last executing test programs:

16m57.409615922s ago: executing program 1 (id=1595):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0xd}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1000}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_DESC={0x4}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x23}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x17}]}], {0x14, 0x10}}, 0x98}}, 0x0)
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x141080)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000200)=0x5)
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close(r3)
setrlimit(0xd, &(0x7f0000000280)={0xc800, 0x10001})
setpriority(0x1, 0x0, 0x80000000)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x3, 0x0, 0x9}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f0000020a80)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)=""/59, 0x3b}, {&(0x7f0000000340)=""/156, 0x9c}, {&(0x7f0000000400)=""/252, 0xfc}, {&(0x7f0000000500)=""/40, 0x28}, {&(0x7f0000000540)=""/81, 0x51}, {&(0x7f00000005c0)=""/52, 0x34}], 0x6, &(0x7f0000000640)=""/179, 0xb3}, 0x9}, {{&(0x7f0000000700)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000000780)=[{&(0x7f0000001480)=""/4096, 0x1000}], 0x1, &(0x7f0000002480)=""/188, 0xbc}, 0x2}, {{&(0x7f0000000880)=@ax25={{0x3, @rose}, [@null, @default, @bcast, @netrom, @bcast, @null, @rose, @netrom]}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000900)=""/247, 0xf7}, {&(0x7f0000000a00)=""/231, 0xe7}, {&(0x7f0000000b00)=""/165, 0xa5}, {&(0x7f0000000bc0)=""/177, 0xb1}, {&(0x7f00000007c0)=""/51, 0x33}, {&(0x7f0000000cc0)=""/145, 0x91}, {&(0x7f000001b700)=""/4096, 0x1000}, {&(0x7f0000000d80)=""/11, 0xb}], 0x8, &(0x7f0000000e00)=""/188, 0xbc}, 0x3}, {{&(0x7f0000000ec0)=@nl=@unspec, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000f40)=""/113, 0x71}, {&(0x7f000001c700)=""/4096, 0x1000}], 0x2, &(0x7f0000001000)=""/221, 0xdd}, 0x8}, {{&(0x7f0000001100)=@pptp={0x18, 0x2, {0x0, @broadcast}}, 0x80, &(0x7f0000001380)=[{&(0x7f0000001180)=""/41, 0x29}, {&(0x7f00000011c0)=""/15, 0xf}, {&(0x7f0000001200)=""/151, 0x97}, {&(0x7f00000012c0)=""/184, 0xb8}, {&(0x7f0000020b80)=""/231, 0xe7}], 0x5, &(0x7f000001d700)=""/4096, 0x1000}, 0x4f70}, {{&(0x7f00000013c0)=@hci, 0x80, &(0x7f00000026c0)=[{&(0x7f000001e700)=""/4096, 0x1000}, {&(0x7f0000002580)=""/97, 0x61}, {&(0x7f000001f700)=""/4096, 0x1000}, {&(0x7f0000002600)=""/141, 0x8d}, {&(0x7f0000020700)=""/74, 0x4a}], 0x5}, 0x7}, {{0x0, 0x0, &(0x7f0000020980)=[{&(0x7f0000020780)=""/172, 0xac}, {&(0x7f0000020840)=""/14, 0xe}, {&(0x7f0000020880)=""/194, 0xc2}], 0x3, &(0x7f00000209c0)=""/169, 0xa9}, 0x1}], 0x7, 0x2, 0x0)

16m56.270351894s ago: executing program 1 (id=1599):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000480)={'wlan1\x00', {0x2, 0x4e22, @loopback}})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x6, 0x0, 0x9, 0x4, 0xfffffe0000000001, 0x0, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f000045f000/0x4000)=nil)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x103000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x4000, 0x6, 0x4d, 0xffffffff, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", '\x00', "a2d1d4a2", ['\x00', "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r4 = syz_open_dev$cec(0x0, 0x0, 0xc0b02)
ioctl$CEC_TRANSMIT(r4, 0xc0386105, &(0x7f0000000d40)={0x0, 0x1, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"})
r5 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f0000000340)={"6d71f879", 0x5, 0x0, 0x0, 0x0, 0x0, "244a18d1c4e6469a005caf0c0ff58a", "ce4250d8", "bf513d1d", "136712b9", ["27e203a56a36ac4f0b8b8c4f", "5e10229555954b0f02cd1469", "cb0e83d3a15978155c384d00", "79f56ca74227234da829edb7"]})
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within'])
open(0x0, 0x606701, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000)={'#! ', './file0'}, 0xfffffd9d)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x5)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)

16m55.390264496s ago: executing program 1 (id=1603):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000480)={'wlan1\x00', {0x2, 0x4e22, @loopback}})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x6, 0x0, 0x9, 0x4, 0xfffffe0000000001, 0x0, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f000045f000/0x4000)=nil)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x103000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x4000, 0x6, 0x4d, 0xffffffff, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", '\x00', "a2d1d4a2", ['\x00', "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc0b02)
ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000d40)={0x0, 0x1, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"})
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000340)={"6d71f879", 0x5, 0x0, 0x0, 0x0, 0x0, "244a18d1c4e6469a005caf0c0ff58a", "ce4250d8", "bf513d1d", "136712b9", ["27e203a56a36ac4f0b8b8c4f", "5e10229555954b0f02cd1469", "cb0e83d3a15978155c384d00", "79f56ca74227234da829edb7"]})
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within'])
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000)={'#! ', './file0'}, 0xfffffd9d)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x5)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)

16m55.270049988s ago: executing program 1 (id=1604):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a1", 0xa}], 0x1}, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x7, 0x9, 0xc5, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x8e, 0x7}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x101081, 0x0)
fcntl$lock(r5, 0x5, &(0x7f0000000200)={0x1})
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000000)="1b0000001a005f0400f9f407000904018000200000000000000000", 0x1b)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x500, 0x40)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x200ffff, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r9}, 0x10)
r10 = open_tree(r7, &(0x7f0000000300)='\x00', 0x89901)
move_mount(r10, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

16m55.116740007s ago: executing program 1 (id=1607):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0xd}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1000}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_DESC={0x4}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x23}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x17}]}], {0x14, 0x10}}, 0x98}}, 0x0)
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x141080)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000200)=0x5)
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close(r3)
setrlimit(0xd, &(0x7f0000000280)={0xc800, 0x10001})
setpriority(0x1, 0x0, 0x80000000)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x3, 0x0, 0x9}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f0000020a80)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)=""/59, 0x3b}, {&(0x7f0000000340)=""/156, 0x9c}, {&(0x7f0000000400)=""/252, 0xfc}, {&(0x7f0000000500)=""/40, 0x28}, {&(0x7f0000000540)=""/81, 0x51}, {&(0x7f00000005c0)=""/52, 0x34}], 0x6, &(0x7f0000000640)=""/179, 0xb3}, 0x9}, {{&(0x7f0000000700)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000000780)=[{&(0x7f0000001480)=""/4096, 0x1000}], 0x1, &(0x7f0000002480)=""/188, 0xbc}, 0x2}, {{&(0x7f0000000880)=@ax25={{0x3, @rose}, [@null, @default, @bcast, @netrom, @bcast, @null, @rose, @netrom]}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000900)=""/247, 0xf7}, {&(0x7f0000000a00)=""/231, 0xe7}, {&(0x7f0000000b00)=""/165, 0xa5}, {&(0x7f0000000bc0)=""/177, 0xb1}, {&(0x7f00000007c0)=""/51, 0x33}, {&(0x7f0000000cc0)=""/145, 0x91}, {&(0x7f000001b700)=""/4096, 0x1000}, {&(0x7f0000000d80)=""/11, 0xb}], 0x8, &(0x7f0000000e00)=""/188, 0xbc}, 0x3}, {{&(0x7f0000000ec0)=@nl=@unspec, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000f40)=""/113, 0x71}, {&(0x7f000001c700)=""/4096, 0x1000}], 0x2, &(0x7f0000001000)=""/221, 0xdd}, 0x8}, {{&(0x7f0000001100)=@pptp={0x18, 0x2, {0x0, @broadcast}}, 0x80, &(0x7f0000001380)=[{&(0x7f0000001180)=""/41, 0x29}, {&(0x7f00000011c0)=""/15, 0xf}, {&(0x7f0000001200)=""/151, 0x97}, {&(0x7f00000012c0)=""/184, 0xb8}, {&(0x7f0000020b80)=""/231, 0xe7}], 0x5, &(0x7f000001d700)=""/4096, 0x1000}, 0x4f70}, {{&(0x7f00000013c0)=@hci, 0x80, &(0x7f00000026c0)=[{&(0x7f000001e700)=""/4096, 0x1000}, {&(0x7f0000002580)=""/97, 0x61}, {&(0x7f000001f700)=""/4096, 0x1000}, {&(0x7f0000002600)=""/141, 0x8d}, {&(0x7f0000020700)=""/74, 0x4a}], 0x5}, 0x7}, {{0x0, 0x0, &(0x7f0000020980)=[{&(0x7f0000020780)=""/172, 0xac}, {&(0x7f0000020840)=""/14, 0xe}, {&(0x7f0000020880)=""/194, 0xc2}], 0x3, &(0x7f00000209c0)=""/169, 0xa9}, 0x1}], 0x7, 0x2, 0x0)

16m54.680303993s ago: executing program 1 (id=1610):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0xa8)
sendto$inet6(r0, 0x0, 0x3f00, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)

16m54.639042542s ago: executing program 32 (id=1610):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0xa8)
sendto$inet6(r0, 0x0, 0x3f00, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)

12m0.187617826s ago: executing program 4 (id=2970):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f0000000480)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)

11m59.314004933s ago: executing program 4 (id=2975):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x5, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffdf}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006280)="c9614df797d5bbaf2d529ccfe807cb2396820ca614edc8f52d067330a81f6c26f4cc0f48e5ae1d42335297538a44b9b28f2d36c39510bcdb6cf2fc17d9b35688d0447cc7167668496bdd28d8df1292b12b61894268f707c212263b3f1ae188c8a69527ac8e196f23028853fd4009294124f18fc47bd2322220e5f0d5d30223095e4e748803b6bf25ba87f40183766b5d2c3a6b3d2f7566b160f0e0742a6cabf6b0071295bc4d5ca4ee60a1fbdc8bbc1f2a59428bc836a1ef0c2dfcbe514f9857f7230f848af37be100dc4f4115ffcb0198774affeb7690dd6782a9f51987dba5d9fd0b6a3426c1ce1e04e48f4255c157450791ba022f0bad4844a22679bb17601987f461d7a35d7de8874cc3c47f360b3c31dfdbf7bb9f93ec80046118660e8bbb18930914f087c05df436073b9ccc5a740f8f634cc827245366b1179aaaddd2bd161f2fa413e1beded9f3063cabd52ece7139af17db00b63117a6b6a1ad8c33ed779d7dddf5b40c17635397b878c7117923f26767864e788da1f79dbbc769fbab45b34198b69dd0599904a0c1297812f9ad9cbf48c59d553b1004ab8213802f3a0852b5b827ab3ea7220873b379b459d7a09af061ccda8bd857d3b2bf2dbaea1b00e2cd0bcc8d6eb11c04bd21532bec66ae36d674a4dd01ab54c27d3267961ecfad0042837fea87d75cecc7a1a58f79f77d72fede0757b7c1f54a5040e741a0fc785ea0ad13bcfc0b69df4dc29dc75e331d2ba03c3cdf04e0a4490159b43c6ae2c010f276c85f3bc46ca94e73e11762739e40e6bfbc113f46ee6ab801b97d42fadc067e23a3151ae90ff64c80e64bba5313475948fbd24a6a95f7ec0b221c9f901c68d184d38b2e09cde68fbd6dd022b6fa1db26aa6ebe2128a93fcb7259ebcde896bd81685c881cb25f581e27479f929e1094852559209c255b0dd5317b148567674b235b10e093363e8e4bd15c4ab90c44abaadbfeabd65e26223543c415befff4d280ad0f0dc132b5413bbe96fdedcabc55e9f3eeead53a1f2d7c0455c8a3bda363a8c33c99888a05546f49dc4c3593aeb30b8ea314b77b8d117334d9c3f800a132e4c3bab461863f027dcfc066bf93f0426d74e02c92a0727309d5bf5bf8242a2b594b81de0e030e55f0125b5d4e12dbffc6806a6c7bd6d62c3d54e87f0607e08750d808a2f442a7eac0ec311c3498b9709ae2f505d5e8b3670079847644147741ffca679bbd1b658bc6c422e58d070f8608c246677af0e2efff5cbf88b3b4a0431a2f26648d64991cf99848012cb6eecb8a13ea91ce77d3c8f2bc047370f4811ae5c341371e3b65bed88294580ba90258c8d36683f21d91a8a914948b2222e4127b061cc0121b97a1b9b1c4ebb7ee166b5af58497d7e0ac90fda25e41a2490ec5d143d0e47475741b30138585637d7997fff2a8805a88c4bd75975ccffcbabefa3576328d86e802b8490e8a773e01afa74fa26c6849deb15b05596e7226cdc0c0ff364bcb4e62ec54984c9485b6eb819165972b9c935a3ae18c698438582e170437c538d7d24a935036964c77e6ed37de77c64384b258f7bbe944f630d3ca82c441c6b2c5bc73dd9f90ecff67a816de7b15bdcaa5a5f1bb8b270a8ac1119e1626e29eb5f2ae4595ca2e10c2e6b297c30c3eeb432ad374101938916c77aefd2ed0f5bb658922bdec9bd76767b9a4b56a15aaa2f7e7d06dba36710a4c8d69d2361aa5f1864710d0868d8f7616cffac40e0accd9b44df8cb5b5324039d82c44e9b97d3a77d914a3738cab84541f0dfc2ed93fb3a746d19cf73495cab380afcdac8acf300e34bb68917009ec1d205dc315669c6341218ebbd0a380c0d14396732e430544ea02d9aff1ffd199c475c4cd313aac4de1121055d806858ee1538436a5f3a549230a42698aeaa3b58b5b9dbf6e11292dad9e0535f5c0685105a448888101ca2228ab50af16b657bb9abb5d4c40cf03931f345663ef6e7655048f78bd23227c6a78bd8b8a457abad7267c8d3ed8decb74cfb21c98471c31f068fd8fea32f13d4478e476d7b5ee10579bda100686db9b3fac14b71e614fd156bddbbde1bf759d0023eb50345e970fa93efd99469583eecec690147f3c075da4efeda849b172829f34e31b281d844fb7c04ca49b30a15abbe493c191e003b76ccb8b2e560ddc3573c6182a87f8e5bdbe10333b3ff3381705984e5595831c025335d0438b053d17fe2f43424735ec3e9d0e8dc278d9e3f35d8d6881e47801d9f77ddf9954ba8f4fe95c295a67968b07bde6378b5ccf24f3d0d228b3cfb4624318828a2649af11698c56860c85617a5151f879846383f5fcf0e9ac483bc4c60beda3bd273a594fc26850d31a852839f23f9e5ffd31d63a7cee2341f22f385d41521aacfe6faf1c5b1e024cd6c6cd4b8696b8e66c6268196da27dc4090552748260bba916b932cbf8066b07dbf5f75b5ea04c385d2ac971d079ab7d4a6bec1008b7564f167aa903acda2ef1756ddbdee86ad25b172479756036d1e11b5c2ab10e657e3b3c768840fd111477bfa05b9e7a2ee765d685f7688765f2441e052a60f56286e6d15ea19d98306a0a5b5efd5b1363bf357d836cb20bb2420ecff7fd682c78763bd1ab31561e6a36a20bf57024852e168bdbc82efa42f7302dc5519c2b56ba3e960437e69f5502048e914540bd4e6138e04e3cb04c75abaee441dd29e23a23948eecb2a7883ae6f3c35b3a3a965fd062688a5975059da47b6029f38baec8d3932295a2257c83a0f966aa7c19db13ccadb86c6c81d84a09bd0782cc87369c8b3a006fee64323c964dcd731fbcaa2f1c1b19f55688365f183bc26bcb636eb0622fc5f5804d46db493737078fe6a6e82f34e48eef5974787c8c4b8abd8a0dcf516862454915b7b9d81a48b9d14a3a08a9408e41c3522480a925cb9521f02cf4380aa44796fa9569aa5043787d9c3a0a345f202d66e28f6c5fc17f8998655bff0351687e2ef6ee523f965d37ed7c4c1fedc51ad7024d8c1102fef833ecf9289050b944e2e9a5646e090f5ab5be3759ea66ee79d5f870fea4ed505a231461421084317c6c5379c74ba5eef02b77c9687f49b05606c5969ae5c84f74a7d43b148dddaffcbd45e8c4eefacdd5c8c07f926baf0b1e7f65c7184c56c9ac355fde5df39557d4011b7eeb65a18fca8de446d9879404bf64f3e460232642960938e6c797d3d942534fa64b9fb0ec5648940456ae4ec22df6ccbaca34ff8a296640ed28f903db33533e0bb4927ac96312580810a38738d5c5ae638359379d244d0c45cc9bc4525648748f4a2becb101c08d7c4ecc407067cf1008cb0f14279bae658ea5f16084769ad66a8e6a9a5137ec65764ec6d25e688cf8a357252420b1ba619e8ab19d28019060434a9d2579be998e8a735778b690cad9512cc9604d2e60e01f2cbb714dbfd87795092e0ff7acb8217074a6d0b9ae00d80685798eb4bee828dff6e1f6858202381cb4051c6a5b6918f8c042a3698ac5eb402abc1f27932764ebd54daa45105666041c1a51e55bf1761c2dbe2c75a511b168f4961385d1a7b7c780fc1c23f1710b7c1e4716e99ed044ce4697fa3b649bc85443ef1b111549d342cd2a417158d01c483e6a2d6535a5801c00f5a7bb47a0d51656bd50824b2f998ea59cde88a7c329e09f19a704104309b674e9b6dd48acd0abee6366ae1ccc24fc2cb1fc0666e71c57e314464c2f2b950b76d426441265f34ae20af7e5dbf47773459f2e34a3b1a2af5d2f406cda82049ca734f22c6ac5e284c4f4c3f10edf89ba7eac611dfd27c46fbad61aa3c5acfd1a29611b917a26ba070169f08e81441e7d6f77f73837dcf6c758c40fecebab6475fee4a6105c844fc52eb603159d4762408911fce84b736a4fae34cb79dd525ebdd53b3b241a08c664a90a6bab087052b82db1f0a9e2f98b78b4998504b148711f47caac7229b708a562e6968b91720b585b2446f7f8aa848d433ebdf0d9d5c866ae7c3660f0be9734959533da9b9484dd10954c7bbc631fc07cf74d1a103076721639a19dec9ba88904c55c3d0e4829d14e48c3f93097521c4a9f4fbcf7b0d17baa7b742afd32a2e78be29f6fb37018bd0579af59985171a8dd5dd35af833fd8816cdd704fa5214260994cd64bae6c7d1376b864874de542dafb0a5c4b29c5bd887bf1dc8ec0e2f907fcffeb6522a3aa20c8ae5912b519049719cba277be7bb6c4341d65fc530804dec7ce5c1a64c4aef279c0da8a1bcc89a63542fc2af2cd1d69701c78db225c596190e81fadabd718b794689fafc929ed092b90218642ae0c75ffe6b9fa9baff10f2424d43ecda2867013d4f2e7562d3bcaa7f51f1f5a96bcc9bff8dd1bce4eaaf49626550183dc19eb358c146b657c2b34fe67a8ecb12b1b29b3d0bf28d6ecc13578f7d1ec1c7f7f76f325d920ff717c7d01baffa0d52166f6849832895f9ec960c65b06506caf39ea6ececccfa197ae151b948d415338c18b3ac35f6f96e67c7662de01f8a92c2a224f4567fc72333b43fb099dda8c49c3cbaee48cff545894390165fc290d798888a84c583b0096513a5c61b2ee1e836b17632cff8f71f9c73546882961cf25a010c7276791167e0dd7d2de8bf44abe9f12419c8776d84418d8e26463ea139e64f82f81fc5b577957f6d34b247a6d7d79aec95d80320b7999f398347835d82a74f3f5637a37ca08158d4022e39ef514f264ba84dacb3c5270272ae94ee3858eaf4de98e8d944273398e315dc42a277fb97d9ee7ddc4f7dbb6cbdbb9283ff1ecbde638ce6edeb18e680addd942f6632e73fc11ba5874a179c79ae67a6406d19ab7293af407cd319862fd4c9568a3bcf31a11adc4ddd8a924e10768594e4689a109daeff28f15a182ee3bfb347f0500005d8dcc691421b6fad377a9ceda726d195eb847ee879664861d4e2e0d3567362524303feafc2b552f0f1f64436ce9efaa63b2b268c674969c879d027c37aca197b71cfe47670cc268de9714a91a3a50c7c205daa613c56c1b1f13d34eaf8dbfc126e0e9fc10cd3e508154e6cea0572e179e424d2270454b1000a3bf4aac26b18efeb9115b6fcd3fcee6ed5b9c3d585394077c35850ef697c5f8a57a270431a0a2e81f6a6269bff09be4da7640fb600130375de62e9796eed4e4e25bfd3f6addfe62addcf2b8fa8eb28d8c3fb20800a8e9ae87c114a1ae91ed347f8ff589cead9e646722180fd60bdc9d0923a1a6ec8fc6de5fadc2203344d459ef6f0145ff71a4cacdabaf1b55f262c86733dd109b747f8740a3959a13a32377e522997fbf93c41fe3408a67d7253df6e399345d9216600f82fefcba9db303442ab3f184c012b1359e8601d85d6b0312ea7b0474d0c8dbca06625643e94ffdacd9a0a2839674249370fa67a5681df0442079cf67bd073859cf3d423711639f8addb6a9acceda893f017f3ca1f23f1245473be8bc6b5c51afc5d088fc764b3d96c9bbe7908806e2b64908bd0be73aa09eeb09de1117d0159b17a166bdb1394892b815aabb68dd7aef00bb6660a31088c88d16d433079552f25801472a7302a44fcdaf13410d15ab5e690cabdfddf112046f58ded90f4d4cdc4de5bfbc5259456ace66f7dbde5c49446d377b87181f0ba03598973137ec2f9b038c0a8ddcd46a6d963086c383c9e86b98fafc0a3b8d7ace5e5f96a0414a4afd5ae75847997f982b338901d81a852081bd47ccd553c2a41aac73f2381e611c8c2581052779e0494f0e1efa0974e11659866f8687fae4236556988b24e0bfc2dceb6f71fe09ee3b4e723dbf369dd22b7889ba296d8c4062aeef1113839c793e4bf16a35b1388ec6af47c363855e03137e9e1d4795beef29d4bb62d611e14fd8f880ff1c8267f259b46229b96bd0e8f7068503b223fc01ba9d8986c601e9807bcd3c232babbbb3112c87d7c30ae496841c03b361045a31e9819b69ec7b94a12d1793ee0b9267a3f9b77e965d1089a2356c46a05f6facfe3e1fe10f5257dd1e83972a9bdf1275ed03ee0c32d8021f264ecd67f635051c9f51f69d4848876c7d68703cbdacaaac18c1ea5e43d9554ddfaeb22f72e73e53760ca15ee52fee57e153702f7f78001a282c8389adc9f1a9b33bda27d4ac6b29dca8b082db3f858df468570d2c099a2b2e5c0897e0183ab8b4dfb62d65d7492347d51ed7b69b414d0de1be678664c7209f849d62d0a5e3a64daeccd1f332831c4b91a11a5c48444e39cd19d0e45120d5ac9c03856df66c8615d359e2f89484a068468a3e319166631932b643d73ad3879b8c8854232384ec62bf7d3c68c51deacdf8685870842e57464659fc9cbfe75f97d8a34d730a74828757661040f9f2cd1832d4c15cb774e0af4d4d0dad5e0098e580f6259bcacb3557fd8442910c8222feb58104d075ef976218a6ceaf10a807b0df2fa5b08945ad17dbc17cd88d7a9bbe2d21332d2ce8a29abbfca7df2f498798e0cb0846c10e4a9125c0b7ab06902f15d8521c10def1ddc94e4f563252894f844a3ee109aec35f766001520926351795ecaa582e90598503a22a9d75bd60c8cb631897d98ea5d66d8f9f06345bb889c4aa21115518b444c2d9d45de72abc73659aafc00465cd3564834389576c5c04f911e2ac0082d72c58e2cec954e6ae72dba6c8b7ed682f488e81bc706d34c723fa3a7ba967b6b00e1abea0e7622a0d9ca17d403bcbf5e2316ab4d46734226ed6797c84161384fbb46b8fe8653cd351e526cca50e7ab8885dd7b5d240cfd15a0253830a7ceb9db44bb12529b77e3cc835442b4d58c7db6a762b7e2c5a3fb37ae9f1426a99823c2df6ca2f6fbf886af52e8565abb7904da69ad7f7029cf73ecc37b5a8c1da6a9e9e1cde38506c96bd7c8d2303d494e422fe181c96a6359b377f18917ae78729911b40b7e69cbefea3c25dd9803aee3183ee3933b5c19d84a400e6c57cb20dc7c7e68739edbf1e8e3475e0a64823dedb46c27780ad01a90a4244891c262d8b0f99e3b1adbb906f82e1977a6101a9d2b44b4b9bfc1f102490ae19e657fa8e7f432eb52d2a4ce932d5346566b887ad4c4f4b5d0dbce790a429f546593e52979c8400441bfe8485c8b864f81b627cf1e20c800b0197b562d0f9b173ca3ba0fae69fe11b91909df9a98ba358e59edbd73da0707a170b3e51928c9c27863dbc83bdecf632b0cc757ab90a270312b2949fdd93f6bea54e303fb0a97b380d516a36f86f053e55e81504affaf7d7b1b8bbde5da525d3f60a628ae17918e07b32b408b51ad3ba6030c3555556334f2fe7c11098007f3e232c8953754c794f807b0ac3680b2a3688f5205d90ccce3ba9c7907508cec61287ad0aa55a151e639bb9086444bdcd149bc5c003340b8381d8c35b073729d2e95a21af1d9995c8093d570b59d8730dd04f3e26ac85e20166e5596082680de90522bcb9532d9e9dce3a10e998f25503902fd7814577ded668bbf3de129c024135a8af420ded350479f13d55290274e3ac63f4568ec7c7a8244f610458d85ecf29aa135d0e56ee52d743200a754ee4508e94d5bc15b3cc8a28c8f37de84fb3cf27ad7590dcaedb78fd8c8f46aaa3529fbb1a2536956c940b605eda0668b1a0f763060bba65d471450a2b34c328c9fb5971851b341a092e315e34a6801cc0808559e5de6d2d9508d11d3072426aa2d43e65f8429c48dbd03197c4f616c253a5b1b50e7ff7cd44df88f5f142997adf976cd2f0cffd673c1791ab969f9dad5867abe531227c059e7b7a9c2343aad230c83513a130ce6e0c4d6815e2bd91f99b6c514703f50fb43139f2e83c521b7e5a3ff4603f006bc7d162047e647234b87439278b10ccd92a4fca136f74d211592235e602d3643fa190cecc8edaf2d727dd5db07f9873048b1f75e19e7c39ef839c0703ec53f70c9fe39b43b98fdacd56b49a416e3b8c66604fb912e3672b8b1a6c5ff7db16320b599513d39460098138b7336d9152df98179f2e07c5abffd4ecf8a2cc8903a40563f187da3a99071bf0c93a65708cb36cd6a69545b78be13a3df9b6c336166b591637bc1be3dfc502200ea982d3b428824cf257184ee93f2d0f3168d4179d238497b84cb73abead20f710057b52ed535adee055081cee4aa842c82c220c160477c16bd1baaa73f46442d2a00658303a9433aa858ce880ed80fa04b592da3c3452a0810f759cbfccd7143d10427c1d39b5c5ecffc590377ce68976315db340e0c00d35d34bec22cfe95882f52f40248281c94758c809d5e65cbf9aeb2dffbdbf2f9a7d10dcd6e7eccc5781851c26990d4a2a2e71598dca6973bfabc82a6135bcc1ee3f1611ced7454e271cbd85a07a583fe89ea98dc4c1b52293adaadfd195b95e6fef37525736a048bd3bb7cc769c50b26c42445f2d5aa37c5ae529b90a5638d920a330ce1ebaf9d979e1b8ee70aba747f7f1a0b9a873167fb5829e64ad08facdfed0fdb76718ef97eeb028cbea23578969190d46e27f81d5eae27987007e217d540d11a33cb36e5768d34d7607ea83221cda3cfefb1cc65f171711160eaadc737013ec1d51de97afd4afc67aa15a23f197800a0566ef4937a6bba9f3334c0aa0e1ed7e9b5c3fc52a3ee112169ed5bce66e88a06f7f3fdda21a10b818c080f2e08e16af6eaac777dff81bfc2231f4cd7360d460091929035b268785e54b3704d52b8c32ffcdf00f21e7f8d3434b3e1ee711a8427596a0e8ae606d02b06914ba09c0a75b2858c7a8dcfff15e2a78549a447dd5d0d5ce912623e4b43fa4106d98e0a5f7960deef827fa30e52697f486cc9928e9b614253a461435d9e993f4a2a700dd0bc54519a2044f36e8f02fb78ca1025d1ce8c35366eddc90818ca1cf9e28bb8ae0f337efe98b82af2547fa03c3eb0813e942d92f1dedac412fa6738c73339959d8f620ceb02ef65dc0a9e4ca272d1965c73c2b06810ba6e13d83de07c4eecbb9e43744b414003057bc26fce09696e98146e59b79a6d817e26b132e3c935d8e5230335ae363a42084ba271058fb25268b139397ef984861d4adbec66e66477df46049fcb8e5f0179846ca020284eccac22b51c3273ae69898295686843bfe2c2ce4f43ea8668a3121558c52d4eb967341197f650e3f145877eb1f5de8377434b18eb2a7bdbb5d7db569d0564d2db7b31f174113d8487be7a5f91f97cda158aac83f0b84eb6a787d30f35f8a1e5ce28f9f86999a06cec497fcd1c8c1c570eb00f1946f300a03bf9b08584df33e2050950dcf4010928365d667d8ee42403c9d1bab54a7518428f7679e0a0e172f33bb3b8b0a829ea3d53fe478fc2556fdb4e51bfa638e9343f628ea570a096e016f5e47e4b72b29b445f9eb12d133277b1213eae6a2ea224ee80e30eb2fd12b08bfb56a588f2f2e67b9c2cb4795c025bb257e954a7720f57687482d119b1850208267eefe0e65b0dc022da6c3324a0d4e1d35dea840b6bdf2fc652579ba3fe55c41126ca4cd54636e86089451e97e5ce3d7cc2499f0882a2c761f0c74640d5152a5bad5091187cbc0c11683f53b5f2b8d4202e33f42070f13e77a63e0794c6ac5dc986a531ab49225d408d8da33a3c89ec856b336faaee251afabc4895afc41165fb558e6c26a3dc12037945f47fc6e60d710f68ca3dd2f18ca8d96cb9e60d2d91cd5b5f56168dc8bda3d3d31779e02c9c6349847504fac30a82466cd692becd3aec74238d336e20a31c2b97be3bbd90c3a2ad938d7ff1b033fc899006acb36eb561a37d4397c09403c845f6081a36d9e4c590f335ebffdee96a0208bf18a9a5ce84ee45c76a22786822e296a957920150f5e11c3354329d4dc328552fa3f2a93d506c7159ddc3054cb1447808cd87c78b9cf74ace81847d712a68d5e88f9c75808fe57383d9867b264e7e3ba233a6bc79a13bf35531e40a1c0d8becacf3d51b07a0cd50e81153e4a0a70128d36ffc096c408b55f47496d08b0153a3e669688a4354ba7dcb65fad21760813afa8a8e4789a9466d7997a27f92e9dfd0e3f9e499c188a200dddc7b57794a2239feb263e8421b79df4f0e6444704476e209101ac5fbc55d41ed0ea466b05401148963ae15dbebfb8d6981330e5b9dcdb01c9d6f9f95ccf28a878e891ae69163071eebd1b738861c58c7b8b0022379412596ea8c2914977e419c5ed53c32e7b191cb148784f42044947eb19e61daf6c853364037a9f734732c8fe5ef76fcec755569621aa4cb7cffd79ffb01b18630bff7751a7e13c3e1427f3cc068ff199ddfe132eaeb4ecd69e48ce59230eff0a81f98ed2835afe2f8911bd9b03ea42cf67abe104cc8b6ee648b515c53f082aaf2ff9cccd1c5c11b920ad82b3bab7e301547713acc37a507059d5a854d08c1330827c87bcf9fb8a337f9d786f653ae90fa293285d5b2b8baf0bc97214dceb9ce1f882acdc45fc1b1c9c1ab8b9931c284fdd21a1c459a064b66f9ccecdc34bf616d9c96c44d741410307968b30d5d4512d5e3c130e2837c10a534bdc7598015c2c0fd1ced2b19628494e5726e55816da6f64c599f7617298c5e1cf4459622dfbf795488238ae1c2716843d2c8ecd1427e068d868ff4d1fa4ba4c701ac81962372867d7c021dd1d0056ef9426e5f8f0579cb26c812abf463d954d5776a3b9f52691ba69ef9dc8fbad3bbafabf6080a9811d23fc9ef802a85a5c315c4700b4d8c68544ca96203f606065bd5e42e1f593d34ef6a086a5399505d12dcd85aafb81da899eb2f01d742b735ec7820330cc92e10b243cafb228c195ade2a4f096b0170bb1be7d5265af0b9598740a5a874326e60cf475c99cacecb013d1eb5202169bcc3d8a1b98484d0dd5b06e4c432e6af4b1fe2a897215295febd579ef3ff568cf02ff1a5c6ba147c4505b3a6119a43b0f960e5fafbcf50135b7efe743580d399f1b21dd8566ab93c12efe9a00902e9fdd333c08ddeebd1a0bcad6cf5ad53fbfa2ce04bb6aa24fe9367c63e2f4f90359b7db4d68d9b68d3d40a5722c6c1fb1e62b27ebbf1bdb39ed409fb579572d64078d1391bad71b2816183da174f2d5c956ae58fd926750a272921b919f0a4aa5f824a79ddaab60c7da7c282053274df30d1df6df3e7e023e9675c329f921999c3afd1ba877b1e19ed260f2119795db264fbb9d72f4a31f230d26e12ebfa04ff480f2e6636daf722ef11df1ee5d99cf999f7dd61606c132d5f8ce95e0b154af0cb9f9ad20a49dc86bb2ad7e2f86069123aa8e25347ab2367c10b3835b72f25e953041dea58242a9b6dcd3635c24bc75f69fc7f18e90fc7c02e11c5243fa9ffceb2951eef8538f49b05c08779e8b68ce637a95e41d057522b60e5b1ed27d5a9bbb1400d01c40ce78ca77ba40cfbfbf7a9104b5d3db2f27bc78136599f3c9434167c8c09a8cb159034cac86167174cda08f81f384a8ea3d0fb9344d2eb1ee9171a2ed8e8eb1d60b669db2274c6811a9d254083f5d0f65aacd3dd4dad307c48a1d46f354bab93bcf98b174c40b00717fd55381519ed602675faa9a7f9cad1c46f66bdfd0c8c16f93ab11cb5773227af6a104dd57783b3e03cfa19f5183af3c908bc53d62bcdcb68d767c6afe9fc3be46ff9a9e94833bd39", 0x2000, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r2 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
ioctl$VIDIOC_ENUMINPUT(r2, 0xc04c561a, &(0x7f00000002c0)={0x10001, "f22c923e739b502fc10d8d99d49b1cf2bda4221124bebba5a93179b67a7611f5", 0x1, 0x9b, 0x3, 0x100000, 0x4000000, 0x8})
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x185802, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_tables_targets\x00')
preadv(r4, &(0x7f0000000180)=[{&(0x7f0000000680)=""/197, 0xc5}], 0x1, 0x73, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
personality(0xbe4e602dc9e6c1d3)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r6, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002140)=@delchain={0xa90, 0x65, 0x100, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x2, 0x1000a}, {0x1, 0xa}, {0x4, 0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x15c, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x5, 0xffe0}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xc}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x2, 0x3}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x6}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xf, 0xf}}, @TCA_MATCHALL_ACT={0x120, 0x2, [@m_gact={0x11c, 0x19, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x177b, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x9, 0x5, 0x1c, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0xc3e, 0xfffff801, 0xffffffffffffffff, 0x0, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x17b7, 0x8}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x22ad}}]}, {0x9c, 0x6, "4b1830f82f3811f44372a6d0ff268d9709278d5e373e883ae4a3b592785ac522db171040939a669975bc035f9816f2a1a0e644bdbebc174671a23574145b8e6b36a6f84bd82fc83422e4242a56a73ab649fb92d0c140d54cb1b7fd077abbd80f0f42ea5c450fac8fe0a26e338ce6f7b724e391bf65e481f88bb81fe214b7d549dce2e2838b8f4969df1ee3b645f9af97a274568c17e6d352"}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff3, 0xfff1}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xc, 0x9}}]}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6, 0x5, {0x40, 0x5}}, @filter_kind_options=@f_cgroup={{0xb}, {0x8c4, 0x2, [@TCA_CGROUP_ACT={0x1e4, 0x1, [@m_nat={0x1e0, 0xd, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x10000, 0x0, 0x81, 0x3}, @dev={0xac, 0x14, 0x14, 0x31}, @remote, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x48c, 0x5, 0x7, 0x7, 0x2}, @broadcast, @broadcast, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x3, 0x10000001, 0x7, 0x9}, @multicast2, @broadcast, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x22d, 0x10001, 0x20000002, 0x10, 0x1}, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xb6, 0x3, 0xffffff7f, 0x9}, @remote, @empty, 0xffffffff}}]}, {0xf0, 0x6, "b51bd9a113664de68a874091df9a4f53e7a1c6a1266e7a69604704c407fe6b2f0cf7b8f6c21d5526b267b7a4a34647ac8f31bf6b674e23e87bf888f3f8ef87f61630483e8d8ca9fe67f9bf4cfa3f363e017467b23a835eb291e252a1d110c5391a681f8f6eee57e87970353c7542c1672d027d84544082bfdc7742e3d3bd7604e289a02106da0eae0afcd99b250327c4e0997ff400019ea58bea6b7a4305058ca64051a62e2c645e3dbb3a9ad0a3bd5e3250d481b1d5e67d2539a004e3a651c7c3e6641e11251d377c8662137e148818c424c90e69e4e4f5476cd2114f7cbfa91b32d7859b23850e43c6636c"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_CGROUP_EMATCHES={0xfc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xf8, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x2, 0x0, 0x0, {{0x7, 0x2, 0x8}, {0x7, 0x5, 0x2, "91187a1831"}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x7771, 0x7, 0x5}, {{0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}}}, @TCF_EM_META={0xb4, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x9}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x401, 0xc, 0x2}, {0xfffd, 0x3, 0x2}}}, @TCA_EM_META_RVALUE={0x31, 0x3, [@TCF_META_TYPE_VAR="9dd528cc1663d1", @TCF_META_TYPE_VAR='8}<', @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="d6bb0c2bf54212b30f28", @TCF_META_TYPE_VAR="5523770ac2893b", @TCF_META_TYPE_VAR, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="5366a4bba4a2a28df710"]}, @TCA_EM_META_LVALUE={0x33, 0x2, [@TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="9503", @TCF_META_TYPE_VAR="5bff7d44", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="5dec2730d160c2", @TCF_META_TYPE_VAR="6c8927573b1ba74ae9", @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="b9be4d2176d61be4", @TCF_META_TYPE_VAR="21b303dda7"]}, @TCA_EM_META_RVALUE={0x25, 0x3, [@TCF_META_TYPE_VAR="1fbc43124c64c38d", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="1626d7ac7b", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8, 0x5, 0x1}, {0x1, 0x4, 0x2}}}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x7, 0x7, 0x6ac}, {{0x3, 0x1}, {0x1, 0x0, 0x0, 0x1}}}}]}]}, @TCA_CGROUP_ACT={0x260, 0x1, [@m_ct={0x138, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_ACTION={0x6, 0x3, 0x1}]}, {0xf8, 0x6, "40990beca25319b2a6856d1680e2c2d289476523c1427055151214d1032c605b989b8275c2b88d82f305c054adea4a9611c0127bf6609f147fe0616e9c1a6218d512d52e3b62034978a3bcede050e08a3731a3245eba793e1b3b00dfb4a65957a5c56c88d2222504911d2ccf8b629dd711cd429f05d572ad8102e9fa74b811d6e4ceee3f184679f3f17027aaedb74eec59014bd4338e224ed5b9e0596cedb2522cd6659aeeff56e128abc7d40888f84bc2096e053d13498cbf71a400ed45b9404f3eebd5151c1953bba71a220b282b8177067040fe2170345325cbffcb3db47011ec6e32b0f723bd07299686399a6c70a01c31f8"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_tunnel_key={0x124, 0xc, 0x0, 0x0, {{0xf}, {0x24, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e20}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @multicast2}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @remote}]}, {0xd4, 0x6, "142fd514c6d60ad5f50fbc9b1756767e9a57351599b95bcc4c473667d95e849968abc413e29a0988e7e199da561fd6799aef7930d42535979f6f31e3e6c5edfc52740244caa7966e22809ffb1b5e841033470dcf9d68ca5e9c7f77ed2334c5f7059310527a91602d0ce2480d6aa917cbc9fcc6555e694422e4c19aed3e9fce48752038f947785a32acd6d0b600e39c4db31bbba4b8470e61780ffd23710e0899a670ab457256bbc0a99b3e3a316240413e168f50d64522f81cd0f5534de816cb89431e5c50dc7c07db2b98f68d1697bf"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_CGROUP_EMATCHES={0x380, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xff}}, @TCA_EMATCH_TREE_LIST={0xdc, 0x2, 0x0, 0x1, [@TCF_EM_META={0x88, 0x3, 0x0, 0x0, {{0x8}, [@TCA_EM_META_LVALUE={0x2b, 0x2, [@TCF_META_TYPE_VAR="2184", @TCF_META_TYPE_VAR="29bf5cffdd1d0e", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="af6410cc4175648ddf17", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR='>', @TCF_META_TYPE_VAR="348916", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x6]}, @TCA_EM_META_RVALUE={0x35, 0x3, [@TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="d4d822", @TCF_META_TYPE_VAR="566f1cf0289a420186", @TCF_META_TYPE_VAR="b7727826c9c127288d89", @TCF_META_TYPE_VAR="a6031c41f09a5d", @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_LVALUE={0x10, 0x2, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_VAR="f19eae", @TCF_META_TYPE_VAR="a1"]}]}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1, 0x3, 0x3ff}, {0x7, 0x5, 0x4, 0x5}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0xc42, 0x2, 0x9}, {0x7ff, 0x7, 0x2, "86e1f7b321b593"}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x7, 0x3, 0x6}, {0x2, 0x0, 0x1, 0x5}}}]}, @TCA_EMATCH_TREE_LIST={0x268, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x9, 0x8, 0x1ff}, {0x3, 0x1, 0x2}}}, @TCF_EM_CONTAINER={0xb8, 0x2, 0x0, 0x0, {{0xdf, 0x0, 0x90}, "38c1d112d0a67c7061b8c167888107a2486d0897ab3d697c05fe8c080de710fdc501448f8cc0bb9f672f21a6539b54933a5e24493ccae6f56f5e68f4ab7f373af5ecbea3be2f2c4b5217bd7745eb24aa9e01ba7552d94a7e6094ae1d8dc3acfc9c14decf25c3282a7cb50b89ed1565200bbb50c0c4929a68d520dd6a334d892293c0f5dcbb2d2812f7e295ea304b1baa00c591dfc66136ace4778d85ce4b3185588a31d581aa4c22b863"}}, @TCF_EM_CONTAINER={0x104, 0x3, 0x0, 0x0, {{0x8, 0x0, 0x9}, "6e59b4cbdc017624710e9edaa2f0e266dc0cb843e556866adb791d950c99f685223483462bbe223261eeb1767876eb546e8572f71833888f9f8431e63dd9fd9d16663ba143dc23619b2f7400bd31c0bd6c0f99d5a256d1e8099879ce7ff9b2a51b1ce6cbf34dc42482af543073e3387d89a0f3681967af62c4e95e8591c243c3efd53be51b6703009e67e88532b6d2a7c5c3faeec7b86432498c42b21b4a213d8b1f255a7d4d6eb23c2720942c8473bce344654b40228008738a881a683db2074f241cfdd32e5ece4cfaf9155bbed1f5c2c67bda6cc1f81ec7c171041001d25076f4cbd1f8d2890020bfc3cb1ece8aa6084d985f1eb8"}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x0, 0x8, 0x9172}, {0x2, 0x5}}}, @TCF_EM_IPT={0x70, 0x3, 0x0, 0x0, {{0x0, 0x9, 0x1}, [@TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0x58, 0x5, "f84233cb102c279b868f3a7c25138518a8c69ab65f1f276b968b84d6661000c29f9fd61353cb30fe0e552ef6e208c84b16eb5f629941473ec19ee69484c33d3cb1de3a8c9d329cffc165079b6ca387bfe6a520e8"}]}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x2, 0x1, 0x1}, {0x43f107ab, 0x8, 0xede6, 0x1, 0x5, 0x0, 0x2}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xfff, 0x8, 0x1}, {0xffffffffffffffff}}}]}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x8, 0x2, 0x6}, {0x4}}}]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0xbf2}, @TCA_CHAIN={0x8, 0xb, 0x5}, @TCA_CHAIN={0x8, 0xb, 0x8}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0xa90}}, 0x40004)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0xc, 0xe, &(0x7f0000000200)=ANY=[@ANYRESDEC=r0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x38, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x6}, 0x10, 0x0, r4}, 0x94)
sendfile(r3, r3, 0x0, 0x200000)

