c81bc0bf4685cdf072ddb5f7a3183a226df665c95d86c6046be75fdd008b96ad5696cbd3182a01c6a80d1bd3f4a288c015355004e6bbc788aef9bf65fe691dd6777a531a040c9ec7754d0e746dd89521d2ae6df1b13fd9433b164ba014fa7b3d8e08b30fe54b3d0ea810cc5f436a0370fd976eb481a07b3f81469cd6ed490d687528bf470d3800893a718f1f6c970a130ab49e04e1dfe4d594927bb34247d1c25c75197807206242b0ff807cb8c6ca4d67acce16de41a663fe86eec015dde1d828ac3a63763c0fbeda90c824abeb593efa9e2df76b761fa0d25e70e4e8d888f8ca1fcf7e88d35064a73600d4cc98e75ed4dd7c05919dcfdd4bdfaccd4a0a33e11c55276e105338b13ba765b728d0ae08a03cf59f3212373be7c7f74601c325c605ccbdff2bd895f43303888f9f8609df38a52d718cfb423a580711886de8affaf997d85a23af0de249f92f0b04305f12cbbd19c271339988a0c3eada32416b880f1859ba58353675b45b177d4306bbbd4ad8890a1a06126fb069b06566d92b026337f2f9c9f1321fd9b427a57df9e68505cdbbe1c5807fe485a85693e39e09bb72c7e46c95277526db6ee949ba143e4d3027c84df4c483aa0e419e438741661bb4349dffd003baa6112db3c9f84b0438ed3af79b90f1cea1b8ec4943bc3ced5567eec6510e910c8f9346e74c338fcfc892aaf970691b60f5ea4c04a33954c280c0c28f5c4ed79a3d4cb09ac60dc00060b09afa42fe60a250bb0c7529b282714df7de4938f1c56241189a707a7091a1035d82c7d43c66e9abd92ceec9ec5c102df63d4a0b8eac16b618e97567a87296a42bb7a018204b3dcdcee5e5c758faf3172e8c6c50483f341c5656cb8df27c63c98e74d1b7312e49926d143817f8e9b4125406ab91242bdcba7ccc3db507ff994047b33ce9a59179d119991a161e8bd06e0f58d7bffe6457f531942cc46c88bfec69e0b995ac7e7ab04d270efe443541bc55f327ad8921c32bcadaa0e1ad8ac263a312f92f904b333becbdf4a102f5b379619c8204c3a18af91347fbb5eab64ff81a05f3b830f36691121f0a398405521c3dac1300a0db6e21e56ac8bd6a03923a3d8ed96d9df54b98b42b70a0a3ffa8291ceb0e607f0e2f8ce1832111051bb16bdc25d5a4af117634af898f5952f98a7b132cf140a79ccb80d1d9f1bb52c3aaf50b7232dba94e896295c5a6bf71ec63a2f95315b06b590c6965249d1ea7f7039344242bae628f7b1bd45d9ccd51183279863c640d8fd7127ca5e593d7ae02b8ecc77188389c766634b18e54ab9da7ea92e8101d6088a373c3da38941e566dae9c1b191b48f387ecf8b91c6e6f05c800cef4c39b11dad2e42f1b54a44204ffe29c84defd41a3ab9173957b3007cad89d259ba60cb320d26b1ce00453629af98ab9371d8e47854396009169ebef43f471c2b00e7298dfb61a42000b68c44dc2429233f5fa17c524856c6383ae4ffed02f566edb7eb961489b5cb677e568eba83885641486af623dafe8693ac6dd5df261294a9286e445bb91098b96d5b2e912c21d161c9d6a6c0882a5ccd68d3b0025546bb79ace81b3338bc613209bb48f725d144df39604111da9c775da5e5f911934fb719d5d2d73c4d083b644d81d5ef22b900c5e00a0646972fb9984bf8023be30af1a018d16e4a33c8f1e26f5fd1e344c164a88283dbbc66142b9cfffed194984dd288779638827a4435f749a50db79918f33d67adc4014754133437c9d2bb90246a33070216d80560e4fc33047f75418d4e8d88fb244aab374b60a2a71fe7b579a121edd7cabdd38c794ce3e486803d0eba379a41f074a7667790ef9acf99f7ea8856b9383498850404704655bdac133d26967fb1ef4a484780aab18e86e9f119a11e6195a40ed26b32054e0a1939dea8b2f3e5ab7d7bc5cb32895c069b84b2f0fc9291d4e35ca2a78108593e74ea25f81fa90f86c76fecc3fe193c13fb427ab6a0f5c540512309a9b4a96fb636b4275012157420c3efa09701d35ae2b06e96d4ebcfdaeb83d3ffa44c59b301243ceb33c115ced26656e15c244b4e677e981e7456950489396b83fd66746de97e41cecc8f14435ebe2f3437890fc31eb790df327cba7d40aa352911b36d71b2aafe495c9b82b790c97d3b5179ca47eddffe1f700f506491865c86e8dad4a2870efad0772b32d67d10498d5f1d4032d341078d2d5af3e9b7ef1fb7981cc1d50fe9cec2c037782ad472edb0be5cb870c203477e6df78762b1be15fb1648c6e1da3d1f95858b7a03dae9dd6fdc82d0c4434961550aa8991c73a6df1fe5cbe815a1e2c0add62f5b340e262bb369dfbced592b77df8ce5d694a59a5125b72a7d70cbcd7fcad1f8e85fbc632c21903c611744955dc7bcfa3a83b87c7dff38516e2e8974dd8f6835b5a681ab0cfe5b72b42d63047983a6ac6efeea069e12428f2d07965ea369635390f6459b1407fa5a0c5967fb119186e665e71b9b0b386f9cd690990eda4adff85cc484874265e2a9ff6573ee8d083bfdb45325dbfc452c33e92a19d024c0841892d43f4dec71b185dad3731ca647a2ffa2c80e008a8dc25667e63f8bda20806bc1a1adb93674cbcc548ba8ca7af22df43f7a41ad774e95bb8fbcf03845d5cdfb808387fc6a4d4676ea6e01c2f39836a77852ce97bd69e92865b54bc4876f0f4243db0de84d469676bb82e43bdaaa362ce99368a7ab30b8d92611ab053fb40523658884efe299a562dc0cf6b5bf996cf05a7e03ca369754968b6c317e740679b0dfe60133414932c1ae75ca0d26cd8cfbc78989de4eb37f64cbf3a14d2a72a24fbcf4c559f261115ccb4002d8d9590a5819d04869a5bebca4cac2901c2262a49b5a86ab0a3ba33942f7b94107a5ae35afd247485786e7b23c5d008ab0d9c1ca51cc86ba7bbc596a788251a8b1ef9817191c1c0dabd1e9d826f3c451b5ea73d6b74300873e34c216d21a869ed06a0d9c3be9024be3e24828393e0635a614d78eb0abcf44bfe8c8c860027c9cee58b5e41d5f1209e48253281b18727dfb926ac3687df56217241c872a5a39f65251b5ca032bfaca2c9fe662584bcb6cb3fe9be2ae57be0655586a8c704ae915f284adac8d85174799ebf9e16c43b74a154a4524e6f33467e13a121a255acfb592d47eaf13cd538de15327151ad74f578bbbfdfde82fd6afb592b7933b52241f182cb65778e3628f177eaa8c8ecc970e82a2aa52f3b7d534748b35fa1dbc0f58ede3df5ddf1f1202290a74f4a871802d1f970de3ea5553f35456e2596669c00404337f6d394fb68c588effe8987f18b04b1b52eca71062b722b2cc44e4805abf6347715a3c9e5e9b9376a45fed63b494781a4905f9ff6d898e48c5f1279fb2f4c3af50d54204d0ab410415fcb28a1b4dc0afdcce76f19f60f65534d802ee8c", 0x1000}, {&(0x7f0000000000)='4', 0x1}], 0x2)
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)

928.601552ms ago: executing program 2 (id=642):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1a, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e76, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xc}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0x1}, 0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001180)={0x11, 0x2a, &(0x7f0000001640)=ANY=[@ANYBLOB="49c5951fdc17ebee29ea3e90df9625bf0c4fb30b14398c57560c3725ca76de262b0280416105801b77a5e1d5ca0a5a1b120f9753a70ced265eba2c8bb40bbd86779e7f9bb1337ff94b0758deaf3a73842dd92f2414c6083f7b6749f74df85a7f126ee5bfd3ec32a1c18f71b2fb689cb4acd3f764723b50d6b0d30dd67ab49d8403d206af5ac286cdfc80aae9097abfcfdf6da35577e2dead8f51d9394989c3a74e13ac95ea4c5349c798b5270a19775dc8ee07b5b5b7f956d4de780ca6eed553c88f82666175d61d686160d2f387ae61002737c6111a2cffc46c0f1748c94bfc3f7eec19aa532ed52546effb4c01a82ddca465ab15e8da1180ae2edbb64fde2d", @ANYBLOB="731182bb6255c5f6189eca7b4320cc0c07834e0e1ba67a54b0ce2afe3a7c44e4c8808ef3667b5e0ab9711dfcbced0608b80cf9856105df027f84f720df3231ef24", @ANYBLOB="000000000000fa00b703000000010000850000000c000000b700000000000000184200000800000000000000000000008520000005000200b7080000000080007a8af8ff00000000b7080000000140007b8af0ff00000000bfa100000000ef6a68220000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC, @ANYBLOB="0000000000000000b705000052b6956e44104f4579a53427e5ac0800000085000000a5000000950000000000000018fd00000200000000000000000000008500000064000000b7080000000000007b8af8ff000000b860c874a340ff59007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8=r1], &(0x7f0000000300)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x300, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a30000000005c000000060a010400000000000000000100000008000b40000000000900010073797a300000000034000480300001800a0001"], 0xd0}}, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000000800010001"], 0x1c}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)="b1ff5cc982d34010b7cd6e11c50b9bd27a09463daa6ac6255411345692ea1f44220df660aec36c3da20cdf63882deea50aab4ae728b88be047e9c1de4d3428835edfece01a907acbebb734022a8738c0733177cf2bc7d61a3a791ad3e0972faf52b29d3476b8aff7e79275ad61b36971c0d2d8e1e242261dc50464a134b1a2e36243c3b5bb93a2e7a7087c254e0b5089100624eb5b273a62e5798cb0a4b96845ef45e0238d22062a8d5f43c3875d773c45e426dc162914e26ae112c5dfdef60f2f274ac96a6c77b37799cd03dc1c8ad69d1fcad1be379ad212ea51e0f272a3ec7bf0bdda2c7a15b3fb018cb2ce53c99b0af09b5c874cf4d79e13c7580d4ebc0669bb048863f28e8f00ea67d87e92c6fc4bc31a4a06b7344519d72e9662309dd51a02a7d295972dd1f63431968d9f5212daa47d49d85bf08190aef758e842da69375269c5f33bb0e60bb98abb2a51e8a89d7b4680185b9665d5da6254cb15392332b0e850169d90ac1374cf5346092b47f682c2f22c8cdcf98718bfa0ca4c5b50ebf8d6c53afa3830233a3e486a0d73fed67851403f72492feec1528cac329dd11f82cf149ec049e71b979ad055053dcf654f470f780f32b22dd6567401f94a94c592265a2dbdd3c5c88cfde1a6cc112231a5797e092a5040be19bde03dc2d9dc0078b42f27e168810770cd5b4c0f2073037e9a57e8148392a3063ee55ad9449fa6265189337777d7a605bb7cf51d682ac7823207343fa7328ce207029e7e9818d7fcff9b9e7ac731dc502ce7471cab17108e5614fdec649d35a6638928931f110d4608a9cf22868dd3bf764d5b09a5325bcf987546e3edf1df9f1866fa89fb99a7f945c853586b4e3344eb286067e7b42d79ed93baddc3e5bd47ca613d654d4d54ece371b699ca7f05677c48cdb8f265fb35e0ff7ec5da801ae4198c7d9290d2ddc3586bd1ba3e34e722c47c14e4f310029751fbdc75da8461356b7a6784b490810284bdc727061944a283b7276b6a0b679d74089c54db98c92c2e329248b07365f45b3511ac11f8483a3f0bec8e4ceae324640f5762444efa94207115b5550fb8e4a1277aee3f11f2e6cac543d2168a83cd0367b24859e1b8b9cb9a5beb2d9851124b9c74acf21ecb5ae5e31e29543638a1cebdd2384dda1b2d301e59ea092707cd68838f12a05f9ec25832ddf22e2a01a8a28ff5c4f925a09b18849c180f0fed6057fc68d473eddb467796f8c086475dc1444c7f879d842662da4e59fd3c02b6d54c822ae8aeb91aefde57008f7728f1d236bbcda61a5b2dfdc0648ba72229b764fbd43a2eabe639a49f44de663b2e4e244370c7681f130e4a7790924e0826c0ebe768996d22edf83088b18492ccaa1344f5b14aa4218e3204434e0483bb56043e63ae02d584fed308759840064686ebb7349aa85adc00ba9ac6ec3e895f6b6cb33902cfa04a5fe6946475775284ba5f00f31a37aca06ce7485acbbf8e66db1daa273025860d216eb69a71666c0e5e3dcb9054c7c5edb138893b22a6f80655aeecd0f59f3bba544ae9897d2e795d0ca5a124519712a54366dca8b20c2191d5515231d5066c9c9f2b5b180da10542d7911f688c3b0f07ffcfe249161590d95d445c5ce2c647b97ad45249226a04144d900de9496f8f85e4607e7907eb20a1856efa7b06de5334ed1ba34b1c6e30da7df850da42b728208b85510b9acdd9ffe22894ec97c832b65257fa72d7f77a02359fad7ea2465c53df34c391c617d2e02197f6b5ab4a152327f6ae4d1107f6e8b68ce43de174dd559fe3ec95f32bd1d9244943230654e68fc3237e17dbd131996202beaf1578a925ab94510fccfa2be306bce3bdbb413ec6e50e6b0081362999ce7991b2c384001fd74e9de82dba16df74529800a201d8bd35eb789527b1f2e2ea7a12fb2858e389b4e96b5a9e32838916f147c99e3fd723972930a2eb8422ac15a254bae41e604e5459f6f573f9ce9d94e9dcbcdd392e2ed35ab5c6673f69c711ff121a2f1b1421d4a70571a20c732b1c1af990795c10ee23a6b8b056f91a4aa32d118a71cad879d5883327e7347d3fc7de504d42162a16fcd2fde8035a54205da46ce06c1f66b6ddb43248cbd5347cb80aec30a88af4166dcf131b92568ffad2f3cdb2835264705025b612d8b82920a01b87b9781020c38f438330735966ff27488db4ea6e74fa9d0e9a0fa929d9585a4de92648839a971edb1d03945fc7d6f64bb194085f63ccf8ea52b90505f2809d0ddc40b59909fff3e0c3362934019dca2b8733a8fdddd978d0b264d4b0105d4f9db315cbc8a2426f494de1d2f1b73de816e561004be0430be083fc6179ebfdc9bfca85df6b2c81bc0bf4685cdf072ddb5f7a3183a226df665c95d86c6046be75fdd008b96ad5696cbd3182a01c6a80d1bd3f4a288c015355004e6bbc788aef9bf65fe691dd6777a531a040c9ec7754d0e746dd89521d2ae6df1b13fd9433b164ba014fa7b3d8e08b30fe54b3d0ea810cc5f436a0370fd976eb481a07b3f81469cd6ed490d687528bf470d3800893a718f1f6c970a130ab49e04e1dfe4d594927bb34247d1c25c75197807206242b0ff807cb8c6ca4d67acce16de41a663fe86eec015dde1d828ac3a63763c0fbeda90c824abeb593efa9e2df76b761fa0d25e70e4e8d888f8ca1fcf7e88d35064a73600d4cc98e75ed4dd7c05919dcfdd4bdfaccd4a0a33e11c55276e105338b13ba765b728d0ae08a03cf59f3212373be7c7f74601c325c605ccbdff2bd895f43303888f9f8609df38a52d718cfb423a580711886de8affaf997d85a23af0de249f92f0b04305f12cbbd19c271339988a0c3eada32416b880f1859ba58353675b45b177d4306bbbd4ad8890a1a06126fb069b06566d92b026337f2f9c9f1321fd9b427a57df9e68505cdbbe1c5807fe485a85693e39e09bb72c7e46c95277526db6ee949ba143e4d3027c84df4c483aa0e419e438741661bb4349dffd003baa6112db3c9f84b0438ed3af79b90f1cea1b8ec4943bc3ced5567eec6510e910c8f9346e74c338fcfc892aaf970691b60f5ea4c04a33954c280c0c28f5c4ed79a3d4cb09ac60dc00060b09afa42fe60a250bb0c7529b282714df7de4938f1c56241189a707a7091a1035d82c7d43c66e9abd92ceec9ec5c102df63d4a0b8eac16b618e97567a87296a42bb7a018204b3dcdcee5e5c758faf3172e8c6c50483f341c5656cb8df27c63c98e74d1b7312e49926d143817f8e9b4125406ab91242bdcba7ccc3db507ff994047b33ce9a59179d119991a161e8bd06e0f58d7bffe6457f531942cc46c88bfec69e0b995ac7e7ab04d270efe443541bc55f327ad8921c32bcadaa0e1ad8ac263a312f92f904b333becbdf4a102f5b379619c8204c3a18af91347fbb5eab64ff81a05f3b830f36691121f0a398405521c3dac1300a0db6e21e56ac8bd6a03923a3d8ed96d9df54b98b42b70a0a3ffa8291ceb0e607f0e2f8ce1832111051bb16bdc25d5a4af117634af898f5952f98a7b132cf140a79ccb80d1d9f1bb52c3aaf50b7232dba94e896295c5a6bf71ec63a2f95315b06b590c6965249d1ea7f7039344242bae628f7b1bd45d9ccd51183279863c640d8fd7127ca5e593d7ae02b8ecc77188389c766634b18e54ab9da7ea92e8101d6088a373c3da38941e566dae9c1b191b48f387ecf8b91c6e6f05c800cef4c39b11dad2e42f1b54a44204ffe29c84defd41a3ab9173957b3007cad89d259ba60cb320d26b1ce00453629af98ab9371d8e47854396009169ebef43f471c2b00e7298dfb61a42000b68c44dc2429233f5fa17c524856c6383ae4ffed02f566edb7eb961489b5cb677e568eba83885641486af623dafe8693ac6dd5df261294a9286e445bb91098b96d5b2e912c21d161c9d6a6c0882a5ccd68d3b0025546bb79ace81b3338bc613209bb48f725d144df39604111da9c775da5e5f911934fb719d5d2d73c4d083b644d81d5ef22b900c5e00a0646972fb9984bf8023be30af1a018d16e4a33c8f1e26f5fd1e344c164a88283dbbc66142b9cfffed194984dd288779638827a4435f749a50db79918f33d67adc4014754133437c9d2bb90246a33070216d80560e4fc33047f75418d4e8d88fb244aab374b60a2a71fe7b579a121edd7cabdd38c794ce3e486803d0eba379a41f074a7667790ef9acf99f7ea8856b9383498850404704655bdac133d26967fb1ef4a484780aab18e86e9f119a11e6195a40ed26b32054e0a1939dea8b2f3e5ab7d7bc5cb32895c069b84b2f0fc9291d4e35ca2a78108593e74ea25f81fa90f86c76fecc3fe193c13fb427ab6a0f5c540512309a9b4a96fb636b4275012157420c3efa09701d35ae2b06e96d4ebcfdaeb83d3ffa44c59b301243ceb33c115ced26656e15c244b4e677e981e7456950489396b83fd66746de97e41cecc8f14435ebe2f3437890fc31eb790df327cba7d40aa352911b36d71b2aafe495c9b82b790c97d3b5179ca47eddffe1f700f506491865c86e8dad4a2870efad0772b32d67d10498d5f1d4032d341078d2d5af3e9b7ef1fb7981cc1d50fe9cec2c037782ad472edb0be5cb870c203477e6df78762b1be15fb1648c6e1da3d1f95858b7a03dae9dd6fdc82d0c4434961550aa8991c73a6df1fe5cbe815a1e2c0add62f5b340e262bb369dfbced592b77df8ce5d694a59a5125b72a7d70cbcd7fcad1f8e85fbc632c21903c611744955dc7bcfa3a83b87c7dff38516e2e8974dd8f6835b5a681ab0cfe5b72b42d63047983a6ac6efeea069e12428f2d07965ea369635390f6459b1407fa5a0c5967fb119186e665e71b9b0b386f9cd690990eda4adff85cc484874265e2a9ff6573ee8d083bfdb45325dbfc452c33e92a19d024c0841892d43f4dec71b185dad3731ca647a2ffa2c80e008a8dc25667e63f8bda20806bc1a1adb93674cbcc548ba8ca7af22df43f7a41ad774e95bb8fbcf03845d5cdfb808387fc6a4d4676ea6e01c2f39836a77852ce97bd69e92865b54bc4876f0f4243db0de84d469676bb82e43bdaaa362ce99368a7ab30b8d92611ab053fb40523658884efe299a562dc0cf6b5bf996cf05a7e03ca369754968b6c317e740679b0dfe60133414932c1ae75ca0d26cd8cfbc78989de4eb37f64cbf3a14d2a72a24fbcf4c559f261115ccb4002d8d9590a5819d04869a5bebca4cac2901c2262a49b5a86ab0a3ba33942f7b94107a5ae35afd247485786e7b23c5d008ab0d9c1ca51cc86ba7bbc596a788251a8b1ef9817191c1c0dabd1e9d826f3c451b5ea73d6b74300873e34c216d21a869ed06a0d9c3be9024be3e24828393e0635a614d78eb0abcf44bfe8c8c860027c9cee58b5e41d5f1209e48253281b18727dfb926ac3687df56217241c872a5a39f65251b5ca032bfaca2c9fe662584bcb6cb3fe9be2ae57be0655586a8c704ae915f284adac8d85174799ebf9e16c43b74a154a4524e6f33467e13a121a255acfb592d47eaf13cd538de15327151ad74f578bbbfdfde82fd6afb592b7933b52241f182cb65778e3628f177eaa8c8ecc970e82a2aa52f3b7d534748b35fa1dbc0f58ede3df5ddf1f1202290a74f4a871802d1f970de3ea5553f35456e2596669c00404337f6d394fb68c588effe8987f18b04b1b52eca71062b722b2cc44e4805abf6347715a3c9e5e9b9376a45fed63b494781a4905f9ff6d898e48c5f1279fb2f4c3af50d54204d0ab410415fcb28a1b4dc0afdcce76f19f60f65534d802ee8c", 0x1000}, {&(0x7f0000000000)='4', 0x1}], 0x2)