11m58.388864136s ago: executing program 4 (id=2978):
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
execve(0x0, 0x0, &(0x7f0000000240)={[&(0x7f00000000c0)='=\x8d5\x10\xe4\x00\bj\xfb', &(0x7f0000000080)='=\x8d5\x10\xe4\x00\bj\xfb']})
r2 = getpid()
syz_pidfd_open(r2, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000380)={0x2f, 0xa, '\x00', [@calipso={0x7, 0x50, {0x1, 0x12, 0x5, 0x0, [0x3, 0x4, 0xd, 0x80, 0x401, 0x2, 0x3, 0x81, 0x2]}}, @padn, @pad1]}, 0x60)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
preadv(r3, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0) (fail_nth: 3)

11m57.456180225s ago: executing program 4 (id=2983):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
set_mempolicy(0x2, 0x0, 0xf5) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x400000001, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) (async)
ioctl$VIDIOC_G_AUDIO(0xffffffffffffffff, 0x80345621, 0x0) (async)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) (async)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48})
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xfc79, &(0x7f0000000140)=[{&(0x7f00000004c0)="d800000018009f064e81f744db4cb904021d0800fd02fe02e8fe50a10a001100250000000c600e41b0000900ac0008032500000016000b000a00ff150048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d31afe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffff5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a4500000000", 0xd8}], 0x1}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x29, 0x0, @loopback, @rand_addr=0x3}}}}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000040)={0x0, <r4=>0x0}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00') (async)
pivot_root(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000000)='./file0/../file0\x00') (async)
sched_setattr(r4, &(0x7f00000000c0)={0x38, 0x0, 0x3, 0x1, 0x0, 0x2000000000000000, 0xfffffffffffffffb, 0x5, 0x80, 0x7}, 0x0)

11m57.397458645s ago: executing program 4 (id=2984):
mmap(&(0x7f0000220000/0x3000)=nil, 0x3000, 0x300000e, 0x80010, 0xffffffffffffffff, 0x553f5000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r1 = dup(r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
userfaultfd(0x80001)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f00000004c0)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000001200000024"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
r2 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r3 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r3}, &(0x7f0000000080))
read$FUSE(r2, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

11m56.825911179s ago: executing program 4 (id=2987):
r0 = syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001680)=@raw={'raw\x00', 0x3c1, 0x3, 0x2dc, 0x0, 0x111, 0x4b4, 0xec, 0xd4feffff, 0x214, 0x202, 0x225, 0x214, 0x278, 0x3, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0xfc}, @empty, [], [], 'veth1_vlan\x00', 'team_slave_0\x00'}, 0x0, 0xa4, 0xec}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x81, 'syz1\x00'}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, [], [0x0, 0xffffffff], 'veth1_to_hsr\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x128, 0x0, {}, [@common=@unspec=@limit={{0x3c}, {0x0, 0x8000000}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xa, 'syz1\x00', {0x7f}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x338)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000005c0)=r0, 0x12)

11m56.737211064s ago: executing program 33 (id=2987):
r0 = syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001680)=@raw={'raw\x00', 0x3c1, 0x3, 0x2dc, 0x0, 0x111, 0x4b4, 0xec, 0xd4feffff, 0x214, 0x202, 0x225, 0x214, 0x278, 0x3, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0xfc}, @empty, [], [], 'veth1_vlan\x00', 'team_slave_0\x00'}, 0x0, 0xa4, 0xec}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x81, 'syz1\x00'}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, [], [0x0, 0xffffffff], 'veth1_to_hsr\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x128, 0x0, {}, [@common=@unspec=@limit={{0x3c}, {0x0, 0x8000000}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xa, 'syz1\x00', {0x7f}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x338)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000005c0)=r0, 0x12)

2m27.689921414s ago: executing program 5 (id=5155):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8}, @IFLA_HSR_SLAVE2={0x8}]}}}]}, 0x40}}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19}, 0x94)
r2 = syz_io_uring_setup(0x8dd, &(0x7f0000000440)={0x0, 0x1b7, 0x400, 0x8, 0x20000fe}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x26, 0x0, 0x0, 0xfffffffa}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000040)={'lo\x00'})
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="e00000027f0007000000000002"], 0x18)
syz_emit_ethernet(0x32, &(0x7f00000006c0)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x100, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x0, 0xc0, 0x100}}}}}}}, 0x0)

2m27.52413167s ago: executing program 5 (id=5156):
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x8, 0xc}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x6, 0x2, 0xd, 0x2, 0x5, 0x44}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}, @TCA_NETEM_REORDER={0xc, 0x3, {0x6}}]}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x260508f4}, 0x20000000)
sendmmsg$inet(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001380)="7bde898718a6c6c9237cb3183110240767593c40c38b46f5aaeb010661a7f3a802772dbeacbb719d97936097c7800c3d28a0234a87eba4fc532c7a3e1d96bc18a74bc61cf414ee3274f2ad278b47c77c0e45053d47029eb9ef0b3ac4a709f6dd73fdf65e6cc009bb98827b4d1716e42b0498dad14ebb339fe30c9128e7661135a70a36cc3a0198de1ee50ac13750797f4ea33fabeecb09d217918384bb28ef8d0367ab68e1ed5e3d832450b228c8c1feb0f8ec2d26694be70a3d212c9a304aa07e798a47ba95b016f13bfb0c94e2f325c1a8fc53ec4e06f0c27f07ed17b85387eb107c2ae94bc026472c78b61bc85fbb101d4c3a6ee4", 0xf6}, {&(0x7f00000000c0)="92309e6d23dd22b738dccfb217c3fe033ba644e321e9f54a1e7ec77550f2e0272b4806d914c9f23c3732ebae91b667771f0d5abb4436b0d81cb607cc7cfa30391ec6bbfdf6b477eeae64afd922c6b7", 0x4f}], 0x2}}], 0x1, 0x20048814)

2m27.52344494s ago: executing program 5 (id=5157):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r0, 0x5608, 0x3)
syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000003e80)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000400)=""/160, 0xa0}, {&(0x7f00000004c0)=""/228, 0xe4}, {&(0x7f0000000280)=""/32, 0x20}], 0x3, &(0x7f00000005c0)=""/72, 0x48}, 0x3}, {{&(0x7f0000000640)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000340)=""/8, 0x8}], 0x1, &(0x7f0000000700)=""/240, 0xf0}, 0x496}, {{&(0x7f00000008c0)=@ax25={{}, [@default, @rose, @remote, @null, @rose]}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000000800)=""/33, 0x21}, {&(0x7f0000000940)=""/141, 0x8d}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000001a40)=""/56, 0x38}], 0x4, &(0x7f00000027c0)=""/171, 0xab}, 0x6}, {{&(0x7f0000002880)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x80, &(0x7f0000002b40)=[{0x0}, {&(0x7f0000002a00)=""/166, 0xa6}, {&(0x7f0000002ac0)=""/117, 0x75}, {&(0x7f0000001ac0)=""/41, 0x29}], 0x4, &(0x7f0000002b80)=""/48, 0x30}, 0x2}, {{&(0x7f0000002bc0)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f0000003d40)=[{&(0x7f0000002c40)=""/4096, 0x1000}, {&(0x7f0000003c40)=""/33, 0x21}, {&(0x7f0000003c80)=""/180, 0xb4}], 0x3, &(0x7f0000003d80)=""/255, 0xff}, 0x6}], 0x5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001b80)={0x1, 0x58, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000002780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002740)={&(0x7f0000001bc0)=ANY=[@ANYBLOB='H\v\x00\x00', @ANYRES16=0x0, @ANYBLOB="000428bd7000ffdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="6c0102803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040007000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000600000008000700000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400090000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="ec00028040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004006397cdd8080007000000000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000700000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff00000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000100000008000100", @ANYRES32=0x0, @ANYBLOB="bc0002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000600000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="b801028038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400010000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004007f00000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b0000000800040008f0341608000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000400000008000100", @ANYRES32=0x0, @ANYBLOB="8400028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000200000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000900000008000600", @ANYRES32=0x0, @ANYBLOB="08eab89e", @ANYRES32=0x0, @ANYBLOB="2c0102803c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000000008008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000000000008000100", @ANYRES32=0x0, @ANYBLOB="7002028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000100000008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004008f0c000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000000000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004004a3bffff400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000300000008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000000010008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000008000100", @ANYRES32=0x0, @ANYBLOB="bc01028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000400000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000a00000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e6700000000"], 0xb48}, 0x1, 0x0, 0x0, 0x48801}, 0x40080)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_DQBUF(r7, 0xc044560f, &(0x7f0000000380)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0xc, 0x0, 0x0, 0x0, 0x0, "e70ee5a8"}})
ioctl$vim2m_VIDIOC_STREAMOFF(r7, 0x40045612, &(0x7f0000000100)=0x1)
close_range(r6, 0xffffffffffffffff, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f00000ab000/0x2000)=nil, 0x2000, 0x2, 0x10, r8, 0x80927000)
syz_clone(0x24204400, 0x0, 0x0, 0x0, 0x0, 0x0)

2m26.51349626s ago: executing program 5 (id=5163):
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r3, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x20000)

2m26.422747909s ago: executing program 5 (id=5164):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='oom_score_adj\x00')
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
r1 = open(0x0, 0x0, 0x0)
sync_file_range(r1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
eventfd(0x80200003)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x12f, &(0x7f0000000340)={0x0, 0xfad9, 0x400}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x48, 0x4000, @fd_index=0x3, 0x5, 0x0, 0x0, 0x2})
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2)
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0xcd5, 0x2, 0x7ff, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0xfffffff9, 0x4}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
write$6lowpan_enable(r0, &(0x7f0000000340)='1', 0x1)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)

2m25.85246978s ago: executing program 5 (id=5171):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_print_times', 0x82802, 0x100)
io_setup(0x1, &(0x7f00000016c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x8, r1, &(0x7f0000000340)="c1b08d346f3e", 0x6, 0x4000000000000000}])
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@acquire={0x40046305, 0x3}], 0x0, 0x0, 0x0})
r3 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000200)="64478ca4ecd5eb6c7773da0e76cb573c83beb32923c599a36d5737d652e2e1a4cb5bd817ac6b6993ba0dbf8dd861a6c55dc0316e5a74a6acbb943aae13dc7b57e9cbee4ed23b0f3b880957da0ef2bd416215e2cc134dd531b9682e5d7d4cf18ccd2430cf151e2169c0d68f9d080661f52cc990e0f3f7af423a9495c912d8c948daeff8f0a72ed644", 0x88}, {&(0x7f0000000440)="1114ceafbb75e1fec7a070099adddf52b2c087fc41a9af1e1c9151372df7205de8da533417e22b2cc81be7c08ea006959c900e72f183f1c6655dfe1a26dadc6e5fcd9e5b2aee46a2d80374dad8568abb9b1e02330d56930847f36c51455d2355c7fd26769f8f81930f9c1028205eab060ed13daac0923a59c56a09043bd1d41146f1dd400f84b5ae6a3cf9ccf53f4a10aa0bacbceaf24042eaa20192ae73e52267ba71d3b3cc4f32e6f403994b101323ca75387bec8664786681c137f3c1df7fedc9c669fc57266d421fb05d1568", 0xce}, {&(0x7f0000001700)="2648d7d9ac2e872d01d34d2f793ea46f4d53fa6c4165de91ff9fc3b2cbc45f23e1258864fffb0cde30c189f7c893e9aebcb34ae7aac07cc4289db7f5123afc629c34b9cea52a2a2256824407d36c8ff72c1dd04779cdf947294e0b360ea7721a2434d66f154da98d0d1cb6f58954bf4bf01e325e2bddac1b16423355b7f4ce73e513560d3aa03983ec93f6aa52e4e2b8a37402e1bb012b61a93f8aa6efb34be394fba865d8c8d535c8b26d89b8e859bd3d2608dd019b4a94359a00953e7c3328de1123efd91db0519b6d2999862028c0e827b295082ca3eda0b6cdcecd8691af8f8a530fd2b1d41ae8cc381d60bee62b44182718717bad441ff794db3bedc89351914fcd44e3ca59180b1dd5884273f5477e855b986057aaf39b76ba86b015f7522ff7c6c8197d8afd69337dbf8a52378587eae524316a6753d76e458c0342fc8b370b33b3990e4eff38d840ff6a150b545a761ce488f73d6f2cb4fe7002c90d431da99d6caa9c0f654ab7cc0d9d447b20852a0339a52d9d85bc5ef18a1f1dd224b9660c4e24ce5449ed87df4d8605e24295cecbef3867d9f3f62ed38aa597a33fa0b5ab90da1ebcb2e06c82c74d9c2536c8138b900590f01d88400d904e84e9cbb0178ccfc801a7934fc1db72addb01c6393c12357bf6b3c675467f2441bc47c21b3408281173975af2fb2bf1224d8fd5062ae29065c1712a11ec96c867cdb868eed8ba53ca41174e233265af4d33b97091a0d382f24e0752e5005c1f99ed7ea20368779cdb4afaac8649eaa0a918cf6825e3c415fb00728e96b54391e254c770007471499c97eb298aca2f240bf00bc3f434625a21dc2eff5d4d41a57ee63b542c33234a6bb6f811bd5c2d3d157217603e8aeb034b3c9cae28fd82916dc125a0a8e929ff46845e5f0eb4278473cdda856ea111cdcae8f7f201e3991a4ae8a217fb6374f61a5abe5c38fe023f199cc3c00fe72f798a21480bbe177a2a3968c0590d3828d83a939e0dd37eca6150997508fe0e436a7ce318eac6a578cf4020c1141d4776b26effe347bc20996406f960bbc5fdf00953721cd7e598ebde3c06e28a7e6b02aa669b8a23979ba57f22240ade71ccda559d5f76b24fb971e2e37511cb94817af13244e9757c7e867d4759d5a5549871a440c9ebb1795417703258a859bb35b576ea15e93fc6b41502780d99df9718e5edf6e1b7e3bd66061ded9f419d13c27845247bf4391c32d68319732eb9d987cc83a215a9948878e3de520cc5475804530481d53a06e2a6bc0de3a446ad8b8e0e5a69aed835cd54412ac76f591291a255aadb19e82fca41e2032f563dfc8e1748fded57caeb10376e050927e0e16aad54d916998792c38a25186eb48846831172ce06d8185b6cc408e97f22be2e6e0a5d6838d02d0571a5f3fed5236257e3e836af1a48f2d9758faa3efcaa390071718dcb271024fd43685f387a613dab9e09fc073b56b81264a42bf3040bf0baf6fd9ca25744f2c6732b2b1ebde53c4b07a7b6f6e8e60a5fbcfca2c8398f1bf1da5dc18217d723ddaca44539bec22dae849ec61b375b40fa2c5d7d7ccf317688b8516bb02e0e30db1523155351a710d33ee7456b932ccdd93a79527070971631225124a7ce9dc22fde72188cf62174ea2a1c1a4e05f363d0bb25389f61aa154622fcd8abf255d76300fd784c1ad3334d47f3fc76860919457d0be660ea6baa6930b162b3b3e66987473e74847720871f6c55b09f16b248b090461b92d994553130ac10b8536537271093497bb759a82dd080d8275030c22ee90bbf3de7773a5ebb57de500ad8a52bd778cfc4dbbf6b48e8a0ea18ed6f1ce215be9299a03bbb4ae3c6e1379ada648c912e067b8d7a13eec93a6818866f2fb86cecfa6c3f7ffa59927e5925f5cb2dc67f5560a9c2994be0eecb6614f434af097597838240a04cab1a86492cb6c17fd896d1dd9fa1da0fe85492a7080fa5c080948605f9c96372a554b8d878af7da14a58c0f69ac9463d6aca94f56470b94e3c84f5e24be49e7b301fdf920463ee332a85d028b1adfb8aad5e08e9cf8da93895c9061a66ec5c704610c03921f17b433678548f00d4182584f1fc3505c85d7af1ff2a1cc6903d67df23bf5a317550b92a574d53ff371f42e1c03f077a672b9b057b51bd10eb106c39cf252bb341385f8d70cb0fef932474c9750355cba8d4c3b662467dd8ecbca1d5f63c7a00b27402df6d3ad7014e29823e5c5694e80fb335d0509918859d4ba982f926a2a1e9b375a15e5febd08fa1d6dd42c92d746ee8a4a3562a945d53fb99bc517c968e251931f372d5d0fee47d4bebb4178e84836fd4e37cc1c5e1ab919406e6f135ff4d026b34abbfa5c3df06ae7a4c0bafc15ebadc5d46fb892f29e53718c78c160d3c9496fbe0ca2fa10d114dffcee6fbca5fa4e95f87024df7e2248342ffcab818debe844eb8df5a6b0dfc2fae2d552bcd4dbf557dafcbc40098ea4a48d515a403a28b8d586318b613e8052791fc3e0d5f25d92174508fecb5a94c6664de98eaf9d03e8e9b02f49ed8e31e5eb32dcb9cb1bd5a7edc99572cf95b3e8ea47ad8b608b1115c0bf4d7caf5f973db0d2aa7dc91b3fa25932689ccb196a35bb2eb6c0fe74d47db45639a15cfdf46797903d14ef2d1ace25eac1e9dd247ca009135211a374d13137c1b25ef701cbf44825d3c9483fe41fc47b1056f71399fc82fb1964e295ee7fb6512823d525bbf7f5d404e09bb6f7dbad720a62ce443d96041f8a631a48c8b815bb3a7a44bc974c626e32ea10b41eb9e0c93644c6f415abd68851712b28bde7c7f3164a1eed1f20cd8d4a7d3c8bd9e3e18d5bed823cf80a1846706cddb4aef09ad3ea6658d46d55415dccb7a15bdf1c7114e46649bb2633547718f42714e5803a64578419ab033fac56cc86878a209d357a21d5b8a3554646e7466ed8d2d0090f7312857001180c37fa1afdd7f662c035c35109e5a326152ffcc85d951e16c257ce0798803d0d8851bf2f2e77613e84c579621aa00e04b7f489f2e848f2b3039522abb0d31f7bc9375948aedc20c11c976c398fddb2cbd943abed83c47f8012169818906bd9bbcde2486467f5edc94b74cff2b08db9e04417884e3eff36ee41e19370b76bb861ab6a20a251a9f8c312ed7864704f846633117a279bdc62572de10e2636231ed8d45727f149c952160c2f941f6464d7f66f8f2c909a621ca28d3e9d87a81b8297dfaee9017c72b95264c50a8c7d68f727eee1ca1f3d8b6a953eca8db7de771ad0063042d6d59a11538b88ba9927023be3475f98f25e0463627578c36fc896886650392c39f343a4c827e40c2f528efea5bc8999545b3800af3856675ec2486605af24f3ddae4fe2b03e1750ccd2f3150373d63b4dcebb7b4a1844f4c34fa8e1f3fffac143be042eaaa0dd3a956b4686f85600d4e4b939fd4681cbd4d8d8ef64f08cbbfe19b69f0411d9547f24d3a9c61f66eca91952dcca6b8d91ae614fbe721177e454ad2d5c09f5043ca37d4debe8586acecc4245d68b3a0ad49fc75b821b78be58f5437fdbc0821ba901551d59cd1b5bdf708ce3dfb7c1cc5d57c7f49a20cffc43940d3c5159e8500f390045fc59189bef294c2bb53b71682fff74d139f0338a4d24b42fe19a247607f0c28ed29cc6a68e91b3f1fe58092b8e9f04b814215cb0c4aa063ee9de5753f2d4a0f2058e828e96a98907a7e295630bce628836fc53f71a564105b7071d105d3add987d6ea95a164de804c33572eaa26ee4d67e0654afcaa2b1d558ec088f9266ca7bf2fe283ad731301c80d437ba13efc0056c6e9330502bd2ccaf9cbd8c552ceece8c057a1089744baec4b5d679a75c07b510b75e61260bc780c40b5f20f703c9114db33a0601d73ce6201f0d9a36d864505d57a18fc4177b1e769797c1671e2f951e4df4bc5a467917ef5be298b3b191c0e7058afda433d872c1a8f3369c500845ae8a74e78481c30c633fabc9e38ff06bfe5df482cc818af624785e5ed0947fc4559033550464c0809248c805842e36f5adab711dce8fdb7d54045438bf9e0379801a80ebed6544684b8c6b85f18a8ccc74ad5e3167a8260bc10a576a6d984bcb7f5eeb35b12983cc604c45e79e151944a34d64d99cfd13722616b10ba53b95e712614db438ccf0c638bb518143023f50f4594e5167113473c1590c1bb643324f04122b2cc9a4871add4ed513f3a3ef273481a4af1467229b9174e3edca743efada142b249c73da830c1e239425ca5361f331b324d755854114cabfeac4dc43bae755bdb264b8c0a51bcd2963a64fe70f0a0edaa0ba73fd181c01353707e8954b96f66c7796cd96a54d2d2694e4fd9fb6b7c002593c21af2f066843d87d50cdec5456c8b34f1ed761715e8332fea7fff1dfce4e9c4a57e49c5114546116e93b80c2b907408e5b63ab3515d0b1807792ad9a4016d47fea9195c233dc7abef1d079159d494d6aa3c3db4732728769e26975cbb2e9285a7559756684c25dd860a3ebe169f3e37b50ff01da2f423faaa9e3ba086f12126e3efbea94800f5465f40444df86d7e50af028ec5666cc17ea18cb694b580935730aaa3e21ea6f224ec13c6c85ddebcafcfc7be5d1146f865caf4aacf12eb3e5c75e49337f049dc60ae03646501b7c8a66076216154c74d3ca84d1a0197a960dee47756041d9497e80950e7314842f64150622c1dde27aec931f9da5f2e55792836e4e5ab09c5e2d98ae0eed79f1d614307917cf3e13f28ab0d1a12b4405d69cdaba2d4df9191fea412e4d0e4fc48aa8d2b36fc3f833ad1812b8ba22865db6bb8456de3554285c6d0188bd41380f279b5632e704d56e0dcffabf6dded71a1015def599e8539591531bd9a6cf15ff07fd9d1af5ebbe3e9a567c0f5641975287b26346de43163e57f1ddae1373c4995b0f77a2a74767001600dee2c088f23dc83f8d20fbe9e6bdc129a025e43ac8269dca6ef6d71a8a77c1fd376815efb9fab788b8107e920c821014c1f2966d1e4ee2fcb2c81471fec095e0c84a413aafae7ce3abaa7b337f21582b270cd3e5b244975fb2655242bf16ed3d127fcc3304b93333db3791c446c1c04550c21a67ca1e09f4066df14a68e43073e7fc10022f2d26ad69b5ba2c99fdfec757049c8880f1b83b459b6f490b227cc63a283d571d2a75452cdfdb7bc53d6aa4f0b7f44118f2c55d792b0c1b628abd316aa14f75014a6863cd0551fd6d29467b10c89bb2259fdd6f24a6571b46d6c89ffb0bdb869d648b424571b746f0129fa13fb780190aaea3160dd6f20368e6efe869705bbdb3eb7dcaea1948697b437ac4f2af5bd6164b7b22e3510c332c69453b1c199bafedb15ee83fb87c3daf4cc5aa5ddb43f759adde22d9b72248c14ec1babeb5acaecc3051413baea2b9020e14fbe4cc9f10c1778377d3c486d19a3b393243e2662f3dcb7a1a5a6ca3843d1e393bfe5eec5210e0742030471d62d8b6482ce4ab7f1b968e03d1524f91605f06aa4b642e32702dabb78cb4dbdbcf790ed1b95c38b4a603170fa672bb0bb11244910d5b48ab41db3c9e8a4b5f91a96e4019fdb48e5de736708558bbb785ccb7b0b855ef799eb966e75e98dcd4d490016fa4075cc1e3dfb80c2ca82951f4402466c109be481a2b5b181d6e05a545af8a9d2ab259e9ea0676b15a377cdc0c562bb553f16126b193cceb76d40dd12e1dd779036584507e22f026514a188d495fd8bdbc5104c2d8b1aef5aefc0335942a7c39a341a9b41ceb59d1504179a80a387729309f68d2297148273fd8e", 0x1000}, {&(0x7f0000000540)="9b9180ef3dea545814e89b700a8cfbe7d9f6b64d968282d3e55cb85d91131872dfc0f1b6094043e964cc8793c40aed929f4e8cb1a1f8b088d5a797ac69966c18020f4f76285a558d21e9a8f5327200f4ae0d139f8b6301e66faaa66b20bd50dbac", 0x61}, {&(0x7f0000000100)="38d278baffb0e7069c1ed13e86b3e857acfdef6180530749bc6ad0", 0x1b}, {&(0x7f0000000300)="83490420f7bbde68d94c85e87016", 0xe}], 0x6)
sched_getaffinity(0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, &(0x7f0000002980)=@keyring)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe2(&(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80000)
splice(r6, 0x0, r8, 0x0, 0x200006, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x14b042, 0x0)
splice(r7, 0x0, r9, 0x0, 0xa, 0x1)
write(r5, &(0x7f0000000240)="c6", 0x1)

2m25.770468994s ago: executing program 34 (id=5171):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_print_times', 0x82802, 0x100)
io_setup(0x1, &(0x7f00000016c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x8, r1, &(0x7f0000000340)="c1b08d346f3e", 0x6, 0x4000000000000000}])
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@acquire={0x40046305, 0x3}], 0x0, 0x0, 0x0})
r3 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000200)="64478ca4ecd5eb6c7773da0e76cb573c83beb32923c599a36d5737d652e2e1a4cb5bd817ac6b6993ba0dbf8dd861a6c55dc0316e5a74a6acbb943aae13dc7b57e9cbee4ed23b0f3b880957da0ef2bd416215e2cc134dd531b9682e5d7d4cf18ccd2430cf151e2169c0d68f9d080661f52cc990e0f3f7af423a9495c912d8c948daeff8f0a72ed644", 0x88}, {&(0x7f0000000440)="1114ceafbb75e1fec7a070099adddf52b2c087fc41a9af1e1c9151372df7205de8da533417e22b2cc81be7c08ea006959c900e72f183f1c6655dfe1a26dadc6e5fcd9e5b2aee46a2d80374dad8568abb9b1e02330d56930847f36c51455d2355c7fd26769f8f81930f9c1028205eab060ed13daac0923a59c56a09043bd1d41146f1dd400f84b5ae6a3cf9ccf53f4a10aa0bacbceaf24042eaa20192ae73e52267ba71d3b3cc4f32e6f403994b101323ca75387bec8664786681c137f3c1df7fedc9c669fc57266d421fb05d1568", 0xce}, {&(0x7f0000001700)="2648d7d9ac2e872d01d34d2f793ea46f4d53fa6c4165de91ff9fc3b2cbc45f23e1258864fffb0cde30c189f7c893e9aebcb34ae7aac07cc4289db7f5123afc629c34b9cea52a2a2256824407d36c8ff72c1dd04779cdf947294e0b360ea7721a2434d66f154da98d0d1cb6f58954bf4bf01e325e2bddac1b16423355b7f4ce73e513560d3aa03983ec93f6aa52e4e2b8a37402e1bb012b61a93f8aa6efb34be394fba865d8c8d535c8b26d89b8e859bd3d2608dd019b4a94359a00953e7c3328de1123efd91db0519b6d2999862028c0e827b295082ca3eda0b6cdcecd8691af8f8a530fd2b1d41ae8cc381d60bee62b44182718717bad441ff794db3bedc89351914fcd44e3ca59180b1dd5884273f5477e855b986057aaf39b76ba86b015f7522ff7c6c8197d8afd69337dbf8a52378587eae524316a6753d76e458c0342fc8b370b33b3990e4eff38d840ff6a150b545a761ce488f73d6f2cb4fe7002c90d431da99d6caa9c0f654ab7cc0d9d447b20852a0339a52d9d85bc5ef18a1f1dd224b9660c4e24ce5449ed87df4d8605e24295cecbef3867d9f3f62ed38aa597a33fa0b5ab90da1ebcb2e06c82c74d9c2536c8138b900590f01d88400d904e84e9cbb0178ccfc801a7934fc1db72addb01c6393c12357bf6b3c675467f2441bc47c21b3408281173975af2fb2bf1224d8fd5062ae29065c1712a11ec96c867cdb868eed8ba53ca41174e233265af4d33b97091a0d382f24e0752e5005c1f99ed7ea20368779cdb4afaac8649eaa0a918cf6825e3c415fb00728e96b54391e254c770007471499c97eb298aca2f240bf00bc3f434625a21dc2eff5d4d41a57ee63b542c33234a6bb6f811bd5c2d3d157217603e8aeb034b3c9cae28fd82916dc125a0a8e929ff46845e5f0eb4278473cdda856ea111cdcae8f7f201e3991a4ae8a217fb6374f61a5abe5c38fe023f199cc3c00fe72f798a21480bbe177a2a3968c0590d3828d83a939e0dd37eca6150997508fe0e436a7ce318eac6a578cf4020c1141d4776b26effe347bc20996406f960bbc5fdf00953721cd7e598ebde3c06e28a7e6b02aa669b8a23979ba57f22240ade71ccda559d5f76b24fb971e2e37511cb94817af13244e9757c7e867d4759d5a5549871a440c9ebb1795417703258a859bb35b576ea15e93fc6b41502780d99df9718e5edf6e1b7e3bd66061ded9f419d13c27845247bf4391c32d68319732eb9d987cc83a215a9948878e3de520cc5475804530481d53a06e2a6bc0de3a446ad8b8e0e5a69aed835cd54412ac76f591291a255aadb19e82fca41e2032f563dfc8e1748fded57caeb10376e050927e0e16aad54d916998792c38a25186eb48846831172ce06d8185b6cc408e97f22be2e6e0a5d6838d02d0571a5f3fed5236257e3e836af1a48f2d9758faa3efcaa390071718dcb271024fd43685f387a613dab9e09fc073b56b81264a42bf3040bf0baf6fd9ca25744f2c6732b2b1ebde53c4b07a7b6f6e8e60a5fbcfca2c8398f1bf1da5dc18217d723ddaca44539bec22dae849ec61b375b40fa2c5d7d7ccf317688b8516bb02e0e30db1523155351a710d33ee7456b932ccdd93a79527070971631225124a7ce9dc22fde72188cf62174ea2a1c1a4e05f363d0bb25389f61aa154622fcd8abf255d76300fd784c1ad3334d47f3fc76860919457d0be660ea6baa6930b162b3b3e66987473e74847720871f6c55b09f16b248b090461b92d994553130ac10b8536537271093497bb759a82dd080d8275030c22ee90bbf3de7773a5ebb57de500ad8a52bd778cfc4dbbf6b48e8a0ea18ed6f1ce215be9299a03bbb4ae3c6e1379ada648c912e067b8d7a13eec93a6818866f2fb86cecfa6c3f7ffa59927e5925f5cb2dc67f5560a9c2994be0eecb6614f434af097597838240a04cab1a86492cb6c17fd896d1dd9fa1da0fe85492a7080fa5c080948605f9c96372a554b8d878af7da14a58c0f69ac9463d6aca94f56470b94e3c84f5e24be49e7b301fdf920463ee332a85d028b1adfb8aad5e08e9cf8da93895c9061a66ec5c704610c03921f17b433678548f00d4182584f1fc3505c85d7af1ff2a1cc6903d67df23bf5a317550b92a574d53ff371f42e1c03f077a672b9b057b51bd10eb106c39cf252bb341385f8d70cb0fef932474c9750355cba8d4c3b662467dd8ecbca1d5f63c7a00b27402df6d3ad7014e29823e5c5694e80fb335d0509918859d4ba982f926a2a1e9b375a15e5febd08fa1d6dd42c92d746ee8a4a3562a945d53fb99bc517c968e251931f372d5d0fee47d4bebb4178e84836fd4e37cc1c5e1ab919406e6f135ff4d026b34abbfa5c3df06ae7a4c0bafc15ebadc5d46fb892f29e53718c78c160d3c9496fbe0ca2fa10d114dffcee6fbca5fa4e95f87024df7e2248342ffcab818debe844eb8df5a6b0dfc2fae2d552bcd4dbf557dafcbc40098ea4a48d515a403a28b8d586318b613e8052791fc3e0d5f25d92174508fecb5a94c6664de98eaf9d03e8e9b02f49ed8e31e5eb32dcb9cb1bd5a7edc99572cf95b3e8ea47ad8b608b1115c0bf4d7caf5f973db0d2aa7dc91b3fa25932689ccb196a35bb2eb6c0fe74d47db45639a15cfdf46797903d14ef2d1ace25eac1e9dd247ca009135211a374d13137c1b25ef701cbf44825d3c9483fe41fc47b1056f71399fc82fb1964e295ee7fb6512823d525bbf7f5d404e09bb6f7dbad720a62ce443d96041f8a631a48c8b815bb3a7a44bc974c626e32ea10b41eb9e0c93644c6f415abd68851712b28bde7c7f3164a1eed1f20cd8d4a7d3c8bd9e3e18d5bed823cf80a1846706cddb4aef09ad3ea6658d46d55415dccb7a15bdf1c7114e46649bb2633547718f42714e5803a64578419ab033fac56cc86878a209d357a21d5b8a3554646e7466ed8d2d0090f7312857001180c37fa1afdd7f662c035c35109e5a326152ffcc85d951e16c257ce0798803d0d8851bf2f2e77613e84c579621aa00e04b7f489f2e848f2b3039522abb0d31f7bc9375948aedc20c11c976c398fddb2cbd943abed83c47f8012169818906bd9bbcde2486467f5edc94b74cff2b08db9e04417884e3eff36ee41e19370b76bb861ab6a20a251a9f8c312ed7864704f846633117a279bdc62572de10e2636231ed8d45727f149c952160c2f941f6464d7f66f8f2c909a621ca28d3e9d87a81b8297dfaee9017c72b95264c50a8c7d68f727eee1ca1f3d8b6a953eca8db7de771ad0063042d6d59a11538b88ba9927023be3475f98f25e0463627578c36fc896886650392c39f343a4c827e40c2f528efea5bc8999545b3800af3856675ec2486605af24f3ddae4fe2b03e1750ccd2f3150373d63b4dcebb7b4a1844f4c34fa8e1f3fffac143be042eaaa0dd3a956b4686f85600d4e4b939fd4681cbd4d8d8ef64f08cbbfe19b69f0411d9547f24d3a9c61f66eca91952dcca6b8d91ae614fbe721177e454ad2d5c09f5043ca37d4debe8586acecc4245d68b3a0ad49fc75b821b78be58f5437fdbc0821ba901551d59cd1b5bdf708ce3dfb7c1cc5d57c7f49a20cffc43940d3c5159e8500f390045fc59189bef294c2bb53b71682fff74d139f0338a4d24b42fe19a247607f0c28ed29cc6a68e91b3f1fe58092b8e9f04b814215cb0c4aa063ee9de5753f2d4a0f2058e828e96a98907a7e295630bce628836fc53f71a564105b7071d105d3add987d6ea95a164de804c33572eaa26ee4d67e0654afcaa2b1d558ec088f9266ca7bf2fe283ad731301c80d437ba13efc0056c6e9330502bd2ccaf9cbd8c552ceece8c057a1089744baec4b5d679a75c07b510b75e61260bc780c40b5f20f703c9114db33a0601d73ce6201f0d9a36d864505d57a18fc4177b1e769797c1671e2f951e4df4bc5a467917ef5be298b3b191c0e7058afda433d872c1a8f3369c500845ae8a74e78481c30c633fabc9e38ff06bfe5df482cc818af624785e5ed0947fc4559033550464c0809248c805842e36f5adab711dce8fdb7d54045438bf9e0379801a80ebed6544684b8c6b85f18a8ccc74ad5e3167a8260bc10a576a6d984bcb7f5eeb35b12983cc604c45e79e151944a34d64d99cfd13722616b10ba53b95e712614db438ccf0c638bb518143023f50f4594e5167113473c1590c1bb643324f04122b2cc9a4871add4ed513f3a3ef273481a4af1467229b9174e3edca743efada142b249c73da830c1e239425ca5361f331b324d755854114cabfeac4dc43bae755bdb264b8c0a51bcd2963a64fe70f0a0edaa0ba73fd181c01353707e8954b96f66c7796cd96a54d2d2694e4fd9fb6b7c002593c21af2f066843d87d50cdec5456c8b34f1ed761715e8332fea7fff1dfce4e9c4a57e49c5114546116e93b80c2b907408e5b63ab3515d0b1807792ad9a4016d47fea9195c233dc7abef1d079159d494d6aa3c3db4732728769e26975cbb2e9285a7559756684c25dd860a3ebe169f3e37b50ff01da2f423faaa9e3ba086f12126e3efbea94800f5465f40444df86d7e50af028ec5666cc17ea18cb694b580935730aaa3e21ea6f224ec13c6c85ddebcafcfc7be5d1146f865caf4aacf12eb3e5c75e49337f049dc60ae03646501b7c8a66076216154c74d3ca84d1a0197a960dee47756041d9497e80950e7314842f64150622c1dde27aec931f9da5f2e55792836e4e5ab09c5e2d98ae0eed79f1d614307917cf3e13f28ab0d1a12b4405d69cdaba2d4df9191fea412e4d0e4fc48aa8d2b36fc3f833ad1812b8ba22865db6bb8456de3554285c6d0188bd41380f279b5632e704d56e0dcffabf6dded71a1015def599e8539591531bd9a6cf15ff07fd9d1af5ebbe3e9a567c0f5641975287b26346de43163e57f1ddae1373c4995b0f77a2a74767001600dee2c088f23dc83f8d20fbe9e6bdc129a025e43ac8269dca6ef6d71a8a77c1fd376815efb9fab788b8107e920c821014c1f2966d1e4ee2fcb2c81471fec095e0c84a413aafae7ce3abaa7b337f21582b270cd3e5b244975fb2655242bf16ed3d127fcc3304b93333db3791c446c1c04550c21a67ca1e09f4066df14a68e43073e7fc10022f2d26ad69b5ba2c99fdfec757049c8880f1b83b459b6f490b227cc63a283d571d2a75452cdfdb7bc53d6aa4f0b7f44118f2c55d792b0c1b628abd316aa14f75014a6863cd0551fd6d29467b10c89bb2259fdd6f24a6571b46d6c89ffb0bdb869d648b424571b746f0129fa13fb780190aaea3160dd6f20368e6efe869705bbdb3eb7dcaea1948697b437ac4f2af5bd6164b7b22e3510c332c69453b1c199bafedb15ee83fb87c3daf4cc5aa5ddb43f759adde22d9b72248c14ec1babeb5acaecc3051413baea2b9020e14fbe4cc9f10c1778377d3c486d19a3b393243e2662f3dcb7a1a5a6ca3843d1e393bfe5eec5210e0742030471d62d8b6482ce4ab7f1b968e03d1524f91605f06aa4b642e32702dabb78cb4dbdbcf790ed1b95c38b4a603170fa672bb0bb11244910d5b48ab41db3c9e8a4b5f91a96e4019fdb48e5de736708558bbb785ccb7b0b855ef799eb966e75e98dcd4d490016fa4075cc1e3dfb80c2ca82951f4402466c109be481a2b5b181d6e05a545af8a9d2ab259e9ea0676b15a377cdc0c562bb553f16126b193cceb76d40dd12e1dd779036584507e22f026514a188d495fd8bdbc5104c2d8b1aef5aefc0335942a7c39a341a9b41ceb59d1504179a80a387729309f68d2297148273fd8e", 0x1000}, {&(0x7f0000000540)="9b9180ef3dea545814e89b700a8cfbe7d9f6b64d968282d3e55cb85d91131872dfc0f1b6094043e964cc8793c40aed929f4e8cb1a1f8b088d5a797ac69966c18020f4f76285a558d21e9a8f5327200f4ae0d139f8b6301e66faaa66b20bd50dbac", 0x61}, {&(0x7f0000000100)="38d278baffb0e7069c1ed13e86b3e857acfdef6180530749bc6ad0", 0x1b}, {&(0x7f0000000300)="83490420f7bbde68d94c85e87016", 0xe}], 0x6)
sched_getaffinity(0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, &(0x7f0000002980)=@keyring)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe2(&(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80000)
splice(r6, 0x0, r8, 0x0, 0x200006, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x14b042, 0x0)
splice(r7, 0x0, r9, 0x0, 0xa, 0x1)
write(r5, &(0x7f0000000240)="c6", 0x1)