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)

417.769767ms ago: executing program 3 (id=643):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r1 = epoll_create(0x7e2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x1})
bind$inet(r0, 0x0, 0x0)
sendmsg$xdp(r0, 0x0, 0x40)
getpid()
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
userfaultfd(0x801)
fanotify_init(0x200, 0x40000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6}, 0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x47f6, 0x0, 0x4, 0x0, 0x0)

0s ago: executing program 2 (id=644):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xce1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
unshare(0x8000000)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r3, 0xf0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x8, 0x0, 0x0}}, 0x34)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000740))
ioctl$KIOCSOUND(r0, 0x4b2f, 0x2)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000100)={0x6, 0x73, 0x2, 0x0, 0xb, "88bd91aa28528000000000007500000400"})
write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffff, 0x0, &(0x7f0000000040))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000ff619500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/wireless\x00')
preadv(r5, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0xff32, &(0x7f00000001c0))
sendmsg$NL802154_CMD_NEW_INTERFACE(r6, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x38, r7, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFTYPE={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
utimes(&(0x7f0000000200)='./file0\x00', 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x189900, 0x0)

0s ago: executing program 1 (id=645):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x141a82, 0x0)
sendfile(r0, r1, 0x0, 0x4)

kernel console output (not intermixed with test programs):

b 8-1: new high-speed USB device number 6 using dummy_hcd
[   92.359352][ T6101] usb 8-1: device descriptor read/8, error -71
[   92.485195][ T6718] siw: device registration error -23
[   92.896947][ T6732] bond3: Removing last arp target with arp_interval on
[   93.372819][ T6101] usb usb8-port1: unable to enumerate USB device
[   93.669893][ T6741] netlink: 'syz.3.191': attribute type 21 has an invalid length.
[   93.672778][ T6741] netlink: 132 bytes leftover after parsing attributes in process `syz.3.191'.
[   94.487494][ T6097] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   94.650548][ T6097] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.654207][ T6097] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   94.657339][ T6097] usb 8-1: New USB device found, idVendor=413c, idProduct=8196, bcdDevice=1f.e0
[   94.660476][ T6097] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.666806][ T6742] [U] ÿ
[   94.669219][ T6097] usb 8-1: config 0 descriptor??
[   94.767513][  T916] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   94.877213][ T6097] usb 8-1: USB disconnect, device number 7
[   94.897523][  T916] usb 5-1: device descriptor read/64, error -71
[   94.987140][ T6771] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[   95.217465][  T916] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   95.347492][  T916] usb 5-1: device descriptor read/64, error -71
[   95.457900][  T916] usb usb5-port1: attempt power cycle
[   95.611606][ T6779] siw: device registration error -23
[   96.568809][  T916] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   96.888969][  T916] usb 5-1: device descriptor read/8, error -71
[   97.531832][ T6855] FAULT_INJECTION: forcing a failure.
[   97.531832][ T6855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.536249][ T6855] CPU: 0 UID: 0 PID: 6855 Comm: syz.0.208 Not tainted syzkaller #0 PREEMPT(full) 
[   97.536264][ T6855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.536270][ T6855] Call Trace:
[   97.536275][ T6855]  <TASK>
[   97.536279][ T6855]  dump_stack_lvl+0x16c/0x1f0
[   97.536300][ T6855]  should_fail_ex+0x512/0x640
[   97.536315][ T6855]  copy_fpstate_to_sigframe+0x827/0xad0
[   97.536334][ T6855]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[   97.536353][ T6855]  ? collect_signal+0x263/0x540
[   97.536364][ T6855]  ? x86_task_fpu+0x5f/0x90
[   97.536378][ T6855]  get_sigframe+0x4a8/0x9c0
[   97.536395][ T6855]  ? __pfx_get_sigframe+0x10/0x10
[   97.536410][ T6855]  ? _raw_spin_unlock_irq+0x23/0x50
[   97.536425][ T6855]  ? siginfo_layout+0x177/0x290
[   97.536440][ T6855]  ia32_setup_rt_frame+0xe4/0xb30
[   97.536452][ T6855]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[   97.536468][ T6855]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[   97.536480][ T6855]  ? kill_pid_info_type+0xea/0x2a0
[   97.536497][ T6855]  arch_do_signal_or_restart+0x475/0x7a0
[   97.536513][ T6855]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   97.536531][ T6855]  ? __pfx___ia32_compat_sys_rt_sigqueueinfo+0x10/0x10
[   97.536549][ T6855]  ? fput+0x70/0xf0
[   97.536562][ T6855]  exit_to_user_mode_loop+0x8c/0x540
[   97.536577][ T6855]  __do_fast_syscall_32+0x4a4/0x680
[   97.536596][ T6855]  do_fast_syscall_32+0x32/0x80
[   97.536606][ T6855]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.536619][ T6855] RIP: 0023:0xf7f73579
[   97.536649][ T6855] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.536676][ T6855] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b2
[   97.536688][ T6855] RAX: 0000000000000000 RBX: 00000000000000aa RCX: 0000000000000021
[   97.536694][ T6855] RDX: 0000000080001840 RSI: 0000000000000000 RDI: 0000000000000000
[   97.536700][ T6855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.536706][ T6855] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.536712][ T6855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.536725][ T6855]  </TASK>
[   98.460777][ T6865] netlink: 52 bytes leftover after parsing attributes in process `syz.2.211'.
[   98.646345][ T6871] bond2: Removing last arp target with arp_interval on
[   98.945558][ T6880] siw: device registration error -23
[   99.528711][  T829] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   99.736559][ T6889] siw: device registration error -23
[   99.757614][  T829] usb 7-1: device descriptor read/64, error -71
[   99.997602][  T829] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  100.130008][ T6879] /dev/sr0: Can't open blockdev
[  100.137703][  T829] usb 7-1: device descriptor read/64, error -71
[  100.248390][  T829] usb usb7-port1: attempt power cycle
[  100.597457][  T829] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  100.617951][  T829] usb 7-1: device descriptor read/8, error -71
[  100.857443][  T829] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  100.888168][  T829] usb 7-1: device descriptor read/8, error -71
[  100.997764][  T829] usb usb7-port1: unable to enumerate USB device
[  101.455163][ T6895] [U] ÿ
[  102.092053][ T6917] batman_adv: batadv0: Adding interface: gretap1
[  102.094785][ T6917] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.138838][ T6917] batman_adv: batadv0: Interface activated: gretap1
[  102.202544][ T6918] bond3: Removing last arp target with arp_interval on
[  102.495888][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  102.495899][   T40] audit: type=1326 audit(1766489862.435:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.510801][   T40] audit: type=1326 audit(1766489862.445:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.521766][   T40] audit: type=1326 audit(1766489862.445:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.528820][   T40] audit: type=1326 audit(1766489862.455:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.537829][   T40] audit: type=1326 audit(1766489862.455:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.545971][   T40] audit: type=1326 audit(1766489862.455:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.552937][   T40] audit: type=1326 audit(1766489862.455:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.561113][   T40] audit: type=1326 audit(1766489862.455:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.571291][   T40] audit: type=1326 audit(1766489862.455:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  102.578384][   T40] audit: type=1326 audit(1766489862.455:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.1.227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  103.087498][ T1333] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  103.231309][ T6939] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  103.233594][ T6939] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  103.246684][ T6939] vhci_hcd vhci_hcd.0: Device attached
[  103.251265][ T1333] usb 5-1: not running at top speed; connect to a high speed hub
[  103.257119][ T1333] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 1600, setting to 64
[  103.262078][ T1333] usb 5-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  103.262710][ T6939] netlink: 8 bytes leftover after parsing attributes in process `syz.2.234'.
[  103.267177][ T1333] usb 5-1: config 1 interface 0 has no altsetting 0
[  103.287840][ T6944] input: syz1 as /devices/virtual/input/input10
[  103.323368][ T6939] netlink: 28 bytes leftover after parsing attributes in process `syz.2.234'.
[  103.367008][ T1333] usb 5-1: New USB device found, idVendor=18d1, idProduct=5044, bcdDevice= 0.40
[  103.370434][ T1333] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.373201][ T1333] usb 5-1: Product: “�ภ嘄ง垢�䚥�츋똟㎱묛쮛넧⼙೗摤�т챑벎쿲梤�翔涎뾵ꉴ찉⪟먛鷠쥻覜겼몞៑徰臤삩즂�趞
[  103.379124][ T1333] usb 5-1: Manufacturer: ᠌
[  103.380731][ T1333] usb 5-1: SerialNumber: 鴠��࿆��楡킜嬢����⴯帘⩺Ῐ㚺疵놋꒡పꨆᔯ�
[  103.386677][ T6933] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  103.427500][ T6097] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  103.489515][ T6097] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  103.642607][ T1333] usbhid 5-1:1.0: can't add hid device: -71
[  103.645088][ T1333] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  103.652599][ T1333] usb 5-1: USB disconnect, device number 6
[  104.005582][ T6959] bond4: Removing last arp target with arp_interval on
[  105.289237][ T6986] FAULT_INJECTION: forcing a failure.
[  105.289237][ T6986] name failslab, interval 1, probability 0, space 0, times 0
[  105.294020][ T6986] CPU: 1 UID: 0 PID: 6986 Comm: syz.3.247 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  105.294045][ T6986] Tainted: [L]=SOFTLOCKUP
[  105.294051][ T6986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.294061][ T6986] Call Trace:
[  105.294067][ T6986]  <TASK>
[  105.294073][ T6986]  dump_stack_lvl+0x16c/0x1f0
[  105.294102][ T6986]  should_fail_ex+0x512/0x640
[  105.294121][ T6986]  ? __kvmalloc_node_noprof+0x129/0xa40
[  105.294146][ T6986]  should_failslab+0xc2/0x120
[  105.294171][ T6986]  __kvmalloc_node_noprof+0x14a/0xa40
[  105.294195][ T6986]  ? v4l2_event_subscribe+0x9c/0x780
[  105.294218][ T6986]  ? v4l2_event_subscribe+0x9c/0x780
[  105.294233][ T6986]  v4l2_event_subscribe+0x9c/0x780
[  105.294252][ T6986]  v4l2_ctrl_subscribe_event+0x68/0xa0
[  105.294272][ T6986]  vidioc_subscribe_event+0xf6/0x130
[  105.294297][ T6986]  __video_do_ioctl+0xb77/0xf00
[  105.294324][ T6986]  ? __might_fault+0xe3/0x190
[  105.294343][ T6986]  ? __pfx___video_do_ioctl+0x10/0x10
[  105.294373][ T6986]  video_usercopy+0x47f/0x13e0
[  105.294398][ T6986]  ? __pfx___video_do_ioctl+0x10/0x10
[  105.294421][ T6986]  ? __pfx_video_usercopy+0x10/0x10
[  105.294453][ T6986]  ? hook_file_ioctl_common+0x144/0x410
[  105.294478][ T6986]  v4l2_ioctl+0x1bd/0x250
[  105.294497][ T6986]  ? __pfx_fput+0x1/0x10
[  105.294516][ T6986]  v4l2_compat_ioctl32+0x217/0x2e0
[  105.294535][ T6986]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  105.294556][ T6986]  __ia32_compat_sys_ioctl+0x242/0x370
[  105.294580][ T6986]  __do_fast_syscall_32+0xe8/0x680
[  105.294608][ T6986]  do_fast_syscall_32+0x32/0x80
[  105.294623][ T6986]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  105.294643][ T6986] RIP: 0023:0xf708d579
[  105.294662][ T6986] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  105.294678][ T6986] RSP: 002b:00000000f545c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  105.294694][ T6986] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004020565a
[  105.294705][ T6986] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  105.294714][ T6986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  105.294723][ T6986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  105.294733][ T6986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  105.294755][ T6986]  </TASK>
[  105.756344][ T6999] bond4: Removing last arp target with arp_interval on
[  107.737533][ T6022] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  107.897515][ T6022] usb 7-1: Using ep0 maxpacket: 8
[  107.902451][ T6022] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  107.905895][ T6022] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  107.909234][ T6022] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  107.912500][ T6022] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  107.915801][ T6022] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  107.920250][ T6022] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  107.924258][ T6022] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.136016][ T6022] usb 7-1: usb_control_msg returned -32
[  108.137956][ T6022] usbtmc 7-1:16.0: can't read capabilities
[  108.476671][ T7043] FAULT_INJECTION: forcing a failure.