13.701589592s ago: executing program 0 (id=5809):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x15)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r0, 0x0, 0x5004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f000000c340)={0xa802100, 0x0, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, &(0x7f000000c2c0)=[0x0], 0x1}, 0x58)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
ioctl$CDROM_SEND_PACKET(r7, 0x5393, &(0x7f00000003c0)={"2eaef2c6ea5579d898d80a31", &(0x7f0000000940)="577147d0b31ec4d49001a1aabc9183b4b873b865c270730b2a9593d91e1b01e40ba0ea8753c4f5912c4715053860c8f663d463577ad8a7b4d0b3998c88c1a0e0d8cea9857b695baf7f3fb579d351e7b4f94e80b1eb041c1bd576f7fca5dfc441c9aac387ca234eb45599d9b00460a2b2a5304236b2f3fa77a0396e2af7b081c5d395bc7b14cf9c3256cb4a27db0e98c91461075e43650a2fa41ac6184fff97ca4e7e2b42f7bebb00abdcb6cc45913e61986002df135970b14b80e67fa6d3e79d8cc4912f52742f888c28a507e4dccec8946546be338c28fbc6945e2d2a2f60237cace9a0f6398b3ce4ca66700f29776dec3bdd93e5abed6f7701d5c050cc67251e9a834ef8af33c91428067afd20f343f625fc87b6807b4d158e174a3ffcc7200565392adb549831eb2f4b6d64c9fc5bb9e227792ff31352e51be69b77caae88c7d841a859d9044ce4d30991e449d74ab18792ae321f282e75b1e252adcc42b872fe5ab0c01227c8cfe1bcefba978b403d9deec59af5ffaf419ef8be6f2edd0b6ed2c182ad86a7776e78c99c3a6ee49d5f3fbcd4b68f4833c4547eb142bdbabaf695dbc78278f6e00e28f31303a66cacfa7ab5a048e16065eab813f3d9277ed9bef79f8853b399c0e41faf386082ab1ede4b713defcc45499f21dd12ec70bfc7805c9db459748e6e14ccd63b50c5413819c643f18d398fcec6ca7c25ee70215ceccc3e8fd786cdc8a479186397c42a20838087b7c29d01118123e124886cf22ee8a7401810f1955f753715305133b1df914ac29a1a779d26cd3d50f3240af2f85e428dc078f7d63d7134d4f9ebe589cfb775cb0892af52dde5bcdd3accbb5c2ebbf85845ccf6f3b930175c9fe43180fa2c2a641c21341d525e62bbda0abb7c97e12724418a90872cf757a4301e382541dfd2293b5b543a772a0804515eda4fbc6c09c4383e123ec8737ace52032971b3087646c6cc9f94cb57052599f2c7e83557be0180c49695b5ffc36917537cda240a002e527b4e2a39f9534aa7e9e2477fb49ac7850d8bfe9b15ea48b8218539d42988bae11a64a33389dae5263ae7908fb744083ab0483a3aaa7d97c1b62dd2b9bcefac51e9483819498bf9be377f62b6e514b0d92bf2268e39272ac501563586942e6573a538ed5bf3d3653f60b1562e8c7bebb8d4a5b382f034ae601d9c77de343bd6726b65664d3e47f525c6520aa7693ac3c3b7c6796705eb37db5bc0fe5253b7800ec64843094847619c9bab51856065543f71ba650982aad01fa40617367a09a153359ee26d47def31cfacdc1ec19217a831460a11f4b3399e89b35250044feb7f6586741b37955cc7c1f45e2e4b2622706d9f36863ad13f4df317e0825d345849c75c346d754f782d846318849f7cb82dbd922c599b2c2ef8416cd80a7be716f7d1455bfc3f0949c8b75db403069044f3d5a1045b15c7deee8cca6948b0a6de4501b10ae25f3be7070e9350691b15c77000583081d38f9c35a41e39d400256519fa6703bc5af16391735c11db5e232e3bfe833a60228ca0fb505a1ea6ff4cf6d78f163747a4d6c599cd13ef864ab72cbadf9382d0bc757aa8ce9f0738d27f0f18660b8d7fa8ae710bf484deee7fa94d091005ba7b8405d78b2cf4d8be3d022ff6eb60fe03347d29df42a97ff757807c9194a0bdb54a11cd7de01849c7862e4290d33673d86dc286e66a3f764e1f99c4484ec4b2072cad6f5b1ad9f400e0e167f483af746c6c668eeff9bad15e94df7870f2cfdef3d2ff928a0116c72671b2107de30139af0a1b6144e5f6689ecb183a9ad90521d323dbfe69fb4e78f49a7b0cb1cdceedb9cb78116e1b0b4dceb490ceda8e7b1c6ade95cd5c4edc35a1091e0aff34e2fbd027083a0ac3c886252dbcadb5f2aa50c51aff8ce5b9d6f96463d9c13fd248b6730dd0ef0499d9631a1b4fc0a1dc02c9e1ff7e42d10caa4f8b55357c4b4f631527696c015e20b4ca758a2d7ca1d7986461022b5ac11167dd383155f0875c9eeb79b8ca59cd964257b185ebbdbd3146a92d067f533bb90a27633b14f7a357fb1581a9b96419e310b2b06b326a8e1d3acce42711304ca26a24ab8987aab0bcd305568b92c72915cfe25a1736355f102a000c87196889305b3e38ff2ef4bbcad0f6a371b2215236ed3588c8995a51c3ed132e5243b9faf838566ceeb687a0115d10697880a3b05e597cb41acceb6a40f455289afac60475fb8daaf31cda8636c2e891ba56b351bf5750c51dc14bb881614c96fc56007b779bc3021c34a48efb5e968fde54b834436dd9fff4b8dda6e0e693dc3adcbf6bdf031213b0f994d262e6f5191dd68551745d035aa11cb57c937fe4e8a6f591a57c5a98caaaef477708eb44cf6265ccce2d23333b6b5f91ff0a970f0e0669b5aa27a4e9570e8cb33cc3788e4df3cc19204f9890721a57cfc746eadbc207146232b8fa59953f7a5ad099aaaa7592982d34c171589444c690bac6674e995c632de41dee8e1f5c473d20b00e2d3489b0f8bb22a05285c97bc0995c888630c54f30017a70a4bbb71b3a3d8837b570e0e92a143a7e866606a30ed674d3643d16e7dbbe9a526a5da572b17f19c560c18f19dabfcf575a228a7b8dcd5605c6cb814cd0c478868dd2872e3f2eb9bb0046a26d9ae671d03a9e1a46df8d842d31ca5bdcceb382cc62647b017a9b65dea05f544c3ada772cd1d6a47fc4135d7f41c3beeb22c42daa0e1c68ac1bea6f9f400bf0d100657e027fb67758a53a2159b06fceef5b76a52687a7053c9f6437c10a0ceee56e5f838abf0496cf2e9f4f9d5a7dcc36ad15ca8f23e5a786930f2a5c02453e087282f7836fe3b2bc1c2268fe0bac90ed693e9c9eb989fa454dfd59a1e10753a630c43675a0040b09f47e67693b33b3dceca1b55a038d9ab11f1884721a3ffa396923222d310fee11a94768552bec922125cc8e6f2a0ffdb163bba97a39ffdfde10e17e7cbc7193dad1d19919d1e7daf7930b1afd9059517f2758ae4ca9488da29f07a1ae1f566be18ff31bcce9528a6c58932ec84d1944a1f6f0da9486ba4aff9d2d0cff707d31566bbb9fbaf73b4a1a50b0c604c7c4f38f05fae63610fc2a623ce22b8e7f1bddb4549d4bac263c51f15c880141049bfb2bd79088b7d99eb477239ee47f268c6fe2d3705adb9d44e9ae514d52959e7ffe2ba1817634b6684451881172ddd9c4f26d03367f1f44a93acfbdeeed904e1ad2fa33251dbdcd7e125dbb9661dfca14e98c44488468bfe761095058691fdcae80ce46c7e6f5b72f0fcd0d2c4a45cc1dd55a8855f3504411445c7c221d8bc2708a48e232e212dabe84bf55e74de6f37ec68e6c2a12f80386530dc22ed00c9c18c8c0fb91efc64e5ba8c3a2c5ab6d8359d5121883d1348d7e87bdb409884659c671961f083ac14dda3bb4709311a52e53cc43886bc43ed19d9226ae277f675d25fff2d57580f07c865514ca200820275240715c6c00acf19238fb26b568b951064a1ce31e585be2d8a9fcd7de683bdf1ee2caa95bbdba82356b732aa66b46e3918dda8e494efb2af1911478c86a247c42ffc24eff00c80865537715b5cb70fa42710e5762c5cf2b358a4b352be15d46c5637824548ece1d8c5d6dd450bcf986df5178f08c099e759ecccf58d3e32824637dbf5d865531637365bce2c7bb6e2b73a47869b2b205957229b6ef63a58d6f752c966b4b30fdcf7babfdfdf2860760fdb4047bc5dbf3ff672c83c1f8a47000a722cd4f62fb1afa02388565682fbeeb1e1af43a9cf5eb6477a7e0e0e636b95647d81aed876d56bdeffb61810ef24ba51c052fff31d5fe2ea16ba3082ca43be8e0f0c1c46e8f52e8578df82fe52d987978d167ca0ab8b9e57f44d802c853781fbce7ca1ffedb31ae7d35029ff696b55513c0d9bb83f04474cd34f89037a5ebb414f7f9962e044636650bf1c53edd31f96fd205bd352521b422c7906941344a9cd806c5aba30eec0b7d36e6d3366cf5f931f13b18bd1c686cc1f3810cb8dfd385e6c224e94b57a6e35f4d1e0cbb7981a8229f1f30d3bb0ba9b7d4edde55a595332dd0a7aee8c206bed041d7a5ccf3f398326f6fcb88f8fe6bd1d957845fd2502c5a7a085d003e8bdb60708cec3b18712e916569853658a249f9cf35b1bfadebccc078a34a3dfd3a0ca8d41402fe61f929d080ca4dcf9a381532af5158cee5f5ba7baa715a1229e98481af2dd1e8294044b1b1fc53a434ddbe811b20bddb42a0f24e9ae9eb9b3f36287d3d08e19b1ebd4e8152f6d24ab0290bea21b595b1abc509116749358fb2c1d206e3d3201faef301b407cd7f172e80dc8b89d621dd5ef48439e13e61bdd226b3fd2dee45c20a8540d6f4e9d3f3fef1b4a57a0eb53b723c04dc0c9a96d6779e9dc8352e2767ffb37503c1506e384672987473b5e676efe5d497e4ee1e419bc3710d2eeaa399c6afe7a43c281a64a7fd3c392b7703872a4ab8fbaa93b44a57067ac94fadb84159593f7dc37a84569ea42aa82fd950df533ce49c40c2efea67cc25afa6a20d7d1dd96f7138d2560c3392ac266fc387a87bc17e5676fc157ebd59a3b1209d43ded656f36e80163726162950b1156126866839e7677ef15f4ebf2eefe7168088ed8a3dcf0d32d576e18693bdd05e1def284474f526ac307e3fa16e19074bb2b497fd40e10e31567b1b8de1634db9fc0fc44b97d40275dc2c0e7a06d85a73b9bb4f65d87d55a1ab391a67c79608d530b6994a1a4228a104d8bf35ad6ef9a81a055be0c75fd5b5b81e971aec5bc2c0c565dd43b3d86d0d577e727e7ce7947648f4b3a8e955a69da21343635fe6389d883bd7e45377ee69d7db1950b37a732ffead607d238cba36b350c0b2b3c87e4a4c568824df4ff1a2acb5ec0d720367c63c94ca50fb6f83bb81a6aaf61173fa9d8507a30241073028e7cb2802e262edfe05908b9c03f3ddb642850e7d292b7d18b4fd263ef2a16d76dd1665b1f189c13df19c3f0786cb5cc0f427b7f0f928af1cc83036d956fe47a08d03741b834c91f4610c41117e4585e0e9f00877b6a0b858a481aa9da7cc8b8f8b78a5050273127b9bd43904804995fec97050dc2897f37b31850de05827183f9d4668509034c301b6cbd546889b952f734f98e8318790af4dcba110e9d8b71eeb37d158fcf34fa5e0d514c05567e02a7c7e9cf35b08716a981643b83d2336e50f5ff56a274d0426d35a365d253a6cc84dcbca1b1558e471d52a2fac81ff8954dd99c85f407c0dac71b4464b99e3015200e50c6e95f6771dbcb374b025934461c9c3326e671ea2e5311ede52e9e53368335c63154f2b9e64f19ccac6550fae717a8cdc14e7e26b2ad106467f7e6064e7fb33b519dc99b9aa8ec0ff7bec231c1fb0ee9f7416a8df511a355e1038c8372a06993706c7b9ac557c0978028fd4cc81f668bd622b77d155ac8357f181164c91c6b18ede65b3887392124c62fbf7b8875e183f8fbc0fae84041f0f3baf6559edb67edd0c1e6092d0e0df104a4baf37c5adb2e106f138d34363d5c8f1f1f81a1d9a06b5c2cc3abd4ba5b520aca457ddbc567af8a3cba57c2b25d77c2c3582c4e21e29c7bcf0301234ed7ca440af5ddb7190fcf1678a0f010e87210ae6fc67a5317364a4b4bb134cd3024f07fa2406e068c0836389463a7cb002605c5e15dc30e6750d369254afbc3b21090331dad85f0b435cad168fb24b8d126219ee531f4661c23b3f9fed662cb771593b15cf600311ade731371d446ff63f5921fadb6fde9db66bd4b0e811365468cd479f1778e11", 0x1000, 0x248fe317, &(0x7f0000000000)={0x17, 0x0, 0x2, 0x4, 0x0, 0x1, 0x0, "3805826e", 0x3, "8c8bcbf0", 0x8e, 0x8, 0x5, "048a05", "1f08e9fd19021c5a62aa7a7b99187c50e7360be7d77a5863f1bb835dea6491feeb9a0e63a46a73ca757113bcf10b"}, 0x1, 0x1, 0x0, &(0x7f0000000340)})
write$uinput_user_dev(r7, &(0x7f00000004c0)={'syz0\x00', {0x7, 0x3, 0x1, 0x9}, 0x7, [0x4, 0x6, 0x802, 0xe9a2, 0x1, 0x0, 0xa9ba, 0xc1f, 0x1, 0x7f5b, 0x3, 0x6, 0x5, 0x10000, 0x2, 0x3, 0x0, 0x3, 0xe, 0x3, 0x0, 0x2, 0xd9, 0x2, 0x6, 0x3, 0x3, 0x9, 0xfff, 0x8a0, 0x6, 0x8001, 0x33b5, 0x1, 0xfffffffc, 0x0, 0x9, 0xb, 0xcc, 0x5, 0x80, 0x401, 0x5, 0x5, 0xfffffffd, 0x8, 0xb, 0x3, 0xffff8001, 0x6, 0x3, 0x80000000, 0x1, 0x9, 0x7, 0x8, 0x5, 0xfff, 0x1, 0x7fe, 0x7fff, 0x10000, 0x2, 0x8], [0x2, 0x1, 0x10000, 0x7, 0x9, 0x6, 0x5, 0x4, 0x9, 0x7, 0x5, 0xdd5a, 0x6, 0x5, 0x7, 0x4, 0x5, 0xcc, 0xbc1, 0x80000, 0x0, 0x5e81339d, 0xffffc256, 0x5, 0x80000001, 0x0, 0x0, 0x4, 0x4, 0x7, 0x9, 0x1, 0x1, 0x5, 0x5, 0xfffffb66, 0xfb5, 0x2, 0x4, 0x7, 0x2, 0x8000, 0x7fff, 0x1, 0x9425, 0x4, 0x6f, 0x80b, 0x1, 0x6, 0x525ba681, 0x4f74, 0x7, 0x1, 0x1, 0x8, 0x100, 0x6, 0x10000, 0x1306, 0x8b, 0x10000, 0xfe7, 0x3ff], [0x2, 0x40, 0x4, 0xfffffff9, 0x7aa, 0x10, 0x80, 0x8001, 0x5, 0x0, 0x9, 0x8, 0x7fffffff, 0x1, 0x1, 0x4, 0x8, 0xfffffffa, 0x7, 0x9, 0x6, 0x4, 0x5, 0xa3, 0x3, 0x2, 0x0, 0x3, 0x4c, 0x3, 0x5, 0x2, 0xd21e, 0x9, 0x13, 0x0, 0x2, 0xfff, 0x6, 0x100, 0x7c83, 0xd, 0x1, 0x4, 0xf, 0x81, 0x47, 0x7, 0x0, 0x11, 0x3, 0xffd, 0x7, 0x7, 0x7ffd, 0x7ff, 0x10, 0x2, 0x10001, 0x1, 0x0, 0x6, 0x71c], [0x81, 0x3, 0x10, 0x4e26, 0x3, 0x40, 0xfffffff3, 0x497, 0x4, 0x1, 0x3, 0x5, 0x56, 0xc28, 0x9, 0x5, 0x5, 0xa, 0x79a, 0x4, 0x9, 0x6, 0xc41f, 0x5, 0x8b6, 0xffffffff, 0x0, 0x0, 0x6a, 0x9, 0x0, 0x0, 0x1000, 0x10, 0xd, 0x6, 0x8000, 0x53, 0x78d, 0x4, 0x1, 0xffffb027, 0xfffffff8, 0x9, 0x7, 0x7, 0x101, 0x6, 0x7, 0x4, 0x0, 0xb, 0x400, 0x8, 0x0, 0x8, 0x7, 0x9, 0x8, 0x0, 0x1, 0x8001, 0xfffffff7, 0x5]}, 0x45c)
ioctl$SNDCTL_DSP_GETOPTR(r7, 0x800c5012, &(0x7f0000000400))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)

11.785768115s ago: executing program 0 (id=5818):
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x16, 0x80, 0x5, 0x19, "0076ba7d82000000002700000000f7ff6fd800"})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xe}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000001980)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@getqdisc={0x30, 0x26, 0x400, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x2, 0x1}, {0xc, 0xfff3}, {0xf, 0xfff3}}, [{0x4}, {0x4}, {0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
bind(r3, &(0x7f0000000340)=@ethernet={0x1, @local}, 0x80)
chdir(&(0x7f0000000300)='./file0\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x7, &(0x7f0000000000), 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x30)
keyctl$clear(0x7, 0xfffffffffffffffb)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)
lseek(r6, 0xfffffffc, 0x1)

10.821885395s ago: executing program 0 (id=5822):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB], 0x9)
getpid()

10.611453617s ago: executing program 0 (id=5824):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r1, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0], <r2=>0x0, 0xd8, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x13, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100002432470139d053571f66d62f96da0d05502aeb0f93e59bcc6404fc5fc07e311f30cccd38deeebbf08d57e8dec6f5372b7b60b8", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
setrlimit(0x1, 0x0)
truncate(0x0, 0x22fdfffffe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@deltaction={0x48, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x34, 0x1, [{0xc, 0x8f, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x20040844)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}}, 0x10)
socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000600)='./file0\x00', &(0x7f00000004c0), 0x800040, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000100)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = getpgid(0x0)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r8, r9, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r10, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)

10.301145453s ago: executing program 0 (id=5829):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
read$FUSE(r1, 0x0, 0xbf)
timer_create(0x0, &(0x7f00000009c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r2=>0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x81, 0x21004040, 0x5, 0xd65b, 0xffffffff, 0x1850c00, 0x0, 0x0, 0x40, 0xa}}, 0x50)

9.650861808s ago: executing program 0 (id=5832):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB], 0x9)
getpid()

9.598984766s ago: executing program 35 (id=5832):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB], 0x9)
getpid()

8.551936014s ago: executing program 6 (id=5841):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff", 0x10}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x48c00, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000200)={0x0, 0xb6b8, 0x80, 0x2, 0x1}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000120, 0x4aa52520f215cfe4, {0x2}})
io_uring_enter(r2, 0x154e, 0x20000008, 0x41, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000003c0)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000000c0)="b9da06ce171c2e7cc2a25d589ccd75d0275367048f46e1d1833f0b225d71e6ae", 0x20)
r6 = accept4(r5, 0x0, 0x0, 0x80000)
recvmsg$can_raw(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b40)=""/114, 0x72}], 0x1}, 0x40010022)
recvfrom$inet_nvme(r6, &(0x7f0000000000)=""/29, 0x1d, 0x2000, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000040)=0x8, 0x4)
r7 = dup(r0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x81}, 0x4048805)

8.14853702s ago: executing program 2 (id=5843):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='oom_score_adj\x00')
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
r1 = open(0x0, 0x0, 0x0)
sync_file_range(r1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
eventfd(0x80200003)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x12f, &(0x7f0000000340)={0x0, 0xfad9, 0x400}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x48, 0x4000, @fd_index=0x3, 0x5, 0x0, 0x0, 0x2})
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2)
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0xcd5, 0x2, 0x7ff, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0xfffffff9, 0x4}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a0101000000000000000002000000091f010073797a300000000038000000060a17d50000000000000000020000000900"], 0xcdc}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
write$6lowpan_enable(r0, &(0x7f0000000340)='1', 0x1)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)

7.364017852s ago: executing program 2 (id=5844):
pipe2(&(0x7f0000000040), 0x0)
ioperm(0x0, 0x8, 0x8000000000004)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, 0x0})
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xd3, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400), 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x1010, 0x221}, 0x50)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001a80)="d8", 0x1}], 0x1}, 0x890)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r7, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r7, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="30e01b3981ddca14"], 0x1000f)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffd}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0xc8f}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)

7.358514105s ago: executing program 6 (id=5851):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='oom_score_adj\x00')
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
r1 = open(0x0, 0x0, 0x0)
sync_file_range(r1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
eventfd(0x80200003)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x12f, &(0x7f0000000340)={0x0, 0xfad9, 0x400}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x48, 0x4000, @fd_index=0x3, 0x5, 0x0, 0x0, 0x2})
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2)
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0xcd5, 0x2, 0x7ff, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0xfffffff9, 0x4}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a0101000000000000000002000000091f010073797a300000000038000000060a17d50000000000000000020000000900"], 0xcdc}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
write$6lowpan_enable(r0, &(0x7f0000000340)='1', 0x1)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)

6.577233408s ago: executing program 6 (id=5845):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r3, 0x40045431, &(0x7f0000000000))
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000200)=0x1b)
readv(r3, &(0x7f0000000640)=[{&(0x7f00000003c0)=""/137, 0x89}], 0x1)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha224)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newchain={0x24, 0x64, 0x214, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xf, 0x7}, {0x5, 0xfffd}, {0x6, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20008014)
accept4(r5, 0x0, 0x0, 0x0)
bind$alg(r5, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-neon\x00'}, 0x58)
r6 = ioctl$TIOCGPTPEER(r3, 0x5441, 0xb3d)
ioctl$TCXONC(r6, 0x540a, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000200)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="cf04000000e4ffffffff1200000008000300", @ANYRES32=r7, @ANYBLOB="040013000a00060008021100000100000600100080"], 0x48}, 0x1, 0x0, 0x0, 0x80c1}, 0x0)

5.195430888s ago: executing program 3 (id=5846):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xe)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000080))
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x5331, 0x10100, 0x1000006, 0x1e5}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r5, 0x2d3e, 0xec84, 0x0, 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f00000000c0)=0xc)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000040), 0x4)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x40000084, 0x0, 0x9}]})

5.145239213s ago: executing program 3 (id=5847):
pipe2(&(0x7f0000000040), 0x0)
ioperm(0x0, 0x8, 0x8000000000004)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, 0x0})
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xd3, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400), 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x1010, 0x221}, 0x50)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001a80)="d8", 0x1}], 0x1}, 0x890)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r7, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffd}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0xc8f}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)

2.579752863s ago: executing program 6 (id=5848):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
socket$unix(0x1, 0x2, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0xa10000, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f00000002c0), 0x0, 0x181800)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000380)={0x2, @pix_mp={0x6, 0x10001, 0x34324152, 0x0, 0xb, [{}, {0x10}, {0x2}, {0x40, 0x101}, {0x0, 0xffffffff}, {0xfffffffd, 0x8000}]}})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000280), 0x4006, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = gettid()
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0xffffffff, 0x7b1d82)

2.323675542s ago: executing program 2 (id=5849):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1d, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="c3a200000000000000000000000000008112080029c6ffff9500000000000000"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x8c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x5c, 0x2, {{0x3, 0x43, 0x6361, 0x7, 0xffffffff, 0x3}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xffffff01, 0xff000000}}, @TCA_NETEM_LOSS={0x34, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x8, 0x1, 0x6, 0x2}}, @NETEM_LOSS_GI={0x18, 0x1, {0x3, 0x8, 0x3, 0x6, 0x8001}}]}]}}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x27}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2400c0e0}, 0x4890)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @multicast}, 0x14)

2.062136171s ago: executing program 3 (id=5850):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000014800)={0x0, 0x0, &(0x7f00000147c0)={&(0x7f0000014740)=@newspdinfo={0x1c, 0x24, 0x1, 0x70bd28, 0x25dfdbfc, 0x8, [@XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x880}, 0x48000) (async)
r4 = syz_io_uring_setup(0xec5, &(0x7f0000000500), &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000440))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_emit_ethernet(0x14, &(0x7f0000000200)={@broadcast, @local, @void, {@llc={0x4, {@llc={0x42, 0x4, "a7", "31be66"}}}}}, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x25, &(0x7f0000000000)={0x1})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000010000000000000000000000a5000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb9)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r8, r7, 0x5}, 0x10) (async, rerun: 32)
close(r8) (async, rerun: 32)
io_uring_enter(r4, 0x95d, 0xfa39, 0xc1, 0x0, 0x0) (async, rerun: 32)
io_uring_enter(r4, 0xedd, 0x8acb, 0x41, 0x0, 0x0) (async, rerun: 32)
io_uring_enter(r4, 0x47fa, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (rerun: 32)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0xc0000100, 0x0, 0x7}]})

1.91162348s ago: executing program 3 (id=5852):
r0 = getpid()
ptrace$setopts(0x4206, r0, 0x80000001, 0x100000)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_CAP_HYPERV_SYNIC(r1, 0x4068aea3, &(0x7f0000000000))
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x100)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
connect$unix(r3, &(0x7f0000000100)=@file={0x1, './file0/file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x6)
r4 = openat$nci(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
memfd_create(&(0x7f0000000200)='$\x86%\x00', 0x2)
timer_create(0x3, &(0x7f0000000240)={0x0, 0xe, 0x0, @tid=r0}, &(0x7f0000000280))
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x800)
prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x1, &(0x7f00000003c0))
syz_open_dev$sndmidi(&(0x7f0000000400), 0x1, 0x440)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000480), r3)
sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x70, r5, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x14}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x8}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00'}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xdb}]}, 0x70}, 0x1, 0x0, 0x0, 0x400d0}, 0x481c)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@private0, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@loopback}, 0x0, @in6=@private1}}, &(0x7f00000006c0)=0xe4)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_IOC_ASKUMOUNT(r7, 0x80049370, &(0x7f0000000700))
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={r2, 0x58, &(0x7f0000000740)}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000008c0)={{0x1, 0x1, 0x18, r4, {<r8=>r6, 0xee00}}, './file0/file0\x00'})
mount$afs(&(0x7f0000000800)=@cell={0x0, '', 'syz0'}, &(0x7f0000000840)='./file0/file0\x00', &(0x7f0000000880), 0x1000040, &(0x7f0000000900)={[{}, {@flock_strict}, {@flock_strict}, {@flock_write}], [{@fowner_gt={'fowner>', r8}}, {@smackfsroot={'smackfsroot', 0x3d, '---+'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@subj_role={'subj_role', 0x3d, '/dev/virtual_nci\x00'}}, {@appraise}, {@fowner_lt={'fowner<', r6}}, {@fsmagic={'fsmagic', 0x3d, 0x800}}, {@measure}]})
r9 = openat$ipvs(0xffffff9c, &(0x7f0000000a00)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0)
ioctl$RTC_UIE_ON(r9, 0x7003)
r10 = syz_open_dev$loop(&(0x7f0000000a40), 0x10, 0x200003)
fsetxattr$trusted_overlay_nlink(r10, &(0x7f0000000a80), &(0x7f0000000ac0)={'U-', 0x4}, 0x16, 0x1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0x10, 0x5, 0x3, 0xc, 0x10020, r2, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5, 0x0, @void, @value, @value=r3}, 0x50)
syz_open_dev$evdev(&(0x7f0000000b80), 0xd5c, 0x200500)

1.849409975s ago: executing program 3 (id=5853):
pipe2(&(0x7f0000000040), 0x0)
ioperm(0x0, 0x8, 0x8000000000004)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, 0x0})
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xd3, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400), 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x1010, 0x221}, 0x50)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001a80)="d8", 0x1}], 0x1}, 0x890)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r7, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffd}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0xc8f}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.662024779s ago: executing program 6 (id=5854):
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x64, 0x19, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x50, 0x11, 0x0, 0x1, [@typed={0x49, 0x121, 0x0, 0x0, @binary="c9a7befe6f6d645a1a11b81b2c4b101c7510e19fee6bb49f6cc7a2c50fd57c06db1a75df432aa833928a0772ff8f5e9ed3103bc77d35b296674f1fe35663c0d236fd88d7ba"}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000001e00)={0x0, 0xa})
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
syz_usb_connect(0x3, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000040)='!', 0x1}, {&(0x7f00000005c0)='~', 0x1}], 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

1.140894192s ago: executing program 2 (id=5855):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@call={0x85, 0x0, 0x0, 0x20}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffc}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x2}, 0x94)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a00)={0x18, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}]}, 0x18}}, 0x4000080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1.080938662s ago: executing program 2 (id=5856):
gettid()
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)=ANY=[@ANYRESHEX=r0], 0x54}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000500), 0x42, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = dup(r3)
io_setup(0x19, &(0x7f00000009c0)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000500)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}])
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r6, 0x84, 0xa, &(0x7f0000000840)={0x9, 0x2000, 0x3, 0x40, 0xc, 0x6, 0xffff, 0x7}, 0x20)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r6, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r7 = dup(r6)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r7, &(0x7f0000000180)={0x4, 0xffffff95, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)
write$UHID_INPUT(r4, &(0x7f0000000880)={0x8, {"42d1d92b458e9ea9121673103f96e2a6f652a6bdda39b5d7420184a77546c6fff4a436cebd267e2cba6384cfd34afd4d775ba7dae05a62136afcfc54f5d02449793625a11ecd264a66c65811ec065bf3384ba3a94511f88032621b01045583e45e0f9b8befcefeee83c1c07af866dc99b3a7fe5fdee5dc46a3e9cb1edaeba78d42d3be0bca7db3ac5afa44e7331dbdb3ac881558a185f17f98bf0eb96c68c011a16cae07edc32699fe15c4c964be095ef651bfa7c0d94f13fa1c3170e9fb1b6da3eced5ba82a5bf3198a410a82d22a2c9d70affcfa48c6dec8448cee3e26219817c2faa2f4bc424789791e43a266ee715ab789495c7570726e2250d43fb1b1d113097c8fd4c1cb3668b8c892b1adefbe6eeee0516dc7a83e698bd9cc63df91ecf51c3c34cef6dc62c1eabbafdb9fb960522f2241e383b943609aea34880728553c1caf4d435f517ce3364bc62a340cb999324a1b2af232a945cab0bacc01cc3f5aae8e09c0592c78cc75bfbe5419f1b6dcc226456dc3473036665c91f00267de753b542060780257d2e8d72fbccdbad113381ba1cf207c86d959843aa68dbb7a753e6800ebfc3328034691a8a30296741cd1a895cf54ce89a556c2070a7cbb8e682cd8a79a57f484f19f10f34bd307d631a9d215bfabebf4a7aeda75c6d217568c5b281b38470982ec48ac6f636909d15758d95c1461540711b09398a4693fa62c3c93822048ae9675d9d6881191c8f9ec846c188f473cdcfa5273bbbcad0d5d7d36763bc3861076722bd48c3345498cc48048222f5574ec7378bc7efe5252795065bbcdb7ce499e0c0bebee079be6f4c7c5c15cd7e56b6413dd07ad8327044f8b725e8fa9c99c45c0b9daef51afa7c291006b684375316e7a501d35041b18e55b1391e36becf00194ba3630dcee4fde391d15347bc28c6c53cf3cccffe116330739d93a6ff56be34c316a71410281f3c619e7ad12e37c668b1f4795fd27e6f483b85c9763ce42524a66d1ba6ee7156e36678cb78c779d976dbdbdebdff36049aaf0b59c93725746eeeb960d938485c4dfa2b4caa029c6a142fb0119d7247baa3d065fc61f3afb531dd579f857adc835f7ebe3545c6f5ca8b3a749c0832cfe6be5dae01543ea3a56663b5cf58de7daaace2c3271848a65d9bbff1a13b354dd614fbf223dde719dfe6591bb5fe4edc3ac31d9ae18432740b7c05de02b9fb86cf9fe4454961da31cd41ddb6fb95a72e5723d6cc3cb57520806d09a853ecfe29c9cdfce35395f1fd7f2593600f9d5bd7b6b157d5575672430509c7eeebe3805438cfae86a5993cd3e6fa39f9567000c9baf665254042ca19fb1adfdec37720d41dca15523a8073e5c49db4add9caeefdec2b7aafdca5baafe78b9a7f8c2bdd5c58baa8a87ec2f8fcf708045ec7ab899c47481c59184bd10f8319f73263d9b4efefb0247a39fc6d451cae8d3a3a51b6e98977be59b2e1beec3a1a9e0dd8475123c3162d0927eab50f44e48c39a95938a033015b8ef9fc02fdee10540b123c7a53d6706f7476ab88d0d5121676e7d7cbc2635ba281b369f3378afaef92a60c92393efe9c45ccf60f1bdb69097e5f1bc67b1597e6b5de3dd5a7f162690972c6768cf63a9b4a7875268c97b31a427b983196f601d28f1648fd40b4b6a16b4ff4b2737cbd0d14b0c43b0c33d5c876df6591efa0b51bc44413fff32524dab4d198f045b2622c4e2fdcec8e6606b88ed3de71ad0d3dd0dbd661e39acd69af980e1b7c7d539d6498d68b64bac9233efd7d4b00db3fea8c0bf02aebcfb2240bc11ec5bceccccad5b00007a29f345620ae4673f1d41c514e9f5b583433adde93069a1cd01621b50d87dfffd5d410d077b9b4b6b8a807298ee871ff649e8620b06af7988f3d4ae20cb5482121875cdcd9b4e44a74c691c09bac1e7947f2f4f4d228146a1f867633c19ee3b709a86968428f2810d92598bdbcd18b93fbc9a705dda58691ebad397335e80a0cd17b1e6518386251341129e8fdb252b12b741847a4bb8da0e617bbe203f65cfd52cd271dc267598ec0ed469a57fe98e338468839a3cb20caec617f94fa65262e55bd34f2ebd64a88b75779993e6903a50d6ceb7fbf1c6bd1f83b7afa213471d86f52b060c9af2559f3332eab72bbef58de69c481122ad0fdaf499aee6121a52d0ed2b9fc2d62412f8f77e331f025f2ca21adba1434e41577580fae31a3892fdf3e08d1627c6cd1791abc41ac64da3d8aafbd6fbb5ff3d582030162bfc20dbb7aec5ba68a7f88167124d675674b15012930b491540f3d8ea93a6486b64ac5a88bce5491822f0c79cb43a90e349d8480929343b307662ac67934ac3bc5c6e4bc409340ae234f86febf422eae94f22fe41cfacf9b62703a64dca51a81995d646ddb91f0962ebe9c93597349635e73b7604024edb816a07863fbc80febd2d024e497ff03bf91b7f2e6e74601f9564ac8a30bc6571f9e0c6e9cb105bd8204d3a6de3a21952005c22aa4ad68fe4d4d79377d7f19241961cc1993d7cd7fe02bb023702a65024f8cf7e18072ed500ea6a2b545951023f794a0fefb317531ea1f702002ef5897b4629308c28724554d8f0d89fb0369fb6270fa7a885df66e49b6353b65924578e0aea8dd4ee65d32ebeebbc238973aae8fa25b9e4dc36df1a15b174b2ca3c8650ac1f255a1707d46b5d555a61ddccf6c232488c92949e1756e0bbc7d845676b4143ab12ad17f214bc5caae48e410df19616e9e371f8dfc8d00bb4a4a510594479c75276474d9a346db1d357bedb5de96e56846d306a2dfe98d24fd676e79f89e560a95d8894d1160bda8b46bb8e061a6199d373e94c2947f852f4e54c58476d4bc37c66ecfd0d23f967fc73667f9ae39dcc4b14fcb9ab524e04143d624d04c3031dbd9259864c5040a481a5906b870ed4be35818bc6cd45ce4f91bd8e39b424526e36afb87b298eedb187883d5005c4407637f0edacac29f5f6eb38f525a662a6c3c201fd48b811519bc621494440c09f9f2c989dafe2fe8215d1050ef3769f49aad149cbddd4b5133a1711a055e5172894fa617dcf9801b78695e75754bd590deaf816a4233f63311c2e5e9f82413e66f743e96ace48083fb97c869c3d07c8593e0e6a4b8446471e44bc04b6381ba359baba2a60daf4e29fd25d2ddf7ac1a60191474c09e4a4bde1e1ab97dfa01bdbb95cc356c51cde94d26848d60ac4c310fd9691425edd6f14304775f2271b04412473c623b4b74eb53c8e3e4251209ea44689b6144993ee4287353f8a41659cdf456e2544d116064b0e6ea6d0ef105cc207ef3e63f0ff27ecdb32fc1bed4a9f261e3234207bc8d601ae3aebf56bdf6957c49d98e23ac43b90fecd89630fe7b8e7f9c2845c3f791fb7140d9dfe24ef9564b96f1e449fcb84e2e9ec41255f60f5b61994bac1fde331f2560a3d183f96de605e51c48789ef15edd9a85f34978df474811c92a19b838a24fe956fe4b8c4dacf48518418d7d0a276c72a759f0f0fe7efc27ff8f2478164615cd0b86fcff3bf6c4f78e0154267af5f40f52cbf0bac7184d84a1ddae1a8fcfa9d9da983dd470b5d1f656e716eb7309bf07d4cd71818b55927e679033b3ea63f1fe5ec1b0280607e0976e90d714eebbc6710e5fc1dae090dfbcbf6e67f77928615d60bb672e1ef8140eeccaed9a22c122699b4615ff52abd5bda6327b019471f3ecf18497335b8eae99b99211e88ecd068aaad527506c307240fb1949ce6168995120aecb013abbc05b654dee28bc95f5b96b22e69abfd6923eef1a90b6d1152327aaacf5f138547255043723c26711ea3dd937a68445a1fd69642b23336190ae3c5e0555a3def9a38431e8fe95395dbc0c5b7b929f9847a6e74ea21c7bacf248c9830839286af319a94c8c4d01b37779b74e159c4b40ae7004ad95de5db6967e6d5dc8313c9067e6ed161c1fd210c2d17cbfc49061e867154624ed93fb6c06f546d03e8141fe00f983551c4888285c584dce9a3541d24ba38c3a149e865318a8ec53ec577de540b9e421700cb24347368c06eeb568ebca9dd044591cab837fe7a6e70bf2622062753ed1dc2051f2d7867b4c23f657777dc5eafbf4ed86d3e295ea7edfe7213aa0990da23fb288a289dbfd59d4c524cf3f02a2afb25f5e9d7d8cd0166a13ec56d05596152e1a83259ec852f96971afe3aa47a5971bf3b12281f588fd3fe59d29b1ebc6e797d766ec717d76d28f03c1225e85cbd9f5d09080aa9e85dc3dba8be5e3de98cb98aec4c9db811cebe8fe4883dc9c55455c6a7010e8d82d98c20efa3146939c5d1634dfac84310450a7410073e879b0172fc4587450ac286b0b50de0edcec3d97a25a9e12d879ac90d12f8fb0fa38e90289946ede3e1953d4bb896138a733218d9e3b198c5717fba844a72e9622c56bb1df9a9c71fd21111434b3362ebdb0e4b75b348fb53287bc64689d8dc7c2d0ecdf15900ab5f4d5d54cfc4c0c6f6805247bd309dc329a63944a40bac7b21a6d587c1a372ba113d74cb8b102d41cd34dff7d8d4c721fbfd718263c6976983c9dfbc8903fbf05198bc9d7909ccd2e9233f147b8f4827e390ca06e148051ddac02d6e0315638cf85c2ae259d903e7ce2a9fb19c81e9d368663f9b8c2d86a627812cdb36c4f7fd9fd033bb9d1ea26acf621909c791ed181fb16b1553f5654ac2eaff7c77049a6605ab08f19b64b200a276cbb9915b50da6305d07a40d9af915a5c43adfa42e07806b91fca4da099a72ca9375755f8b57d657f567696106ca1fb8abe0c76bebe1a00ac475c3d98137968d1fdb77d1b1ab5f4369e0e5a496ab9d4403e5c25b469096ba7957faf5aa8b8eb1562609279db8570e32947f723e2e4802e43f391a696ce4db76b780a1bea0087bfe9ed878cc7a72e79fde3b6e29eeaebab382488a38cfe20766ce14289e89d91d7b7fd7f8e222968b94c7edcde8144ae48d3ff6253fc86514137b804535cb0276b9a51692ba08c2ab831c82eac25f7d8f9549ad6916bc0ab3667a63dcbf3f4ab81e37fbcdef650ea24ffc952b71cdd0e4abc8ac803a4153877403e14adc800687f5978f9ed73617edd1931e1d777d7e8fe346a169a645b844c639355e8970ecf43e9fc37e78f7d311787de593128d671f2fe8d1efcf9c30be758e39686b3810a354f8f70c3b8875d10f251d14e9f510103d370b4c2a35fc0b7bd4fc4672957889719b982ce9696900570a292a755b85c7aa68bf9d867be67052075ff8e376c58b3471dd7423f5c40cd72f0c27d054d2ddd7b06e63153e67a408b412ee94489c6f9f7add7d19fdf269c3db26a1a6565cb9fa4a8567f398276c50d1c439da577c4018f912fff16262d8b86dbc3b1cf7d56fcf25cf4dce6b1c99f83bcd85beef32bb7f12d6f9eb366be1cb8ca6dd43476be8b3e6c82b8ce48e9a7c279d31f8906014e5e371a102a87a6037d228719caa2c096ed5d8d5d7a6cbda9bf720ae5bf460188afd0ec006eccc1c3e8efc1dc8fbf8ffc1e1fc02ee42e4d65d225fcfc9cf8388afbc51f0b15187477fdabd8fbd1766c09b1c6940a2abe3366018db6834e41c8ccbd65cb049c06659031fd2973f983b4cb4414fc62479c50b0d0bd422b4f826194d2fb83ae56cc3dbd7bb7856c2f33f716bfbedb965c3f08882ab088d6f66d1f2a94f82100e6481c184ee58a98a318ca04561c6140da0a87bc1bec0c13d3517a2dff36223205aa65a00d053f268125a608f52138c6ce64de980391f7adb1563c3fe97ae8bc84142ac7823a9e7645d99f64db79d1fb9dd4dd2afefa", 0x1000}}, 0x1006)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r8, 0xc0cc5605, &(0x7f0000000200)={0xa, @win={{0x0, 0x0, 0x31324d4e}, 0x0, 0x0, 0x0, 0x0, 0x0}})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r9 = mq_open(&(0x7f0000000000)='batadV}\xed\x88ave_1\xbb', 0x8c2, 0x0, &(0x7f0000000080)={0x3, 0x8, 0x6, 0xc03})
mq_timedreceive(r9, &(0x7f0000000100)=""/90, 0x5a, 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)

356.11252ms ago: executing program 6 (id=5857):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x4001af84, &(0x7f0000000000))
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000680))
getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x2)
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x4000000002)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00f7ffffff1e00ff130012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$UI_DEV_DESTROY(r4, 0x5502)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
ioctl$EVIOCGRAB(r6, 0x40044590, &(0x7f0000000400)=0xe)
write$evdev(r6, &(0x7f0000000180)=[{{}, 0x3, 0xfca6, 0x100}, {{0x0, 0xea60}, 0x4, 0x9, 0x1d41}, {{0x0, 0xea60}, 0x2, 0x3, 0x7}], 0x30)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000004001000040122000b00b344669cd706", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

316.094493ms ago: executing program 3 (id=5858):
pipe2(&(0x7f0000000040), 0x0)
ioperm(0x0, 0x8, 0x8000000000004)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, 0x0})
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xd3, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400), 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x1010, 0x221}, 0x50)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001a80)="d8", 0x1}], 0x1}, 0x890)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r7, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffd}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0xc8f}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)

0s ago: executing program 2 (id=5859):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x3, 0xc, &(0x7f0000000500)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, [@call={0x85, 0x0, 0x0, 0x28}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000640)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x2f, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a3731677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
recvmsg$unix(r1, &(0x7f00000004c0)={&(0x7f0000000380), 0x6e, &(0x7f0000000240)=[{&(0x7f0000000400)=""/178, 0xb2}, {&(0x7f0000000680)=""/124, 0x7c}, {&(0x7f0000000700)=""/241, 0xf1}, {&(0x7f0000000800)=""/139, 0x8b}, {&(0x7f0000000a00)=""/165, 0xa5}, {&(0x7f00000008c0)=""/81, 0x51}, {&(0x7f0000000ac0)=""/108, 0x6c}, {&(0x7f0000001c00)=""/239, 0xef}], 0x8, &(0x7f0000001d00)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd4}, 0x40000000)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x25dfdbfc, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x7}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x7, 0x5, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x6c}}, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x38)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_GET_PIT2(0xffffffffffffffff, 0x8070ae9f, &(0x7f0000000300))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r5, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmmsg(r7, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r6, r5, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

kernel console output (not intermixed with test programs):