[  108.476671][ T7043] name failslab, interval 1, probability 0, space 0, times 0
[  108.481166][ T7043] CPU: 0 UID: 0 PID: 7043 Comm: syz.0.265 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  108.481183][ T7043] Tainted: [L]=SOFTLOCKUP
[  108.481186][ T7043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.481193][ T7043] Call Trace:
[  108.481197][ T7043]  <TASK>
[  108.481202][ T7043]  dump_stack_lvl+0x16c/0x1f0
[  108.481222][ T7043]  should_fail_ex+0x512/0x640
[  108.481238][ T7043]  ? __kvmalloc_node_noprof+0x129/0xa40
[  108.481262][ T7043]  should_failslab+0xc2/0x120
[  108.481284][ T7043]  __kvmalloc_node_noprof+0x14a/0xa40
[  108.481306][ T7043]  ? simple_xattr_alloc+0x46/0xa0
[  108.481328][ T7043]  ? simple_xattr_alloc+0x46/0xa0
[  108.481341][ T7043]  simple_xattr_alloc+0x46/0xa0
[  108.481356][ T7043]  simple_xattr_set+0x3d/0x3e0
[  108.481372][ T7043]  shmem_xattr_handler_set+0x31b/0x3b0
[  108.481395][ T7043]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[  108.481436][ T7043]  __vfs_setxattr+0x175/0x1e0
[  108.481459][ T7043]  ? __pfx___vfs_setxattr+0x10/0x10
[  108.481477][ T7043]  ? __pfx_make_vfsgid+0x10/0x10
[  108.481502][ T7043]  __vfs_setxattr_noperm+0x127/0x660
[  108.481531][ T7043]  __vfs_setxattr_locked+0x17d/0x250
[  108.481562][ T7043]  vfs_setxattr+0x145/0x350
[  108.481593][ T7043]  ? __pfx_vfs_setxattr+0x10/0x10
[  108.481618][ T7043]  ? mnt_get_write_access+0x52/0x2f0
[  108.481637][ T7043]  ? mnt_get_write_access+0x52/0x2f0
[  108.481668][ T7043]  do_setxattr+0x145/0x180
[  108.481695][ T7043]  filename_setxattr+0x16b/0x1d0
[  108.481722][ T7043]  ? __pfx_filename_setxattr+0x10/0x10
[  108.481747][ T7043]  ? getname_flags.part.0+0x1c5/0x550
[  108.481771][ T7043]  path_setxattrat+0x1de/0x2a0
[  108.481792][ T7043]  ? __pfx_path_setxattrat+0x10/0x10
[  108.481817][ T7043]  ? ksys_write+0x190/0x250
[  108.481854][ T7043]  ? fput+0x70/0xf0
[  108.481867][ T7043]  ? ksys_write+0x1ac/0x250
[  108.481887][ T7043]  ? __pfx_ksys_write+0x10/0x10
[  108.481911][ T7043]  __ia32_sys_lsetxattr+0xc7/0x140
[  108.481933][ T7043]  ? __do_fast_syscall_32+0x9a/0x680
[  108.481957][ T7043]  ? lockdep_hardirqs_on+0x7c/0x110
[  108.481979][ T7043]  __do_fast_syscall_32+0xe8/0x680
[  108.482005][ T7043]  do_fast_syscall_32+0x32/0x80
[  108.482021][ T7043]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.482042][ T7043] RIP: 0023:0xf7f73579
[  108.482055][ T7043] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.482069][ T7043] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 00000000000000e3
[  108.482083][ T7043] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 00000000800000c0
[  108.482092][ T7043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  108.482099][ T7043] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.482107][ T7043] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.482115][ T7043] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.482135][ T7043]  </TASK>
[  108.693307][ T6022] usb 7-1: USB disconnect, device number 8
[  109.225148][ T7052] netlink: 12 bytes leftover after parsing attributes in process `syz.3.268'.
[  109.237627][ T5942] Bluetooth: hci1: command tx timeout
[  109.420697][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  109.420707][   T40] audit: type=1326 audit(1766489869.365:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7058 comm="syz.2.270" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0
[  109.501080][  T829] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  109.501364][ T7060] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  109.510740][   T40] audit: type=1326 audit(1766489869.455:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7051 comm="syz.3.268" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0
[  109.660976][  T829] usb 5-1: config 0 has an invalid interface number: 249 but max is 0
[  109.667760][  T829] usb 5-1: config 0 has no interface number 0
[  109.674369][  T829] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=be.87
[  109.677332][  T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.688960][  T829] usb 5-1: config 0 descriptor??
[  109.693995][  T829] port100 5-1:0.249: NFC: Could not find bulk-in or bulk-out endpoint
[  109.959221][  T829] usb 5-1: USB disconnect, device number 7
[  110.316918][ T7076] usb usb8: usbfs: process 7076 (syz.2.276) did not claim interface 0 before use
[  110.415191][ T7081] input: syz0 as /devices/virtual/input/input11
[  110.478116][ T7080] /dev/sr0: Can't open blockdev
[  110.997513][ T5991] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  111.147465][ T5991] usb 6-1: Using ep0 maxpacket: 8
[  111.150687][ T5991] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  111.153526][ T5991] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  111.156904][ T5991] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  111.160758][ T5991] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  111.164141][ T5991] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  111.168995][ T5991] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  111.172029][ T5991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.377152][ T7096] netlink: 12 bytes leftover after parsing attributes in process `syz.0.284'.
[  111.388531][ T5991] usb 6-1: usb_control_msg returned -32
[  111.390441][ T5991] usbtmc 6-1:16.0: can't read capabilities
[  111.393647][ T7094] bond5: entered promiscuous mode
[  111.410346][ T7094] bridge0: port 3(syz_tun) entered blocking state
[  111.412951][ T7094] bridge0: port 3(syz_tun) entered disabled state
[  111.415282][ T7094] syz_tun: entered allmulticast mode
[  111.418046][ T7094] syz_tun: entered promiscuous mode
[  111.423478][ T7094] netlink: 'syz.2.283': attribute type 10 has an invalid length.
[  111.426647][ T7094] bridge0: port 3(syz_tun) entered blocking state
[  111.428920][ T7094] bridge0: port 3(syz_tun) entered listening state
[  111.431700][ T7094] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.434045][ T7094] bridge0: port 2(bridge_slave_1) entered listening state
[  111.436419][ T7094] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.438787][ T7094] bridge0: port 1(bridge_slave_0) entered listening state
[  111.442917][ T7094] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  111.452640][ T7094] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28
[  111.481189][ T7098] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  111.536225][ T7094] infiniband syz1: set active
[  111.538062][ T7094] infiniband syz1: added syz_tun
[  111.543291][   T40] audit: type=1326 audit(1766489871.485:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7095 comm="syz.0.284" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f73579 code=0x0
[  111.561172][ T7094] RDS/IB: syz1: added
[  111.562912][ T7094] smc: adding ib device syz1 with port count 1
[  111.565143][ T7094] smc:    ib device syz1 port 1 has no pnetid
[  111.951011][ T5991] usb 6-1: USB disconnect, device number 3
[  112.207446][ T7106] nbd2: detected capacity change from 0 to 63
[  112.210448][ T7107] block nbd2: NBD_DISCONNECT
[  112.212270][ T7107] block nbd2: Disconnected due to user request.
[  112.214508][ T7107] block nbd2: shutting down sockets
[  112.218532][   T11] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 4 prio class 2
[  112.222544][   T11] Buffer I/O error on dev nbd2, logical block 0, async page read
[  112.225700][   T11] Buffer I/O error on dev nbd2, logical block 1, async page read
[  112.228699][   T11] Buffer I/O error on dev nbd2, logical block 2, async page read
[  112.231317][   T11] Buffer I/O error on dev nbd2, logical block 3, async page read
[  112.234853][ T5948] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.238727][ T5948] Buffer I/O error on dev nbd2, logical block 0, async page read
[  112.241410][ T5948] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.244969][ T5948] Buffer I/O error on dev nbd2, logical block 1, async page read
[  112.248402][ T5948] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.251594][ T5948] Buffer I/O error on dev nbd2, logical block 2, async page read
[  112.254271][ T5948] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.257365][ T5948] Buffer I/O error on dev nbd2, logical block 3, async page read
[  112.260026][ T5948] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.263297][ T5948] Buffer I/O error on dev nbd2, logical block 0, async page read
[  112.266090][ T5948] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.270363][ T5948] Buffer I/O error on dev nbd2, logical block 1, async page read
[  112.273735][ T5948] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.365393][ T5948] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.368608][ T5948] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  112.371901][ T5948] ldm_validate_partition_table(): Disk read failed.
[  112.374459][ T5948] Dev nbd2: unable to read RDB block 0
[  112.376556][ T5948]  nbd2: unable to read partition table
[  112.383056][ T5948] ldm_validate_partition_table(): Disk read failed.
[  112.386191][ T5948] Dev nbd2: unable to read RDB block 0
[  112.390382][ T5948]  nbd2: unable to read partition table
[  112.486510][ T7114] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  112.488720][ T7114] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  112.492048][ T7114] vhci_hcd vhci_hcd.0: Device attached
[  112.498654][ T7114] wg2 speed is unknown, defaulting to 1000
[  112.504462][ T7114] wg2 speed is unknown, defaulting to 1000
[  112.507820][ T7114] wg2 speed is unknown, defaulting to 1000
[  112.683452][ T7117] xt_NFQUEUE: number of total queues is 0
[  112.749330][ T7124] overlayfs: missing 'lowerdir'
[  112.818915][ T7114] infiniband syz2: set active
[  112.820609][  T947] wg2 speed is unknown, defaulting to 1000
[  112.822732][ T7114] infiniband syz2: added wg2
[  112.844275][ T7114] RDS/IB: syz2: added
[  112.846743][ T7114] smc: adding ib device syz2 with port count 1
[  112.848928][ T7114] smc:    ib device syz2 port 1 has no pnetid
[  112.851049][  T947] wg2 speed is unknown, defaulting to 1000
[  112.853701][ T7114] wg2 speed is unknown, defaulting to 1000
[  112.954086][ T7114] wg2 speed is unknown, defaulting to 1000
[  112.987543][   T34] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  113.055675][ T7114] wg2 speed is unknown, defaulting to 1000
[  113.123409][ T7115] vhci_hcd: connection closed
[  113.123676][ T6812] vhci_hcd vhci_hcd.2: stop threads
[  113.128926][ T6812] vhci_hcd vhci_hcd.2: release socket
[  113.137632][ T6812] vhci_hcd vhci_hcd.2: disconnect device
[  113.157477][   T34] usb 5-1: Using ep0 maxpacket: 8
[  113.160564][   T34] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  113.164277][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.180210][   T34] pvrusb2: Hardware description: Terratec Grabster AV400
[  113.182577][   T34] pvrusb2: **********
[  113.184194][   T34] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  113.188384][   T34] pvrusb2: Important functionality might not be entirely working.
[  113.190985][   T34] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  113.194908][   T34] pvrusb2: **********
[  113.197510][ T7114] wg2 speed is unknown, defaulting to 1000
[  113.381158][ T2484] pvrusb2: Invalid write control endpoint
[  113.420263][ T2484] pvrusb2: Invalid write control endpoint
[  113.422225][ T2484] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  113.425182][ T2484] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  113.437617][ T2484] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  113.447452][ T2484] pvrusb2: Device being rendered inoperable
[  113.450965][ T2484] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  113.453275][ T2484] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  113.457346][ T2484] pvrusb2: Attached sub-driver cx25840
[  113.502331][ T2484] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  113.505745][ T2484] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  113.580909][ T7117] pvrusb2: Attempted to execute control transfer when device not ok
[  113.729428][ T7140] Bluetooth: MGMT ver 1.23
[  115.481897][ T6076] usb 5-1: USB disconnect, device number 8
[  119.488269][   T35] block nbd0: Possible stuck request ffff888026550000: control (read@0,1024B). Runtime 30 seconds
[  119.493695][   T35] block nbd0: Possible stuck request ffff888026550200: control (read@1024,1024B). Runtime 30 seconds
[  119.497299][   T35] block nbd0: Possible stuck request ffff888026550400: control (read@2048,1024B). Runtime 30 seconds
[  119.502019][   T35] block nbd0: Possible stuck request ffff888026550600: control (read@3072,1024B). Runtime 30 seconds
[  126.518502][    C0] bridge0: port 1(bridge_slave_0) entered learning state
[  126.521636][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  126.524129][    C0] bridge0: port 3(syz_tun) entered learning state
[  137.399589][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  137.402452][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  138.753308][ T7151] netlink: 10 bytes leftover after parsing attributes in process `syz.3.299'.
[  138.756090][ T7152] netlink: 52 bytes leftover after parsing attributes in process `syz.2.298'.
[  138.940299][ T7155] netlink: 4 bytes leftover after parsing attributes in process `syz.2.298'.
[  139.537519][ T7164] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  139.539768][ T7164] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  139.542613][ T7164] vhci_hcd vhci_hcd.0: Device attached
[  139.629692][ T7153] syz.3.299 (7153) used greatest stack depth: 17560 bytes left
[  139.639246][ T7155] syz_tun: left allmulticast mode
[  139.641117][ T7155] syz_tun: left promiscuous mode
[  139.643174][ T7165] vhci_hcd: connection closed
[  139.644375][ T6812] vhci_hcd vhci_hcd.1: stop threads
[  139.647850][ T6812] vhci_hcd vhci_hcd.1: release socket
[  139.649752][ T6812] vhci_hcd vhci_hcd.1: disconnect device
[  139.654548][ T7168] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20000
[  139.663340][ T7155] bridge0: port 3(syz_tun) entered disabled state
[  139.778007][ T7155] bridge_slave_1: left allmulticast mode
[  139.779937][ T7155] bridge_slave_1: left promiscuous mode
[  139.787570][ T7155] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.791121][ T7155] bridge_slave_0: left allmulticast mode
[  139.793033][ T7155] bridge_slave_0: left promiscuous mode
[  139.795080][ T7155] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.882999][ T7160] input: syz1 as /devices/virtual/input/input12
[  139.898181][ T7155] bond0: (slave bridge0): Releasing backup interface
[  140.585405][ T7152] Set syz1 is full, maxelem 65536 reached
[  141.216501][ T7185] netlink: 'syz.0.305': attribute type 13 has an invalid length.
[  141.536413][ T7185] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  141.971714][ T7193] bond2: Removing last arp target with arp_interval on
[  142.125529][ T7200] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  142.127698][ T7200] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  142.130619][ T7200] vhci_hcd vhci_hcd.0: Device attached
[  142.159967][ T7198] syz_tun: refused to change device tx_queue_len
[  142.171337][ T7200] ªªªªªª: renamed from lo (while UP)
[  142.207703][ T7200] tmpfs: Unknown parameter 'Íè98'
[  142.271092][   T57] IPVS: starting estimator thread 0...
[  142.387537][ T7209] IPVS: using max 44 ests per chain, 105600 per kthread
[  142.407619][  T947] usb 40-1: SetAddress Request (6) to port 0
[  142.409653][  T947] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[  142.447446][   T29] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  142.597444][   T29] usb 6-1: Using ep0 maxpacket: 8
[  142.611425][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  142.611495][   T29] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  142.611553][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.636527][   T29] usb 6-1: config 0 descriptor??