[ T6024] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1362.215015][   T55] usb 8-1: config 0 has no interface number 0
[ 1362.216639][ T6024] usb 5-1: config 0 descriptor??
[ 1362.217325][   T55] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1362.220202][T26604] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1362.223717][   T55] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1362.226863][T26604] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1362.231593][   T55] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1362.238048][   T55] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1362.240091][ T6024] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1362.242158][   T55] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1362.250148][   T55] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1362.258025][   T55] usb 8-1: config 0 descriptor??
[ 1362.261538][   T55] ldusb 8-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1362.446299][ T6024] usb 5-1: USB disconnect, device number 69
[ 1362.449582][ T6024] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[ 1362.461839][T23640] usb 8-1: USB disconnect, device number 62
[ 1362.466846][T23640] ldusb 8-1:0.55: LD USB Device #1 now disconnected
[ 1362.531646][T26617] vxcan0: tx address claim with different name
[ 1362.650098][T26617] veth7: entered promiscuous mode
[ 1362.727546][T26618] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1363.529290][T20436] Bluetooth: hci4: command 0x0406 tx timeout
[ 1363.971025][T26641] bond5 (unregistering): Released all slaves
[ 1364.387530][T26648] vxcan0: tx address claim with different name
[ 1364.497064][T26648] veth17: entered promiscuous mode
[ 1364.559746][T26649] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1365.071131][T17179] usb 8-1: new low-speed USB device number 63 using dummy_hcd
[ 1365.073549][T12355] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[ 1365.221535][T12355] usb 7-1: Using ep0 maxpacket: 8
[ 1365.233522][T17179] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1365.237151][T17179] usb 8-1: config 0 has no interface number 0
[ 1365.240282][T12355] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1365.246135][T17179] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1365.250961][T12355] usb 7-1: config 0 has no interface number 0
[ 1365.254782][T12355] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1365.261796][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1365.266353][T12355] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1365.271150][T17179] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1365.277294][T12355] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1365.281906][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1365.286383][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1365.290759][T17179] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1365.296426][T12355] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1365.301869][T12355] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1365.305520][T12355] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1365.309964][T17179] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1365.314588][T12355] usb 7-1: config 0 descriptor??
[ 1365.316907][T17179] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1365.324870][T12355] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1365.330892][T17179] usb 8-1: config 0 descriptor??
[ 1365.341949][T26663] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1365.344947][T26663] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1365.356866][T17179] ldusb 8-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1365.531043][T17179] usb 7-1: USB disconnect, device number 53
[ 1365.534341][T26661] __nla_validate_parse: 17 callbacks suppressed
[ 1365.534358][T26661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5510'.
[ 1365.534888][T17179] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1365.537171][T26661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5510'.
[ 1365.551967][T26661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5510'.
[ 1365.558668][T12355] usb 8-1: USB disconnect, device number 63
[ 1365.565469][T12355] ldusb 8-1:0.55: LD USB Device #1 now disconnected
[ 1365.616112][T26676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5524'.
[ 1365.872075][ T6024] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1366.032345][ T6024] usb 5-1: Using ep0 maxpacket: 8
[ 1366.035574][ T6024] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1366.038154][ T6024] usb 5-1: config 0 has no interface number 0
[ 1366.040043][ T6024] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1366.043407][ T6024] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1366.046966][ T6024] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1366.050346][ T6024] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1366.054443][ T6024] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1366.057184][ T6024] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1366.061821][ T6024] usb 5-1: config 0 descriptor??
[ 1366.072332][ T6024] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1366.267850][T26676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5524'.
[ 1366.270840][T26676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5524'.
[ 1366.273927][T26676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5524'.
[ 1366.279721][   T55] usb 5-1: USB disconnect, device number 70
[ 1366.283346][   T55] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[ 1367.107779][T26692] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5520'.
[ 1367.181966][T26692] bond3 (unregistering): Released all slaves
[ 1367.413519][T26700] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5521'.
[ 1367.416555][T26700] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5521'.
[ 1367.862666][T26707] bond1: entered promiscuous mode
[ 1367.865283][T26707] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1367.938582][T26707] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1367.941328][T26707] bond2: entered promiscuous mode
[ 1367.945652][T26707] bond1: (slave bond2): Enslaving as an active interface with an up link
[ 1368.271999][T26717] bond5: entered promiscuous mode
[ 1368.274184][T26717] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1368.369811][T26717] 8021q: adding VLAN 0 to HW filter on device bond6
[ 1368.372886][T26717] bond6: entered promiscuous mode
[ 1368.375329][T26717] bond5: (slave bond6): Enslaving as an active interface with an up link
[ 1368.395222][T11489] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[ 1368.565351][T11489] usb 7-1: Using ep0 maxpacket: 8
[ 1368.568858][T11489] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1368.571489][T11489] usb 7-1: config 0 has no interface number 0
[ 1368.573506][T11489] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1368.579288][T11489] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1368.584960][T11489] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1368.590683][T11489] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1368.596588][T11489] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1368.602146][T11489] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1368.653419][T11489] usb 7-1: config 0 descriptor??
[ 1368.667179][T11489] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1368.872009][T11126] usb 7-1: USB disconnect, device number 54
[ 1368.879808][T11126] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1369.096165][ T6024] usb 11-1: new low-speed USB device number 6 using dummy_hcd
[ 1369.318997][ T6024] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1369.321722][ T6024] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1369.324902][ T6024] usb 11-1: config 0 has no interface number 0
[ 1370.079620][ T6024] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1370.082417][ T6024] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1370.086108][ T6024] usb 11-1: config 0 descriptor??
[ 1370.097887][ T6024] ldusb 11-1:0.55: Interrupt in endpoint not found
[ 1370.274072][T26742] bond7 (unregistering): Released all slaves
[ 1370.377590][T11126] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[ 1370.405971][   T55] usb 11-1: USB disconnect, device number 6
[ 1370.527632][T11126] usb 7-1: Using ep0 maxpacket: 8
[ 1370.532695][T11126] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1370.538201][T11126] usb 7-1: config 0 has no interface number 0
[ 1370.540987][T11126] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1370.545360][T11126] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1370.550082][T11126] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1370.554358][T11126] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1370.559445][T11126] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1370.563283][T11126] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1370.574659][T11126] usb 7-1: config 0 descriptor??
[ 1370.583552][T11126] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1370.857887][T23640] usb 7-1: USB disconnect, device number 55
[ 1370.865097][T26750] __nla_validate_parse: 6 callbacks suppressed
[ 1370.865158][T26750] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5535'.
[ 1370.870071][T26750] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5535'.
[ 1370.897599][T26739] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5533'.
[ 1370.911946][T26739] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5533'.
[ 1370.928077][T23640] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1370.936215][T26739] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5533'.
[ 1371.935673][T26765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5539'.
[ 1372.189688][    T9] usb 7-1: new high-speed USB device number 56 using dummy_hcd
[ 1372.349991][    T9] usb 7-1: Using ep0 maxpacket: 8
[ 1372.377451][    T9] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1372.382356][    T9] usb 7-1: config 0 has no interface number 0
[ 1372.386450][    T9] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1372.390400][    T9] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1372.393934][    T9] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1372.397383][    T9] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1372.401467][    T9] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1372.404264][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1372.413204][    T9] usb 7-1: config 0 descriptor??
[ 1372.418882][    T9] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1372.419454][T26771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5540'.
[ 1372.617858][    T9] usb 7-1: USB disconnect, device number 56
[ 1372.619388][T26765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5539'.
[ 1372.622800][    T9] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1372.624777][T26765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5539'.
[ 1372.631983][T26765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5539'.
[ 1372.671198][T24124] usb 8-1: new high-speed USB device number 64 using dummy_hcd
[ 1372.950683][T24124] usb 8-1: Using ep0 maxpacket: 8
[ 1373.239336][T24124] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1373.242019][T24124] usb 8-1: config 0 has no interface number 0
[ 1373.244214][T24124] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1373.247514][T24124] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1373.251140][T24124] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1373.254513][T24124] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1373.258978][T24124] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1373.261857][T24124] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1373.265573][T24124] usb 8-1: config 0 descriptor??
[ 1373.269231][T24124] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1373.472330][T24124] usb 8-1: USB disconnect, device number 64
[ 1373.477250][T24124] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1373.552776][T26786] bond1 (unregistering): Released all slaves
[ 1374.420182][T26801] vxcan0: tx address claim with different name
[ 1374.564387][T26801] veth19: entered promiscuous mode
[ 1374.582554][T23640] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[ 1374.615939][T26812] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1374.649824][T26814] syzkaller1: entered promiscuous mode
[ 1374.652112][T26814] syzkaller1: entered allmulticast mode
[ 1374.773351][T23640] usb 11-1: Using ep0 maxpacket: 8
[ 1375.127305][T26821] netlink: 'syz.0.5558': attribute type 4 has an invalid length.
[ 1375.273438][T23640] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1375.385289][T26831] bond3 (unregistering): Released all slaves
[ 1375.542362][T23640] usb 11-1: config 0 has no interface number 0
[ 1375.546879][T23640] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1375.551247][T23640] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1375.556417][T23640] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1375.560899][T23640] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1375.567759][T23640] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1375.571398][T23640] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1375.580991][T23640] usb 11-1: config 0 descriptor??
[ 1375.585010][T23640] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1375.787148][   T55] usb 11-1: USB disconnect, device number 7
[ 1375.790623][   T55] ldusb 11-1:0.55: LD USB Device #0 now disconnected
[ 1375.844102][T23640] usb 8-1: new low-speed USB device number 65 using dummy_hcd
[ 1376.016063][T23640] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1376.019387][T23640] usb 8-1: config 0 has no interface number 0
[ 1376.022008][T23640] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1376.027410][T23640] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1376.031804][T23640] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1376.036650][T23640] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1376.041150][T23640] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1376.045701][T23640] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1376.050940][T23640] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1376.055028][T23640] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1376.059907][T23640] usb 8-1: config 0 descriptor??
[ 1376.062560][T26838] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1376.065046][T26838] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1376.069713][T23640] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1376.176931][T26840] __nla_validate_parse: 16 callbacks suppressed
[ 1376.176942][T26840] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5563'.
[ 1376.491199][   T40] audit: type=1326 audit(1762874155.875:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.6.5565" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7fc00000
[ 1377.171112][   T40] audit: type=1326 audit(1762874156.555:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.6.5565" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf703d579 code=0x7fc00000
[ 1377.245459][T26859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5568'.
[ 1377.402517][T26858] vxcan0: tx address claim with different name
[ 1377.442906][T26858] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5569'.
[ 1377.505990][    T9] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[ 1377.538503][T26858] veth9: entered promiscuous mode
[ 1377.583594][T26861] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1377.669928][    T9] usb 7-1: Using ep0 maxpacket: 8
[ 1377.749253][T26865] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5570'.
[ 1377.752221][T26865] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5570'.
[ 1378.518577][    T9] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1378.521987][    T9] usb 7-1: config 0 has no interface number 0
[ 1378.524559][    T9] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1378.528966][    T9] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1378.532540][    T9] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1378.536116][    T9] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1378.540551][    T9] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1378.543361][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1378.547932][    T9] usb 7-1: config 0 descriptor??
[ 1378.553736][    T9] ldusb 7-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1378.634454][T26870] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5572'.
[ 1378.637406][T11126] usb 8-1: USB disconnect, device number 65
[ 1378.647980][T11126] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1378.688877][T26870] bond1 (unregistering): Released all slaves
[ 1378.755770][    T9] usb 7-1: USB disconnect, device number 57
[ 1378.760955][T26859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5568'.
[ 1378.765303][    T9] ldusb 7-1:0.55: LD USB Device #1 now disconnected
[ 1378.766910][T26859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5568'.
[ 1378.771496][T26859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5568'.
[ 1379.037673][T11126] usb 8-1: new high-speed USB device number 66 using dummy_hcd
[ 1379.187973][T11126] usb 8-1: Using ep0 maxpacket: 8
[ 1379.196703][T11126] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1379.200216][T11126] usb 8-1: config 0 has no interface number 0
[ 1379.203409][T11126] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1379.207960][T11126] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1379.212734][T11126] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1379.217314][T11126] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1379.222764][T11126] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1379.226490][T11126] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1379.232488][T11126] usb 8-1: config 0 descriptor??
[ 1379.236820][T11126] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1379.438394][T23640] usb 8-1: USB disconnect, device number 66
[ 1379.441614][T23640] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1379.512504][T26886] binder: 26883:26886 ioctl b701 0 returned -22
[ 1379.514452][T26885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5577'.
[ 1379.758690][ T6024] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 1379.908743][ T6024] usb 5-1: Using ep0 maxpacket: 8
[ 1379.912184][ T6024] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1379.915409][ T6024] usb 5-1: config 0 has no interface number 0
[ 1379.917841][ T6024] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1379.922379][ T6024] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1379.926870][ T6024] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1379.931118][ T6024] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1379.935969][ T6024] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1379.939323][ T6024] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1379.943570][ T6024] usb 5-1: config 0 descriptor??
[ 1379.947478][ T6024] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1380.200007][ T6024] usb 5-1: USB disconnect, device number 71
[ 1380.274508][ T6024] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[ 1380.433846][T26894] FAULT_INJECTION: forcing a failure.
[ 1380.433846][T26894] name failslab, interval 1, probability 0, space 0, times 0
[ 1380.439196][T26894] CPU: 0 UID: 0 PID: 26894 Comm: syz.2.5580 Not tainted syzkaller #0 PREEMPT(full) 
[ 1380.439220][T26894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1380.439233][T26894] Call Trace:
[ 1380.439241][T26894]  <TASK>
[ 1380.439264][T26894]  dump_stack_lvl+0x16c/0x1f0
[ 1380.439292][T26894]  should_fail_ex+0x512/0x640
[ 1380.439320][T26894]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1380.439343][T26894]  should_failslab+0xc2/0x120
[ 1380.439367][T26894]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1380.439402][T26894]  ? __alloc_skb+0x2b2/0x380
[ 1380.439435][T26894]  ? __alloc_skb+0x2b2/0x380
[ 1380.439459][T26894]  ? __pfx_netlink_insert+0x10/0x10
[ 1380.439477][T26894]  __alloc_skb+0x2b2/0x380
[ 1380.439504][T26894]  ? __pfx___alloc_skb+0x10/0x10
[ 1380.439531][T26894]  ? netlink_autobind.isra.0+0x158/0x370
[ 1380.439554][T26894]  netlink_alloc_large_skb+0x69/0x140
[ 1380.439573][T26894]  netlink_sendmsg+0x698/0xdd0
[ 1380.439595][T26894]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1380.439616][T26894]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1380.439645][T26894]  ____sys_sendmsg+0xa98/0xc70
[ 1380.439669][T26894]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1380.439691][T26894]  ? get_compat_msghdr+0x11a/0x170
[ 1380.439726][T26894]  ___sys_sendmsg+0x134/0x1d0
[ 1380.439747][T26894]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1380.439775][T26894]  ? find_held_lock+0x2b/0x80
[ 1380.439809][T26894]  __sys_sendmsg+0x16d/0x220
[ 1380.439835][T26894]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1380.439864][T26894]  ? rcu_is_watching+0x12/0xc0
[ 1380.439885][T26894]  __do_fast_syscall_32+0x7c/0x300
[ 1380.439912][T26894]  do_fast_syscall_32+0x32/0x80
[ 1380.439935][T26894]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1380.439955][T26894] RIP: 0023:0xf706d579
[ 1380.439970][T26894] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1380.439987][T26894] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1380.440004][T26894] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000200
[ 1380.440017][T26894] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1380.440027][T26894] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1380.440038][T26894] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1380.440047][T26894] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1380.440069][T26894]  </TASK>
[ 1380.691489][T26896] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1380.764514][T26905] bond3 (unregistering): Released all slaves
[ 1381.170233][T11489] usb 8-1: new high-speed USB device number 67 using dummy_hcd
[ 1381.300337][ T6024] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[ 1381.320491][T11489] usb 8-1: Using ep0 maxpacket: 8
[ 1381.323810][T11489] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1381.326669][T11489] usb 8-1: config 0 has no interface number 0
[ 1381.328644][T11489] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1381.332436][T11489] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1381.336213][T11489] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1381.339847][T11489] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1381.344051][T11489] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1381.346928][T11489] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1381.350648][T11489] usb 8-1: config 0 descriptor??
[ 1381.357277][T11489] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1381.450622][ T6024] usb 11-1: Using ep0 maxpacket: 8
[ 1381.454634][ T6024] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1381.458446][ T6024] usb 11-1: config 0 has no interface number 0
[ 1381.461271][ T6024] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1381.465959][ T6024] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1381.470436][ T6024] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1381.474073][ T6024] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1381.478675][ T6024] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1381.482556][ T6024] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1381.487728][ T6024] usb 11-1: config 0 descriptor??
[ 1381.493638][ T6024] ldusb 11-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1381.564981][T12355] usb 8-1: USB disconnect, device number 67
[ 1381.567623][T26912] __nla_validate_parse: 5 callbacks suppressed
[ 1381.567639][T26912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5585'.
[ 1381.569836][T12355] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1381.570537][T26912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5585'.
[ 1381.580174][T26912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5585'.
[ 1381.699455][    T9] usb 11-1: USB disconnect, device number 8
[ 1381.707258][    T9] ldusb 11-1:0.55: LD USB Device #1 now disconnected
[ 1381.884134][T26928] FAULT_INJECTION: forcing a failure.
[ 1381.884134][T26928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1381.888380][T26928] CPU: 1 UID: 0 PID: 26928 Comm: syz.0.5590 Not tainted syzkaller #0 PREEMPT(full) 
[ 1381.888405][T26928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1381.888417][T26928] Call Trace:
[ 1381.888425][T26928]  <TASK>
[ 1381.888433][T26928]  dump_stack_lvl+0x16c/0x1f0
[ 1381.888461][T26928]  should_fail_ex+0x512/0x640
[ 1381.888494][T26928]  _copy_to_user+0x32/0xd0
[ 1381.888534][T26928]  simple_read_from_buffer+0xcb/0x170
[ 1381.888567][T26928]  proc_fail_nth_read+0x197/0x240
[ 1381.888590][T26928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1381.888613][T26928]  ? rw_verify_area+0xcf/0x6c0
[ 1381.888633][T26928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1381.888653][T26928]  vfs_read+0x1e4/0xcf0
[ 1381.888680][T26928]  ? __pfx_vfs_read+0x10/0x10
[ 1381.888699][T26928]  ? find_held_lock+0x2b/0x80
[ 1381.888726][T26928]  ? __fget_files+0x20e/0x3c0
[ 1381.888754][T26928]  ksys_read+0x12a/0x250
[ 1381.888775][T26928]  ? __pfx_ksys_read+0x10/0x10
[ 1381.888796][T26928]  ? fput+0x9b/0xd0
[ 1381.888819][T26928]  ? rcu_is_watching+0x12/0xc0
[ 1381.888845][T26928]  __do_fast_syscall_32+0x7c/0x300
[ 1381.888872][T26928]  do_fast_syscall_32+0x32/0x80
[ 1381.888897][T26928]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1381.888920][T26928] RIP: 0023:0xf70cd579
[ 1381.888936][T26928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1381.888953][T26928] RSP: 002b:00000000f54bd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1381.888972][T26928] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54bd620
[ 1381.888985][T26928] RDX: 000000000000000f RSI: 00000000f7466ff4 RDI: 0000000000000000
[ 1381.888997][T26928] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1381.889008][T26928] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1381.889019][T26928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1381.889046][T26928]  </TASK>
[ 1382.276783][T26934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5591'.
[ 1382.280100][T26934] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5591'.
[ 1383.314125][T26950] tipc: Started in network mode
[ 1383.315849][T26950] tipc: Node identity 62f76bd6b0bd, cluster identity 4711
[ 1383.318564][T26950] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1383.387378][T26951] netlink: 'syz.3.5596': attribute type 1 has an invalid length.
[ 1383.407152][T26951] bond7: entered promiscuous mode
[ 1383.408943][T26951] 8021q: adding VLAN 0 to HW filter on device bond7
[ 1383.848997][T26966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5600'.
[ 1384.071783][   T55] usb 7-1: new high-speed USB device number 58 using dummy_hcd
[ 1384.133806][T17179] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[ 1384.196097][T26968] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5602'.
[ 1384.198967][T26968] FAULT_INJECTION: forcing a failure.
[ 1384.198967][T26968] name failslab, interval 1, probability 0, space 0, times 0
[ 1384.203272][T26968] CPU: 0 UID: 0 PID: 26968 Comm: syz.3.5602 Not tainted syzkaller #0 PREEMPT(full) 
[ 1384.203299][T26968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1384.203306][T26968] Call Trace:
[ 1384.203311][T26968]  <TASK>
[ 1384.203316][T26968]  dump_stack_lvl+0x16c/0x1f0
[ 1384.203333][T26968]  should_fail_ex+0x512/0x640
[ 1384.203351][T26968]  ? __kvmalloc_node_noprof+0x12e/0x9c0
[ 1384.203368][T26968]  should_failslab+0xc2/0x120
[ 1384.203384][T26968]  __kvmalloc_node_noprof+0x141/0x9c0
[ 1384.203399][T26968]  ? nf_hook_entries_grow+0x28f/0x860
[ 1384.203421][T26968]  ? nf_hook_entries_grow+0x28f/0x860
[ 1384.203439][T26968]  nf_hook_entries_grow+0x28f/0x860
[ 1384.203456][T26968]  ? __call_rcu_common.constprop.0+0x3f0/0xa10
[ 1384.203480][T26968]  __nf_register_net_hook+0x1cd/0x730
[ 1384.203493][T26968]  nf_register_net_hook+0xd4/0x160
[ 1384.203505][T26968]  nf_tables_register_hook.part.0+0x13d/0x1c0
[ 1384.203524][T26968]  nf_tables_addchain.constprop.0+0xb28/0x1c90
[ 1384.203540][T26968]  ? nft_chain_lookup+0x5be/0xaa0
[ 1384.203561][T26968]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[ 1384.203588][T26968]  ? nla_strcmp+0xff/0x130
[ 1384.203601][T26968]  ? nft_table_lookup.part.0+0x1e3/0x230
[ 1384.203615][T26968]  nf_tables_newchain+0x206d/0x2da0
[ 1384.203629][T26968]  ? __pfx____ratelimit+0x10/0x10
[ 1384.203644][T26968]  ? __nla_validate_parse+0x600/0x2880
[ 1384.203659][T26968]  ? __pfx_nf_tables_newchain+0x10/0x10
[ 1384.203682][T26968]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1384.203702][T26968]  ? __nla_parse+0x40/0x60
[ 1384.203716][T26968]  nfnetlink_rcv_batch+0x190d/0x2350
[ 1384.203741][T26968]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[ 1384.203770][T26968]  ? __local_bh_enable_ip+0xa4/0x120
[ 1384.203784][T26968]  ? __dev_queue_xmit+0xaf1/0x4490
[ 1384.203801][T26968]  ? __dev_queue_xmit+0xb12/0x4490
[ 1384.203823][T26968]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1384.203853][T26968]  ? __nla_parse+0x40/0x60
[ 1384.203867][T26968]  nfnetlink_rcv+0x3c1/0x430
[ 1384.203882][T26968]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1384.203902][T26968]  netlink_unicast+0x5aa/0x870
[ 1384.203916][T26968]  ? __pfx_netlink_unicast+0x10/0x10
[ 1384.203934][T26968]  netlink_sendmsg+0x8c8/0xdd0
[ 1384.203949][T26968]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1384.203963][T26968]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1384.203983][T26968]  ____sys_sendmsg+0xa98/0xc70
[ 1384.203999][T26968]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1384.204013][T26968]  ? get_compat_msghdr+0x11a/0x170
[ 1384.204038][T26968]  ___sys_sendmsg+0x134/0x1d0
[ 1384.204050][T26968]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1384.204068][T26968]  ? find_held_lock+0x2b/0x80
[ 1384.204090][T26968]  __sys_sendmsg+0x16d/0x220
[ 1384.204101][T26968]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1384.204112][T26968]  ? __might_fault+0xe3/0x190
[ 1384.204127][T26968]  ? syscall_trace_enter+0x1cb/0x240
[ 1384.204145][T26968]  ? __bpf_trace_sys_enter+0x37/0x60
[ 1384.204163][T26968]  ? rcu_is_watching+0x12/0xc0
[ 1384.204177][T26968]  __do_fast_syscall_32+0x7c/0x300
[ 1384.204194][T26968]  do_fast_syscall_32+0x32/0x80
[ 1384.204208][T26968]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1384.204222][T26968] RIP: 0023:0xf706d579
[ 1384.204232][T26968] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1384.204243][T26968] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1384.204253][T26968] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1384.204260][T26968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1384.204267][T26968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1384.204273][T26968] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1384.204279][T26968] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1384.204294][T26968]  </TASK>
[ 1384.269910][   T55] usb 7-1: Using ep0 maxpacket: 8
[ 1384.332358][   T55] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1384.335213][   T55] usb 7-1: config 0 has no interface number 0
[ 1384.337198][   T55] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1384.340600][   T55] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1384.344269][   T55] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1384.348167][   T55] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1384.352916][   T55] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1384.355973][   T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1384.365197][   T55] usb 7-1: config 0 descriptor??
[ 1384.375717][   T55] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1384.403988][T17179] usb 11-1: Using ep0 maxpacket: 8
[ 1384.410021][T17179] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1384.412792][T17179] usb 11-1: config 0 has no interface number 0
[ 1384.415113][T17179] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1384.418653][T17179] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1384.422228][T17179] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1384.425836][T17179] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1384.429920][T17179] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1384.433753][T17179] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1384.440078][T17179] usb 11-1: config 0 descriptor??
[ 1384.444137][ T6024] tipc: Node number set to 3528092630
[ 1384.445484][T17179] ldusb 11-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1384.606431][T17179] usb 7-1: USB disconnect, device number 58
[ 1384.609606][T17179] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1384.659580][    T9] usb 11-1: USB disconnect, device number 9
[ 1384.662981][    T9] ldusb 11-1:0.55: LD USB Device #1 now disconnected
[ 1385.039929][T26957] tipc: Disabling bearer <eth:syzkaller0>
[ 1385.613084][T26966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5600'.
[ 1385.617066][T26966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5600'.
[ 1385.623339][T26966] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5600'.
[ 1385.696500][T26991] netlink: 'syz.0.5610': attribute type 1 has an invalid length.
[ 1385.729455][T26991] bond3: entered promiscuous mode
[ 1385.731820][T26991] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1386.867465][T11489] usb 7-1: new high-speed USB device number 59 using dummy_hcd
[ 1387.037592][T11489] usb 7-1: Using ep0 maxpacket: 8
[ 1387.049242][T11489] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1387.051930][T11489] usb 7-1: config 0 has no interface number 0
[ 1387.054743][T11489] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1387.058346][T11489] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1387.062091][T11489] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1387.066467][T11489] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1387.071062][T11489] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1387.073975][T11489] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1387.087780][T11489] usb 7-1: config 0 descriptor??
[ 1387.103818][T11489] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1387.111864][T27017] FAULT_INJECTION: forcing a failure.
[ 1387.111864][T27017] name failslab, interval 1, probability 0, space 0, times 0
[ 1387.115782][T27017] CPU: 2 UID: 0 PID: 27017 Comm: syz.3.5617 Not tainted syzkaller #0 PREEMPT(full) 
[ 1387.115797][T27017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1387.115804][T27017] Call Trace:
[ 1387.115809][T27017]  <TASK>
[ 1387.115813][T27017]  dump_stack_lvl+0x16c/0x1f0
[ 1387.115830][T27017]  should_fail_ex+0x512/0x640
[ 1387.115848][T27017]  ? __kvmalloc_node_noprof+0x12e/0x9c0
[ 1387.115864][T27017]  should_failslab+0xc2/0x120
[ 1387.115880][T27017]  __kvmalloc_node_noprof+0x141/0x9c0
[ 1387.115894][T27017]  ? io_alloc_cache_init+0x38/0x170
[ 1387.115914][T27017]  ? io_alloc_cache_init+0x38/0x170
[ 1387.115929][T27017]  ? __init_waitqueue_head+0xca/0x150
[ 1387.115939][T27017]  io_alloc_cache_init+0x38/0x170
[ 1387.115956][T27017]  io_uring_setup+0x661/0x20e0
[ 1387.115971][T27017]  ? __pfx_io_uring_setup+0x10/0x10
[ 1387.115985][T27017]  ? find_held_lock+0x2b/0x80
[ 1387.115997][T27017]  ? bpf_trace_run2+0x26b/0x590
[ 1387.116008][T27017]  ? bpf_get_current_comm+0xe3/0x160
[ 1387.116026][T27017]  ? syscall_trace_enter+0x1cb/0x240
[ 1387.116048][T27017]  __ia32_sys_io_uring_setup+0xc2/0x170
[ 1387.116062][T27017]  __do_fast_syscall_32+0x7c/0x300
[ 1387.116078][T27017]  do_fast_syscall_32+0x32/0x80
[ 1387.116093][T27017]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1387.116107][T27017] RIP: 0023:0xf706d579
[ 1387.116116][T27017] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1387.116128][T27017] RSP: 002b:00000000f543c50c EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[ 1387.116139][T27017] RAX: ffffffffffffffda RBX: 0000000000007aad RCX: 0000000080000740
[ 1387.116146][T27017] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1387.116152][T27017] RBP: 0000000080000180 R08: 0000000000000000 R09: 0000000000000000
[ 1387.116159][T27017] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1387.116165][T27017] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1387.116179][T27017]  </TASK>
[ 1387.297925][T11126] usb 7-1: USB disconnect, device number 59
[ 1387.301274][T11126] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1387.303772][T27011] __nla_validate_parse: 2 callbacks suppressed
[ 1387.303786][T27011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5615'.
[ 1387.309637][T27011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5615'.
[ 1387.312636][T27011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5615'.
[ 1388.298766][   T40] audit: type=1326 audit(1762874167.652:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.305275][T27031] vxcan0: tx address claim with different name
[ 1388.305655][   T40] audit: type=1326 audit(1762874167.652:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.315540][   T40] audit: type=1326 audit(1762874167.652:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.319172][T27031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5622'.
[ 1388.322447][   T40] audit: type=1326 audit(1762874167.652:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.332376][   T40] audit: type=1326 audit(1762874167.652:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.340926][   T40] audit: type=1326 audit(1762874167.652:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.350170][   T40] audit: type=1326 audit(1762874167.652:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.359192][   T40] audit: type=1326 audit(1762874167.652:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.368179][   T40] audit: type=1326 audit(1762874167.652:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.377037][   T40] audit: type=1326 audit(1762874167.652:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27025 comm="syz.2.5620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[ 1388.452956][T27031] veth21: entered promiscuous mode
[ 1388.481663][T27034] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1389.575979][T27056] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5629'.
[ 1389.625538][T27058] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5630'.
[ 1389.644821][T27059] netlink: 'syz.2.5628': attribute type 10 has an invalid length.
[ 1389.894258][T27059] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1389.971935][T27065] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5632'.
[ 1389.975623][T27065] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5632'.
[ 1390.039964][T27063] vxcan0: tx address claim with different name
[ 1390.053994][T27063] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5631'.
[ 1390.154828][T27063] veth11: entered promiscuous mode
[ 1390.244203][T27068] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1391.028830][T27076] lo speed is unknown, defaulting to 1000
[ 1391.031015][T27076] lo speed is unknown, defaulting to 1000
[ 1391.036355][T27076] lo speed is unknown, defaulting to 1000
[ 1391.040257][T27076] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1391.062715][T27076] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1391.192143][T27076] lo speed is unknown, defaulting to 1000
[ 1391.205491][T27076] lo speed is unknown, defaulting to 1000
[ 1391.214554][T27076] lo speed is unknown, defaulting to 1000
[ 1391.224992][T27076] lo speed is unknown, defaulting to 1000
[ 1391.235514][T27076] lo speed is unknown, defaulting to 1000
[ 1391.256458][T27076] lo speed is unknown, defaulting to 1000
[ 1391.267508][T27076] lo speed is unknown, defaulting to 1000
[ 1391.277920][T27076] lo speed is unknown, defaulting to 1000
[ 1391.339827][T27082] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5637'.
[ 1392.163154][T17179] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 1392.333245][T17179] usb 5-1: Using ep0 maxpacket: 8
[ 1392.340001][T17179] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1392.345548][T17179] usb 5-1: config 0 has no interface number 0
[ 1392.348546][T17179] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1392.352106][T17179] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1392.355805][T17179] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1392.359261][T17179] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1392.363514][T17179] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1392.366429][T17179] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1392.371612][T17179] usb 5-1: config 0 descriptor??
[ 1392.377753][T17179] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1392.604211][T17179] usb 5-1: USB disconnect, device number 72
[ 1392.604276][T27086] __nla_validate_parse: 2 callbacks suppressed
[ 1392.604287][T27086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5638'.
[ 1392.609092][T17179] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[ 1392.611438][T27086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5638'.
[ 1392.616717][T27086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5638'.
[ 1392.884877][T27100] vxcan0: tx address claim with different name
[ 1392.899099][T27100] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5641'.
[ 1392.975304][T27100] veth13: entered promiscuous mode
[ 1393.030319][T27104] netlink: 'syz.3.5642': attribute type 1 has an invalid length.
[ 1393.041838][T27104] bond8: entered promiscuous mode
[ 1393.049338][T27104] 8021q: adding VLAN 0 to HW filter on device bond8
[ 1393.064169][T27101] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1393.579045][T27116] netlink: 'syz.0.5645': attribute type 4 has an invalid length.
[ 1393.596031][T27116] netlink: 'syz.0.5645': attribute type 4 has an invalid length.
[ 1393.999177][T27121] fuse: Bad value for 'fd'
[ 1394.913957][T27135] vxcan0: tx address claim with different name
[ 1394.933489][T27135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5652'.
[ 1395.017706][T27135] veth19: entered promiscuous mode
[ 1395.091379][T27140] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1395.128578][T27144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5654'.
[ 1395.249063][T27149] netlink: 'syz.3.5655': attribute type 1 has an invalid length.
[ 1395.266779][T27149] bond9: entered promiscuous mode
[ 1395.269323][T27149] 8021q: adding VLAN 0 to HW filter on device bond9
[ 1395.272118][T27151] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5657'.
[ 1395.366753][ T6024] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[ 1395.516933][ T6024] usb 7-1: Using ep0 maxpacket: 8
[ 1395.520639][ T6024] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1395.524633][ T6024] usb 7-1: config 0 has no interface number 0
[ 1395.526683][ T6024] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1395.526968][T24124] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[ 1395.530171][ T6024] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1395.536400][ T6024] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1395.540824][ T6024] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1395.545205][ T6024] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1395.548479][ T6024] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1395.554322][ T6024] usb 7-1: config 0 descriptor??
[ 1395.566989][ T6024] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1395.687117][T24124] usb 11-1: Using ep0 maxpacket: 8
[ 1395.690150][T24124] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1395.692709][T24124] usb 11-1: config 0 has no interface number 0
[ 1395.694735][T24124] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1395.698167][T24124] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1395.701815][T24124] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1395.705258][T24124] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1395.709841][T24124] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1395.712783][T24124] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1395.716592][T24124] usb 11-1: config 0 descriptor??
[ 1395.720982][T24124] ldusb 11-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1395.763645][   T55] usb 7-1: USB disconnect, device number 60
[ 1395.764401][T27144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5654'.
[ 1395.767595][   T55] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1395.768864][T27144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5654'.
[ 1395.773846][T27144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5654'.
[ 1395.936629][T17179] usb 11-1: USB disconnect, device number 10
[ 1395.939916][T17179] ldusb 11-1:0.55: LD USB Device #1 now disconnected
[ 1396.097137][T27159] FAULT_INJECTION: forcing a failure.
[ 1396.097137][T27159] name failslab, interval 1, probability 0, space 0, times 0
[ 1396.103076][T27159] CPU: 3 UID: 0 PID: 27159 Comm: syz.0.5659 Not tainted syzkaller #0 PREEMPT(full) 
[ 1396.103099][T27159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1396.103110][T27159] Call Trace:
[ 1396.103117][T27159]  <TASK>
[ 1396.103124][T27159]  dump_stack_lvl+0x16c/0x1f0
[ 1396.103151][T27159]  should_fail_ex+0x512/0x640
[ 1396.103176][T27159]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1396.103198][T27159]  should_failslab+0xc2/0x120
[ 1396.103220][T27159]  __kmalloc_cache_noprof+0x72/0x780
[ 1396.103237][T27159]  ? arch_stack_walk+0xa6/0x100
[ 1396.103256][T27159]  ? assoc_array_insert+0x10c/0x3970
[ 1396.103282][T27159]  ? assoc_array_insert+0x10c/0x3970
[ 1396.103302][T27159]  assoc_array_insert+0x10c/0x3970
[ 1396.103322][T27159]  ? stack_trace_save+0x8e/0xc0
[ 1396.103354][T27159]  ? __pfx_assoc_array_insert+0x10/0x10
[ 1396.103380][T27159]  ? __pfx_down_write+0x10/0x10
[ 1396.103403][T27159]  ? __pfx_key_set_index_key+0x10/0x10
[ 1396.103431][T27159]  __key_link_begin+0xf5/0x260
[ 1396.103453][T27159]  __key_create_or_update+0x4e3/0xe10
[ 1396.103477][T27159]  ? __pfx___key_create_or_update+0x10/0x10
[ 1396.103499][T27159]  ? lookup_user_key+0x2ce/0x1300
[ 1396.103540][T27159]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[ 1396.103572][T27159]  key_create_or_update+0x42/0x60
[ 1396.103597][T27159]  __do_sys_add_key+0x29d/0x470
[ 1396.103622][T27159]  ? __pfx___do_sys_add_key+0x10/0x10
[ 1396.103650][T27159]  ? ksys_write+0x1ac/0x250
[ 1396.103674][T27159]  ? rcu_is_watching+0x12/0xc0
[ 1396.103697][T27159]  __do_fast_syscall_32+0x7c/0x300
[ 1396.103723][T27159]  do_fast_syscall_32+0x32/0x80
[ 1396.103745][T27159]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1396.103768][T27159] RIP: 0023:0xf70cd579
[ 1396.103782][T27159] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1396.103797][T27159] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[ 1396.103816][T27159] RAX: ffffffffffffffda RBX: 0000000080000140 RCX: 0000000080000180
[ 1396.103828][T27159] RDX: 0000000080000100 RSI: 00000000000000ca RDI: 00000000fffffffe
[ 1396.103841][T27159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1396.103852][T27159] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1396.103863][T27159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1396.103889][T27159]  </TASK>
[ 1396.181550][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1396.322158][T27164] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[ 1396.324237][T27164] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1396.327441][T27164] vhci_hcd vhci_hcd.0: Device attached
[ 1396.588191][T24124] usb 43-1: new low-speed USB device number 3 using vhci_hcd
[ 1398.263427][T27165] vhci_hcd: connection reset by peer
[ 1398.268764][T25055] vhci_hcd: stop threads
[ 1398.273197][T25055] vhci_hcd: release socket
[ 1398.284393][T25055] vhci_hcd: disconnect device
[ 1399.329764][T27196] vxcan0: tx address claim with different name
[ 1399.345682][T27196] __nla_validate_parse: 4 callbacks suppressed
[ 1399.345694][T27196] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5669'.
[ 1399.411737][T20436] Bluetooth: hci0: command 0x0406 tx timeout
[ 1399.500673][T27201] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1399.752078][T27206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5671'.
[ 1399.893488][T27211] netlink: 'syz.3.5674': attribute type 1 has an invalid length.
[ 1399.906000][T27211] bond10: entered promiscuous mode
[ 1399.908253][T27211] 8021q: adding VLAN 0 to HW filter on device bond10
[ 1400.002332][T24204] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[ 1400.012108][T17179] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1400.153028][T24204] usb 7-1: too many configurations: 9, using maximum allowed: 8
[ 1400.157154][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.160297][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.164122][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.168665][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.171860][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.172377][T17179] usb 5-1: Using ep0 maxpacket: 8
[ 1400.175637][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.178979][T27203] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.181130][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.181890][T17179] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1400.181905][T17179] usb 5-1: config 0 has no interface number 0
[ 1400.181922][T17179] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1400.181935][T17179] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1400.181948][T17179] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1400.181961][T17179] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1400.181981][T17179] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1400.181993][T17179] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1400.211762][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.215824][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.219227][T17179] usb 5-1: config 0 descriptor??
[ 1400.221003][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.225453][T17179] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1400.237134][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.241285][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.245294][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.249005][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.253763][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.257704][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.261436][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.265908][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.269614][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.272430][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.275824][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.278657][T24204] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1400.281478][T24204] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1400.284829][T24204] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1400.288470][T24204] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1400.291651][T24204] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1400.297563][T24204] usb 7-1: Product: syz
[ 1400.298917][T24204] usb 7-1: Manufacturer: syz
[ 1400.300381][T24204] usb 7-1: SerialNumber: syz
[ 1400.303838][T24204] usb 7-1: config 0 descriptor??
[ 1400.307870][T24204] yurex 7-1:0.0: USB YUREX device now attached to Yurex #1
[ 1400.428532][T24204] usb 5-1: USB disconnect, device number 73
[ 1400.432390][T24204] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[ 1400.445034][T27203] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.483957][T27206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5671'.
[ 1400.487188][T27206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5671'.
[ 1400.490349][T27206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5671'.
[ 1400.516692][T11126] usb 7-1: USB disconnect, device number 61
[ 1400.519778][T11126] yurex 7-1:0.0: USB YUREX #1 now disconnected
[ 1400.696527][T27203] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1401.024999][T27203] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1401.655923][ T7278] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1401.668433][T12530] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1401.678847][T12530] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1401.690079][ T7278] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1401.745386][T24124] vhci_hcd: vhci_device speed not set
[ 1401.791127][T27237] FAULT_INJECTION: forcing a failure.
[ 1401.791127][T27237] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1401.798440][T27237] CPU: 2 UID: 0 PID: 27237 Comm: syz.6.5682 Not tainted syzkaller #0 PREEMPT(full) 
[ 1401.798465][T27237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1401.798476][T27237] Call Trace:
[ 1401.798483][T27237]  <TASK>
[ 1401.798490][T27237]  dump_stack_lvl+0x16c/0x1f0
[ 1401.798517][T27237]  should_fail_ex+0x512/0x640
[ 1401.798549][T27237]  should_fail_alloc_page+0xe7/0x130
[ 1401.798575][T27237]  prepare_alloc_pages+0x3c2/0x610
[ 1401.798603][T27237]  __alloc_frozen_pages_noprof+0x18b/0x2470
[ 1401.798624][T27237]  ? stack_trace_save+0x8e/0xc0
[ 1401.798646][T27237]  ? __pfx_stack_trace_save+0x10/0x10
[ 1401.798667][T27237]  ? stack_depot_save_flags+0x29/0x9c0
[ 1401.798693][T27237]  ? find_held_lock+0x2b/0x80
[ 1401.798716][T27237]  ? kasan_save_stack+0x42/0x60
[ 1401.798737][T27237]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1401.798755][T27237]  ? kmem_cache_alloc_node_noprof+0x28a/0x770
[ 1401.798773][T27237]  ? __get_vm_area_node+0x1ca/0x330
[ 1401.798796][T27237]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1401.798818][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.798835][T27237]  ? write_ldt+0x3ca/0xd20
[ 1401.798849][T27237]  ? __ia32_sys_modify_ldt+0xda/0x170
[ 1401.798866][T27237]  ? __do_fast_syscall_32+0x7c/0x300
[ 1401.798888][T27237]  ? do_fast_syscall_32+0x32/0x80
[ 1401.798909][T27237]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1401.798942][T27237]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1401.798973][T27237]  ? policy_nodemask+0xea/0x4e0
[ 1401.799000][T27237]  alloc_pages_mpol+0x1fb/0x550
[ 1401.799025][T27237]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1401.799057][T27237]  alloc_pages_noprof+0x131/0x390
[ 1401.799081][T27237]  get_free_pages_noprof+0x10/0xb0
[ 1401.799102][T27237]  kasan_populate_vmalloc+0x9f/0x2d0
[ 1401.799121][T27237]  ? alloc_vmap_area+0x8b5/0x29e0
[ 1401.799148][T27237]  alloc_vmap_area+0x960/0x29e0
[ 1401.799182][T27237]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1401.799212][T27237]  __get_vm_area_node+0x1ca/0x330
[ 1401.799241][T27237]  __vmalloc_node_range_noprof+0x271/0x1480
[ 1401.799268][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.799293][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.799321][T27237]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1401.799357][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.799373][T27237]  __vmalloc_node_noprof+0xad/0xf0
[ 1401.799398][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.799418][T27237]  alloc_ldt_struct+0x14f/0x1a0
[ 1401.799436][T27237]  write_ldt+0x3ca/0xd20
[ 1401.799455][T27237]  ? __fget_files+0x20e/0x3c0
[ 1401.799476][T27237]  ? __pfx_write_ldt+0x10/0x10
[ 1401.799492][T27237]  ? fput+0x9b/0xd0
[ 1401.799516][T27237]  ? ksys_write+0x1ac/0x250
[ 1401.799534][T27237]  ? __pfx_ksys_write+0x10/0x10
[ 1401.799559][T27237]  __ia32_sys_modify_ldt+0xda/0x170
[ 1401.799579][T27237]  __do_fast_syscall_32+0x7c/0x300
[ 1401.799603][T27237]  do_fast_syscall_32+0x32/0x80
[ 1401.799625][T27237]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1401.799647][T27237] RIP: 0023:0xf703d579
[ 1401.799661][T27237] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1401.799677][T27237] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 000000000000007b
[ 1401.799695][T27237] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000080
[ 1401.799706][T27237] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1401.799717][T27237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1401.799727][T27237] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1401.799737][T27237] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1401.799763][T27237]  </TASK>
[ 1401.799788][T27237] syz.6.5682: vmalloc error: size 32768, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1401.936057][T27237] CPU: 3 UID: 0 PID: 27237 Comm: syz.6.5682 Not tainted syzkaller #0 PREEMPT(full) 
[ 1401.936072][T27237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1401.936079][T27237] Call Trace:
[ 1401.936084][T27237]  <TASK>
[ 1401.936088][T27237]  dump_stack_lvl+0x16c/0x1f0
[ 1401.936106][T27237]  warn_alloc+0x248/0x3a0
[ 1401.936120][T27237]  ? __pfx_warn_alloc+0x10/0x10
[ 1401.936132][T27237]  ? __get_vm_area_node+0x2cd/0x330
[ 1401.936150][T27237]  ? __get_vm_area_node+0x2cd/0x330
[ 1401.936165][T27237]  ? __get_vm_area_node+0x1dc/0x330
[ 1401.936179][T27237]  ? __get_vm_area_node+0x208/0x330
[ 1401.936198][T27237]  __vmalloc_node_range_noprof+0xaf5/0x1480
[ 1401.936219][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.936234][T27237]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1401.936256][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.936266][T27237]  __vmalloc_node_noprof+0xad/0xf0
[ 1401.936283][T27237]  ? alloc_ldt_struct+0x14f/0x1a0
[ 1401.936296][T27237]  alloc_ldt_struct+0x14f/0x1a0
[ 1401.936306][T27237]  write_ldt+0x3ca/0xd20
[ 1401.936318][T27237]  ? __fget_files+0x20e/0x3c0
[ 1401.936331][T27237]  ? __pfx_write_ldt+0x10/0x10
[ 1401.936347][T27237]  ? fput+0x9b/0xd0
[ 1401.936362][T27237]  ? ksys_write+0x1ac/0x250
[ 1401.936374][T27237]  ? __pfx_ksys_write+0x10/0x10
[ 1401.936390][T27237]  __ia32_sys_modify_ldt+0xda/0x170
[ 1401.936402][T27237]  __do_fast_syscall_32+0x7c/0x300
[ 1401.936418][T27237]  do_fast_syscall_32+0x32/0x80
[ 1401.936433][T27237]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1401.936448][T27237] RIP: 0023:0xf703d579
[ 1401.936457][T27237] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1401.936468][T27237] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 000000000000007b
[ 1401.936479][T27237] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000080
[ 1401.936486][T27237] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1401.936493][T27237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1401.936499][T27237] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1401.936505][T27237] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1401.936519][T27237]  </TASK>
[ 1401.936524][T27237] Mem-Info:
[ 1402.007974][T27237] active_anon:5230 inactive_anon:942 isolated_anon:0
[ 1402.007974][T27237]  active_file:1075 inactive_file:3703 isolated_file:0
[ 1402.007974][T27237]  unevictable:12597 dirty:285 writeback:0
[ 1402.007974][T27237]  slab_reclaimable:7180 slab_unreclaimable:92200
[ 1402.007974][T27237]  mapped:34084 shmem:1779 pagetables:1454
[ 1402.007974][T27237]  sec_pagetables:338 bounce:0
[ 1402.007974][T27237]  kernel_misc_reclaimable:0
[ 1402.007974][T27237]  free:29343 free_pcp:7427 free_cma:0
[ 1402.021880][T27237] Node 0 active_anon:40kB inactive_anon:524kB active_file:116kB inactive_file:908kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1220kB dirty:36kB writeback:0kB shmem:2540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7984kB pagetables:1364kB sec_pagetables:1176kB all_unreclaimable? yes Balloon:0kB
[ 1402.031600][T27237] Node 1 active_anon:18924kB inactive_anon:3244kB active_file:4184kB inactive_file:13904kB unevictable:46852kB isolated(anon):0kB isolated(file):0kB mapped:135116kB dirty:1104kB writeback:0kB shmem:4576kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14572kB pagetables:4452kB sec_pagetables:176kB all_unreclaimable? no Balloon:0kB
[ 1402.044445][T27237] Node 0 DMA free:2712kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1402.054080][T27237] lowmem_reserve[]: 0 294 294 294 294
[ 1402.055938][T27237] Node 0 DMA32 free:25696kB boost:12288kB min:25736kB low:29096kB high:32456kB reserved_highatomic:2048KB free_highatomic:704KB active_anon:40kB inactive_anon:524kB active_file:116kB inactive_file:908kB unevictable:3536kB writepending:36kB zspages:3232kB present:1032196kB managed:301148kB mlocked:0kB bounce:0kB free_pcp:288kB local_pcp:0kB free_cma:0kB
[ 1402.068514][T27237] lowmem_reserve[]: 0 0 0 0 0
[ 1402.070044][T27237] Node 1 DMA32 free:96756kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16300kB inactive_anon:3244kB active_file:4184kB inactive_file:13904kB unevictable:46852kB writepending:1104kB zspages:2580kB present:1048432kB managed:948220kB mlocked:43352kB bounce:0kB free_pcp:25612kB local_pcp:8748kB free_cma:0kB
[ 1402.080485][T27237] lowmem_reserve[]: 0 0 0 0 0
[ 1402.082023][T27237] Node 0 DMA: 46*4kB (U) 26*8kB (U) 15*16kB (U) 7*32kB (U) 5*64kB (U) 0*128kB 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2712kB
[ 1402.086510][T27237] Node 0 DMA32: 1480*4kB (UMEH) 600*8kB (UMEH) 198*16kB (UMEH) 141*32kB (UMEH) 54*64kB (UMEH) 14*128kB (UME) 8*256kB (UME) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 25696kB
[ 1402.091783][T27237] Node 1 DMA32: 783*4kB (UME) 426*8kB (UME) 336*16kB (UME) 370*32kB (UME) 229*64kB (UME) 114*128kB (UM) 57*256kB (UM) 25*512kB (UM) 6*1024kB (M) 5*2048kB (M) 0*4096kB = 96780kB
[ 1402.098552][T27237] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1402.101503][T27237] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1402.104572][T27237] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1402.107576][T27237] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1402.110954][T27237] 7811 total pagecache pages
[ 1402.113171][T27237] 1269 pages in swap cache
[ 1402.114775][T27237] Free swap  = 98360kB
[ 1402.116516][T27237] Total swap = 124996kB
[ 1402.117902][T27237] 524155 pages RAM
[ 1402.119148][T27237] 0 pages HighMem/MovableOnly
[ 1402.121437][T27237] 207973 pages reserved
[ 1402.123666][T27237] 0 pages cma reserved
[ 1402.414849][ T6024] usb 11-1: new low-speed USB device number 11 using dummy_hcd
[ 1402.555186][    T9] usb 8-1: new low-speed USB device number 68 using dummy_hcd
[ 1402.572906][T27238] orangefs_mount: mount request failed with -4
[ 1402.579327][ T6024] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1402.581891][ T6024] usb 11-1: config 0 has no interface number 0
[ 1402.583820][ T6024] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1402.661838][T27249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5686'.
[ 1402.707960][    T9] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1402.711109][    T9] usb 8-1: config 0 has no interface number 0
[ 1402.713514][    T9] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1402.718282][    T9] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1402.722362][    T9] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1402.727014][    T9] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1402.731313][    T9] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1402.735634][    T9] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1402.740640][    T9] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1402.744257][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1402.748554][    T9] usb 8-1: config 0 descriptor??
[ 1402.751087][T27246] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1402.753945][T27246] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1402.758627][    T9] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1402.915560][T26980] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[ 1403.052386][T24124] usb 8-1: USB disconnect, device number 68
[ 1403.056192][T24124] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1403.065746][T26980] usb 7-1: Using ep0 maxpacket: 8
[ 1403.068808][T26980] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1403.071334][T26980] usb 7-1: config 0 has no interface number 0
[ 1403.073310][T26980] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1403.076771][T26980] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1403.077575][ T6024] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1403.080328][T26980] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1403.084493][ T6024] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1403.088379][T26980] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1403.093069][ T6024] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1403.097842][T26980] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1403.097858][T26980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1403.099051][T26980] usb 7-1: config 0 descriptor??
[ 1403.101533][ T6024] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1403.106581][T26980] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1403.106926][ T6024] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1403.117697][ T6024] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1403.120703][ T6024] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1403.124370][ T6024] usb 11-1: config 0 descriptor??
[ 1403.126512][T27241] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1403.128745][T27241] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1403.132639][ T6024] ldusb 11-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[ 1403.308188][   T55] usb 7-1: USB disconnect, device number 62
[ 1403.313098][   T55] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1403.316716][T27249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5686'.
[ 1403.319819][T27249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5686'.
[ 1403.322732][T27249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5686'.
[ 1403.444780][T27259] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1403.446886][T27259] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1403.450224][T27259] vhci_hcd vhci_hcd.0: Device attached
[ 1403.457633][ T6024] usb 11-1: USB disconnect, device number 11
[ 1403.462323][ T6024] ldusb 11-1:0.55: LD USB Device #1 now disconnected
[ 1403.672137][T27267] bond11: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[ 1403.708713][T27267] bond11 (unregistering): Released all slaves
[ 1403.740373][T24124] usb 38-1: SetAddress Request (18) to port 0
[ 1403.742445][T24124] usb 38-1: new SuperSpeed USB device number 18 using vhci_hcd
[ 1404.111475][T27260] vhci_hcd: connection reset by peer
[ 1404.117684][T24850] vhci_hcd: stop threads
[ 1404.119031][T24850] vhci_hcd: release socket
[ 1404.120539][T24850] vhci_hcd: disconnect device
[ 1404.313507][T27280] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5695'.
[ 1404.333239][T27280] vxlan0: entered promiscuous mode
[ 1404.339516][T12530] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1404.345500][T12530] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1404.349690][T12530] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1404.352757][T12530] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1405.584262][T27316] netlink: 'syz.2.5707': attribute type 10 has an invalid length.
[ 1405.618597][T27316] syz_tun: entered promiscuous mode
[ 1405.621005][T27316] syz_tun: entered allmulticast mode
[ 1405.987134][T27310] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1406.009080][T27327] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1406.011258][T27327] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1406.014689][T27327] vhci_hcd vhci_hcd.0: Device attached
[ 1406.263694][T27310] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1406.289434][T11489] usb 42-1: SetAddress Request (35) to port 0
[ 1406.291915][T11489] usb 42-1: new SuperSpeed USB device number 35 using vhci_hcd
[ 1406.461404][T27310] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1406.624796][T27334] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1406.661088][T27328] vhci_hcd: connection reset by peer
[ 1406.663438][ T7278] vhci_hcd: stop threads
[ 1406.665210][ T7278] vhci_hcd: release socket
[ 1406.667095][ T7278] vhci_hcd: disconnect device
[ 1406.823829][T27310] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.004548][ T7278] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1407.017806][ T7278] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1407.021701][ T7278] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1407.029787][ T7278] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1407.251727][T27351] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[ 1407.253768][T27351] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1407.488622][T27351] vhci_hcd vhci_hcd.0: Device attached
[ 1408.145542][T27352] vhci_hcd: connection closed
[ 1408.145987][ T7277] vhci_hcd: stop threads
[ 1408.148932][ T7277] vhci_hcd: release socket
[ 1408.150786][ T7277] vhci_hcd: disconnect device
[ 1408.264808][T27363] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1408.338800][T27363] kvm: pic: level sensitive irq not supported
[ 1408.340230][T27363] kvm: pic: non byte read
[ 1408.345606][T27363] kvm: pic: level sensitive irq not supported
[ 1408.345893][T27363] kvm: pic: non byte read
[ 1408.350256][T27363] kvm: pic: level sensitive irq not supported
[ 1408.350523][T27363] kvm: pic: non byte read
[ 1408.355637][T27363] kvm: pic: level sensitive irq not supported
[ 1408.355902][T27363] kvm: pic: non byte read
[ 1408.362624][T27363] kvm: pic: level sensitive irq not supported
[ 1408.362936][T27363] kvm: pic: non byte read
[ 1408.367765][T27363] kvm: pic: level sensitive irq not supported
[ 1408.368077][T27363] kvm: pic: non byte read
[ 1408.373120][T27363] kvm: pic: level sensitive irq not supported
[ 1408.373661][T27363] kvm: pic: non byte read
[ 1408.379732][T27363] kvm: pic: level sensitive irq not supported
[ 1408.380469][T27363] kvm: pic: non byte read
[ 1408.387355][T27363] kvm: pic: level sensitive irq not supported
[ 1408.388058][T27363] kvm: pic: non byte read
[ 1408.419181][T27373] netlink: 'syz.2.5723': attribute type 1 has an invalid length.
[ 1408.434704][T27373] bond3: entered promiscuous mode
[ 1408.437206][T27373] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1408.782512][T24124] usb 38-1: device descriptor read/8, error -110
[ 1408.926780][T27381] pim6reg1: entered promiscuous mode
[ 1408.928572][T27381] pim6reg1: entered allmulticast mode
[ 1408.972708][T24204] vhci_hcd: vhci_device speed not set
[ 1409.263028][T27389] FAULT_INJECTION: forcing a failure.
[ 1409.263028][T27389] name failslab, interval 1, probability 0, space 0, times 0
[ 1409.267008][T27389] CPU: 3 UID: 0 PID: 27389 Comm: syz.3.5728 Not tainted syzkaller #0 PREEMPT(full) 
[ 1409.267023][T27389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1409.267031][T27389] Call Trace:
[ 1409.267035][T27389]  <TASK>
[ 1409.267040][T27389]  dump_stack_lvl+0x16c/0x1f0
[ 1409.267058][T27389]  should_fail_ex+0x512/0x640
[ 1409.267076][T27389]  ? __kmalloc_node_noprof+0xcd/0x8a0
[ 1409.267091][T27389]  should_failslab+0xc2/0x120
[ 1409.267107][T27389]  __kmalloc_node_noprof+0xe0/0x8a0
[ 1409.267121][T27389]  ? qdisc_alloc+0xbb/0xc50
[ 1409.267138][T27389]  ? find_held_lock+0x2b/0x80
[ 1409.267152][T27389]  ? qdisc_alloc+0xbb/0xc50
[ 1409.267169][T27389]  qdisc_alloc+0xbb/0xc50
[ 1409.267186][T27389]  ? _raw_read_unlock+0x28/0x50
[ 1409.267200][T27389]  qdisc_create+0x71/0xfc0
[ 1409.267215][T27389]  ? nla_strcmp+0xff/0x130
[ 1409.267227][T27389]  tc_modify_qdisc+0x11d8/0x2170
[ 1409.267245][T27389]  ? __pfx_tc_modify_qdisc+0x10/0x10
[ 1409.267271][T27389]  ? __pfx_tc_modify_qdisc+0x10/0x10
[ 1409.267286][T27389]  rtnetlink_rcv_msg+0x3c9/0xe90
[ 1409.267300][T27389]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1409.267319][T27389]  ? ref_tracker_free+0x37c/0x830
[ 1409.267331][T27389]  netlink_rcv_skb+0x158/0x420
[ 1409.267344][T27389]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1409.267357][T27389]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1409.267374][T27389]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1409.267388][T27389]  netlink_unicast+0x5aa/0x870
[ 1409.267402][T27389]  ? __pfx_netlink_unicast+0x10/0x10
[ 1409.267419][T27389]  netlink_sendmsg+0x8c8/0xdd0
[ 1409.267433][T27389]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1409.267453][T27389]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1409.267482][T27389]  ____sys_sendmsg+0xa98/0xc70
[ 1409.267509][T27389]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1409.267530][T27389]  ? get_compat_msghdr+0x11a/0x170
[ 1409.267572][T27389]  ___sys_sendmsg+0x134/0x1d0
[ 1409.267590][T27389]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1409.267624][T27389]  ? find_held_lock+0x2b/0x80
[ 1409.267662][T27389]  __sys_sendmsg+0x16d/0x220
[ 1409.267680][T27389]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1409.267710][T27389]  ? rcu_is_watching+0x12/0xc0
[ 1409.267735][T27389]  __do_fast_syscall_32+0x7c/0x300
[ 1409.267761][T27389]  do_fast_syscall_32+0x32/0x80
[ 1409.267784][T27389]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1409.267808][T27389] RIP: 0023:0xf706d579
[ 1409.267824][T27389] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1409.267840][T27389] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1409.267856][T27389] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001200
[ 1409.267869][T27389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1409.267880][T27389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1409.267890][T27389] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1409.267900][T27389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1409.267928][T27389]  </TASK>
[ 1409.376532][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1409.893597][T27398] FAULT_INJECTION: forcing a failure.
[ 1409.893597][T27398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1409.898643][T27398] CPU: 2 UID: 0 PID: 27398 Comm: syz.6.5731 Not tainted syzkaller #0 PREEMPT(full) 
[ 1409.898659][T27398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1409.898666][T27398] Call Trace:
[ 1409.898670][T27398]  <TASK>
[ 1409.898676][T27398]  dump_stack_lvl+0x16c/0x1f0
[ 1409.898693][T27398]  should_fail_ex+0x512/0x640
[ 1409.898713][T27398]  _copy_to_user+0x32/0xd0
[ 1409.898733][T27398]  simple_read_from_buffer+0xcb/0x170
[ 1409.898753][T27398]  proc_fail_nth_read+0x197/0x240
[ 1409.898766][T27398]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1409.898780][T27398]  ? rw_verify_area+0xcf/0x6c0
[ 1409.898790][T27398]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1409.898802][T27398]  vfs_read+0x1e4/0xcf0
[ 1409.898818][T27398]  ? __pfx_vfs_read+0x10/0x10
[ 1409.898828][T27398]  ? find_held_lock+0x2b/0x80
[ 1409.898844][T27398]  ? __fget_files+0x20e/0x3c0
[ 1409.898860][T27398]  ksys_read+0x12a/0x250
[ 1409.898872][T27398]  ? __pfx_ksys_read+0x10/0x10
[ 1409.898885][T27398]  ? rcu_is_watching+0x12/0xc0
[ 1409.898899][T27398]  __do_fast_syscall_32+0x7c/0x300
[ 1409.898915][T27398]  do_fast_syscall_32+0x32/0x80
[ 1409.898930][T27398]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1409.898945][T27398] RIP: 0023:0xf703d579
[ 1409.898954][T27398] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1409.898965][T27398] RSP: 002b:00000000f542d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1409.898975][T27398] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f542d620
[ 1409.898982][T27398] RDX: 000000000000000f RSI: 00000000f73d6ff4 RDI: 0000000000000000
[ 1409.898989][T27398] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1409.898995][T27398] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1409.899001][T27398] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1409.899015][T27398]  </TASK>
[ 1410.434671][T24124] usb usb38-port1: attempt power cycle
[ 1410.564200][ T6024] usb 8-1: new low-speed USB device number 69 using dummy_hcd
[ 1410.715884][ T6024] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1410.718458][ T6024] usb 8-1: config 0 has no interface number 0
[ 1410.720379][ T6024] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1410.723920][ T6024] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1410.727571][ T6024] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1410.731111][ T6024] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1410.734583][ T6024] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1410.737812][ T6024] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1410.741774][ T6024] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1410.744628][ T6024] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1410.748127][ T6024] usb 8-1: config 0 descriptor??
[ 1410.750182][T27405] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1410.752510][T27405] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1410.756278][ T6024] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1411.000667][T27413] syzkaller0: entered promiscuous mode
[ 1411.002829][T27413] syzkaller0: entered allmulticast mode
[ 1411.006003][T24124] usb usb38-port1: unable to enumerate USB device
[ 1411.068687][T24124] usb 8-1: USB disconnect, device number 69
[ 1411.072841][T24124] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1411.345102][T11489] usb 42-1: device descriptor read/8, error -110
[ 1411.598724][T27421] __nla_validate_parse: 1 callbacks suppressed
[ 1411.598736][T27421] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5738'.
[ 1411.749786][T20457] Bluetooth: hci4: Malformed LE Event: 0x1b
[ 1411.756842][T11489] usb usb42-port1: attempt power cycle
[ 1412.279610][T27440] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5744'.
[ 1412.317139][T11489] usb usb42-port1: unable to enumerate USB device
[ 1414.078376][T17179] usb 8-1: new low-speed USB device number 70 using dummy_hcd
[ 1414.240873][T17179] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1414.244415][T17179] usb 8-1: config 0 has no interface number 0
[ 1414.247211][T17179] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1414.251857][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1414.256322][T17179] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1414.261376][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1414.266501][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1414.271083][T17179] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1414.276635][T17179] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1414.280485][T17179] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.286103][T17179] usb 8-1: config 0 descriptor??
[ 1414.289275][T27449] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1414.292412][T27449] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1414.298050][T17179] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1414.621705][T24124] usb 8-1: USB disconnect, device number 70
[ 1414.626916][T24124] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1415.509821][T17179] usb 8-1: new high-speed USB device number 71 using dummy_hcd
[ 1415.669951][T17179] usb 8-1: Using ep0 maxpacket: 8
[ 1415.673050][T17179] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1415.675685][T17179] usb 8-1: config 0 has no interface number 0
[ 1415.677619][T17179] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1415.681172][T17179] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1415.684780][T17179] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1415.688254][T17179] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1415.692401][T17179] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1415.695257][T17179] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1415.700136][T17179] usb 8-1: config 0 descriptor??
[ 1415.704201][T17179] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1415.904778][ T6024] usb 8-1: USB disconnect, device number 71
[ 1415.908592][ T6024] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1425.420945][T27452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5747'.
[ 1425.462276][T27460] FAULT_INJECTION: forcing a failure.
[ 1425.462276][T27460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1425.467680][T27460] CPU: 3 UID: 0 PID: 27460 Comm: syz.0.5751 Not tainted syzkaller #0 PREEMPT(full) 
[ 1425.467704][T27460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1425.467715][T27460] Call Trace:
[ 1425.467722][T27460]  <TASK>
[ 1425.467729][T27460]  dump_stack_lvl+0x16c/0x1f0
[ 1425.467755][T27460]  should_fail_ex+0x512/0x640
[ 1425.467786][T27460]  _copy_to_user+0x32/0xd0
[ 1425.467815][T27460]  simple_read_from_buffer+0xcb/0x170
[ 1425.467845][T27460]  proc_fail_nth_read+0x197/0x240
[ 1425.467867][T27460]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1425.467890][T27460]  ? rw_verify_area+0xcf/0x6c0
[ 1425.467907][T27460]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1425.467927][T27460]  vfs_read+0x1e4/0xcf0
[ 1425.467952][T27460]  ? __pfx_vfs_read+0x10/0x10
[ 1425.467969][T27460]  ? find_held_lock+0x2b/0x80
[ 1425.467995][T27460]  ? __fget_files+0x20e/0x3c0
[ 1425.468022][T27460]  ksys_read+0x12a/0x250
[ 1425.468041][T27460]  ? __pfx_ksys_read+0x10/0x10
[ 1425.468060][T27460]  ? fput+0x9b/0xd0
[ 1425.468082][T27460]  ? rcu_is_watching+0x12/0xc0
[ 1425.468106][T27460]  __do_fast_syscall_32+0x7c/0x300
[ 1425.468131][T27460]  do_fast_syscall_32+0x32/0x80
[ 1425.468153][T27460]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1425.468174][T27460] RIP: 0023:0xf70cd579
[ 1425.468190][T27460] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1425.468207][T27460] RSP: 002b:00000000f54bd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1425.468225][T27460] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54bd620
[ 1425.468237][T27460] RDX: 000000000000000f RSI: 00000000f7466ff4 RDI: 0000000000000000
[ 1425.468248][T27460] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1425.468258][T27460] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1425.468270][T27460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1425.468295][T27460]  </TASK>
[ 1425.590939][T27465] netlink: 7016 bytes leftover after parsing attributes in process `syz.2.5749'.
[ 1425.594117][T27465] openvswitch: netlink: Message has 8 unknown bytes.
[ 1426.415539][T27478] macvtap1: entered promiscuous mode
[ 1426.417282][T27478] macvtap1: entered allmulticast mode
[ 1426.419271][T27478] dummy0: entered promiscuous mode
[ 1426.421166][T27478] dummy0: entered allmulticast mode
[ 1426.424471][T27478] team0: Device macvtap1 failed to register rx_handler
[ 1426.453072][T27478] dummy0: left allmulticast mode
[ 1426.455006][T27478] dummy0: left promiscuous mode
[ 1426.667472][T27483] vxcan0: tx address claim with different name
[ 1426.704153][T27483] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5756'.
[ 1426.878916][T27492] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1426.915850][T27498] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5759'.
[ 1427.303106][T24205] usb 11-1: new low-speed USB device number 12 using dummy_hcd
[ 1427.378816][T27502] QAT: Stopping all acceleration devices.
[ 1427.455469][T24205] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1427.459177][T24205] usb 11-1: config 0 has no interface number 0
[ 1427.462190][T24205] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1427.470184][T24205] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1427.478154][T24205] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1427.485101][T24205] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1427.488785][T24205] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1427.497916][T24205] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1427.501875][T24205] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1427.505153][T24205] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1427.508737][T24205] usb 11-1: config 0 descriptor??
[ 1427.510833][T27500] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1427.513058][T27500] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1427.519503][T24205] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1427.874501][T11126] usb 11-1: USB disconnect, device number 12
[ 1427.891083][T11126] ldusb 11-1:0.55: LD USB Device #0 now disconnected
[ 1427.950141][T27511] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5764'.
[ 1428.828073][   T40] kauditd_printk_skb: 21 callbacks suppressed
[ 1428.828088][   T40] audit: type=1326 audit(1762874208.155:2639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.841164][   T40] audit: type=1326 audit(1762874208.155:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.846520][T27529] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5768'.
[ 1428.858548][T27529] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5768'.
[ 1428.861492][T27529] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5768'.
[ 1428.865743][T27529] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5768'.
[ 1428.870268][   T40] audit: type=1326 audit(1762874208.165:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.879365][   T40] audit: type=1326 audit(1762874208.165:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.888351][   T40] audit: type=1326 audit(1762874208.165:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.897378][   T40] audit: type=1326 audit(1762874208.165:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.906637][   T40] audit: type=1326 audit(1762874208.165:2645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.931922][   T40] audit: type=1326 audit(1762874208.165:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.942572][   T40] audit: type=1326 audit(1762874208.175:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1428.951756][   T40] audit: type=1326 audit(1762874208.175:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27518 comm="syz.6.5766" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1429.749785][T27542] QAT: Stopping all acceleration devices.
[ 1430.534538][T27552] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5772'.
[ 1430.686769][T27546] infiniband syz2: set down
[ 1430.688258][T27546] infiniband syz2: added ipvlan0
[ 1430.829963][T27546] RDS/IB: syz2: added
[ 1430.831391][T27546] smc: adding ib device syz2 with port count 1
[ 1430.833444][T27546] smc:    ib device syz2 port 1 has no pnetid
[ 1433.025848][T11489] IPVS: starting estimator thread 0...
[ 1433.269727][T27567] IPVS: using max 42 ests per chain, 100800 per kthread
[ 1434.163175][T27579] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1434.165468][T27579] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1434.168050][T27579] vhci_hcd vhci_hcd.0: Device attached
[ 1434.460592][ T6024] usb 44-1: SetAddress Request (35) to port 0
[ 1434.463319][ T6024] usb 44-1: new SuperSpeed USB device number 35 using vhci_hcd
[ 1434.463389][T27583] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1434.467682][T27583] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1434.470577][T27583] vhci_hcd vhci_hcd.0: Device attached
[ 1434.476869][T27580] vhci_hcd: connection closed
[ 1434.477088][T24514] vhci_hcd: stop threads
[ 1434.479878][T24514] vhci_hcd: release socket
[ 1434.483118][T24514] vhci_hcd: disconnect device
[ 1434.761347][T11489] usb 42-1: SetAddress Request (39) to port 0
[ 1434.761452][T11489] usb 42-1: new SuperSpeed USB device number 39 using vhci_hcd
[ 1434.952142][T27584] vhci_hcd: connection reset by peer
[ 1434.954160][ T7278] vhci_hcd: stop threads
[ 1434.956002][ T7278] vhci_hcd: release socket
[ 1434.958125][ T7278] vhci_hcd: disconnect device
[ 1435.291983][T20457] Bluetooth: hci2: command 0x0406 tx timeout
[ 1435.454127][T27603] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5781'.
[ 1435.506176][T27604] xt_TCPMSS: Only works on TCP SYN packets
[ 1435.508237][T27607] xt_TCPMSS: Only works on TCP SYN packets
[ 1435.967066][T27613] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5783'.
[ 1435.969902][T27613] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5783'.
[ 1436.108037][T27615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5785'.
[ 1436.190332][T27618] netlink: 7016 bytes leftover after parsing attributes in process `syz.6.5784'.
[ 1436.193346][T27618] openvswitch: netlink: Message has 8 unknown bytes.
[ 1437.107292][T27623] syz_tun: left promiscuous mode
[ 1437.109964][T27623] syz_tun: left allmulticast mode
[ 1437.256897][T27623] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1437.259635][T27623] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1437.734044][T27653] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1437.736800][T27653] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1437.746311][T27653] vhci_hcd vhci_hcd.0: Device attached
[ 1438.015320][    T9] usb 38-1: SetAddress Request (22) to port 0
[ 1438.018038][    T9] usb 38-1: new SuperSpeed USB device number 22 using vhci_hcd
[ 1438.152868][T27623] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1438.267278][T27623] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1438.331637][T27654] vhci_hcd: connection reset by peer
[ 1438.333786][ T7275] vhci_hcd: stop threads
[ 1438.335131][ T7275] vhci_hcd: release socket
[ 1438.339620][ T7275] vhci_hcd: disconnect device
[ 1438.374407][T27667] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5793'.
[ 1438.377335][T27667] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5793'.
[ 1438.698860][T27670] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[ 1438.700972][T27670] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1438.704045][T27670] vhci_hcd vhci_hcd.0: Device attached
[ 1439.197169][T27671] vhci_hcd: connection reset by peer
[ 1439.199765][T24850] vhci_hcd: stop threads
[ 1439.201463][T24850] vhci_hcd: release socket
[ 1439.205503][T24850] vhci_hcd: disconnect device
[ 1439.231750][T27678] FAULT_INJECTION: forcing a failure.
[ 1439.231750][T27678] name failslab, interval 1, probability 0, space 0, times 0
[ 1439.236046][T27678] CPU: 1 UID: 0 PID: 27678 Comm: syz.0.5797 Not tainted syzkaller #0 PREEMPT(full) 
[ 1439.236061][T27678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1439.236069][T27678] Call Trace:
[ 1439.236073][T27678]  <TASK>
[ 1439.236078][T27678]  dump_stack_lvl+0x16c/0x1f0
[ 1439.236096][T27678]  should_fail_ex+0x512/0x640
[ 1439.236114][T27678]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1439.236128][T27678]  should_failslab+0xc2/0x120
[ 1439.236144][T27678]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1439.236156][T27678]  ? copy_process+0x4b5/0x76a0
[ 1439.236173][T27678]  ? copy_process+0x4b5/0x76a0
[ 1439.236199][T27678]  copy_process+0x4b5/0x76a0
[ 1439.236219][T27678]  ? __pfx_copy_process+0x10/0x10
[ 1439.236242][T27678]  kernel_clone+0xfc/0x930
[ 1439.236257][T27678]  ? __pfx_kernel_clone+0x10/0x10
[ 1439.236277][T27678]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1439.236294][T27678]  __do_compat_sys_ia32_clone+0xcb/0x110
[ 1439.236311][T27678]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[ 1439.236332][T27678]  ? ksys_write+0x1ac/0x250
[ 1439.236345][T27678]  ? __pfx_ksys_write+0x10/0x10
[ 1439.236358][T27678]  ? rcu_is_watching+0x12/0xc0
[ 1439.236372][T27678]  __do_fast_syscall_32+0x7c/0x300
[ 1439.236388][T27678]  do_fast_syscall_32+0x32/0x80
[ 1439.236403][T27678]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1439.236417][T27678] RIP: 0023:0xf70cd579
[ 1439.236427][T27678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1439.236438][T27678] RSP: 002b:00000000f54bd50c EFLAGS: 00000202 ORIG_RAX: 0000000000000078
[ 1439.236449][T27678] RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 0000000000000000
[ 1439.236456][T27678] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1439.236462][T27678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1439.236469][T27678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1439.236475][T27678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1439.236490][T27678]  </TASK>
[ 1439.301974][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1439.536718][ T6024] usb 44-1: device descriptor read/8, error -110
[ 1439.629844][T27623] veth3: left promiscuous mode
[ 1439.632070][T27623] veth5: left promiscuous mode
[ 1439.634104][T27623] veth7: left promiscuous mode
[ 1439.635789][T27623] veth9: left promiscuous mode
[ 1439.637904][T27623] veth11: left promiscuous mode
[ 1439.640097][T27623] veth13: left promiscuous mode
[ 1439.642571][T27623] bond1: left promiscuous mode
[ 1439.644153][T27623] bond2: left promiscuous mode
[ 1439.707972][T27623] veth15: left promiscuous mode
[ 1439.710057][T27623] veth17: left promiscuous mode
[ 1439.713044][T27623] veth19: left promiscuous mode
[ 1439.757690][T27623] bond3: left promiscuous mode
[ 1439.800216][ T7275] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1439.803194][ T7275] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1439.816432][ T7275] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1439.820408][ T7275] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1439.867088][T11489] usb 42-1: device descriptor read/8, error -110
[ 1439.939575][T27688] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1440.090539][T27688] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1440.121263][ T6024] usb usb44-port1: attempt power cycle
[ 1440.258560][T11489] usb usb42-port1: attempt power cycle
[ 1440.269134][T27688] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1440.409481][T27688] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1440.601890][   T81] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.621999][T24514] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.632750][T24514] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.643166][T24514] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.678408][ T6024] usb usb44-port1: unable to enumerate USB device
[ 1440.820648][T11489] usb usb42-port1: unable to enumerate USB device
[ 1440.873715][T27704] FAULT_INJECTION: forcing a failure.
[ 1440.873715][T27704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1440.880074][T27705] rdma_rxe: rxe_newlink: failed to add ipvlan0
[ 1440.881341][T27704] CPU: 3 UID: 0 PID: 27704 Comm: syz.3.5804 Not tainted syzkaller #0 PREEMPT(full) 
[ 1440.881364][T27704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1440.881376][T27704] Call Trace:
[ 1440.881383][T27704]  <TASK>
[ 1440.881390][T27704]  dump_stack_lvl+0x16c/0x1f0
[ 1440.881418][T27704]  should_fail_ex+0x512/0x640
[ 1440.881449][T27704]  _copy_from_iter+0x29f/0x1720
[ 1440.881480][T27704]  ? __alloc_skb+0x200/0x380
[ 1440.881507][T27704]  ? __pfx__copy_from_iter+0x10/0x10
[ 1440.881534][T27704]  ? netlink_autobind.isra.0+0x158/0x370
[ 1440.881565][T27704]  netlink_sendmsg+0x820/0xdd0
[ 1440.881588][T27704]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1440.881611][T27704]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1440.881641][T27704]  ____sys_sendmsg+0xa98/0xc70
[ 1440.881667][T27704]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1440.881688][T27704]  ? get_compat_msghdr+0x11a/0x170
[ 1440.881727][T27704]  ___sys_sendmsg+0x134/0x1d0
[ 1440.881747][T27704]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1440.881777][T27704]  ? find_held_lock+0x2b/0x80
[ 1440.881813][T27704]  __sys_sendmsg+0x16d/0x220
[ 1440.881831][T27704]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1440.881861][T27704]  ? rcu_is_watching+0x12/0xc0
[ 1440.881883][T27704]  __do_fast_syscall_32+0x7c/0x300
[ 1440.881909][T27704]  do_fast_syscall_32+0x32/0x80
[ 1440.881931][T27704]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1440.881953][T27704] RIP: 0023:0xf706d579
[ 1440.881966][T27704] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1440.881984][T27704] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1440.882003][T27704] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[ 1440.882013][T27704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1440.882025][T27704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1440.882036][T27704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1440.882047][T27704] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1440.882072][T27704]  </TASK>
[ 1443.061170][    T9] usb 38-1: device descriptor read/8, error -110
[ 1443.226536][T27727] rdma_rxe: rxe_newlink: failed to add ipvlan0
[ 1443.451916][    T9] usb usb38-port1: attempt power cycle
[ 1444.120635][T27732] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[ 1444.123476][T27732] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1444.129638][T27732] vhci_hcd vhci_hcd.0: Device attached
[ 1444.262478][    T9] usb 38-1: SetAddress Request (25) to port 0
[ 1444.275354][    T9] usb 38-1: new SuperSpeed USB device number 25 using vhci_hcd
[ 1444.626990][T27738] FAULT_INJECTION: forcing a failure.
[ 1444.626990][T27738] name failslab, interval 1, probability 0, space 0, times 0
[ 1444.631413][T27738] CPU: 3 UID: 0 PID: 27738 Comm: syz.3.5812 Not tainted syzkaller #0 PREEMPT(full) 
[ 1444.631436][T27738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1444.631447][T27738] Call Trace:
[ 1444.631454][T27738]  <TASK>
[ 1444.631462][T27738]  dump_stack_lvl+0x16c/0x1f0
[ 1444.631487][T27738]  should_fail_ex+0x512/0x640
[ 1444.631513][T27738]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[ 1444.631538][T27738]  should_failslab+0xc2/0x120
[ 1444.631562][T27738]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[ 1444.631602][T27738]  ? kstrdup_const+0x63/0x80
[ 1444.631627][T27738]  ? kstrdup+0x53/0x100
[ 1444.631644][T27738]  kstrdup+0x53/0x100
[ 1444.631664][T27738]  kstrdup_const+0x63/0x80
[ 1444.631679][T27738]  alloc_vfsmnt+0xea/0x6b0
[ 1444.631702][T27738]  clone_mnt+0x4b/0x930
[ 1444.631726][T27738]  ? is_subdir+0x1a8/0x3e0
[ 1444.631750][T27738]  copy_tree+0x31d/0xbd0
[ 1444.631776][T27738]  copy_mnt_ns+0x1a9/0xac0
[ 1444.631794][T27738]  ? kmem_cache_alloc_noprof+0x2a1/0x6e0
[ 1444.631812][T27738]  ? create_new_namespaces+0x30/0xa90
[ 1444.631838][T27738]  create_new_namespaces+0xd3/0xa90
[ 1444.631857][T27738]  ? bpf_lsm_capable+0x9/0x10
[ 1444.631880][T27738]  ? security_capable+0x7e/0x260
[ 1444.631906][T27738]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1444.631927][T27738]  ksys_unshare+0x45b/0xa40
[ 1444.631950][T27738]  ? __pfx_ksys_unshare+0x10/0x10
[ 1444.631973][T27738]  ? ksys_write+0x1ac/0x250
[ 1444.632000][T27738]  __ia32_sys_unshare+0x30/0x40
[ 1444.632015][T27738]  __do_fast_syscall_32+0x7c/0x300
[ 1444.632032][T27738]  do_fast_syscall_32+0x32/0x80
[ 1444.632047][T27738]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1444.632061][T27738] RIP: 0023:0xf706d579
[ 1444.632071][T27738] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1444.632082][T27738] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000136
[ 1444.632093][T27738] RAX: ffffffffffffffda RBX: 000000002a020400 RCX: 0000000000000000
[ 1444.632100][T27738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1444.632107][T27738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1444.632113][T27738] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1444.632120][T27738] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1444.632134][T27738]  </TASK>
[ 1444.718845][T27733] vhci_hcd: connection reset by peer
[ 1444.723082][T24514] vhci_hcd: stop threads
[ 1444.724958][T24514] vhci_hcd: release socket
[ 1444.726767][T24514] vhci_hcd: disconnect device
[ 1445.075267][T27750] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5814'.
[ 1445.078263][T27750] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5814'.
[ 1445.523288][ T6024] usb 7-1: new low-speed USB device number 63 using dummy_hcd
[ 1445.675742][ T6024] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1445.678828][ T6024] usb 7-1: config 0 has no interface number 0
[ 1445.681099][ T6024] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1445.684950][ T6024] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1445.688690][ T6024] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1445.693627][ T6024] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1445.698440][ T6024] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1445.702685][ T6024] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1445.708098][ T6024] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1445.710961][ T6024] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1445.716082][ T6024] usb 7-1: config 0 descriptor??
[ 1445.719100][T27752] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1445.722350][T27752] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1445.728541][T27759] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5819'.
[ 1445.733029][ T6024] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1445.955395][T27762] vxcan0: tx address claim with different name
[ 1445.990790][T27762] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5820'.
[ 1446.016852][T16730] usb 7-1: USB disconnect, device number 63
[ 1446.020356][T16730] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1446.075421][T27762] veth15: entered promiscuous mode
[ 1446.123363][T27764] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1446.333482][T27767] vxcan0: tx address claim with different name
[ 1446.369675][T27767] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5821'.
[ 1446.453835][T27773] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1446.496315][T27767] veth17: entered promiscuous mode
[ 1446.519654][T27766] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1446.582647][T27777] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5826'.
[ 1446.646840][T27775] FAULT_INJECTION: forcing a failure.
[ 1446.646840][T27775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1446.651846][T27775] CPU: 0 UID: 0 PID: 27775 Comm: syz.2.5825 Not tainted syzkaller #0 PREEMPT(full) 
[ 1446.651887][T27775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1446.651898][T27775] Call Trace:
[ 1446.651905][T27775]  <TASK>
[ 1446.651920][T27775]  dump_stack_lvl+0x16c/0x1f0
[ 1446.651946][T27775]  should_fail_ex+0x512/0x640
[ 1446.651977][T27775]  _copy_to_user+0x32/0xd0
[ 1446.652007][T27775]  simple_read_from_buffer+0xcb/0x170
[ 1446.652037][T27775]  proc_fail_nth_read+0x197/0x240
[ 1446.652057][T27775]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1446.652080][T27775]  ? rw_verify_area+0xcf/0x6c0
[ 1446.652097][T27775]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1446.652116][T27775]  vfs_read+0x1e4/0xcf0
[ 1446.652139][T27775]  ? __pfx_vfs_read+0x10/0x10
[ 1446.652156][T27775]  ? find_held_lock+0x2b/0x80
[ 1446.652181][T27775]  ? __fget_files+0x20e/0x3c0
[ 1446.652201][T27775]  ksys_read+0x12a/0x250
[ 1446.652213][T27775]  ? __pfx_ksys_read+0x10/0x10
[ 1446.652225][T27775]  ? fput+0x9b/0xd0
[ 1446.652240][T27775]  ? rcu_is_watching+0x12/0xc0
[ 1446.652254][T27775]  __do_fast_syscall_32+0x7c/0x300
[ 1446.652270][T27775]  do_fast_syscall_32+0x32/0x80
[ 1446.652285][T27775]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1446.652299][T27775] RIP: 0023:0xf706d579
[ 1446.652308][T27775] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1446.652319][T27775] RSP: 002b:00000000f545d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1446.652330][T27775] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f545d620
[ 1446.652337][T27775] RDX: 000000000000000f RSI: 00000000f7406ff4 RDI: 0000000000000000
[ 1446.652343][T27775] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1446.652350][T27775] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1446.652356][T27775] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1446.652370][T27775]  </TASK>
[ 1446.762852][T27786] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5828'.
[ 1446.949411][T27795] vxcan0: tx address claim with different name
[ 1446.993460][T27795] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5830'.
[ 1447.014286][T27798] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5831'.
[ 1447.017237][T27798] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5831'.
[ 1447.236387][T27795] veth23: entered promiscuous mode
[ 1447.431480][T27794] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1448.204828][ T7278] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1448.208961][T20457] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1448.216778][T20457] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1448.222816][T20457] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1448.230638][T20457] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1448.235852][T20457] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1448.271900][T27816] lo speed is unknown, defaulting to 1000
[ 1448.302276][T27820] 9pnet_fd: Insufficient options for proto=fd
[ 1448.329146][T27806] vxcan0: tx address claim with different name
[ 1448.478069][ T7278] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1448.647959][T27806] veth25: entered promiscuous mode
[ 1448.650023][T27816] lo speed is unknown, defaulting to 1000
[ 1448.715472][T27805] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[ 1448.769109][ T7278] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.201426][ T7278] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.385370][T27816] chnl_net:caif_netlink_parms(): no params data found
[ 1449.387770][    T9] usb 38-1: device descriptor read/8, error -110
[ 1449.497757][    T9] usb usb38-port1: unable to enumerate USB device
[ 1449.739619][T27816] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1449.741948][T27816] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1449.744266][T27816] bridge_slave_0: entered allmulticast mode
[ 1449.747089][T27816] bridge_slave_0: entered promiscuous mode
[ 1449.755651][T27816] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1449.758074][T27816] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1449.761193][T27816] bridge_slave_1: entered allmulticast mode
[ 1449.768057][T27816] bridge_slave_1: entered promiscuous mode
[ 1449.983492][T27816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1449.990663][T27816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1450.268504][T20436] Bluetooth: hci3: command tx timeout
[ 1450.562953][T27852] __nla_validate_parse: 6 callbacks suppressed
[ 1450.562964][T27852] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5845'.
[ 1451.741724][ T7278] bond0 (unregistering): Released all slaves
[ 1452.360753][T20436] Bluetooth: hci3: command tx timeout
[ 1452.541312][ T7278] bond1 (unregistering): (slave bond2): Releasing backup interface
[ 1452.561503][ T7278] bond2 (unregistering): left promiscuous mode
[ 1452.564584][ T7278] bond1 (unregistering): Released all slaves
[ 1453.414107][ T7278] bond2 (unregistering): Released all slaves
[ 1454.234237][ T7278] bond3 (unregistering): Released all slaves
[ 1454.433034][T20436] Bluetooth: hci3: command tx timeout
[ 1454.863938][ T7278] tipc: Left network mode
[ 1454.871472][T27816] team0: Port device team_slave_0 added
[ 1454.875232][T27816] team0: Port device team_slave_1 added
[ 1455.075755][T27869] syzkaller0: entered promiscuous mode
[ 1455.077970][T27869] syzkaller0: entered allmulticast mode
[ 1455.535291][T27816] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1455.537526][T27816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1455.546732][T27816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1455.794551][T16730] usb 11-1: new high-speed USB device number 13 using dummy_hcd
[ 1455.848718][T27816] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1455.851557][T27816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1455.862157][T27816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1455.936262][T27893] nbd: must specify a size in bytes for the device
[ 1455.954559][T16730] usb 11-1: Using ep0 maxpacket: 8
[ 1455.960555][T16730] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[ 1455.963909][T16730] usb 11-1: config 0 has no interface number 0
[ 1455.967112][T16730] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1455.971484][T16730] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1455.976274][T16730] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1455.980699][T16730] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1455.984718][T16730] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1455.987619][T16730] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1455.991061][T16730] usb 11-1: config 0 descriptor??
[ 1455.994749][T16730] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1456.200983][ T5314] usb 11-1: USB disconnect, device number 13
[ 1456.207092][ T5314] ldusb 11-1:0.55: LD USB Device #0 now disconnected
[ 1456.515470][T20436] Bluetooth: hci3: command tx timeout
[ 1456.689697][T27816] hsr_slave_0: entered promiscuous mode
[ 1456.692261][T27816] hsr_slave_1: entered promiscuous mode
[ 1456.694469][T27816] debugfs: 'hsr0' already exists in 'hsr'
[ 1456.696642][T27816] Cannot create hsr debugfs directory
[ 1457.063416][T27905] netlink: 3 bytes leftover after parsing attributes in process `syz.6.5857'.
[ 1457.096694][ T7278] hsr_slave_0: left promiscuous mode
[ 1457.131198][T27909] input: syz1 as /devices/virtual/input/input561
[ 1457.135962][ T7278] hsr_slave_1: left promiscuous mode
[ 1457.267474][ T7278] BUG: MAX_LOCKDEP_KEYS too low!
[ 1457.269063][ T7278] turning off the locking correctness validator.
[ 1457.271330][ T7278] CPU: 3 UID: 0 PID: 7278 Comm: kworker/u32:24 Not tainted syzkaller #0 PREEMPT(full) 
[ 1457.271345][ T7278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1457.271353][ T7278] Workqueue: netns cleanup_net
[ 1457.271373][ T7278] Call Trace:
[ 1457.271380][ T7278]  <TASK>
[ 1457.271386][ T7278]  dump_stack_lvl+0x116/0x1f0
[ 1457.271409][ T7278]  register_lock_class+0x419/0x4c0
[ 1457.271433][ T7278]  ? add_lock_to_list+0x9d/0x130
[ 1457.271456][ T7278]  __lock_acquire+0xa6/0x1c90
[ 1457.271482][ T7278]  lock_acquire+0x179/0x350
[ 1457.271504][ T7278]  ? dev_reset_queue+0xa9/0x1d0
[ 1457.271534][ T7278]  _raw_spin_lock_bh+0x33/0x40
[ 1457.271547][ T7278]  ? dev_reset_queue+0xa9/0x1d0
[ 1457.271563][ T7278]  dev_reset_queue+0xa9/0x1d0
SYZFAIL: failed to recv rpc
[ 1457.271580][ T7278]  dev_deactivate_many+0x4e5/0xd50
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1457.271591][ T7278]  ? __pfx_dev_deactivate_many+0x10/0x10
[ 1457.271603][ T7278]  __dev_close_many+0x150/0x760
[ 1457.271617][ T7278]  ? __pfx___dev_close_many+0x10/0x10
[ 1457.271632][ T7278]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1457.271647][ T7278]  netif_close_many+0x233/0x630
[ 1457.271662][ T7278]  ? __pfx_netif_close_many+0x10/0x10
[ 1457.271676][ T7278]  ? netif_close_many_and_unlock+0x109/0x270
[ 1457.271691][ T7278]  unregister_netdevice_many_notify+0x549/0x25c0
[ 1457.271705][ T7278]  ? batadv_tt_local_event+0x455/0x7f0
[ 1457.271723][ T7278]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1457.271737][ T7278]  ? unregister_netdevice_queue+0x22e/0x3f0
[ 1457.271749][ T7278]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1457.271763][ T7278]  ? batadv_meshif_destroy_vlan+0xdf/0x160
[ 1457.271779][ T7278]  ? __pfx_batadv_meshif_destroy_netlink+0x10/0x10
[ 1457.271797][ T7278]  default_device_exit_batch+0x853/0xaf0
[ 1457.271811][ T7278]  ? __pfx_default_device_exit_batch+0x10/0x10
[ 1457.271824][ T7278]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[ 1457.271836][ T7278]  ? __pfx___might_resched+0x10/0x10
[ 1457.271853][ T7278]  ? __pfx_default_device_exit_batch+0x10/0x10
[ 1457.271881][ T7278]  ops_undo_list+0x363/0xab0
[ 1457.271901][ T7278]  ? __pfx_ops_undo_list+0x10/0x10
[ 1457.271921][ T7278]  ? cleanup_net+0x347/0x8b0
[ 1457.271937][ T7278]  ? idr_destroy+0x62/0x2e0
[ 1457.271955][ T7278]  cleanup_net+0x41b/0x8b0
[ 1457.271967][ T7278]  ? __pfx_cleanup_net+0x10/0x10
[ 1457.271980][ T7278]  ? rcu_is_watching+0x12/0xc0
[ 1457.271993][ T7278]  process_one_work+0x9cf/0x1b70
[ 1457.272013][ T7278]  ? __pfx_process_one_work+0x10/0x10
[ 1457.272032][ T7278]  ? assign_work+0x1a0/0x250
[ 1457.272048][ T7278]  worker_thread+0x6c8/0xf10
[ 1457.272060][ T7278]  ? __pfx_worker_thread+0x10/0x10
[ 1457.272069][ T7278]  kthread+0x3c5/0x780
[ 1457.272086][ T7278]  ? __pfx_kthread+0x10/0x10
[ 1457.272102][ T7278]  ? rcu_is_watching+0x12/0xc0
[ 1457.272115][ T7278]  ? __pfx_kthread+0x10/0x10
[ 1457.272131][ T7278]  ret_from_fork+0x675/0x7d0
[ 1457.272147][ T7278]  ? __pfx_kthread+0x10/0x10
[ 1457.272163][ T7278]  ret_from_fork_asm+0x1a/0x30
[ 1457.272182][ T7278]  </TASK>
[ 1457.272591][ T7278] veth1_macvtap: left promiscuous mode
[ 1457.396199][ T7278] veth0_macvtap: left promiscuous mode
[ 1457.398069][ T7278] veth1_vlan: left promiscuous mode
[ 1458.670209][T24850] smc: removing ib device syz2
[ 1458.998727][ T7278] ` (unregistering): Port device vlan0 removed
[ 1470.681097][T27905] batadv1: entered allmulticast mode
[ 1470.811597][ T5314] ==================================================================
[ 1470.814511][ T5314] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x1bf/0x200
[ 1470.817520][ T5314] Read of size 8 at addr ffff88806fa442e8 by task kworker/1:2/5314
[ 1470.820194][ T5314] 
[ 1470.821132][ T5314] CPU: 1 UID: 0 PID: 5314 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) 
[ 1470.821156][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1470.821167][ T5314] Workqueue: events smc_ib_port_event_work
[ 1470.821185][ T5314] Call Trace:
[ 1470.821190][ T5314]  <TASK>
[ 1470.821195][ T5314]  dump_stack_lvl+0x116/0x1f0
[ 1470.821210][ T5314]  print_report+0xcd/0x630
[ 1470.821225][ T5314]  ? __virt_addr_valid+0x81/0x610
[ 1470.821240][ T5314]  ? __phys_addr+0xe8/0x180
[ 1470.821255][ T5314]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[ 1470.821271][ T5314]  kasan_report+0xe0/0x110
[ 1470.821285][ T5314]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[ 1470.821302][ T5314]  __ethtool_get_link_ksettings+0x1bf/0x200
[ 1470.821318][ T5314]  __ethtool_get_link_ksettings+0x148/0x200
[ 1470.821334][ T5314]  ib_get_eth_speed+0x122/0xb50
[ 1470.821352][ T5314]  ? __pfx_ib_get_eth_speed+0x10/0x10
[ 1470.821372][ T5314]  ? __pfx___mutex_lock+0x10/0x10
[ 1470.821397][ T5314]  ? do_raw_spin_unlock+0x172/0x230
[ 1470.821418][ T5314]  rxe_query_port+0x108/0x330
[ 1470.821437][ T5314]  ib_query_port+0x441/0x8a0
[ 1470.821464][ T5314]  smc_ib_port_event_work+0x12f/0xbf0
[ 1470.821488][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1470.821508][ T5314]  ? lock_acquire+0x2cd/0x350
[ 1470.821529][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1470.821547][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1470.821568][ T5314]  process_one_work+0x9cf/0x1b70
[ 1470.821592][ T5314]  ? __pfx_hash_net6_gc+0x10/0x10
[ 1470.821606][ T5314]  ? __pfx_process_one_work+0x10/0x10
[ 1470.821626][ T5314]  ? assign_work+0x1a0/0x250
[ 1470.821642][ T5314]  worker_thread+0x6c8/0xf10
[ 1470.821654][ T5314]  ? __pfx_worker_thread+0x10/0x10
[ 1470.821664][ T5314]  kthread+0x3c5/0x780
[ 1470.821681][ T5314]  ? __pfx_kthread+0x10/0x10
[ 1470.821703][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1470.821714][ T5314]  ? __pfx_kthread+0x10/0x10
[ 1470.821814][ T5314]  ret_from_fork+0x675/0x7d0
[ 1470.821831][ T5314]  ? __pfx_kthread+0x10/0x10
[ 1470.821847][ T5314]  ret_from_fork_asm+0x1a/0x30
[ 1470.821866][ T5314]  </TASK>
[ 1470.821870][ T5314] 
[ 1470.891134][ T5314] Allocated by task 24233:
[ 1470.892913][ T5314]  kasan_save_stack+0x33/0x60
[ 1470.894463][ T5314]  kasan_save_track+0x14/0x30
[ 1470.896013][ T5314]  __kasan_kmalloc+0xaa/0xb0
[ 1470.897554][ T5314]  __kvmalloc_node_noprof+0x3a3/0x9c0
[ 1470.899337][ T5314]  alloc_netdev_mqs+0xd7/0x1550
[ 1470.901025][ T5314]  rtnl_create_link+0xc08/0xf90
[ 1470.902886][ T5314]  rtnl_newlink+0xb69/0x2000
[ 1470.904403][ T5314]  rtnetlink_rcv_msg+0x95e/0xe90
[ 1470.906044][ T5314]  netlink_rcv_skb+0x158/0x420
[ 1470.907613][ T5314]  netlink_unicast+0x5aa/0x870
[ 1470.909303][ T5314]  netlink_sendmsg+0x8c8/0xdd0
[ 1470.910872][ T5314]  __sys_sendto+0x4a3/0x520
[ 1470.912485][ T5314]  __ia32_compat_sys_socketcall+0x625/0x770
[ 1470.914497][ T5314]  __do_fast_syscall_32+0x7c/0x300
[ 1470.916316][ T5314]  do_fast_syscall_32+0x32/0x80
[ 1470.918012][ T5314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1470.920139][ T5314] 
[ 1470.921022][ T5314] Freed by task 7278:
[ 1470.922527][ T5314]  kasan_save_stack+0x33/0x60
[ 1470.924076][ T5314]  kasan_save_track+0x14/0x30
[ 1470.925637][ T5314]  __kasan_save_free_info+0x3b/0x60
[ 1470.927394][ T5314]  __kasan_slab_free+0x5f/0x80
[ 1470.929005][ T5314]  kfree+0x2b8/0x6d0
[ 1470.930305][ T5314]  device_release+0xa4/0x240
[ 1470.931975][ T5314]  kobject_put+0x1e7/0x5a0
[ 1470.933501][ T5314]  netdev_run_todo+0x7e9/0x1320
[ 1470.935097][ T5314]  default_device_exit_batch+0x858/0xaf0
[ 1470.936916][ T5314]  ops_undo_list+0x363/0xab0
[ 1470.938542][ T5314]  cleanup_net+0x41b/0x8b0
[ 1470.940010][ T5314]  process_one_work+0x9cf/0x1b70
[ 1470.941703][ T5314]  worker_thread+0x6c8/0xf10
[ 1470.943594][ T5314]  kthread+0x3c5/0x780
[ 1470.945509][ T5314]  ret_from_fork+0x675/0x7d0
[ 1470.947452][ T5314]  ret_from_fork_asm+0x1a/0x30
[ 1470.949107][ T5314] 
[ 1470.950111][ T5314] The buggy address belongs to the object at ffff88806fa44000
[ 1470.950111][ T5314]  which belongs to the cache kmalloc-cg-4k of size 4096
[ 1470.954940][ T5314] The buggy address is located 744 bytes inside of
[ 1470.954940][ T5314]  freed 4096-byte region [ffff88806fa44000, ffff88806fa45000)
[ 1470.959614][ T5314] 
[ 1470.960416][ T5314] The buggy address belongs to the physical page:
[ 1470.962702][ T5314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806fa42000 pfn:0x6fa40
[ 1470.966114][ T5314] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1470.969115][ T5314] memcg:ffff88806788f581
[ 1470.970579][ T5314] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[ 1470.973622][ T5314] page_type: f5(slab)
[ 1470.975020][ T5314] raw: 04fff00000000240 ffff88801b44c280 ffffea0001713010 ffffea000165be10
[ 1470.977994][ T5314] raw: ffff88806fa42000 0000000000040002 00000000f5000000 ffff88806788f581
[ 1470.980938][ T5314] head: 04fff00000000240 ffff88801b44c280 ffffea0001713010 ffffea000165be10
[ 1470.983886][ T5314] head: ffff88806fa42000 0000000000040002 00000000f5000000 ffff88806788f581
[ 1470.986793][ T5314] head: 04fff00000000003 ffffea0001be9001 00000000ffffffff 00000000ffffffff
[ 1470.989693][ T5314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1470.993072][ T5314] page dumped because: kasan: bad access detected
[ 1470.995445][ T5314] page_owner tracks the page as allocated
[ 1470.997488][ T5314] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 24233, tgid 24233 (syz-executor), ts 1241391597082, free_ts 1239272630793
[ 1471.004779][ T5314]  post_alloc_hook+0x1c0/0x230
[ 1471.006892][ T5314]  get_page_from_freelist+0x10a3/0x3a30
[ 1471.009444][ T5314]  __alloc_frozen_pages_noprof+0x25f/0x2470
[ 1471.012139][ T5314]  alloc_pages_mpol+0x1fb/0x550
[ 1471.014305][ T5314]  new_slab+0x24a/0x360
[ 1471.015939][ T5314]  ___slab_alloc+0xd79/0x1a50
[ 1471.017529][ T5314]  __slab_alloc.constprop.0+0x63/0x110
[ 1471.019425][ T5314]  __kmalloc_node_track_caller_noprof+0x4db/0x8a0
[ 1471.021592][ T5314]  kmemdup_noprof+0x29/0x60
[ 1471.023207][ T5314]  __addrconf_sysctl_register+0xbb/0x360
[ 1471.025090][ T5314]  addrconf_sysctl_register+0x15f/0x1f0
[ 1471.026961][ T5314]  ipv6_add_dev+0xb31/0x15f0
[ 1471.028548][ T5314]  addrconf_notify+0x53e/0x19e0
[ 1471.030314][ T5314]  notifier_call_chain+0xbc/0x410
[ 1471.032182][ T5314]  call_netdevice_notifiers_info+0xbe/0x140
[ 1471.034857][ T5314]  register_netdevice+0x182e/0x2270
[ 1471.037125][ T5314] page last free pid 15266 tgid 15266 stack trace:
[ 1471.039928][ T5314]  __free_frozen_pages+0x7df/0x1160
[ 1471.041690][ T5314]  vfree+0x1fd/0xb50
[ 1471.043140][ T5314]  kcov_close+0x34/0x60
[ 1471.044567][ T5314]  __fput+0x402/0xb70
[ 1471.045908][ T5314]  task_work_run+0x150/0x240
[ 1471.047423][ T5314]  do_exit+0x86f/0x2bf0
[ 1471.048815][ T5314]  do_group_exit+0xd3/0x2a0
[ 1471.050317][ T5314]  get_signal+0x2671/0x26d0
[ 1471.051735][ T5314]  arch_do_signal_or_restart+0x8f/0x790
[ 1471.053539][ T5314]  exit_to_user_mode_loop+0x85/0x130
[ 1471.055317][ T5314]  __do_fast_syscall_32+0x240/0x300
[ 1471.056961][ T5314]  do_fast_syscall_32+0x32/0x80
[ 1471.058535][ T5314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1471.060571][ T5314] 
[ 1471.061407][ T5314] Memory state around the buggy address:
[ 1471.063239][ T5314]  ffff88806fa44180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1471.065872][ T5314]  ffff88806fa44200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1471.068479][ T5314] >ffff88806fa44280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1471.071159][ T5314]                                                           ^
[ 1471.073644][ T5314]  ffff88806fa44300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1471.076249][ T5314]  ffff88806fa44380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1471.078836][ T5314] ==================================================================
[ 1471.083161][ T5314] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1471.085492][ T5314] CPU: 1 UID: 0 PID: 5314 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) 
[ 1471.088566][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1471.092008][ T5314] Workqueue: events smc_ib_port_event_work
[ 1471.093994][ T5314] Call Trace:
[ 1471.095049][ T5314]  <TASK>
[ 1471.096051][ T5314]  dump_stack_lvl+0x3d/0x1f0
[ 1471.097589][ T5314]  vpanic+0x640/0x6f0
[ 1471.098930][ T5314]  panic+0xca/0xd0
[ 1471.100185][ T5314]  ? __pfx_panic+0x10/0x10
[ 1471.101676][ T5314]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[ 1471.103742][ T5314]  ? preempt_schedule_common+0x44/0xc0
[ 1471.105526][ T5314]  ? preempt_schedule_thunk+0x16/0x30
[ 1471.107290][ T5314]  ? check_panic_on_warn+0x1f/0xb0
[ 1471.108968][ T5314]  check_panic_on_warn+0xab/0xb0
[ 1471.110670][ T5314]  end_report+0x107/0x170
[ 1471.112109][ T5314]  kasan_report+0xee/0x110
[ 1471.113684][ T5314]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[ 1471.115690][ T5314]  __ethtool_get_link_ksettings+0x1bf/0x200
[ 1471.117688][ T5314]  __ethtool_get_link_ksettings+0x148/0x200
[ 1471.119609][ T5314]  ib_get_eth_speed+0x122/0xb50
[ 1471.121232][ T5314]  ? __pfx_ib_get_eth_speed+0x10/0x10
[ 1471.122978][ T5314]  ? __pfx___mutex_lock+0x10/0x10
[ 1471.124699][ T5314]  ? do_raw_spin_unlock+0x172/0x230
[ 1471.126413][ T5314]  rxe_query_port+0x108/0x330
[ 1471.127966][ T5314]  ib_query_port+0x441/0x8a0
[ 1471.129530][ T5314]  smc_ib_port_event_work+0x12f/0xbf0
[ 1471.131324][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1471.133090][ T5314]  ? lock_acquire+0x2cd/0x350
[ 1471.134660][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1471.136295][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1471.137914][ T5314]  process_one_work+0x9cf/0x1b70
[ 1471.139538][ T5314]  ? __pfx_hash_net6_gc+0x10/0x10
[ 1471.141257][ T5314]  ? __pfx_process_one_work+0x10/0x10
[ 1471.143086][ T5314]  ? assign_work+0x1a0/0x250
[ 1471.144907][ T5314]  worker_thread+0x6c8/0xf10
[ 1471.146726][ T5314]  ? __pfx_worker_thread+0x10/0x10
[ 1471.148738][ T5314]  kthread+0x3c5/0x780
[ 1471.150329][ T5314]  ? __pfx_kthread+0x10/0x10
[ 1471.152163][ T5314]  ? rcu_is_watching+0x12/0xc0
[ 1471.154063][ T5314]  ? __pfx_kthread+0x10/0x10
[ 1471.155890][ T5314]  ret_from_fork+0x675/0x7d0
[ 1471.157716][ T5314]  ? __pfx_kthread+0x10/0x10
[ 1471.159532][ T5314]  ret_from_fork_asm+0x1a/0x30
[ 1471.161431][ T5314]  </TASK>
[ 1471.163375][ T5314] Kernel Offset: disabled
[ 1471.165049][ T5314] Rebooting in 86400 seconds..

VM DIAGNOSIS:
Warning: Identity file root not accessible: No such file or directory.
Connection timed out during banner exchange
Connection to 127.0.0.1 port 4467 timed out
failed to run ["ssh" "-p" "4467" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "IdentitiesOnly=yes" "-o" "BatchMode=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "root" "root@localhost" "cat" "/proc/lockdep_stats" "/proc/lockdep" "/proc/lockdep_chains"]: exit status 255