[  142.919621][ T7229] bond6: Removing last arp target with arp_interval on
[  142.930200][   T29] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  143.770874][ T7242] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  143.773141][ T7242] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  143.776166][ T7242] vhci_hcd vhci_hcd.0: Device attached
[  144.047531][ T6801] usb 38-1: SetAddress Request (6) to port 0
[  144.050363][ T6801] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[  144.348096][ T7243] vhci_hcd: connection reset by peer
[  144.350767][ T1223] vhci_hcd vhci_hcd.0: stop threads
[  144.352579][ T1223] vhci_hcd vhci_hcd.0: release socket
[  144.354465][ T1223] vhci_hcd vhci_hcd.0: disconnect device
[  144.656666][ T1333] usb 6-1: USB disconnect, device number 4
[  144.660514][ T7201] vhci_hcd: connection reset by peer
[  144.663100][ T6139] vhci_hcd vhci_hcd.1: stop threads
[  144.665750][ T6139] vhci_hcd vhci_hcd.1: release socket
[  144.668492][ T6139] vhci_hcd vhci_hcd.1: disconnect device
[  144.877630][   T40] audit: type=1326 audit(2000000002.590:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7255 comm="syz.2.323" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0
[  145.029657][ T7253] wg2 speed is unknown, defaulting to 1000
[  145.677472][  T829] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  145.847496][  T829] usb 5-1: Using ep0 maxpacket: 8
[  145.850839][  T829] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  145.854410][  T829] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  145.858732][  T829] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  145.862820][  T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  145.866516][  T829] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  145.872248][  T829] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  145.875873][  T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.883241][  T829] usbtmc 5-1:16.0: bulk endpoints not found
[  146.513101][ T7285] mmap: syz.2.332 (7285): VmData 25751552 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  146.694521][ T7289] /dev/sr0: Can't open blockdev
[  147.478495][  T947] usb 40-1: device descriptor read/8, error -110
[  147.867871][  T947] usb usb40-port1: attempt power cycle
[  147.962112][ T6814] Bluetooth: (null): Invalid header checksum
[  148.407557][ T7144] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  148.453937][   T57] usb 5-1: USB disconnect, device number 9
[  148.567518][ T7144] usb 8-1: Using ep0 maxpacket: 32
[  148.572870][ T7144] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  148.576561][ T7144] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  148.581119][ T7144] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  148.584164][ T7144] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  148.587743][ T7144] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  148.590854][ T7144] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  148.595023][ T7144] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  148.598226][ T7144] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.603283][ T7144] usb 8-1: config 0 descriptor??
[  148.699596][ T7317] fuse: Unknown parameter ''
[  148.749121][ T6139] Bluetooth: (null): Invalid header checksum
[  148.755065][ T6139] Bluetooth: (null): Invalid header checksum
[  148.760839][ T6139] Bluetooth: (null): Invalid header checksum
[  148.763002][ T6139] Bluetooth: (null): Invalid header checksum
[  148.768439][ T6139] Bluetooth: (null): Invalid header checksum
[  148.770484][ T6139] Bluetooth: (null): Invalid header checksum
[  148.833560][ T7144] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  149.036224][ T7144] usb 8-1: USB disconnect, device number 8
[  149.040835][ T7144] usblp0: removed
[  149.090616][ T6801] usb 38-1: device descriptor read/8, error -110
[  149.113254][  T947] usb usb40-port1: unable to enumerate USB device
[  149.488534][ T7326] x_tables: duplicate underflow at hook 1
[  149.489327][ T6801] usb usb38-port1: attempt power cycle
[  149.571766][   T35] block nbd0: Possible stuck request ffff888026550000: control (read@0,1024B). Runtime 60 seconds
[  149.576274][   T35] block nbd0: Possible stuck request ffff888026550200: control (read@1024,1024B). Runtime 60 seconds
[  149.580860][   T35] block nbd0: Possible stuck request ffff888026550400: control (read@2048,1024B). Runtime 60 seconds
[  149.585479][   T35] block nbd0: Possible stuck request ffff888026550600: control (read@3072,1024B). Runtime 60 seconds
[  149.970985][ T7337] tipc: Started in network mode
[  149.973009][ T7337] tipc: Node identity ac1414aa, cluster identity 4711
[  149.976189][ T7337] tipc: Enabled bearer <udp:syz2>, priority 10
[  150.297870][ T6801] usb usb38-port1: unable to enumerate USB device
[  150.548889][ T7350] netlink: 316 bytes leftover after parsing attributes in process `syz.1.351'.
[  150.557599][ T5991] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  150.747546][ T5991] usb 5-1: Using ep0 maxpacket: 8
[  150.750435][ T5991] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  150.753095][ T5991] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  150.756406][ T5991] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  150.759690][ T5991] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  150.762841][ T5991] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  150.767016][ T5991] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  150.770027][ T5991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.775847][ T5991] usbtmc 5-1:16.0: bulk endpoints not found
[  150.873303][ T7358] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  150.875545][ T7358] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  150.879082][ T7358] vhci_hcd vhci_hcd.0: Device attached
[  151.098829][ T5991] tipc: Node number set to 2886997162
[  151.496823][ T7359] vhci_hcd: connection closed
[  151.497356][ T6828] vhci_hcd vhci_hcd.2: stop threads
[  151.501558][ T6828] vhci_hcd vhci_hcd.2: release socket
[  151.504006][ T6828] vhci_hcd vhci_hcd.2: disconnect device
[  152.769099][ T7376] /dev/sr0: Can't open blockdev
[  152.868183][ T7383] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  152.870875][ T7383] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  152.874276][ T7383] vhci_hcd vhci_hcd.0: Device attached
[  152.877981][ T7383] sg_write: process 317 (syz.1.359) changed security contexts after opening file descriptor, this is not allowed.
[  153.137471][ T6801] usb 40-1: SetAddress Request (10) to port 0
[  153.139604][ T6801] usb 40-1: new SuperSpeed USB device number 10 using vhci_hcd
[  153.207960][ T7387] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  153.211948][ T7387] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  153.220119][ T7387] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  153.226486][ T7387] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  153.229475][ T7387] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  153.233927][ T7387] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  153.238878][ T7387] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  153.242688][ T7387] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  153.247293][ T7387] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  153.367054][   T57] usb 5-1: USB disconnect, device number 10
[  153.410093][ T7394] FAULT_INJECTION: forcing a failure.
[  153.410093][ T7394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.415651][ T7394] CPU: 0 UID: 0 PID: 7394 Comm: syz.0.362 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  153.415679][ T7394] Tainted: [L]=SOFTLOCKUP
[  153.415685][ T7394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.415696][ T7394] Call Trace:
[  153.415702][ T7394]  <TASK>
[  153.415710][ T7394]  dump_stack_lvl+0x16c/0x1f0
[  153.415761][ T7394]  should_fail_ex+0x512/0x640
[  153.415792][ T7394]  _copy_to_user+0x32/0xd0
[  153.415814][ T7394]  simple_read_from_buffer+0xcb/0x170
[  153.415842][ T7394]  proc_fail_nth_read+0x197/0x240
[  153.415873][ T7394]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.415903][ T7394]  ? rw_verify_area+0xcf/0x6c0
[  153.415925][ T7394]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.415954][ T7394]  vfs_read+0x1e4/0xcf0
[  153.415980][ T7394]  ? __pfx___mutex_lock+0x10/0x10
[  153.416010][ T7394]  ? __pfx_vfs_read+0x10/0x10
[  153.416048][ T7394]  ? find_held_lock+0x2b/0x80
[  153.416085][ T7394]  ? __fget_files+0x20e/0x3c0
[  153.416117][ T7394]  ksys_read+0x12a/0x250
[  153.416143][ T7394]  ? __pfx_ksys_read+0x10/0x10
[  153.416167][ T7394]  ? fput+0x70/0xf0
[  153.416190][ T7394]  __do_fast_syscall_32+0xe8/0x680
[  153.416222][ T7394]  do_fast_syscall_32+0x32/0x80
[  153.416239][ T7394]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.416261][ T7394] RIP: 0023:0xf7f73579
[  153.416276][ T7394] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.416292][ T7394] RSP: 002b:00000000f5466590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  153.416309][ T7394] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5466620
[  153.416320][ T7394] RDX: 000000000000000f RSI: 00000000f7406ff4 RDI: 0000000000000000
[  153.416330][ T7394] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  153.416340][ T7394] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  153.416350][ T7394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.416374][ T7394]  </TASK>
[  153.515178][ T7395] FAULT_INJECTION: forcing a failure.
[  153.515178][ T7395] name failslab, interval 1, probability 0, space 0, times 0
[  153.519719][ T7395] CPU: 1 UID: 0 PID: 7395 Comm: syz.2.361 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  153.519748][ T7395] Tainted: [L]=SOFTLOCKUP
[  153.519752][ T7395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.519758][ T7395] Call Trace:
[  153.519763][ T7395]  <TASK>
[  153.519767][ T7395]  dump_stack_lvl+0x16c/0x1f0
[  153.519787][ T7395]  should_fail_ex+0x512/0x640
[  153.519800][ T7395]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  153.519815][ T7395]  should_failslab+0xc2/0x120
[  153.519832][ T7395]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  153.519845][ T7395]  ? sock_alloc_inode+0x25/0x1c0
[  153.519864][ T7395]  ? __pfx_sock_alloc_inode+0x10/0x10
[  153.519880][ T7395]  ? sock_alloc_inode+0x25/0x1c0
[  153.519895][ T7395]  sock_alloc_inode+0x25/0x1c0
[  153.519910][ T7395]  alloc_inode+0x64/0x240
[  153.519923][ T7395]  sock_alloc+0x40/0x280
[  153.519938][ T7395]  do_accept+0xf7/0x530
[  153.519949][ T7395]  ? do_raw_spin_lock+0x12c/0x2b0
[  153.519962][ T7395]  ? __pfx_do_accept+0x10/0x10
[  153.519982][ T7395]  io_accept+0x259/0x950
[  153.520002][ T7395]  ? __pfx_io_accept+0x10/0x10
[  153.520023][ T7395]  __io_issue_sqe+0xe8/0x7c0
[  153.520035][ T7395]  io_issue_sqe+0x85/0x1410
[  153.520051][ T7395]  io_submit_sqes+0xb24/0x28e0
[  153.520072][ T7395]  __do_sys_io_uring_enter+0xd6b/0x1630
[  153.520090][ T7395]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  153.520104][ T7395]  ? __pfx___schedule+0x10/0x10
[  153.520120][ T7395]  ? fput+0x70/0xf0
[  153.520132][ T7395]  ? rcu_is_watching+0x12/0xc0
[  153.520151][ T7395]  __do_fast_syscall_32+0xe8/0x680
[  153.520169][ T7395]  do_fast_syscall_32+0x32/0x80
[  153.520179][ T7395]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.520193][ T7395] RIP: 0023:0xf703d579
[  153.520201][ T7395] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.520211][ T7395] RSP: 002b:00000000f53eb55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  153.520222][ T7395] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000003516
[  153.520229][ T7395] RDX: 0000000000003e44 RSI: 0000000000000008 RDI: 0000000000000000
[  153.520235][ T7395] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.520241][ T7395] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.520247][ T7395] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.520260][ T7395]  </TASK>
[  153.631294][ T7384] vhci_hcd: connection reset by peer
[  153.634039][ T6830] vhci_hcd vhci_hcd.1: stop threads
[  153.635760][ T6830] vhci_hcd vhci_hcd.1: release socket
[  153.638099][ T6830] vhci_hcd vhci_hcd.1: disconnect device
[  153.709442][ T7399] siw: device registration error -23
[  153.720848][ T7399] wireguard0: entered promiscuous mode
[  153.722641][ T7399] wireguard0: entered allmulticast mode
[  154.679714][ T7420] netlink: 36 bytes leftover after parsing attributes in process `syz.1.368'.
[  154.995091][ T7429] loop6: detected capacity change from 0 to 2560
[  154.998665][ T7429] buffer_io_error: 138 callbacks suppressed
[  154.998675][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.003266][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.005816][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.008928][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.011579][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.014292][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.016885][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.019564][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.022180][ T7429] ldm_validate_partition_table(): Disk read failed.
[  155.024429][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.027073][ T7429] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.029989][ T7429] Dev loop6: unable to read RDB block 0
[  155.032417][ T7429]  loop6: unable to read partition table
[  155.047455][ T7429] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  155.157550][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  155.237489][ T5942] Bluetooth: hci1: command 0x0c1a tx timeout
[  155.299267][ T7436] /dev/sr0: Can't open blockdev
[  155.316644][ T7439] netlink: 12 bytes leftover after parsing attributes in process `syz.2.373'.
[  155.327526][ T5942] Bluetooth: hci2: command 0x0c1a tx timeout
[  155.413527][ T7440] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  155.473959][   T40] audit: type=1326 audit(2000000000.949:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7438 comm="syz.2.373" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0
[  155.816302][ T7446] atomic_op ffff888024050998 conn xmit_atomic 0000000000000000
[  156.698167][ T7461] /dev/sr0: Can't open blockdev
[  157.247959][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  157.277480][   T56] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  157.317464][ T5942] Bluetooth: hci1: command 0x0c1a tx timeout
[  157.397524][ T5942] Bluetooth: hci2: command 0x0c1a tx timeout
[  157.429229][   T56] usb 6-1: config 0 has no interfaces?
[  157.431521][   T56] usb 6-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  157.435404][   T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.442413][   T56] usb 6-1: config 0 descriptor??
[  157.686081][ T6076] usb 6-1: USB disconnect, device number 5
[  157.828369][ T7472] /dev/sr0: Can't open blockdev
[  158.199388][ T6801] usb 40-1: device descriptor read/8, error -110
[  158.318851][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.385'.
[  158.435347][ T7480] netlink: 40 bytes leftover after parsing attributes in process `syz.0.387'.
[  158.486931][ T7482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.388'.
[  158.561508][ T7483] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  158.589219][ T6801] usb usb40-port1: attempt power cycle
[  158.637193][   T40] audit: type=1326 audit(2000000004.099:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7481 comm="syz.0.388" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f73579 code=0x0
[  159.043642][ T7496] FAULT_INJECTION: forcing a failure.
[  159.043642][ T7496] name failslab, interval 1, probability 0, space 0, times 0
[  159.049554][ T7496] CPU: 3 UID: 0 PID: 7496 Comm: syz.1.391 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  159.049581][ T7496] Tainted: [L]=SOFTLOCKUP
[  159.049587][ T7496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.049597][ T7496] Call Trace:
[  159.049603][ T7496]  <TASK>
[  159.049610][ T7496]  dump_stack_lvl+0x16c/0x1f0
[  159.049642][ T7496]  should_fail_ex+0x512/0x640
[  159.049661][ T7496]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  159.049687][ T7496]  should_failslab+0xc2/0x120
[  159.049713][ T7496]  kmem_cache_alloc_node_noprof+0x86/0x800
[  159.049734][ T7496]  ? __alloc_skb+0x156/0x410
[  159.049759][ T7496]  ? __alloc_skb+0x156/0x410
[  159.049777][ T7496]  __alloc_skb+0x156/0x410
[  159.049793][ T7496]  ? __alloc_skb+0x35d/0x410
[  159.049811][ T7496]  ? __pfx___alloc_skb+0x10/0x10
[  159.049830][ T7496]  ? genl_rcv_msg+0x4b0/0x800
[  159.049844][ T7496]  ? genl_rcv_msg+0x4bb/0x800
[  159.049867][ T7496]  netlink_ack+0x15d/0xb80
[  159.049899][ T7496]  netlink_rcv_skb+0x332/0x420
[  159.049923][ T7496]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.049940][ T7496]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  159.049980][ T7496]  ? netlink_deliver_tap+0x1ae/0xd30
[  159.050005][ T7496]  genl_rcv+0x28/0x40
[  159.050028][ T7496]  netlink_unicast+0x5aa/0x870
[  159.050055][ T7496]  ? __pfx_netlink_unicast+0x10/0x10
[  159.050077][ T7496]  ? __pfx___might_resched+0x10/0x10
[  159.050124][ T7496]  netlink_sendmsg+0x8c8/0xdd0
[  159.050151][ T7496]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.050176][ T7496]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  159.050205][ T7496]  ____sys_sendmsg+0xa5d/0xc30
[  159.050231][ T7496]  ? __pfx_____sys_sendmsg+0x10/0x10
[  159.050254][ T7496]  ? get_compat_msghdr+0x11a/0x170
[  159.050284][ T7496]  ___sys_sendmsg+0x134/0x1d0
[  159.050305][ T7496]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.050336][ T7496]  ? find_held_lock+0x2b/0x80
[  159.050372][ T7496]  __sys_sendmsg+0x16d/0x220
[  159.050393][ T7496]  ? __pfx___sys_sendmsg+0x10/0x10
[  159.050428][ T7496]  __do_fast_syscall_32+0xe8/0x680
[  159.050455][ T7496]  do_fast_syscall_32+0x32/0x80
[  159.050470][ T7496]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  159.050491][ T7496] RIP: 0023:0xf709d579
[  159.050503][ T7496] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  159.050520][ T7496] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  159.050536][ T7496] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002140
[  159.050547][ T7496] RDX: 00000000000000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  159.050557][ T7496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  159.050566][ T7496] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  159.050576][ T7496] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  159.050599][ T7496]  </TASK>
[  159.186615][ T6801] usb usb40-port1: unable to enumerate USB device
[  159.243897][ T6076] libceph: connect (1)[c::]:6789 error -101
[  159.246024][ T6076] libceph: mon0 (1)[c::]:6789 connect error
[  159.327546][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  159.407541][ T5942] Bluetooth: hci1: command 0x0c1a tx timeout
[  159.482388][ T5942] Bluetooth: hci2: command 0x0c1a tx timeout
[  159.509433][ T6076] libceph: connect (1)[c::]:6789 error -101
[  159.511810][ T6076] libceph: mon0 (1)[c::]:6789 connect error
[  159.907683][ T6801] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  159.923961][ T7516] __vm_enough_memory: pid: 7516, comm: syz.2.396, bytes: 4294963200 not enough memory for the allocation
[  160.069202][ T6801] usb 5-1: config 0 has no interfaces?
[  160.072005][ T6801] usb 5-1: New USB device found, idVendor=056a, idProduct=0010, bcdDevice= 0.00
[  160.075959][ T6801] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.088041][ T7498] ceph: No mds server is up or the cluster is laggy
[  160.110000][ T6801] usb 5-1: config 0 descriptor??
[  160.345327][ T7511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.367602][ T7511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.385392][ T6076] libceph: connect (1)[c::]:6789 error -101
[  160.415281][ T6801] usb 5-1: USB disconnect, device number 11
[  160.596078][ T6076] libceph: mon0 (1)[c::]:6789 connect error
[  160.983792][ T7530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.401'.
[  161.065379][ T7538] kAFS: unable to lookup cell 'Þ({^ú@'
[  161.104162][ T7539] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  161.180586][   T40] audit: type=1326 audit(2000000006.659:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.1.401" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709d579 code=0x0
[  161.257468][ T6801] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  161.387769][ T6801] usb 5-1: device descriptor read/64, error -71
[  161.648612][ T6801] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  161.777553][ T6801] usb 5-1: device descriptor read/64, error -71
[  161.888654][ T6801] usb usb5-port1: attempt power cycle
[  161.892351][ T7543] /dev/sr0: Can't open blockdev
[  162.011682][ T7552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.408'.
[  162.059756][ T7556] warning: `syz.1.410' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  162.138892][ T7563] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  162.151964][ T7563] evm: overlay not supported
[  162.248031][ T6801] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  162.277912][ T6801] usb 5-1: device descriptor read/8, error -71
[  162.527528][ T6801] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  162.547873][ T6801] usb 5-1: device descriptor read/8, error -71
[  162.609518][ T7584] netlink: 32 bytes leftover after parsing attributes in process `syz.3.420'.
[  162.612490][ T7584] netlink: 32 bytes leftover after parsing attributes in process `syz.3.420'.
[  162.636002][ T7584] netlink: 32 bytes leftover after parsing attributes in process `syz.3.420'.
[  162.639191][ T7584] netlink: 32 bytes leftover after parsing attributes in process `syz.3.420'.
[  162.772296][ T6801] usb usb5-port1: unable to enumerate USB device
[  162.796247][ T7584] netlink: 32 bytes leftover after parsing attributes in process `syz.3.420'.
[  163.488603][ T7604] FAULT_INJECTION: forcing a failure.
[  163.488603][ T7604] name failslab, interval 1, probability 0, space 0, times 0
[  163.492990][ T7604] CPU: 3 UID: 0 PID: 7604 Comm: syz.1.426 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  163.493008][ T7604] Tainted: [L]=SOFTLOCKUP
[  163.493012][ T7604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.493020][ T7604] Call Trace:
[  163.493024][ T7604]  <TASK>
[  163.493028][ T7604]  dump_stack_lvl+0x16c/0x1f0
[  163.493050][ T7604]  should_fail_ex+0x512/0x640
[  163.493065][ T7604]  should_failslab+0xc2/0x120
[  163.493082][ T7604]  __kmalloc_cache_noprof+0x80/0x800
[  163.493096][ T7604]  ? sctp_add_bind_addr+0xae/0x3f0
[  163.493115][ T7604]  ? __sctp_v6_cmp_addr+0x206/0x530
[  163.493142][ T7604]  ? sctp_add_bind_addr+0xae/0x3f0
[  163.493165][ T7604]  sctp_add_bind_addr+0xae/0x3f0
[  163.493192][ T7604]  sctp_copy_local_addr_list+0x349/0x550
[  163.493223][ T7604]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  163.493249][ T7604]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  163.493268][ T7604]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  163.493287][ T7604]  sctp_bind_addr_copy+0xe0/0x530
[  163.493305][ T7604]  sctp_connect_new_asoc+0x1c9/0x770
[  163.493319][ T7604]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  163.493332][ T7604]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  163.493351][ T7604]  __sctp_connect+0x3f3/0xc80
[  163.493366][ T7604]  ? __pfx___sctp_connect+0x10/0x10
[  163.493378][ T7604]  ? __might_fault+0x13b/0x190
[  163.493395][ T7604]  __sctp_setsockopt_connectx+0x100/0x190
[  163.493409][ T7604]  sctp_getsockopt+0x26d2/0x7050
[  163.493422][ T7604]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  163.493438][ T7604]  ? __pfx_sctp_getsockopt+0x10/0x10
[  163.493450][ T7604]  ? __lock_acquire+0x436/0x2890
[  163.493468][ T7604]  ? __pfx___might_resched+0x10/0x10
[  163.493485][ T7604]  ? get_pid_task+0xfc/0x250
[  163.493496][ T7604]  ? aa_sk_perm+0x2f2/0xae0
[  163.493510][ T7604]  ? __pfx_aa_sk_perm+0x10/0x10
[  163.493523][ T7604]  ? __lock_acquire+0x436/0x2890
[  163.493536][ T7604]  ? aa_sock_opt_perm+0xfd/0x1b0
[  163.493555][ T7604]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  163.493574][ T7604]  do_sock_getsockopt+0x324/0x410
[  163.493599][ T7604]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  163.493621][ T7604]  ? __fget_files+0x204/0x3c0
[  163.493655][ T7604]  __sys_getsockopt+0x123/0x1b0
[  163.493679][ T7604]  __ia32_sys_getsockopt+0xbc/0x160
[  163.493694][ T7604]  ? __do_fast_syscall_32+0x9a/0x680
[  163.493712][ T7604]  ? lockdep_hardirqs_on+0x7c/0x110
[  163.493728][ T7604]  __do_fast_syscall_32+0xe8/0x680
[  163.493746][ T7604]  do_fast_syscall_32+0x32/0x80
[  163.493756][ T7604]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.493770][ T7604] RIP: 0023:0xf709d579
[  163.493779][ T7604] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  163.493790][ T7604] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  163.493801][ T7604] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[  163.493808][ T7604] RDX: 000000000000006f RSI: 0000000080000080 RDI: 00000000800002c0
[  163.493814][ T7604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  163.493820][ T7604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  163.493826][ T7604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  163.493840][ T7604]  </TASK>
[  163.661470][ T7608] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  163.663650][ T7608] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  163.666413][ T7608] vhci_hcd vhci_hcd.0: Device attached
[  163.716730][ T7608] rdma_rxe: rxe_newlink: failed to add wg2
[  163.977447][   T57] usb 44-1: SetAddress Request (6) to port 0
[  163.982913][   T57] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  164.030079][ T7616] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  164.032751][ T7616] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  164.036681][ T7616] vhci_hcd vhci_hcd.0: Device attached
[  164.162678][ T7624] fuse: Unknown parameter 'fd?0x0000000000000006'
[  164.190145][ T7622] wg2 speed is unknown, defaulting to 1000
[  164.217692][  T947] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  164.287403][  T947] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  164.292804][ T7609] vhci_hcd: connection reset by peer
[  164.297012][ T6139] vhci_hcd vhci_hcd.3: stop threads
[  164.299229][ T6139] vhci_hcd vhci_hcd.3: release socket
[  164.301157][ T6139] vhci_hcd vhci_hcd.3: disconnect device
[  164.680928][ T7617] vhci_hcd: connection reset by peer
[  164.683017][ T6139] vhci_hcd vhci_hcd.1: stop threads
[  164.684768][ T6139] vhci_hcd vhci_hcd.1: release socket
[  164.686576][ T6139] vhci_hcd vhci_hcd.1: disconnect device
[  164.899779][ T7638] FAULT_INJECTION: forcing a failure.
[  164.899779][ T7638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.905251][ T7638] CPU: 0 UID: 0 PID: 7638 Comm: syz.3.436 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  164.905279][ T7638] Tainted: [L]=SOFTLOCKUP
[  164.905285][ T7638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.905296][ T7638] Call Trace:
[  164.905303][ T7638]  <TASK>
[  164.905310][ T7638]  dump_stack_lvl+0x16c/0x1f0
[  164.905341][ T7638]  should_fail_ex+0x512/0x640
[  164.905365][ T7638]  _copy_from_iter+0x2a4/0x16c0
[  164.905390][ T7638]  ? __alloc_skb+0x220/0x410
[  164.905409][ T7638]  ? __alloc_skb+0x35d/0x410
[  164.905428][ T7638]  ? __pfx__copy_from_iter+0x10/0x10
[  164.905448][ T7638]  ? netlink_autobind.isra.0+0x158/0x370
[  164.905483][ T7638]  netlink_sendmsg+0x820/0xdd0
[  164.905513][ T7638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.905542][ T7638]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  164.905577][ T7638]  ____sys_sendmsg+0xa5d/0xc30
[  164.905607][ T7638]  ? __pfx_____sys_sendmsg+0x10/0x10
[  164.905633][ T7638]  ? get_compat_msghdr+0x11a/0x170
[  164.905666][ T7638]  ___sys_sendmsg+0x134/0x1d0
[  164.905691][ T7638]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.905725][ T7638]  ? find_held_lock+0x2b/0x80
[  164.905765][ T7638]  __sys_sendmsg+0x16d/0x220
[  164.905787][ T7638]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.905826][ T7638]  __do_fast_syscall_32+0xe8/0x680
[  164.905857][ T7638]  do_fast_syscall_32+0x32/0x80
[  164.905873][ T7638]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  164.905896][ T7638] RIP: 0023:0xf708d579
[  164.905910][ T7638] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  164.905927][ T7638] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  164.905945][ T7638] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  164.905956][ T7638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  164.905966][ T7638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  164.905976][ T7638] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  164.905986][ T7638] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  164.906010][ T7638]  </TASK>
[  165.274487][ T7648] __nla_validate_parse: 1 callbacks suppressed
[  165.274499][ T7648] netlink: 12 bytes leftover after parsing attributes in process `syz.3.438'.
[  165.533921][   T40] audit: type=1326 audit(2000000001.120:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7650 comm="syz.1.439" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709d579 code=0x0
[  166.723395][ T7670] netlink: 32 bytes leftover after parsing attributes in process `syz.0.443'.
[  166.726467][ T7670] netlink: 32 bytes leftover after parsing attributes in process `syz.0.443'.
[  166.750435][ T7670] netlink: 32 bytes leftover after parsing attributes in process `syz.0.443'.
[  166.753605][ T7670] netlink: 32 bytes leftover after parsing attributes in process `syz.0.443'.
[  166.831747][ T7670] netlink: 32 bytes leftover after parsing attributes in process `syz.0.443'.
[  166.834867][ T7670] netlink: 32 bytes leftover after parsing attributes in process `syz.0.443'.
[  167.324951][ T7679] comedi comedi3: multiq3: I/O port conflict (0x1000000,16)
[  168.034255][ T1333] libceph: connect (1)[c::]:6789 error -101
[  168.037998][ T1333] libceph: mon0 (1)[c::]:6789 connect error
[  168.082518][ T7691] ceph: No mds server is up or the cluster is laggy
[  168.284835][ T7697] bond7: Removing last arp target with arp_interval on
[  168.785497][ T7711] syz_tun: entered allmulticast mode
[  169.085975][ T7718] netlink: 32 bytes leftover after parsing attributes in process `syz.1.454'.
[  169.089133][ T7718] netlink: 32 bytes leftover after parsing attributes in process `syz.1.454'.
[  169.315339][   T57] usb 44-1: device descriptor read/8, error -110
[  169.347864][ T7718] netlink: 32 bytes leftover after parsing attributes in process `syz.1.454'.
[  169.556939][  T947] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  169.696844][ T7716] Process accounting resumed
[  169.707633][   T57] usb usb44-port1: attempt power cycle
[  169.729600][ T7727] nbd: nbd0 already in use
[  169.731423][ T7727] block nbd0: NBD_DISCONNECT
[  169.733097][ T7727] block nbd0: Send disconnect failed -32
[  169.735684][ T7727] block nbd0: shutting down sockets
[  169.749322][ T7724] libceph: resolve '
[  169.749322][ T7724] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[  169.749322][ T7724] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[  169.766403][    C0] blk_print_req_error: 135 callbacks suppressed
[  169.766423][    C0] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.771896][    C0] buffer_io_error: 11 callbacks suppressed
[  169.771905][    C0] Buffer I/O error on dev nbd0, logical block 0, async page read
[  169.777263][    C0] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.780609][    C0] Buffer I/O error on dev nbd0, logical block 1, async page read
[  169.783472][    C0] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.786654][    C0] Buffer I/O error on dev nbd0, logical block 2, async page read
[  169.789666][    C0] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.793004][    C0] Buffer I/O error on dev nbd0, logical block 3, async page read
[  169.827274][ T5946] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.827984][ T7730] syzkaller0: entered promiscuous mode
[  169.830947][ T5946] Buffer I/O error on dev nbd0, logical block 0, async page read
[  169.832815][ T7730] syzkaller0: entered allmulticast mode
[  169.848369][ T5946] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.852092][ T5946] Buffer I/O error on dev nbd0, logical block 1, async page read
[  169.855419][ T5946] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.859494][ T5946] Buffer I/O error on dev nbd0, logical block 2, async page read
[  169.865098][ T5946] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.871546][ T5946] Buffer I/O error on dev nbd0, logical block 3, async page read
[  169.874259][ T5946] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.878545][ T5946] Buffer I/O error on dev nbd0, logical block 0, async page read
[  169.884098][ T5946] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  169.887548][ T5946] Buffer I/O error on dev nbd0, logical block 1, async page read
[  169.890507][ T5946] ldm_validate_partition_table(): Disk read failed.
[  169.893201][ T5946] Dev nbd0: unable to read RDB block 0
[  169.895423][ T5946]  nbd0: unable to read partition table
[  169.912815][ T5946] ldm_validate_partition_table(): Disk read failed.
[  169.915323][ T5946] Dev nbd0: unable to read RDB block 0
[  169.918296][ T5946]  nbd0: unable to read partition table
[  170.027136][ T6023] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  170.198445][ T6023] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  170.202029][ T6023] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  170.205955][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  170.210528][ T6023] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  170.214727][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  170.218720][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  170.222632][ T6023] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  170.227891][ T6023] usb 6-1: config 168 interface 0 has no altsetting 0
[  170.231563][ T6023] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  170.234247][ T6023] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  170.238376][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  170.241900][ T6023] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  170.245905][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  170.249883][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  170.253642][ T6023] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  170.258199][ T6023] usb 6-1: config 168 interface 0 has no altsetting 0
[  170.261420][ T6023] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  170.264017][ T6023] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  170.268472][   T57] usb usb44-port1: unable to enumerate USB device
[  170.270684][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  170.274465][ T6023] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  170.278778][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  170.282624][ T6023] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  170.286427][ T6023] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  170.291702][ T6023] usb 6-1: config 168 interface 0 has no altsetting 0
[  170.299512][ T6023] usb 6-1: string descriptor 0 read error: -22
[  170.301864][ T6023] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  170.307052][ T6023] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.324502][ T6023] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  170.532183][ T7732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.536234][ T7732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.552685][ T6023] usb 6-1: USB disconnect, device number 6
[  170.735339][ T7735] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR
[  171.502097][  T947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.521857][ T7757] FAULT_INJECTION: forcing a failure.
[  171.521857][ T7757] name failslab, interval 1, probability 0, space 0, times 0
[  171.526000][ T7757] CPU: 3 UID: 0 PID: 7757 Comm: syz.1.466 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  171.526018][ T7757] Tainted: [L]=SOFTLOCKUP
[  171.526021][ T7757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.526028][ T7757] Call Trace:
[  171.526032][ T7757]  <TASK>
[  171.526037][ T7757]  dump_stack_lvl+0x16c/0x1f0
[  171.526057][ T7757]  should_fail_ex+0x512/0x640
[  171.526070][ T7757]  ? kmem_cache_alloc_noprof+0x62/0x770
[  171.526085][ T7757]  should_failslab+0xc2/0x120
[  171.526103][ T7757]  kmem_cache_alloc_noprof+0x83/0x770
[  171.526116][ T7757]  ? alloc_empty_file+0x55/0x1e0
[  171.526136][ T7757]  ? alloc_empty_file+0x55/0x1e0
[  171.526147][ T7757]  alloc_empty_file+0x55/0x1e0
[  171.526159][ T7757]  alloc_file_pseudo+0x13a/0x230
[  171.526171][ T7757]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  171.526187][ T7757]  __anon_inode_getfile+0xe8/0x280
[  171.526202][ T7757]  bpf_link_prime+0x202/0x4c0
[  171.526214][ T7757]  tcx_link_attach+0x1f4/0xbc0
[  171.526232][ T7757]  ? __pfx_tcx_link_attach+0x10/0x10
[  171.526246][ T7757]  ? __might_fault+0xa0/0x190
[  171.526261][ T7757]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.526281][ T7757]  __sys_bpf+0x3c2e/0x4980
[  171.526293][ T7757]  ? __pfx___sys_bpf+0x10/0x10
[  171.526303][ T7757]  ? find_held_lock+0x2b/0x80
[  171.526320][ T7757]  ? find_held_lock+0x2b/0x80
[  171.526337][ T7757]  ? __mutex_unlock_slowpath+0x161/0x790
[  171.526362][ T7757]  ? fput+0x70/0xf0
[  171.526372][ T7757]  ? ksys_write+0x1ac/0x250
[  171.526388][ T7757]  ? __pfx_ksys_write+0x10/0x10
[  171.526405][ T7757]  __ia32_sys_bpf+0x76/0xe0
[  171.526415][ T7757]  ? lockdep_hardirqs_on+0x7c/0x110
[  171.526432][ T7757]  __do_fast_syscall_32+0xe8/0x680
[  171.526451][ T7757]  do_fast_syscall_32+0x32/0x80
[  171.526461][ T7757]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.526475][ T7757] RIP: 0023:0xf709d579
[  171.526484][ T7757] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  171.526495][ T7757] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  171.526506][ T7757] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 0000000080000700
[  171.526513][ T7757] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000000
[  171.526519][ T7757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  171.526525][ T7757] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  171.526532][ T7757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  171.526545][ T7757]  </TASK>
[  172.294993][ T7777] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  172.297152][ T7777] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  172.351019][ T7777] vhci_hcd vhci_hcd.0: Device attached
[  172.543339][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.620600][ T7778] cgroup: fork rejected by pids controller in /syz0
[  172.626953][ T7779] vhci_hcd: connection closed
[  172.627123][ T6829] vhci_hcd vhci_hcd.3: stop threads
[  172.632381][ T6829] vhci_hcd vhci_hcd.3: release socket
[  172.634684][ T6829] vhci_hcd vhci_hcd.3: disconnect device
[  173.286301][ T9487] qnx6: unable to read the first superblock
[  173.317245][ T6023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.536979][  T829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.560016][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.775284][ T9711] overlayfs: overlapping lowerdir path
[  173.979590][ T9715] __nla_validate_parse: 3 callbacks suppressed
[  173.979601][ T9715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.477'.
[  173.985162][ T9715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.477'.
[  174.011683][ T9727] bond5: Removing last arp target with arp_interval on
[  174.152601][ T9735] binder: BINDER_SET_CONTEXT_MGR already set
[  174.155799][ T9735] binder: 9734:9735 ioctl 4018620d 80000040 returned -16
[  174.203974][ T9715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.477'.
[  174.206994][ T9715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.477'.
[  174.219160][   T40] audit: type=1326 audit(2000000007.750:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.235290][   T40] audit: type=1326 audit(2000000007.750:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.246981][   T40] audit: type=1326 audit(2000000007.750:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.254054][   T40] audit: type=1326 audit(2000000007.750:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.261796][   T40] audit: type=1326 audit(2000000007.750:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.268539][   T40] audit: type=1326 audit(2000000007.760:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.274979][   T40] audit: type=1326 audit(2000000007.760:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.281750][   T40] audit: type=1326 audit(2000000007.760:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.289289][   T40] audit: type=1326 audit(2000000007.760:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.295859][   T40] audit: type=1326 audit(2000000007.760:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9738 comm="syz.3.485" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708d579 code=0x7ffc0000
[  174.319888][ T9715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.477'.
[  174.322817][ T9715] netlink: 32 bytes leftover after parsing attributes in process `syz.2.477'.
[  174.576986][ T6023] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  174.589919][ T9729] Process accounting resumed
[  174.626539][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.729861][ T6023] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  174.736292][ T6023] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  174.741766][ T6023] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  174.746140][ T6023] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.759193][ T9744] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  174.765933][ T9750] wg2 speed is unknown, defaulting to 1000
[  174.766073][ T6023] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  174.969138][ T6801] usb 6-1: USB disconnect, device number 7
[  175.166888][ T6023] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  175.346905][ T6023] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.351008][ T6023] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  175.353953][ T6023] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.369026][ T6023] usb 7-1: config 0 descriptor??
[  175.386953][ T9760] netlink: 'syz.0.490': attribute type 1 has an invalid length.
[  175.390680][ T9759] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'.
[  175.393350][ T9760] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  175.393590][ T9759] netlink: 4 bytes leftover after parsing attributes in process `syz.0.490'.
[  175.531161][ T9771] bond3: Removing last arp target with arp_interval on
[  175.592258][ T6023] usbhid 7-1:0.0: can't add hid device: -71
[  175.600842][ T6023] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  175.608506][ T6023] usb 7-1: USB disconnect, device number 9
[  175.648731][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.086812][ T6023] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  176.236988][ T6023] usb 7-1: Using ep0 maxpacket: 32
[  176.240479][ T6023] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.244349][ T6023] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  176.247734][ T6023] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.252308][ T6023] usb 7-1: config 0 descriptor??
[  176.255741][ T6023] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  176.256739][ T6801] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  176.262412][ T6023] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  176.357021][ T6023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.406834][ T6801] usb 6-1: Using ep0 maxpacket: 8
[  176.410930][ T6801] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  176.414450][ T6801] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  176.419050][ T6801] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  176.423122][ T6801] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  176.427533][ T6801] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  176.434069][ T6801] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  176.438201][ T6801] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.546407][   T56] usb 7-1: USB disconnect, device number 10
[  176.557598][   T56] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  176.639701][ T9802] macsec1: entered promiscuous mode
[  176.642350][ T9802] macsec1: entered allmulticast mode
[  176.650229][ T6801] usb 6-1: usb_control_msg returned -32
[  176.652746][ T6801] usbtmc 6-1:16.0: can't read capabilities
[  176.676928][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.213518][   T56] usb 6-1: USB disconnect, device number 8
[  177.340650][ T9815] wg2 speed is unknown, defaulting to 1000
[  177.420744][ T9818] tmpfs: Bad value for 'mpol'
[  177.424545][ T9817] FAULT_INJECTION: forcing a failure.
[  177.424545][ T9817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.429168][ T9817] CPU: 2 UID: 0 PID: 9817 Comm: syz.2.505 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  177.429186][ T9817] Tainted: [L]=SOFTLOCKUP
[  177.429189][ T9817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  177.429197][ T9817] Call Trace:
[  177.429200][ T9817]  <TASK>
[  177.429205][ T9817]  dump_stack_lvl+0x16c/0x1f0
[  177.429226][ T9817]  should_fail_ex+0x512/0x640
[  177.429242][ T9817]  _copy_to_user+0x32/0xd0
[  177.429256][ T9817]  simple_read_from_buffer+0xcb/0x170
[  177.429274][ T9817]  proc_fail_nth_read+0x197/0x240
[  177.429293][ T9817]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  177.429312][ T9817]  ? rw_verify_area+0xcf/0x6c0
[  177.429326][ T9817]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  177.429344][ T9817]  vfs_read+0x1e4/0xcf0
[  177.429361][ T9817]  ? __pfx___mutex_lock+0x10/0x10
[  177.429380][ T9817]  ? __pfx_vfs_read+0x10/0x10
[  177.429393][ T9817]  ? find_held_lock+0x2b/0x80
[  177.429412][ T9817]  ? __fget_files+0x20e/0x3c0
[  177.429432][ T9817]  ksys_read+0x12a/0x250
[  177.429447][ T9817]  ? __pfx_ksys_read+0x10/0x10
[  177.429462][ T9817]  ? fput+0x70/0xf0
[  177.429475][ T9817]  __do_fast_syscall_32+0xe8/0x680
[  177.429494][ T9817]  do_fast_syscall_32+0x32/0x80
[  177.429504][ T9817]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  177.429518][ T9817] RIP: 0023:0xf703d579
[  177.429527][ T9817] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  177.429538][ T9817] RSP: 002b:00000000f53eb590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  177.429548][ T9817] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53eb620
[  177.429555][ T9817] RDX: 000000000000000f RSI: 00000000f73d6ff4 RDI: 0000000000000000
[  177.429562][ T9817] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  177.429568][ T9817] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  177.429574][ T9817] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  177.429588][ T9817]  </TASK>
[  177.783542][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.904910][ T9827] qnx6: unable to read the first superblock
[  178.170910][ T9830] netlink: 'syz.0.508': attribute type 1 has an invalid length.
[  178.259295][ T9830] bond6: entered promiscuous mode
[  178.261334][ T9830] bond6: entered allmulticast mode
[  178.264902][ T9830] 8021q: adding VLAN 0 to HW filter on device bond6
[  178.357494][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.370067][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.604488][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.726169][ T9841] netlink: 32 bytes leftover after parsing attributes in process `syz.2.512'.
[  178.729324][ T9841] netlink: 32 bytes leftover after parsing attributes in process `syz.2.512'.
[  178.836854][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.016876][ T9841] netlink: 32 bytes leftover after parsing attributes in process `syz.2.512'.
[  179.019800][ T9841] netlink: 32 bytes leftover after parsing attributes in process `syz.2.512'.
[  179.139023][ T9853] bond4: Removing last arp target with arp_interval on
[  179.140967][ T9841] netlink: 32 bytes leftover after parsing attributes in process `syz.2.512'.
[  179.144236][ T9841] netlink: 32 bytes leftover after parsing attributes in process `syz.2.512'.
[  179.251141][ T9862] ptrace attach of "/syz-executor exec"[9863] was attempted by "/syz-executor exec"[9862]
[  179.255758][ T9862] netlink: 36 bytes leftover after parsing attributes in process `syz.3.518'.
[  179.481639][ T9872] netlink: 'syz.1.522': attribute type 1 has an invalid length.
[  179.494168][ T9872] 8021q: adding VLAN 0 to HW filter on device bond3
[  179.637130][ T9874] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.521'.
[  179.876728][ T6023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.011145][ T9851] siw: device registration error -23
[  180.028643][ T9842] Process accounting resumed
[  180.059551][  T947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.060262][ T9872] 8021q: adding VLAN 0 to HW filter on device bond3
[  180.064888][ T9872] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  180.069025][ T9872] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  180.084389][ T9874] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  180.239165][ T9887] bond7: Removing last arp target with arp_interval on
[  180.292627][ T9897] qnx4: no qnx4 filesystem (no root dir).
[  180.318071][   T40] kauditd_printk_skb: 177 callbacks suppressed
[  180.318087][   T40] audit: type=1326 audit(2000000013.850:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.333907][ T9897] capability: warning: `syz.3.530' uses 32-bit capabilities (legacy support in use)
[  180.365765][   T40] audit: type=1326 audit(2000000013.860:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.385751][   T40] audit: type=1326 audit(2000000013.860:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.396703][   T40] audit: type=1326 audit(2000000013.860:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.406039][   T40] audit: type=1326 audit(2000000013.860:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.418772][   T40] audit: type=1326 audit(2000000013.860:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=230 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.429978][   T40] audit: type=1326 audit(2000000013.860:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.442586][   T40] audit: type=1326 audit(2000000013.860:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.452074][   T40] audit: type=1326 audit(2000000013.860:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.458936][   T40] audit: type=1326 audit(2000000013.860:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf708d579 code=0x7ffc0000
[  180.574068][ T9908] netlink: 32 bytes leftover after parsing attributes in process `syz.1.527'.
[  180.577871][ T9908] netlink: 32 bytes leftover after parsing attributes in process `syz.1.527'.
[  180.749420][ T9908] netlink: 32 bytes leftover after parsing attributes in process `syz.1.527'.
[  180.752499][ T9908] netlink: 32 bytes leftover after parsing attributes in process `syz.1.527'.
[  181.201101][ T9916] syz.0.531: attempt to access beyond end of device
[  181.201101][ T9916] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128
[  181.205577][ T9916] gfs2: error -5 reading superblock
[  181.516825][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.578824][ T9908] Process accounting resumed
[  181.681405][ T9926] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  181.684124][ T9926] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  181.688035][ T9925] syzkaller0: entered promiscuous mode
[  181.689944][ T9925] syzkaller0: entered allmulticast mode
[  181.815331][ T9926] vhci_hcd vhci_hcd.0: Device attached
[  181.854671][ T9931] bond5: Removing last arp target with arp_interval on
[  182.091629][ T9927] vhci_hcd: connection closed
[  182.091824][ T6107] vhci_hcd vhci_hcd.2: stop threads
[  182.095409][ T6107] vhci_hcd vhci_hcd.2: release socket
[  182.097468][ T6107] vhci_hcd vhci_hcd.2: disconnect device
[  182.110038][ T9941] bridge1: entered allmulticast mode
[  182.599608][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.747640][ T9948] input: syz1 as /devices/virtual/input/input14
[  182.959297][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.331537][ T9962] bond8: Removing last arp target with arp_interval on
[  183.647304][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.679770][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.763602][ T9999] QAT: failed to copy from user.
[  184.857831][ T9989] wg2 speed is unknown, defaulting to 1000
[  185.430487][T10009] FAULT_INJECTION: forcing a failure.
[  185.430487][T10009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.434836][T10009] CPU: 1 UID: 0 PID: 10009 Comm: syz.1.562 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  185.434854][T10009] Tainted: [L]=SOFTLOCKUP
[  185.434858][T10009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.434864][T10009] Call Trace:
[  185.434869][T10009]  <TASK>
[  185.434873][T10009]  dump_stack_lvl+0x16c/0x1f0
[  185.434906][T10009]  should_fail_ex+0x512/0x640
[  185.434922][T10009]  _copy_to_user+0x32/0xd0
[  185.434935][T10009]  simple_read_from_buffer+0xcb/0x170
[  185.434952][T10009]  proc_fail_nth_read+0x197/0x240
[  185.434970][T10009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  185.434990][T10009]  ? rw_verify_area+0xcf/0x6c0
[  185.435004][T10009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  185.435026][T10009]  vfs_read+0x1e4/0xcf0
[  185.435042][T10009]  ? __pfx___mutex_lock+0x10/0x10
[  185.435061][T10009]  ? __pfx_vfs_read+0x10/0x10
[  185.435075][T10009]  ? find_held_lock+0x2b/0x80
[  185.435093][T10009]  ? __fget_files+0x20e/0x3c0
[  185.435113][T10009]  ksys_read+0x12a/0x250
[  185.435128][T10009]  ? __pfx_ksys_read+0x10/0x10
[  185.435147][T10009]  __do_fast_syscall_32+0xe8/0x680
[  185.435166][T10009]  do_fast_syscall_32+0x32/0x80
[  185.435176][T10009]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  185.435190][T10009] RIP: 0023:0xf709d579
[  185.435199][T10009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  185.435211][T10009] RSP: 002b:00000000f546c590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  185.435221][T10009] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f546c620
[  185.435228][T10009] RDX: 000000000000000f RSI: 00000000f7436ff4 RDI: 0000000000000000
[  185.435235][T10009] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  185.435241][T10009] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  185.435248][T10009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  185.435261][T10009]  </TASK>
[  185.728049][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.046361][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.756503][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.875495][ T5942] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  187.678549][T10039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.682357][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.686070][T10039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.691628][T10039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.695163][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.699818][T10039] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.703280][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.707566][T10038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.713054][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.718563][T10038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.238562][T10057] siw: device registration error -23
[  189.966512][T10060] /dev/sr0: Can't open blockdev
[  190.007241][   T40] kauditd_printk_skb: 46 callbacks suppressed
[  190.007253][   T40] audit: type=1326 audit(2000000023.541:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.031640][   T40] audit: type=1326 audit(2000000023.551:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=171 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.050197][   T40] audit: type=1326 audit(2000000023.551:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.060526][   T40] audit: type=1326 audit(2000000023.551:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.069560][   T40] audit: type=1326 audit(2000000023.551:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.078431][   T40] audit: type=1326 audit(2000000023.551:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.088533][   T40] audit: type=1326 audit(2000000023.551:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.095695][   T40] audit: type=1326 audit(2000000023.551:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.122507][   T40] audit: type=1326 audit(2000000023.561:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.131795][   T40] audit: type=1326 audit(2000000023.561:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10063 comm="syz.2.580" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf703d579 code=0x7ffc0000
[  190.275964][ T5991] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  190.435601][T10068] IPVS: Error connecting to the multicast addr
[  190.437885][ T5991] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.442973][ T5991] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  190.449586][ T5991] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  190.453803][ T5991] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.457558][ T5991] usb 7-1: Product: syz
[  190.459562][ T5991] usb 7-1: Manufacturer: syz
[  190.462126][ T5991] usb 7-1: SerialNumber: syz
[  190.468553][ T5991] cdc_mbim 7-1:1.0: skipping garbage
[  190.671758][T10064] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  191.287569][T10064] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  191.293348][ T5991] cdc_mbim 7-1:1.0: setting tx_max = 16384
[  191.300045][ T5991] cdc_mbim 7-1:1.0: cdc-wdm0: USB WDM device
[  191.307205][ T5991] wwan wwan0: port wwan0mbim0 attached
[  191.512780][ T5991] cdc_mbim 7-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, c6:7a:be:a2:0e:a4
[  191.542765][ T5991] usb 7-1: USB disconnect, device number 11
[  191.547875][ T5991] cdc_mbim 7-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM
[  191.686686][ T5991] wwan wwan0: port wwan0mbim0 disconnected
[  191.832053][T10086] __nla_validate_parse: 1 callbacks suppressed
[  191.832102][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.588'.
[  191.837530][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.588'.
[  191.869523][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.588'.
[  191.872783][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.588'.
[  191.963249][ T7144] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  192.003931][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.588'.
[  192.007361][T10086] netlink: 32 bytes leftover after parsing attributes in process `syz.3.588'.
[  192.115864][ T7144] usb 5-1: Using ep0 maxpacket: 8
[  192.119295][ T7144] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  192.121987][ T7144] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  192.125211][ T7144] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  192.128453][ T7144] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  192.131827][ T7144] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.136190][ T7144] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  192.139130][ T7144] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.226599][T10099] /dev/sr0: Can't open blockdev
[  192.346533][ T7144] usb 5-1: usb_control_msg returned -32
[  192.348716][ T7144] usbtmc 5-1:16.0: can't read capabilities
[  192.464470][T10089] Process accounting resumed
[  192.503037][T10105] /dev/sr0: Can't open blockdev
[  192.918279][ T1333] usb 5-1: USB disconnect, device number 16
[  192.943992][T10116] wg2 speed is unknown, defaulting to 1000
[  193.025807][ T5991] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  193.077979][   T29] net_ratelimit: 10 callbacks suppressed
[  193.077991][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.185799][ T5991] usb 6-1: Using ep0 maxpacket: 8
[  193.189147][ T5991] usb 6-1: config 0 has an invalid interface number: 186 but max is 0
[  193.192616][ T5991] usb 6-1: config 0 has no interface number 0
[  193.195390][ T5991] usb 6-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  193.199456][ T5991] usb 6-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  193.203316][ T5991] usb 6-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  193.206997][ T5991] usb 6-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  193.212846][ T5991] usb 6-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  193.215915][ T5991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.218462][ T5991] usb 6-1: Product: syz
[  193.219813][ T5991] usb 6-1: Manufacturer: syz
[  193.221356][ T5991] usb 6-1: SerialNumber: syz
[  193.224906][ T5991] usb 6-1: config 0 descriptor??
[  193.616585][ T1124] sr 2:0:0:0: [sr0] tag#31 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  193.620014][ T1124] sr 2:0:0:0: [sr0] tag#31 Sense Key : Illegal Request [current] 
[  193.622737][ T1124] sr 2:0:0:0: [sr0] tag#31 Add. Sense: Invalid command operation code
[  193.625572][ T1124] sr 2:0:0:0: [sr0] tag#31 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  193.628728][ T1124] blk_print_req_error: 138 callbacks suppressed
[  193.628737][ T1124] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2
[  193.635305][ T1124] buffer_io_error: 138 callbacks suppressed
[  193.635313][ T1124] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  193.742623][T10138] Bluetooth: MGMT ver 1.23
[  193.814531][ T5298] Bluetooth: hci1: unexpected event 0x16 length: 10 > 6
[  194.119758][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.676317][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.865807][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.605'.
[  194.880105][T10156] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.882795][T10156] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.955761][ T7144] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  195.115874][ T7144] usb 7-1: Using ep0 maxpacket: 8
[  195.122439][ T7144] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  195.125209][ T7144] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  195.128462][ T7144] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  195.132160][ T7144] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  195.136277][ T7144] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  195.141192][ T7144] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  195.144116][ T7144] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.159394][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.352463][ T7144] usb 7-1: usb_control_msg returned -32
[  195.354510][ T7144] usbtmc 7-1:16.0: can't read capabilities
[  195.796030][ T5942] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  195.799140][ T5298] Bluetooth: hci2: command 0x0c1a tx timeout
[  195.859949][T10159] xt_CT: You must specify a L4 protocol and not use inversions on it
[  195.864386][ T5991] iowarrior 6-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior1
[  195.877782][ T5991] usb 6-1: USB disconnect, device number 9
[  195.981591][  T829] usb 7-1: USB disconnect, device number 12
[  195.989429][T10172] netlink: 116 bytes leftover after parsing attributes in process `syz.1.611'.
[  196.197695][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.313651][T10181] netlink: 32 bytes leftover after parsing attributes in process `syz.1.612'.
[  196.317553][T10181] netlink: 32 bytes leftover after parsing attributes in process `syz.1.612'.
[  196.846905][T10192] __nla_validate_parse: 6 callbacks suppressed
[  196.846966][T10192] netlink: 32 bytes leftover after parsing attributes in process `syz.2.613'.
[  196.853199][T10192] netlink: 32 bytes leftover after parsing attributes in process `syz.2.613'.
[  197.026373][T10192] netlink: 32 bytes leftover after parsing attributes in process `syz.2.613'.
[  197.029477][T10192] netlink: 32 bytes leftover after parsing attributes in process `syz.2.613'.
[  197.047179][T10184] Process accounting resumed
[  197.247987][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.365585][ T7144] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  197.461488][T10195] Process accounting resumed
[  197.515572][ T7144] usb 6-1: Using ep0 maxpacket: 8
[  197.518925][ T7144] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  197.522355][ T7144] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  197.527081][ T7144] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  197.531554][ T7144] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  197.535754][ T7144] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  197.539771][ T7144] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  197.545052][ T7144] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  197.549225][ T7144] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.558137][ T7144] usbtmc 6-1:16.0: probe with driver usbtmc failed with error -22
[  197.725745][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.278008][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.745542][ T1333] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  198.837426][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  198.838118][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.842621][  T829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.845523][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  198.863375][T10219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.867454][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.872681][T10219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.876827][ T6812] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.880343][T10219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.884378][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.890259][T10219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.925503][ T1333] usb 7-1: Using ep0 maxpacket: 8
[  198.929509][ T1333] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  198.932186][ T1333] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  198.935590][ T1333] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  198.940090][ T1333] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  198.943421][ T1333] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  198.948167][ T1333] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  198.951249][ T1333] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.955676][T10221] netlink: 'syz.3.623': attribute type 1 has an invalid length.
[  198.970666][T10221] bond6: entered promiscuous mode
[  198.972504][T10221] 8021q: adding VLAN 0 to HW filter on device bond6
[  198.986982][T10221] 8021q: adding VLAN 0 to HW filter on device bond6
[  198.989467][T10221] bond6: (slave gre1): The slave device specified does not support setting the MAC address
[  198.992871][T10221] bond6: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  198.998267][T10221] bond6: (slave gre1): making interface the new active one
[  199.000718][T10221] gre1: entered promiscuous mode
[  199.003450][T10221] bond6: (slave gre1): Enslaving as an active interface with an up link
[  199.158306][ T1333] usb 7-1: usb_control_msg returned -32
[  199.160649][ T1333] usbtmc 7-1:16.0: can't read capabilities
[  199.405002][   T40] kauditd_printk_skb: 71 callbacks suppressed
[  199.405016][   T40] audit: type=1326 audit(2000000032.921:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10228 comm="syz.0.626" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f73579 code=0x0
[  199.713665][   T57] usb 7-1: USB disconnect, device number 13
[  200.311047][   T56] usb 6-1: USB disconnect, device number 10
[  200.418716][T10249] netlink: 16 bytes leftover after parsing attributes in process `syz.2.631'.
[  200.432489][T10249] netlink: 20 bytes leftover after parsing attributes in process `syz.2.631'.
[  200.689103][   T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  200.765498][   T56] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  200.915985][   T56] usb 6-1: Using ep0 maxpacket: 32
[  200.919132][   T56] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  200.922749][   T56] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  200.927277][   T56] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  200.931166][   T56] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  200.937480][   T56] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  200.940502][   T56] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.943275][   T56] usb 6-1: Product: syz
[  200.944717][   T56] usb 6-1: Manufacturer: syz
[  200.947082][   T56] usb 6-1: SerialNumber: syz
[  200.953545][    C3] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  200.960374][   T56] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/input/input15
[  201.031580][ T5946] udevd[5946]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  201.094481][T10259] qnx4: unable to read the superblock
[  201.097753][T10260] overlay: Unknown parameter 'smackfsfloor'
[  201.101132][T10260] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  201.104113][T10260] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  201.113323][ T5946] udevd[5946]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  201.158304][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.635'.
[  201.162446][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.635'.
[  201.165512][   T56] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  201.170316][   T56]  (id 0x00)
[  201.195380][T10262] hsr_slave_1 (unregistering): left promiscuous mode
[  201.217150][T10265] netlink: 12 bytes leftover after parsing attributes in process `syz.0.635'.
[  201.245316][   T56] rc_core: IR keymap rc-imon-pad not found
[  201.247350][   T56] Registered IR keymap rc-empty
[  201.249036][   T56] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  201.252407][   T56] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  201.277617][T10269] FAULT_INJECTION: forcing a failure.
[  201.277617][T10269] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  201.277637][T10269] CPU: 0 UID: 0 PID: 10269 Comm: syz.3.637 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  201.277653][T10269] Tainted: [L]=SOFTLOCKUP
[  201.277656][T10269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.277664][T10269] Call Trace:
[  201.277667][T10269]  <TASK>
[  201.277671][T10269]  dump_stack_lvl+0x16c/0x1f0
[  201.277691][T10269]  should_fail_ex+0x512/0x640
[  201.277706][T10269]  should_fail_alloc_page+0xe7/0x130
[  201.277725][T10269]  prepare_alloc_pages+0x401/0x670
[  201.277745][T10269]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  201.277759][T10269]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  201.277777][T10269]  ? is_bpf_text_address+0x94/0x1a0
[  201.277793][T10269]  ? kernel_text_address+0x8d/0x100
[  201.277806][T10269]  ? __kernel_text_address+0xd/0x40
[  201.277818][T10269]  ? unwind_get_return_address+0x59/0xa0
[  201.277833][T10269]  ? __bfs+0x148/0x290
[  201.277849][T10269]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  201.277863][T10269]  ? check_irq_usage+0xe8/0xbc0
[  201.277889][T10269]  ? __bfs+0x148/0x290
[  201.277906][T10269]  ? check_path.constprop.0+0x24/0x50
[  201.277923][T10269]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  201.277940][T10269]  ? policy_nodemask+0xea/0x4e0
[  201.277958][T10269]  alloc_pages_mpol+0x1fb/0x550
[  201.277975][T10269]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  201.277992][T10269]  ? kasan_save_track+0x14/0x30
[  201.278006][T10269]  ? __kasan_kmalloc+0xaa/0xb0
[  201.278019][T10269]  ? __get_vm_area_node+0x101/0x330
[  201.278039][T10269]  alloc_pages_noprof+0x131/0x390
[  201.278056][T10269]  get_free_pages_noprof+0x10/0xb0
[  201.278072][T10269]  __kasan_populate_vmalloc+0xa0/0x220
[  201.278089][T10269]  alloc_vmap_area+0x98d/0x2a50
[  201.278111][T10269]  ? __pfx_alloc_vmap_area+0x10/0x10
[  201.278131][T10269]  __get_vm_area_node+0x1ca/0x330
[  201.278151][T10269]  __vmalloc_node_range_noprof+0x247/0x16b0
[  201.278162][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.278181][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.278197][T10269]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  201.278213][T10269]  ? rcu_is_watching+0x12/0xc0
[  201.278229][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.278242][T10269]  __vmalloc_node_noprof+0xad/0xf0
[  201.278253][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.278268][T10269]  vc_do_resize+0x24d/0x10e0
[  201.278288][T10269]  ? __pfx_vc_do_resize+0x10/0x10
[  201.278304][T10269]  ? rcu_is_watching+0x12/0xc0
[  201.278321][T10269]  vt_ioctl+0x2c6f/0x30a0
[  201.278335][T10269]  ? __pfx_vt_ioctl+0x10/0x10
[  201.278346][T10269]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  201.278366][T10269]  ? apparmor_capable+0x1d7/0x4e0
[  201.278377][T10269]  ? do_vfs_ioctl+0x128/0x14f0
[  201.278391][T10269]  ? bpf_lsm_capable+0x9/0x10
[  201.278405][T10269]  ? security_capable+0x7e/0x260
[  201.278424][T10269]  vt_compat_ioctl+0x1c2/0x4e0
[  201.278437][T10269]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  201.278449][T10269]  ? hook_file_ioctl_common+0x144/0x410
[  201.278465][T10269]  ? __fget_files+0x20e/0x3c0
[  201.278480][T10269]  ? __fput_deferred+0x480/0x480
[  201.278491][T10269]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  201.278503][T10269]  tty_compat_ioctl+0x2f1/0x4d0
[  201.278519][T10269]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  201.278535][T10269]  __ia32_compat_sys_ioctl+0x242/0x370
[  201.278551][T10269]  __do_fast_syscall_32+0xe8/0x680
[  201.278570][T10269]  do_fast_syscall_32+0x32/0x80
[  201.278580][T10269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  201.278594][T10269] RIP: 0023:0xf708d579
[  201.278602][T10269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  201.278613][T10269] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  201.278623][T10269] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000560a
[  201.278630][T10269] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  201.278636][T10269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  201.278642][T10269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  201.278648][T10269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  201.278662][T10269]  </TASK>
[  201.279031][T10269] syz.3.637: vmalloc error: size 1352, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  201.279118][T10269] CPU: 0 UID: 0 PID: 10269 Comm: syz.3.637 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  201.279134][T10269] Tainted: [L]=SOFTLOCKUP
[  201.279137][T10269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.279143][T10269] Call Trace:
[  201.279147][T10269]  <TASK>
[  201.279151][T10269]  dump_stack_lvl+0x16c/0x1f0
[  201.279169][T10269]  warn_alloc+0x248/0x3a0
[  201.279183][T10269]  ? __pfx_warn_alloc+0x10/0x10
[  201.279196][T10269]  ? kfree+0x2f8/0x6e0
[  201.279208][T10269]  ? __get_vm_area_node+0x2cd/0x330
[  201.279227][T10269]  ? __get_vm_area_node+0x2cd/0x330
[  201.279243][T10269]  ? __get_vm_area_node+0x1dc/0x330
[  201.279259][T10269]  ? __get_vm_area_node+0x208/0x330
[  201.279278][T10269]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  201.279293][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.279311][T10269]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  201.279327][T10269]  ? rcu_is_watching+0x12/0xc0
[  201.279343][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.279356][T10269]  __vmalloc_node_noprof+0xad/0xf0
[  201.279366][T10269]  ? vc_do_resize+0x24d/0x10e0
[  201.279381][T10269]  vc_do_resize+0x24d/0x10e0
[  201.279401][T10269]  ? __pfx_vc_do_resize+0x10/0x10
[  201.279417][T10269]  ? rcu_is_watching+0x12/0xc0
[  201.279434][T10269]  vt_ioctl+0x2c6f/0x30a0
[  201.279448][T10269]  ? __pfx_vt_ioctl+0x10/0x10
[  201.279459][T10269]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  201.279479][T10269]  ? apparmor_capable+0x1d7/0x4e0
[  201.279489][T10269]  ? do_vfs_ioctl+0x128/0x14f0
[  201.279502][T10269]  ? bpf_lsm_capable+0x9/0x10
[  201.279517][T10269]  ? security_capable+0x7e/0x260
[  201.279535][T10269]  vt_compat_ioctl+0x1c2/0x4e0
[  201.279548][T10269]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  201.279560][T10269]  ? hook_file_ioctl_common+0x144/0x410
[  201.279575][T10269]  ? __fget_files+0x20e/0x3c0
[  201.279589][T10269]  ? __fput_deferred+0x480/0x480
[  201.279600][T10269]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  201.279613][T10269]  tty_compat_ioctl+0x2f1/0x4d0
[  201.279628][T10269]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  201.279644][T10269]  __ia32_compat_sys_ioctl+0x242/0x370
[  201.279660][T10269]  __do_fast_syscall_32+0xe8/0x680
[  201.279678][T10269]  do_fast_syscall_32+0x32/0x80
[  201.279688][T10269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  201.279701][T10269] RIP: 0023:0xf708d579
[  201.279709][T10269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  201.279719][T10269] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  201.279729][T10269] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000560a
[  201.279736][T10269] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  201.279742][T10269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  201.279748][T10269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  201.279754][T10269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  201.279768][T10269]  </TASK>
[  201.279771][T10269] Mem-Info:
[  201.279776][T10269] active_anon:5944 inactive_anon:350 isolated_anon:0
[  201.279776][T10269]  active_file:6715 inactive_file:25306 isolated_file:0
[  201.279776][T10269]  unevictable:1768 dirty:1130 writeback:0
[  201.279776][T10269]  slab_reclaimable:7548 slab_unreclaimable:74487
[  201.279776][T10269]  mapped:27349 shmem:3807 pagetables:976
[  201.279776][T10269]  sec_pagetables:315 bounce:0
[  201.279776][T10269]  kernel_misc_reclaimable:0
[  201.279776][T10269]  free:33029 free_pcp:16609 free_cma:0
[  201.279804][T10269] Node 0 active_anon:0kB inactive_anon:52kB active_file:0kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9792kB pagetables:1404kB sec_pagetables:1156kB all_unreclaimable? yes Balloon:0kB
[  201.279831][T10269] Node 1 active_anon:23776kB inactive_anon:1348kB active_file:26860kB inactive_file:101212kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:109380kB dirty:4516kB writeback:0kB shmem:11692kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5852kB pagetables:2500kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB
[  201.279859][T10269] Node 0 DMA free:2072kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:360kB local_pcp:28kB free_cma:0kB
[  201.279896][T10269] lowmem_reserve[]: 0 289 289 289 289
[  201.279917][T10269] Node 0 DMA32 free:15844kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:52kB active_file:0kB inactive_file:12kB unevictable:3536kB writepending:4kB zspages:120kB present:1032196kB managed:296812kB mlocked:0kB bounce:0kB free_pcp:8668kB local_pcp:1756kB free_cma:0kB
[  201.279950][T10269] lowmem_reserve[]: 0 0 0 0 0
[  201.279971][T10269] Node 1 DMA32 free:114200kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23776kB inactive_anon:1348kB active_file:26860kB inactive_file:101212kB unevictable:3536kB writepending:4516kB zspages:2440kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:57408kB local_pcp:16388kB free_cma:0kB
[  201.280004][T10269] lowmem_reserve[]: 0 0 0 0 0
[  201.280025][T10269] Node 0 DMA: 4*4kB (UM) 1*8kB (M) 2*16kB (UM) 3*32kB (U) 4*64kB (UM) 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2072kB
[  201.280109][T10269] Node 0 DMA32: 8*4kB (E) 11*8kB (UME) 3*16kB (UME) 40*32kB (UME) 32*64kB (UME) 28*128kB (UME) 4*256kB (UM) 7*512kB (UM) 4*1024kB (UM) 0*2048kB 0*4096kB = 15784kB
[  201.280196][T10269] Node 1 DMA32: 61*4kB (UME) 1*8kB (M) 7*16kB (E) 47*32kB (ME) 57*64kB (UME) 185*128kB (UME) 146*256kB (UME) 45*512kB (UME) 20*1024kB (UM) 2*2048kB (M) 0*4096kB = 114188kB
[  201.280288][T10269] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  201.280297][T10269] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  201.280306][T10269] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  201.280315][T10269] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  201.280323][T10269] 37048 total pagecache pages
[  201.280328][T10269] 1223 pages in swap cache
[  201.280332][T10269] Free swap  = 115320kB
[  201.280336][T10269] Total swap = 124996kB
[  201.280340][T10269] 524155 pages RAM
[  201.280344][T10269] 0 pages HighMem/MovableOnly
[  201.280348][T10269] 209059 pages reserved
[  201.280352][T10269] 0 pages cma reserved
[  201.377172][   T56] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/rc/rc0
[  201.378032][   T56] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/rc/rc0/input16
[  201.385459][   T56] imon 6-1:155.0: iMON device (15c2:ffdc, intf0) on usb<6:11> initialized
[  201.845295][   T57] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  201.927297][T10284] xt_CT: No such helper "pptp"
[  202.005410][   T57] usb 5-1: Using ep0 maxpacket: 8
[  202.008614][   T57] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  202.009264][T10287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.641'.
[  202.011302][   T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  202.014239][T10287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.641'.
[  202.017378][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  202.023289][   T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  202.026686][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  202.029969][   T57] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  202.034595][   T57] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  202.037657][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.052702][T10287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.641'.
[  202.056029][T10287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.641'.
[  202.072812][   T57] usbtmc 5-1:16.0: probe with driver usbtmc failed with error -22
[  202.107007][T10287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.641'.
[  202.109961][T10287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.641'.
[  202.550158][T10295] netlink: 32 bytes leftover after parsing attributes in process `syz.2.642'.
[  202.553242][T10295] netlink: 32 bytes leftover after parsing attributes in process `syz.2.642'.
[  202.573595][T10295] netlink: 32 bytes leftover after parsing attributes in process `syz.2.642'.
[  202.576820][T10295] netlink: 32 bytes leftover after parsing attributes in process `syz.2.642'.
[  202.624958][T10300] imon:display_open: display port is already open
[  202.745868][T10289] Process accounting resumed
[  203.192775][T10299] Process accounting resumed
[  203.335448][   T57] usb 6-1: USB disconnect, device number 11
[  203.426507][T10311] 
[  203.426519][T10311] ======================================================
[  203.426527][T10311] WARNING: possible circular locking dependency detected
[  203.426539][T10311] syzkaller #0 Tainted: G             L     
[  203.426550][T10311] ------------------------------------------------------
[  203.426557][T10311] syz.1.645/10311 is trying to acquire lock:
[  203.426569][T10311] ffff88802ae270d0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12d0
[  203.426632][T10311] 
[  203.426632][T10311] but task is already holding lock:
[  203.426639][T10311] ffff888027ac6468 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  203.426690][T10311] 
[  203.426690][T10311] which lock already depends on the new lock.
[  203.426690][T10311] 
[  203.426696][T10311] 
[  203.426696][T10311] the existing dependency chain (in reverse order) is:
[  203.426703][T10311] 
[  203.426703][T10311] -> #3 (&pipe->mutex){+.+.}-{4:4}:
[  203.426729][T10311]        __mutex_lock+0x1aa/0x1ca0
[  203.426761][T10311]        anon_pipe_write+0x15d/0x1bd0
[  203.426788][T10311]        __kernel_write_iter+0x720/0xb10
[  203.426816][T10311]        __kernel_write+0xf5/0x140
[  203.426842][T10311]        autofs_notify_daemon+0x4db/0xd60
[  203.426863][T10311]        autofs_wait+0x10f3/0x1ac0
[  203.426883][T10311]        autofs_mount_wait+0x132/0x3c0
[  203.426900][T10311]        autofs_d_automount+0x4b2/0x960
[  203.426920][T10311]        __traverse_mounts+0x1b9/0x830
[  203.426937][T10311]        step_into_slowpath+0x772/0xf50
[  203.426959][T10311]        path_lookupat+0x627/0xc40
[  203.426981][T10311]        filename_lookup+0x224/0x5f0
[  203.427005][T10311]        kern_path+0x35/0x50
[  203.427028][T10311]        lookup_bdev+0xd8/0x280
[  203.427046][T10311]        resume_store+0x1d6/0x490
[  203.427067][T10311]        kobj_attr_store+0x58/0x80
[  203.427095][T10311]        sysfs_kf_write+0xf2/0x150
[  203.427113][T10311]        kernfs_fop_write_iter+0x3af/0x570
[  203.427139][T10311]        vfs_write+0x7d3/0x11d0
[  203.427163][T10311]        ksys_write+0x12a/0x250
[  203.427188][T10311]        __do_fast_syscall_32+0xe8/0x680
[  203.427217][T10311]        do_fast_syscall_32+0x32/0x80
[  203.427232][T10311]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.427256][T10311] 
[  203.427256][T10311] -> #2 (&sbi->pipe_mutex){+.+.}-{4:4}:
[  203.427284][T10311]        __mutex_lock+0x1aa/0x1ca0
[  203.427313][T10311]        autofs_notify_daemon+0x4a6/0xd60
[  203.427333][T10311]        autofs_wait+0x10f3/0x1ac0
[  203.427352][T10311]        autofs_mount_wait+0x132/0x3c0
[  203.427370][T10311]        autofs_d_automount+0x4b2/0x960
[  203.427388][T10311]        __traverse_mounts+0x1b9/0x830
[  203.427405][T10311]        step_into_slowpath+0x772/0xf50
[  203.427428][T10311]        path_lookupat+0x627/0xc40
[  203.427450][T10311]        filename_lookup+0x224/0x5f0
[  203.427474][T10311]        kern_path+0x35/0x50
[  203.427497][T10311]        lookup_bdev+0xd8/0x280
[  203.427513][T10311]        resume_store+0x1d6/0x490
[  203.427534][T10311]        kobj_attr_store+0x58/0x80
[  203.427560][T10311]        sysfs_kf_write+0xf2/0x150
[  203.427577][T10311]        kernfs_fop_write_iter+0x3af/0x570
[  203.427616][T10311]        vfs_write+0x7d3/0x11d0
[  203.427644][T10311]        ksys_write+0x12a/0x250
[  203.427671][T10311]        __do_fast_syscall_32+0xe8/0x680
[  203.427701][T10311]        do_fast_syscall_32+0x32/0x80
[  203.427716][T10311]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.427740][T10311] 
[  203.427740][T10311] -> #1 (&of->mutex){+.+.}-{4:4}:
[  203.427767][T10311]        __mutex_lock+0x1aa/0x1ca0
[  203.427794][T10311]        kernfs_seq_start+0x4f/0x2a0
[  203.427821][T10311]        seq_read_iter+0x2c1/0x12d0
[  203.427844][T10311]        kernfs_fop_read_iter+0x46c/0x610
[  203.427872][T10311]        copy_splice_read+0x618/0xc20
[  203.427897][T10311]        do_splice_read+0x285/0x370
[  203.427921][T10311]        splice_direct_to_actor+0x2a1/0xa30
[  203.427948][T10311]        do_splice_direct+0x174/0x240
[  203.427972][T10311]        do_sendfile+0xb06/0xe50
[  203.427995][T10311]        __ia32_compat_sys_sendfile+0x1e5/0x220
[  203.428013][T10311]        __do_fast_syscall_32+0xe8/0x680
[  203.428042][T10311]        do_fast_syscall_32+0x32/0x80
[  203.428058][T10311]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.428082][T10311] 
[  203.428082][T10311] -> #0 (&p->lock){+.+.}-{4:4}:
[  203.428106][T10311]        __lock_acquire+0x1669/0x2890
[  203.428122][T10311]        lock_acquire+0x179/0x330
[  203.428137][T10311]        __mutex_lock+0x1aa/0x1ca0
[  203.428166][T10311]        seq_read_iter+0xe1/0x12d0
[  203.428188][T10311]        kernfs_fop_read_iter+0x46c/0x610
[  203.428216][T10311]        copy_splice_read+0x618/0xc20
[  203.428242][T10311]        do_splice_read+0x285/0x370
[  203.428267][T10311]        splice_file_to_pipe+0x109/0x120
[  203.428295][T10311]        do_sendfile+0x400/0xe50
[  203.428318][T10311]        __ia32_compat_sys_sendfile+0x1e5/0x220
[  203.428336][T10311]        __do_fast_syscall_32+0xe8/0x680
[  203.428365][T10311]        do_fast_syscall_32+0x32/0x80
[  203.428381][T10311]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.428404][T10311] 
[  203.428404][T10311] other info that might help us debug this:
[  203.428404][T10311] 
[  203.428410][T10311] Chain exists of:
[  203.428410][T10311]   &p->lock --> &sbi->pipe_mutex --> &pipe->mutex
[  203.428410][T10311] 
[  203.428442][T10311]  Possible unsafe locking scenario:
[  203.428442][T10311] 
[  203.428447][T10311]        CPU0                    CPU1
[  203.428453][T10311]        ----                    ----
[  203.428458][T10311]   lock(&pipe->mutex);
[  203.428471][T10311]                                lock(&sbi->pipe_mutex);
[  203.428485][T10311]                                lock(&pipe->mutex);
[  203.428499][T10311]   lock(&p->lock);
[  203.428512][T10311] 
[  203.428512][T10311]  *** DEADLOCK ***
[  203.428512][T10311] 
[  203.428517][T10311] 1 lock held by syz.1.645/10311:
[  203.428528][T10311]  #0: ffff888027ac6468 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  203.428623][T10311] 
[  203.428623][T10311] stack backtrace:
[  203.428634][T10311] CPU: 2 UID: 0 PID: 10311 Comm: syz.1.645 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  203.428661][T10311] Tainted: [L]=SOFTLOCKUP
[  203.428667][T10311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.428679][T10311] Call Trace:
[  203.428685][T10311]  <TASK>
[  203.428692][T10311]  dump_stack_lvl+0x116/0x1f0
[  203.428720][T10311]  print_circular_bug+0x275/0x340
[  203.428750][T10311]  check_noncircular+0x146/0x160
[  203.428781][T10311]  __lock_acquire+0x1669/0x2890
[  203.428800][T10311]  ? mark_held_locks+0x49/0x80
[  203.428818][T10311]  lock_acquire+0x179/0x330
[  203.428834][T10311]  ? seq_read_iter+0xe1/0x12d0
[  203.428854][T10311]  ? __pfx___might_resched+0x10/0x10
[  203.428881][T10311]  __mutex_lock+0x1aa/0x1ca0
[  203.428908][T10311]  ? seq_read_iter+0xe1/0x12d0
[  203.428929][T10311]  ? do_sendfile+0x400/0xe50
[  203.428952][T10311]  ? __do_fast_syscall_32+0xe8/0x680
[  203.428979][T10311]  ? do_fast_syscall_32+0x32/0x80
[  203.428994][T10311]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.429015][T10311]  ? seq_read_iter+0xe1/0x12d0
[  203.429036][T10311]  ? __pfx___mutex_lock+0x10/0x10
[  203.429066][T10311]  ? alloc_pages_bulk_noprof+0xac5/0x1410
[  203.429090][T10311]  ? seq_read_iter+0xe1/0x12d0
[  203.429110][T10311]  seq_read_iter+0xe1/0x12d0
[  203.429132][T10311]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  203.429156][T10311]  kernfs_fop_read_iter+0x46c/0x610
[  203.429186][T10311]  copy_splice_read+0x618/0xc20
[  203.429213][T10311]  ? __pfx_aa_file_perm+0x10/0x10
[  203.429238][T10311]  ? __pfx_copy_splice_read+0x10/0x10
[  203.429267][T10311]  ? __fget_files+0x204/0x3c0
[  203.429293][T10311]  ? __pfx_copy_splice_read+0x10/0x10
[  203.429318][T10311]  do_splice_read+0x285/0x370
[  203.429346][T10311]  splice_file_to_pipe+0x109/0x120
[  203.429376][T10311]  do_sendfile+0x400/0xe50
[  203.429402][T10311]  ? __pfx_do_sendfile+0x10/0x10
[  203.429428][T10311]  ? __pfx___seccomp_filter+0x10/0x10
[  203.429452][T10311]  __ia32_compat_sys_sendfile+0x1e5/0x220
[  203.429470][T10311]  ? xfd_validate_state+0x61/0x180
[  203.429488][T10311]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  203.429507][T10311]  ? __secure_computing+0x21c/0x320
[  203.429530][T10311]  __do_fast_syscall_32+0xe8/0x680
[  203.429560][T10311]  do_fast_syscall_32+0x32/0x80
[  203.429577][T10311]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.429604][T10311] RIP: 0023:0xf709d579
[  203.429619][T10311] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  203.429637][T10311] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  203.429654][T10311] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000003
[  203.429666][T10311] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  203.429677][T10311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.429688][T10311] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  203.429699][T10311] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  203.429716][T10311]  </TASK>
[  203.479973][T10313] FAULT_INJECTION: forcing a failure.
[  203.479973][T10313] name failslab, interval 1, probability 0, space 0, times 0
[  203.758304][T10313] CPU: 2 UID: 0 PID: 10313 Comm: syz.1.646 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  203.758324][T10313] Tainted: [L]=SOFTLOCKUP
[  203.758328][T10313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.758335][T10313] Call Trace:
[  203.758339][T10313]  <TASK>
[  203.758344][T10313]  dump_stack_lvl+0x16c/0x1f0
[  203.758365][T10313]  should_fail_ex+0x512/0x640
[  203.758378][T10313]  should_failslab+0xc2/0x120
[  203.758396][T10313]  __kvmalloc_node_noprof+0x14a/0xa40
[  203.758411][T10313]  ? seq_read_iter+0x830/0x12d0
[  203.758425][T10313]  ? alloc_pages_bulk_noprof+0xac5/0x1410
[  203.758439][T10313]  ? seq_read_iter+0x830/0x12d0
[  203.758452][T10313]  seq_read_iter+0x830/0x12d0
[  203.758466][T10313]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  203.758482][T10313]  kernfs_fop_read_iter+0x46c/0x610
[  203.758500][T10313]  copy_splice_read+0x618/0xc20
[  203.758516][T10313]  ? __pfx_aa_file_perm+0x10/0x10
[  203.758532][T10313]  ? rcu_is_watching+0x12/0xc0
[  203.758547][T10313]  ? __pfx_copy_splice_read+0x10/0x10
[  203.758564][T10313]  ? rcu_is_watching+0x12/0xc0
[  203.758579][T10313]  ? lock_release+0x201/0x2d0
[  203.758589][T10313]  ? __pfx_copy_splice_read+0x10/0x10
[  203.758604][T10313]  do_splice_read+0x285/0x370
[  203.758619][T10313]  splice_file_to_pipe+0x109/0x120
[  203.758636][T10313]  do_sendfile+0x400/0xe50
[  203.758651][T10313]  ? __pfx_do_sendfile+0x10/0x10
[  203.758666][T10313]  ? __pfx___seccomp_filter+0x10/0x10
[  203.758680][T10313]  __ia32_compat_sys_sendfile+0x1e5/0x220
[  203.758691][T10313]  ? ksys_write+0x1ac/0x250
[  203.758705][T10313]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  203.758717][T10313]  ? __secure_computing+0x21c/0x320
[  203.758729][T10313]  __do_fast_syscall_32+0xe8/0x680
[  203.758748][T10313]  do_fast_syscall_32+0x32/0x80
[  203.758757][T10313]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.758771][T10313] RIP: 0023:0xf709d579
[  203.758779][T10313] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  203.758790][T10313] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  203.758801][T10313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000003
[  203.758807][T10313] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  203.758813][T10313] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.758820][T10313] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  203.758841][T10313] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  203.758851][T10313]  </TASK>
[  203.763038][   T29] net_ratelimit: 5 callbacks suppressed
[  203.763065][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.613895][  T829] usb 5-1: USB disconnect, device number 17
[  204.835305][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.915387][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.875249][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.915610][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.955157][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.965136][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.435207][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.995176][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.035058][ T1333] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.995010][   T57] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.074993][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.114903][  T947] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.154868][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog