last executing test programs:

2m9.119759335s ago: executing program 0 (id=176):
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, r0})
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000200)={'\x00', 0xfffb, 0xc78b, 0x4, 0x9, 0x3})
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x25, 0x1, @void}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x1, 0x3, 0x0, 0x7, 0x0})

2m9.119571413s ago: executing program 0 (id=177):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00"/11], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)

2m9.051692912s ago: executing program 0 (id=178):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@deltaction={0x154, 0x31, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf56}}]}, @TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffc}}]}, @TCA_ACT_TAB={0x48, 0x1, [{0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x6c, 0x1, [{0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x54, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x100}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xe}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
io_setup(0x40000000008, &(0x7f0000000240)=<r4=>0x0)
r5 = socket(0x1e, 0x801, 0x0)
io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2, 0x0, 0x4, 0x0, 0x0, r5, &(0x7f0000000140)="dc", 0x1}])
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_freezer_state(r6, &(0x7f0000000140), 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x9)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r9 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x8444, 0x13580}, &(0x7f0000000100)=<r10=>0x0, &(0x7f0000000140)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2001, 0x1, {0x1}})
io_uring_enter(r9, 0xe85, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

2m8.051667407s ago: executing program 0 (id=182):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587", @ANYRES16], 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000040)=""/4092, 0xffc)

2m6.70210985s ago: executing program 0 (id=187):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0xff7ffff7)
r3 = eventfd(0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x3, 0x1, 0x0, 0x2000, &(0x7f0000014000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000730000400008000007"])
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r3, 0x1, 0x2, r2})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r7, 0x401c5820, &(0x7f0000000080)={0x8})
fstat(r7, &(0x7f00000007c0))
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r7, 0x2, 0x2, r2})

2m4.962175247s ago: executing program 0 (id=188):
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1004000, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x8100)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x40010)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, 0x0, 0x0)

1m49.916718836s ago: executing program 32 (id=188):
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1004000, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x8100)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x40010)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, 0x0, 0x0)

3.030129888s ago: executing program 3 (id=841):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01082cbdb35ee10eb4601c3e000008000300", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x40905}, 0x4040800)

2.980877099s ago: executing program 3 (id=843):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x0)
readv(r1, &(0x7f00000002c0)=[{&(0x7f0000001500)=""/4110, 0x100e}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x8e383, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0))
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1fee5032e317b2182f23ee14af0e677e3589d42213cb9776a30fcd8f3cf63712041b931fdb850e4902379de605d4d522193db82493dd8a3a4b49fd9e5e72870885ad5d9fc1c5280b817ab2c48a393d36dcdb084c53a65fd8c8878b04cb0fe2f467a259c71b66", @ANYRES64=r2, @ANYRESOCT=r2, @ANYBLOB="9fc6de29f20b780e19ce23cbd426310df8e0e1f3"], 0x1c}}, 0x20000010)

2.871182247s ago: executing program 4 (id=844):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3fff, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xa1, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x7}, 0x4}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000180)={'veth1\x00', {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ptrace$ARCH_SHSTK_DISABLE(0x1e, r2, 0x2, 0x5002)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
bind$inet(r5, &(0x7f0000000280)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0xc081}, 0x4000)
sendmsg$NL80211_CMD_SET_COALESCE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={0x0}}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_INVAL_ENTRY(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="25000000030000000000000000000000010000000000000004"], 0x25)

2.871052817s ago: executing program 3 (id=845):
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
timerfd_create(0x0, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2002)
fsopen(0x0, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.491254595s ago: executing program 1 (id=846):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGREP(r0, 0x80084522, 0x0)

2.4909979s ago: executing program 1 (id=847):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000880), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r0)

2.380800878s ago: executing program 1 (id=848):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000011c0)=@IORING_OP_ACCEPT={0xd, 0x4, 0x1, r0, &(0x7f0000001200)=0xffb5, &(0x7f0000001240)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x0, 0x80800, 0x1})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
mount(&(0x7f00000010c0)=@nullb, &(0x7f0000001100)='./file0\x00', &(0x7f0000001140)='mqueue\x00', 0x140020, &(0x7f00000012c0)=',)[\':,:+\x00')
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x27)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_pid(r1, &(0x7f0000000080), 0x12)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000001480)="aeffa4486aa84c5cd1276d91eecdfccfb963910470b7fbea31521973580a6311fb47d40700e353de4e219eb4802eb77ce0d6016e584d552b5ccea8207888668e4b1c5d8e464389b41a7db270bcf39bd9e94fa051110e00cbf0a42159e717046d42be7bb0af9d94fc977ffa26577997b6c08a1b17ab4dd123fe7aa034d4d36f56ba3f438a0e6c356c0fad29e66a202cd90c08eb053f04f5b1aa50f6a115de7b6b61edd701777a7a6612f0310d2c1b0b9fabc21b67cecd727c6e05f18a639e9277b2813694267b7d134f89bedd55c711587c8ce6489474edd2f7b23243c0e2166aa7249592ea988afaef4fbbeddd1129b1091d885fcd6127ac89d5a0ebe59d47294152e34c237f", 0x106, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4094, 0xffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2)
io_uring_enter(0xffffffffffffffff, 0x50d4, 0x4000, 0x50, 0x0, 0x20)
kexec_load(0x5, 0x3, &(0x7f0000001080), 0x3e0000)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x16b601, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000080)=0xa)
getpid()
getsockopt$IP_SET_OP_GET_FNAME(r0, 0x1, 0x53, &(0x7f0000001180)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000001300)=0x2c)
sched_setaffinity(0x0, 0x0, 0x0)

2.281178837s ago: executing program 3 (id=849):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)

2.281027348s ago: executing program 3 (id=850):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587", @ANYRES16], 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, &(0x7f0000000040)=""/4092, 0xffc)

2.088370927s ago: executing program 2 (id=852):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
socketpair(0x27, 0x3, 0x8, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
sendto(r0, &(0x7f0000000240)="bbf744ac1adf15163fcbc77beeea963fe62a8d0b502a2fd9ed2aef071e75dafc67848dccaeb4c286fd3ac02f70ba3bb22bb7667713942fa11fd616edf9595b12903dd3cdd0f68b4c7e3fbfd50ba120c68f4b0d424b51cc99a6dbddef8c150654d3fa09b8f66a302ec08c821a313a79568f94041886dd3c674d65061db79c9706efa04113ac22f432ae0e159d9141c490d2de0606d42945c78de50e16766fff5048310919e69af216268c86e2948ae6405b39cbea70d3ee5ba74ed29f8848caaeaea66791858f38c0a14aa5abd54a2c65d8db2e2d4a6a7292fd86a81079c96ad390cdae00811c245872aefa491909bbec4d2c04261218", 0xf6, 0x20000010, &(0x7f0000000180)=@ieee802154={0x24, @none={0x0, 0x8002}}, 0x80)
r1 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})

2.040748899s ago: executing program 2 (id=853):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_basic={{0xa}, {0x44, 0x2, [@TCA_BASIC_POLICE={0x40, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x10001, 0x2000000b, 0xfffffff6, 0x40, 0x3, {0x9f, 0x0, 0x101, 0x4, 0x7}, {0x1, 0x2, 0x4, 0x5, 0x3, 0x6cf212f}, 0x0, 0x101, 0x9000000}}]}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x1}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x800)

1.950676368s ago: executing program 4 (id=854):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$FS_IOC_GETFSSYSFSPATH(r2, 0x80811501, &(0x7f0000000380)={0x80})
r4 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r6=>0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000200)={r5, r6, r7, 0x0, 0x100, 0x7fffffff, 0x0, 0xfffffffe, 0x5, 0xe, 0xfffffff8, 0x31e})
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000001600))
add_key(&(0x7f0000000080)='logon\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000ac0)="a1", 0x1, 0xffffffffffffffff)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f00000001c0)=0x1)
ioctl$VIDIOC_S_STD(r8, 0x40085618, &(0x7f0000000480)=0x7)
r9 = dup(r3)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_route(0x10, 0x3, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(r10, 0x1, 0x5, &(0x7f0000000000), 0x4)
r11 = syz_io_uring_setup(0x4e4, &(0x7f0000000200)={0x0, 0x33f8, 0x10100, 0x0, 0x0, 0x0, r9}, &(0x7f00000000c0), &(0x7f00000001c0))
io_uring_enter(r11, 0x708, 0x41e3, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x20000000000, 0x3}, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

1.927989901s ago: executing program 2 (id=855):
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
socket$kcm(0x2, 0x3, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
wait4(0x0, 0x0, 0x1000000, 0x0)
r1 = memfd_secret(0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newtaction={0x22c, 0x30, 0x1, 0x1, 0x0, {}, [{0x218, 0x1, [@m_ct={0xd4, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x91, 0x6, "c846ac0304771cf859c1a9b0cf83b5086e82a75c9f19bd15524624df90aeb821b175d10a7d17940f73579f01f06bc8a5c6a109f6a6e77af86151ebebe16c9751b1fdd4611e7da90b80a61a1b308ba19704017ed510dca6be07459e86050959a53f9b0965f1ceacfed655fb69a3030c462186eb04610402ddcf839db7dd6de36ce1a49917ababce866626ce4f17"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ctinfo={0x140, 0x6, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0xd44, 0x5, 0x5, 0x9, 0x1}}, @TCA_CTINFO_ACT={0x18, 0x3, {0x2, 0x0, 0x20000000, 0x8001, 0x4}}, @TCA_CTINFO_ACT={0x18, 0x3, {0x80000000, 0x81, 0xffffffffffffffff, 0xffff, 0x401}}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x7}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x9}]}, {0xb9, 0x6, "7895ba4179a70f8239d2a66bebba00e102bef427af2819c9c4e08bc33da00f5d4903d842d79fec2515d4b2e438189e56ae72384a9cdf8815995193eba664d2e4618b9aaf486f0170794397d9322ad08774dbe37faf640be0db221f48bab16a54974cbef16bbe343d1c7787b1fe8c55790de8cf37c386465cb8a4cda5351bea813a85684a6cc2cafaa3443045981dc38d326488c51ab10ba8754df5778d6941ab2125dca30c48cd8a2e5de472f072fa4fb67551cbd7"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x22c}, 0x1, 0x0, 0x0, 0x800}, 0x20004810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x4)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r6, &(0x7f0000002980), 0x400000000000239, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x108)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f0000006340)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x1, 0xc18da8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.041258134s ago: executing program 4 (id=856):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGREP(r0, 0x80084522, 0x0)

1.040889243s ago: executing program 4 (id=857):
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
timerfd_create(0x0, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2002)
fsopen(&(0x7f0000000200)='tracefs\x00', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

970.770043ms ago: executing program 2 (id=858):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) (async)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0) (async, rerun: 64)
r2 = socket(0x10, 0x3, 0x0) (rerun: 64)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4b, 0x2, {{0xffff0000, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x80000001, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}}}]}, 0x78}}, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x4f, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000002100000227bd7000fedbdf2502801407fe00000604090000010c000c40000000000000007f"], 0x30}}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f006bbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async, rerun: 32)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0) (async, rerun: 32)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000001000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
mount$9p_rdma(&(0x7f00000003c0), &(0x7f0000000400)='.\x00', &(0x7f0000000440), 0x0, &(0x7f00000005c0)={'trans=rdma,', {'port', 0x3d, 0x4e21}})
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f00000000c0)={0x14c}, 0x137)

970.507475ms ago: executing program 1 (id=859):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = openat$uhid(0xffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGREP(r2, 0x80084522, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12140, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sysfs$1(0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
sendfile(r5, r5, 0x0, 0x101)
fdatasync(r4)
mount(0x0, 0x0, &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
pselect6(0x40, &(0x7f00000001c0)={0x40, 0x6, 0x6, 0xfffffffffffffff3, 0x7, 0x3, 0xfffffffffffffff8, 0x8}, 0x0, &(0x7f0000000380)={0xfdd, 0x0, 0x7, 0x8, 0x20, 0x1, 0x5, 0x2}, &(0x7f0000000440)={0x0, 0x3938700}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x40, 0xc3c]}, 0x8})
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, 0x0, &(0x7f00000002c0))
r7 = memfd_create(&(0x7f0000000300)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xae\xd1md\xc8\x85\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;2\xb5\xe1jS\xeb\xbf%||\xa0\x8e\x01\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x4)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')

970.327967ms ago: executing program 4 (id=860):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x101)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f000000d4c0)=[{{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000a00)="ca", 0x1}], 0x1, 0x0, 0x0, 0x48015}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRESHEX=0x0], 0x38}, 0x1, 0x0, 0x0, 0x8040}, 0x2000000)

891.234256ms ago: executing program 2 (id=861):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="ba", 0x1}, {&(0x7f00000005c0)='0', 0x1}], 0x2}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)="cb00cf89223d480ff3436d2054d8", 0xe}, {&(0x7f0000000740)="66f7cb8b75524471d217565020396bbcee08e343741920953201d52254c13ea1c1d5c134c964b2852f4c4813a3cdaad68c2a2a3d28c7e6f7e05e37e630b7e129f72c3aef373dde250492714db1865caa340fcbcd4675b65dd5753b474c08477a1b0c6a76b1f1ba85f7a35b54521b407cc8c4d18d08694a7b1e870c1f83f78dafa17d4a625cd9e5a0bffda6f5", 0x8c}, {&(0x7f0000000800)="cd0ca4cc79209291ad286b3b24e726221eb85dfbd75ed09b8838687536df0513b68d1a0725be1ef1ce0937c15fbd61abfef46d430a6b2274e12e1206ad822ff11050228e1d95a28bd56648f94ee68de47ebff1e8833614aaa79152d6b4a918f1d71ae19bec1980839ab0ac1b793c129c5482748e7705ae5550c243ebae7afa8da3e9a7abbb459153cafe6856058001f1e046ae747b4e56b1f03d91196941f6a8e2f71b2ab2c25d777cc839665f497e774c5afa", 0xb3}], 0x3}}], 0x2, 0x0)

890.99772ms ago: executing program 2 (id=862):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3fff, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xa1, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x7}, 0x4}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000180)={'veth1\x00', {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ptrace$ARCH_SHSTK_DISABLE(0x1e, r2, 0x2, 0x5002)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
bind$inet(r5, &(0x7f0000000280)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0xc081}, 0x4000)
sendmsg$NL80211_CMD_SET_COALESCE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={0x0}}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_INVAL_ENTRY(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="25000000030000000000000000000000010000000000000004"], 0x25)

890.779176ms ago: executing program 3 (id=863):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x24000805}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000001f80), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000440)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000340)})
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000260001000000000000000000030100800c0045000000000000000000140001000000000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f7eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x60)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @private=0xa010100, 0x20000003}, @nl=@kern={0x10, 0x0, 0x0, 0x20}, @tipc=@nameseq={0x1e, 0x1, 0x1, {0x2}}, 0x501, 0x0, 0x0, 0x0, 0x10, 0x0, 0x100})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

70.91596ms ago: executing program 4 (id=864):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$FS_IOC_GETFSSYSFSPATH(r2, 0x80811501, &(0x7f0000000380)={0x80})
r4 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r6=>0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000200)={r5, r6, r7, 0x0, 0x100, 0x7fffffff, 0x0, 0xfffffffe, 0x5, 0xe, 0xfffffff8, 0x31e})
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000001600))
add_key(&(0x7f0000000080)='logon\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000ac0)="a1", 0x1, 0xffffffffffffffff)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f00000001c0)=0x1)
ioctl$VIDIOC_S_STD(r8, 0x40085618, &(0x7f0000000480)=0x7)
r9 = dup(r3)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_route(0x10, 0x3, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(r10, 0x1, 0x5, &(0x7f0000000000), 0x4)
r11 = syz_io_uring_setup(0x4e4, &(0x7f0000000200)={0x0, 0x33f8, 0x10100, 0x0, 0x0, 0x0, r9}, &(0x7f00000000c0), &(0x7f00000001c0))
io_uring_enter(r11, 0x708, 0x41e3, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x20000000000, 0x3}, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

287.552µs ago: executing program 1 (id=865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)

0s ago: executing program 1 (id=866):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = openat$uhid(0xffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000580)={0x8, {"f18036d25b822368cd0f915501ae0ff659d4dfb992b8e23deec20e1005c880e23022fe62c9ca44cf888f5bb3ddfb4cfa7ac59e77b46d98a848c40250d569140727a16631556864cc7e30f7a30668fe56dd4a4c9dbe13a7f1b104357088b848425c4093ab89abf508f7a64f4121d7c7f9d91dcfc6403d7e5fc79723ea5bf34a7e6b1a59fa611f825dbd25f52d659973c094e32a4f8b5c05d232556c939fa04421134881c42a69ea088eb059dc0c08bbd838d8349d02ae3611a33ee3fab3c8d96361f6930797066bcb69f3c0d378dae5c6c3713f35cf8827c6a1c890db3a8ff0709575365d660220f77201463b2daa9653076ff9041815c04e7dc3c08ddb0458f3e5eb7a823c16e8c23127f7b4a761e36ca7c1b5835abed5f4b200649223e8481012a4a30505a9eddaf062e7030331148dc1d103e29e63ca98b8a91f4fbf1206ebf2ae4b2bafb6ffdfc6306fe40172301368f3132b2813aaccabc76d7639499ca974508766a9aa889369be300cd2e92c5190862c1b45cb38b9178c5a87c1cc5437a1937e87804cecd668c9b05c5804227d6f4fac396a001123c85479ce5e4e3984d0634bc13fee768d43aa4b1bd710b8ce98e9109c47555d3f0e88c7c0d69c85a5c64f7113e9dfa92ccd8031d3691771aaf6b6b94f1d94332ff76b09f424fcfa85e3693913dfcec7b1961a96bcd0f919743aa6ba63a8cbf662b46671f00dfebc784984018c40fa4682143f9e26feb667401482f5b524deda231cae05707c194ce775fc57af93b9b602d8dab24407997506f7967e44d549b1b365b97c9740019ede64c54c469fd7d57aa3f615d7f1c40dea951151b64ee324993c94ec47bcc61a22949ec56ead4c7c78db3d1c6f254840f67e530a1a1f8be8775678cf35d552cc5d748fe9f6e68a9bc049724037820ec6cefd3f0a32f519f5349a6b1986c66c0c491fd58101a2cfcc8f53c0f87f365da417ce1d0009d4e6df2891791ad4d31f52140e2b9499473c5d54e65ec9e9979e955ec39615b251673e71c3f16b8dc6b496dcc450b01b6fa0f2f154ec996f8e97bc8f680db9c46fe5a0fa0703ae355c141a2dbcbc6be5cc93d385120e427ef9c8d6f4517d22033b760ceac1f83952efd81ac936a78a8cbb90a94316dd817e4b61df1058b5322737bb7f57cb69b5edd3f7090b7b2df3e446f54024b5acf4aa41d754a54e5dca655c6026533d6484f0db49b7f3d610948dcc37a555c0344993a89f32c1e44921202d82412e793fcf40586d59529b21580fc30d65d8d93e7cd366e9df8d2e77728759b023536969c2004a89fab97c486bbae9f5f8bb650a501bf8f680743c3200aa154c9b7757c13731c9d30718675584aab45d7a49e7c185ecbe0071e39b3b47da6580f675e141e58bb5ebd637f2411e96ff3d3ea73a744ec392e831062c708a1b1b80c3bb45cebaf7bdc71b8df2b4cff8b2e673e4a4521f854615e3b316cc58b33a29d3e20ddacf191a7e6e9d43c3900be3e5a2d96bf3cba2696082107ff0f7a721efbfa1af20d2a67a45e7c37992c812f6ff6d1672612586e6ed6c44b136909caf3d58f58b269d01a8fd509d2a4fea0a60a2e23a92dc8a83a7438acb76cbc5b96ba65ac104c6a4c5acf587a8be3cf9b5d9e3841a092c83d6d9cd7450e919652d5875c1cb9256d5bdd404c844537bbe115f2f2bc64a7f40b4c458748fcacdfeba9d0d8e355052510ce11319141202a1adf691c576b574315c7a09ca866c7170a4369dd4d1c2b7f65a3f8a5ee57385312e65004140e8217968997cbad376fc7413b0f472d81254fa14309e3251dbad722cebe710177b3d4ef15561dfeaaaf3bea3df920f055ebf27f3a5982af2dfab66a0f0987eb940d6c366b8b0dd31335975e173225766cbd6809157003d4661300c664813e0148d498f603d37d550d1325638f897f9741a2197829a011a28001d1b5d2f83c26a03cea596ca7ff1a21b4c5226806c8da432cb2e795bc20cc0730058804915ea719f8645f0278c05df5df0643171593b4f83bf1957cee3d9f07ddcfeac23999a76788700179429a916a21de11a728682692ace701bfe7c4b4a9f5f5acbf142634f6999e5faac13d5fe5e3422ce3038c03eb685b489cad35b65a7c58133b19c76ae0f3e8a5c441f178d5de50d8bde8854aba9aa21c3f19335361be2b75e09a8b0d7e3626ff30bb0126e83dc588779865f67d9b26f17c55c7a463f2f9d73015adcf6c6e3abe5f4167cc52d2786cc20e70d60fb266279528ee7d07352f0751eb1c992da1999127a880669b7eb4c27e60cce26e248404c2859c5c705a02b091e6b7c9ec73aa7dd977db530f558d056870265cf44d2e8bf15381d3565ab58360b2346f997fe6e98daded38bb16aa7796f09b69a92712cc0350f4f7f7126025a30de70aeb1a845ff443a278a270e79ade97b8e259d1589a914e5c6d4668d2741bd54c11445b552185e8848c1156518c6724c0468160e5f92f033bc933a57eafcb2b452c96a3a5b8d573f23457f0df3daa873670804e5fb5f610d636a081bf76dba0a4e9e2ae95fe51b652300041a9c556b98dd002a346f510625c42471258a4e193efd15db0a0fe9208fe2e7b8afd3d410d52b9eaebd3eeb6f52fbef4b5f55ebcd6227f581748efcf60c625ecce866a069908adbe6d52ecab0acd9e2172a17370ff7234964303a96ae074370bbc4440b9b2e70da5dee2d4c76c16f94dc5cf9c0ee06bca5a60839a070f36a518fdb8dcb58638a11d0178fc598172434bcbed1f08d501e44e322d269f80a5f21b1c85efaf22a538bd0482be0005f6327a8436ba830abe692f342ac53290687e121b9b3a8ad4bf9f4e0732fadda6a49bbc16ee661dc5dbea3ee5bfe861ff51319839e895b56ee04d58983912a703030a1227db9167342eadf8f05fc90880a230687e93569f33d73796d9a055d6266afc35f5fe58d98cfe7479a0f2f1b65db23235994f3ba87d97cb39a8f93dabc7cf58aac39e3857086833bdc381a830a87df59d558eb3373210dd0a0a2387f8f2c437e4084466f491a686d3e56c8397ac21b5dbe6fb290be6f5efdfcd44800f2294e839f59374565772437be09d42162f2879dbb62281aa8fc66b7cc08828c2e57c3dea38050ac7d21f5642b692a0a4e9e80dc1f08e6b8fc5b77018d246ffac2bdd265c1ddd27d656ec91bc57726c25eb5905980789af2ab967b2b65db02c18c463cec8d79efbfcbf34490f24e0c098badf6fa2669e8556b93f750151b1b34956f74853f86f9ba3ac79cb67ece83d66597bb58af9b2ba392026887f518af11754fdf8a93af2bf3beb451b92fbfb264e5aa28c528772557d99c37fe55f9a2204f216f5d7b4390a66fd9a3e7eef61ceb1ae0c174989f138cf8d78f8820d7987b906ef2e875ccc5a53ec2c038baff8853e5b32c4798dcd9b207261a92a2ada7cf5e3fe78c8249becbcebb8539070cbd688fd5110632722d481b9016d3f4fdf444735ee2d2fc114df57ccff2e72c5a04789991b690c60920ba3c08fddb395933dbb7278197063740f5af20a5dc31c7bb1e02062d8e2905e86dabd649270af2c49c84ce4a6cb5793988f8673c22339f7b72b5f697cbc81a454722560414a88214a420b0e2b3b8f75975a68ad8db72e785143ef590264e9e80ece48e526cffa9ae8335c8bf639b1b435c4f78955bcaa16bd817fd3100434757d83eb8a8312d5e6d8dcf2e66e9330ed902b497402659537fc116633af2fc049fe79474af2c6a7f208c1b4a81e3f252b687cfe2b71e8e1d672086b4747ad2aa36b9e2b13b2ed2c05cebba94768ca67e6a7181ef6eb4a2d2c90caa81624120760345a44b6e1fc89be67ae58560bd4016f79dcf9fccf20b0e80ffcb53b8b72be744c11789a0928a64da94a4dc0ff7140c786ad4a5753b320293ae9ed2854007b8c7fe650d1da2b07ac8ad475189cde7614b4de5d00d0830de14268f0c6b06cfde94e1855f1f082bb62caaca78d43a4c18c6c26817ba307ed28c6243a08d01bc9eb056d01e8b6500e1e248d1115a5104201be65baeaa18e4256c0c39c5223fdb350eeff2cba4fb37cc63f71f53eabe79320623cb82489b803967f93ac6298d521b644596ace85541758715318be87a79f5bedaae312a2dfaee568524d6a2317f1df5488a376aad363d2edd70653e0729fd9ef56e346a6bee85244296e25a9f04ccd5440eb8eec3ae45f2182e1adfde85b11c731f48325c15e586005aa7f9f85c53a2f0755e27eccaa489116dbd3b2d84f18d8283d8c15b9213b8bf48d124a7d4eebf8090ef3818e8dad1f2ed865f0789c58396b9eb4624ae6ee257835857bc3f15a966defba302052522888571df68171cd410b177464b62302fc53b81089b436cd303ca65f3f489b2ae438ac4389339fc945f7676fabd2dbbffe44effa08357ec8ec6bca4d5b40aa8c2f1da8432d7b915be07562eedd89bb23f18eeb71fb2d9be792979d097f11d94dd87aa1c79e285ab910bcf6e885b3dc689c60ac1b13618f9e1a368019e29d7a9728c4ee3393e4cc37945c11f92344ea21646daa165824e80d5dcad176698c95b13f471fccb8eaeddcf8adc4fdf47162e07087b690ddbe22499b1e8ce749ddc3672a14bdc8beb4a13db71d22d7cb60a32c50fc5e1380dd8bbab7034bf06941beffe7254be5dcb253e5f4070fea4dbeab1e77c7350c7807e8d0b28e2280a0fc095e8c8dce31697d237b37805aaeeaf108625eedb3d290a505cdeec9a510ad0af3cc4d4a24a781da8bcd6a7a940a126f71d604c160f04404b01fbfa6c9418aa37f5694736d7cc87e4a23a7497caac05931fcf51fd468a01b64df643667536188ec75d0990c3f16bcba081e241340015c4aaf62128371e3580350162295ad4893d1f0f5bd86412b65734e03c511319824f44b6ab51702315735bb26b10651bca00b199359ac560dfb455a4a15ff6b2e7d130554eba9a8a1ea913236537c5a421bd9e43389364e386d0a1ff47e212fb6f8b33bc9678ee0d0a09405c65a93cdab3f3380f357504e9610a76b019a59f2af41a40319455ae5e6197fb836ef95ec25220ddca1596532e4c319a002a70158520f44696436fd6dc73eb752728d72d97b8539a9792ac166aadfcdddf61c45cac9ce468fb0ca5c6f24c0b673d6796e1588900c80f4ed275178e06cf97b5e5b3b8c6181a4deda08d930c9d8e0818703accb22bb5a755c3dcaea11e8b5ea7bbadc19848bd8c998a995e35d89ea44c4835298ac772ed80e661ca5832159478d8241701443d045d5a78e86aa2e5fa9ce126c7242b1135912f8448dd2a3262089afd3db67d3fca88ecba773a9e2e7e1d71f6e7d07bafb8006b337c0fca3b1ff2d4bf20e2e746654df9459bfc7fb2446848813cd319fdbf0a7ab12c5acd82851d843b702955097eead7db8637e2e0535d300c37f3502d35a291213c0d3f67865fbdd8a6d98027e6467ea32e1171cb4be8f8e5b2625766e7e11ffbc22786c6e6fa5653e3a1eb18a95d74e4244368a74e1321caf1c88ce2db50cb0391188b6ba7ad663abc433be845839f99f5951b11f77adef0c2785c01e22ad1b725654350070ec35ee9dc3850a48292ece7fefefc77f9f9c57d71d50d912fe403b607f2af454e8ce95b20a728be0490eba116592e10010cf1cf4ff7ae853a352700cc0cdd5992678e2c5a43fa6332d7ba85ff2a2175c97ed016cc7dda495b4bde2642db1f11c052720cac7a72d0e0378969fd45cb9d494da8485d01f7a23db20cfbf23060ef957b62048b17cfa9117b9dc79fb57fee95839f0671dbef3f19af37ba3b", 0x1000}}, 0x1006)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGREP(r2, 0x80084522, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12140, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sysfs$1(0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
sendfile(r5, r5, 0x0, 0x101)
fdatasync(r4)
mount(0x0, 0x0, &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
pselect6(0x40, &(0x7f00000001c0)={0x40, 0x6, 0x6, 0xfffffffffffffff3, 0x7, 0x3, 0xfffffffffffffff8, 0x8}, 0x0, &(0x7f0000000380)={0xfdd, 0x0, 0x7, 0x8, 0x20, 0x1, 0x5, 0x2}, &(0x7f0000000440)={0x0, 0x3938700}, &(0x7f00000004c0)={&(0x7f0000000480)={[0x40, 0xc3c]}, 0x8})
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, 0x0, &(0x7f00000002c0))
r7 = memfd_create(&(0x7f0000000300)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xae\xd1md\xc8\x85\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;2\xb5\xe1jS\xeb\xbf%||\xa0\x8e\x01\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x4)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

0s ago: executing program 2 (id=867):
socket$kcm(0x11, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000440)={0x4, {{0x2, 0x4e20, @local}}, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x104)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="6c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="5d5800003a2b2fcdd6ed5b9aa4000000001c001a8018000a8000000001140003006970766c616e31000000000000000004000012800b424cb368ea89cd0e5b000100697000"/84], 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f00000015c0)=""/216, 0xd8}, {&(0x7f00000005c0)=""/4086, 0xff6}, {0x0}, {0x0}, {&(0x7f0000003680)=""/147, 0x93}, {&(0x7f0000003800)=""/165, 0xa5}], 0x6, 0x1001fc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
socket$packet(0x11, 0x3, 0x300)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r6 = openat$dma_heap(0xffffffffffffff9c, 0x0, 0x10f400, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r6, 0xc0184800, &(0x7f0000000100)={0x4004, r5, 0x2})
r7 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0)
r8 = syz_open_dev$vbi(&(0x7f0000000100), 0x0, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r8, 0xc0185647, &(0x7f00000002c0)={0xf000000, 0x3e4, 0x84, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={0xa00001, 0x4, '\x00', @string=0x0}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket(0x28, 0x5, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r7, 0x4020565a, &(0x7f0000000040)={0x3, 0x980914, 0x3})
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_ifreq(r9, 0x89a2, &(0x7f0000000280)={'bridge0\x00', @ifru_settings={0x43, 0x0, @sync=0x0}})
r10 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r10, 0x7a0, &(0x7f0000000000)={@local, 0x1})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r10, 0x7a0, &(0x7f0000000080)={@hyper, 0x2})
close_range(r3, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

H) 304*8kB (UMEH) 83*16kB (UMEH) 82*32kB (UMEH) 70*64kB (UMEH) 41*128kB (UMEH) 14*256kB (UME) 8*512kB (UME) 1*1024kB (E) 0*2048kB 0*4096kB = 28116kB
[  100.037598][ T6892] Node 1 DMA32: 58*4kB (U) 107*8kB (UME) 184*16kB (UME) 180*32kB (ME) 313*64kB (UME) 73*128kB (UME) 12*256kB (UME) 10*512kB (UME) 10*1024kB (UM) 5*2048kB (M) 15*4096kB (UM) = 129280kB
[  100.043219][ T6892] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  100.046283][ T6892] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  100.049821][ T6892] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  100.053417][ T6892] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  100.058942][ T6892] 59621 total pagecache pages
[  100.060891][ T6892] 0 pages in swap cache
[  100.062215][ T6892] Free swap  = 124996kB
[  100.063553][ T6892] Total swap = 124996kB
[  100.064953][ T6892] 524155 pages RAM
[  100.066136][ T6892] 0 pages HighMem/MovableOnly
[  100.067620][ T6892] 208876 pages reserved
[  100.068927][ T6892] 0 pages cma reserved
[  103.234872][ T6015] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  103.385967][ T6015] usb 8-1: config 195 has an invalid interface number: 145 but max is 0
[  103.388783][ T6015] usb 8-1: config 195 has no interface number 0
[  103.390856][ T6015] usb 8-1: config 195 interface 145 has no altsetting 0
[  103.394723][ T6015] usb 8-1: New USB device found, idVendor=055f, idProduct=c211, bcdDevice=9b.e4
[  103.397641][ T6015] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.400501][ T6015] usb 8-1: Product: syz
[  103.401906][ T6015] usb 8-1: Manufacturer: syz
[  103.403479][ T6015] usb 8-1: SerialNumber: syz
[  103.616558][ T6015] gspca_main: sunplus-2.14.0 probing 055f:c211
[  103.619505][ T6015] gspca_sunplus: reg_r err -71
[  103.703827][ T6928] vlan2: entered allmulticast mode
[  103.705645][ T6928] bond0: entered allmulticast mode
[  103.707477][ T6928] bond_slave_0: entered allmulticast mode
[  103.710038][ T6928] bond_slave_1: entered allmulticast mode
[  103.919316][ T5964] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  103.922526][ T5964] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  103.925502][ T5964] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  103.928284][ T5964] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  103.931407][ T5964] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  103.948710][ T6934] lo speed is unknown, defaulting to 1000
[  103.951294][ T6934] lo speed is unknown, defaulting to 1000
[  104.031194][ T6934] chnl_net:caif_netlink_parms(): no params data found
[  104.098008][ T6934] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.100380][ T6934] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.102727][ T6934] bridge_slave_0: entered allmulticast mode
[  104.105387][ T6934] bridge_slave_0: entered promiscuous mode
[  104.109167][ T6934] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.111952][ T6934] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.114287][ T6934] bridge_slave_1: entered allmulticast mode
[  104.117711][ T6934] bridge_slave_1: entered promiscuous mode
[  104.156886][   T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.175743][ T6945] FAULT_INJECTION: forcing a failure.
[  104.175743][ T6945] name failslab, interval 1, probability 0, space 0, times 0
[  104.180659][ T6945] CPU: 2 UID: 0 PID: 6945 Comm: syz.3.244 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  104.180675][ T6945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.180681][ T6945] Call Trace:
[  104.180685][ T6945]  <TASK>
[  104.180689][ T6945]  dump_stack_lvl+0x16c/0x1f0
[  104.180719][ T6945]  should_fail_ex+0x512/0x640
[  104.180733][ T6945]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  104.180751][ T6945]  should_failslab+0xc2/0x120
[  104.180761][ T6945]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  104.180777][ T6945]  ? find_inode_fast+0x1e9/0x600
[  104.180789][ T6945]  ? __d_alloc+0x31/0xaa0
[  104.180800][ T6945]  __d_alloc+0x31/0xaa0
[  104.180811][ T6945]  d_alloc_pseudo+0x1c/0xc0
[  104.180824][ T6945]  alloc_file_pseudo_noaccount+0xcf/0x230
[  104.180837][ T6945]  ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10
[  104.180848][ T6945]  ? iput+0xd3/0x880
[  104.180862][ T6945]  bdev_file_open_by_dev+0x13e/0x210
[  104.180876][ T6945]  setup_bdev_super+0x39b/0x730
[  104.180889][ T6945]  ? __pfx_ufs_fill_super+0x10/0x10
[  104.180906][ T6945]  mount_bdev+0x1c0/0x2e0
[  104.180920][ T6945]  ? __pfx_mount_bdev+0x10/0x10
[  104.180936][ T6945]  ? apparmor_capable+0x114/0x1d0
[  104.180947][ T6945]  ? __pfx_ufs_mount+0x10/0x10
[  104.180962][ T6945]  legacy_get_tree+0x109/0x220
[  104.180979][ T6945]  vfs_get_tree+0x8b/0x340
[  104.180991][ T6945]  path_mount+0x14d4/0x1f30
[  104.181002][ T6945]  ? kmem_cache_free+0x2d4/0x4d0
[  104.181016][ T6945]  ? __pfx_path_mount+0x10/0x10
[  104.181028][ T6945]  ? putname+0x154/0x1a0
[  104.181039][ T6945]  __ia32_sys_mount+0x28b/0x310
[  104.181050][ T6945]  ? __pfx___ia32_sys_mount+0x10/0x10
[  104.181061][ T6945]  ? rcu_is_watching+0x12/0xc0
[  104.181077][ T6945]  __do_fast_syscall_32+0x73/0x120
[  104.181106][ T6945]  do_fast_syscall_32+0x32/0x80
[  104.181122][ T6945]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.181135][ T6945] RIP: 0023:0xf7f25579
[  104.181144][ T6945] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.181155][ T6945] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  104.181165][ T6945] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000080000a80
[  104.181171][ T6945] RDX: 0000000080000ac0 RSI: 0000000000a00000 RDI: 0000000080000140
[  104.181177][ T6945] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  104.181183][ T6945] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  104.181188][ T6945] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.181201][ T6945]  </TASK>
[  104.304596][   T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.311559][ T6934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.316596][ T6934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.358989][   T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.372643][ T6934] team0: Port device team_slave_0 added
[  104.378857][ T6934] team0: Port device team_slave_1 added
[  104.442778][ T6934] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.446812][ T6934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.454594][ T6934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.465261][   T46] bridge0: port 3(netdevsim0) entered disabled state
[  104.480372][   T46] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode
[  104.485863][   T46] netdevsim netdevsim0 netdevsim0 (unregistering): left promiscuous mode
[  104.489145][   T46] bridge0: port 3(netdevsim0) entered disabled state
[  104.498203][   T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.509967][ T6950] lo speed is unknown, defaulting to 1000
[  104.510470][ T6934] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.514124][ T6934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.534770][ T6934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.548844][ T6950] lo speed is unknown, defaulting to 1000
[  104.618786][ T6934] hsr_slave_0: entered promiscuous mode
[  104.621728][ T6934] hsr_slave_1: entered promiscuous mode
[  104.624208][ T6934] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  104.626765][ T6934] Cannot create hsr debugfs directory
[  104.752199][   T46] bridge_slave_1: left allmulticast mode
[  104.763498][   T46] bridge_slave_1: left promiscuous mode
[  104.772018][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.804449][   T46] bridge_slave_0: left allmulticast mode
[  104.807013][   T46] bridge_slave_0: left promiscuous mode
[  104.809467][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.844629][ T6957] FAULT_INJECTION: forcing a failure.
[  104.844629][ T6957] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  104.849228][ T6957] CPU: 3 UID: 0 PID: 6957 Comm: syz.3.247 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  104.849249][ T6957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.849258][ T6957] Call Trace:
[  104.849263][ T6957]  <TASK>
[  104.849269][ T6957]  dump_stack_lvl+0x16c/0x1f0
[  104.849296][ T6957]  should_fail_ex+0x512/0x640
[  104.849318][ T6957]  should_fail_alloc_page+0xe7/0x130
[  104.849336][ T6957]  prepare_alloc_pages+0x3c2/0x610
[  104.849357][ T6957]  ? rcu_is_watching+0x12/0xc0
[  104.849397][ T6957]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  104.849424][ T6957]  ? unwind_get_return_address+0x59/0xa0
[  104.849446][ T6957]  ? arch_stack_walk+0xa6/0x100
[  104.849481][ T6957]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  104.849506][ T6957]  ? __pfx_stack_trace_save+0x10/0x10
[  104.849528][ T6957]  ? stack_depot_save_flags+0x28/0xa50
[  104.849554][ T6957]  ? kasan_save_stack+0x42/0x60
[  104.849580][ T6957]  ? __lock_acquire+0xaa4/0x1ba0
[  104.849593][ T6957]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.849612][ T6957]  ? policy_nodemask+0xea/0x4e0
[  104.849630][ T6957]  alloc_pages_mpol+0x1fb/0x550
[  104.849647][ T6957]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  104.849661][ T6957]  ? __page_table_check_ptes_set+0x1ae/0x420
[  104.849687][ T6957]  ? find_held_lock+0x2b/0x80
[  104.849712][ T6957]  alloc_pages_noprof+0x131/0x390
[  104.849727][ T6957]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  104.849748][ T6957]  get_free_pages_noprof+0xc/0x40
[  104.849763][ T6957]  kasan_populate_vmalloc_pte+0x2d/0x160
[  104.849786][ T6957]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  104.849808][ T6957]  __apply_to_page_range+0x617/0xd60
[  104.849831][ T6957]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  104.849857][ T6957]  ? __pfx___apply_to_page_range+0x10/0x10
[  104.849878][ T6957]  ? alloc_vmap_area+0x872/0x2970
[  104.849901][ T6957]  alloc_vmap_area+0x919/0x2970
[  104.849932][ T6957]  ? __pfx_alloc_vmap_area+0x10/0x10
[  104.849958][ T6957]  __get_vm_area_node+0x1a7/0x300
[  104.849983][ T6957]  __vmalloc_node_range_noprof+0x277/0x1540
[  104.850005][ T6957]  ? compat_do_replace+0x1af/0x7c0
[  104.850029][ T6957]  ? copy_from_sockptr_offset.constprop.0+0xe5/0x170
[  104.850054][ T6957]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  104.850080][ T6957]  ? __alloc_frozen_pages_noprof+0x298/0x23a0
[  104.850106][ T6957]  ? compat_do_replace+0x1af/0x7c0
[  104.850137][ T6957]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  104.850167][ T6957]  ? compat_do_replace+0x1af/0x7c0
[  104.850192][ T6957]  vmalloc_noprof+0x6b/0x90
[  104.850212][ T6957]  ? compat_do_replace+0x1af/0x7c0
[  104.850250][ T6957]  compat_do_replace+0x1af/0x7c0
[  104.850279][ T6957]  ? __pfx_compat_do_replace+0x10/0x10
[  104.850302][ T6957]  ? aa_get_newest_label+0x375/0x680
[  104.850320][ T6957]  ? __pfx_aa_get_newest_label+0x10/0x10
[  104.850347][ T6957]  ? bpf_lsm_capable+0x9/0x10
[  104.850370][ T6957]  ? security_capable+0x7e/0x260
[  104.850389][ T6957]  do_ebt_set_ctl+0x429/0x4d0
[  104.850415][ T6957]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  104.850442][ T6957]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  104.850465][ T6957]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  104.850498][ T6957]  nf_setsockopt+0x8a/0xf0
[  104.850523][ T6957]  ip_setsockopt+0xcb/0xf0
[  104.850541][ T6957]  raw_setsockopt+0xb7/0x2a0
[  104.850558][ T6957]  ? __pfx_raw_setsockopt+0x10/0x10
[  104.850577][ T6957]  ? sock_common_setsockopt+0x2e/0xf0
[  104.850603][ T6957]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  104.850628][ T6957]  do_sock_setsockopt+0x221/0x470
[  104.850652][ T6957]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  104.850690][ T6957]  __sys_setsockopt+0x1a0/0x230
[  104.850715][ T6957]  __ia32_sys_setsockopt+0xbc/0x160
[  104.850733][ T6957]  ? lockdep_hardirqs_on+0x7c/0x110
[  104.850755][ T6957]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  104.850779][ T6957]  __do_fast_syscall_32+0x73/0x120
[  104.850804][ T6957]  do_fast_syscall_32+0x32/0x80
[  104.850828][ T6957]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.850848][ T6957] RIP: 0023:0xf7f25579
[  104.850862][ T6957] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.850877][ T6957] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  104.850893][ T6957] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  104.850903][ T6957] RDX: 0000000000000080 RSI: 0000000080000000 RDI: 00000000000000e0
[  104.850913][ T6957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  104.850922][ T6957] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  104.850932][ T6957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.850953][ T6957]  </TASK>
[  104.894857][ T6015] sunplus 8-1:195.145: probe with driver sunplus failed with error -71
[  105.052746][ T6015] usb 8-1: USB disconnect, device number 3
[  105.353370][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.367941][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  105.372047][   T46] bond0 (unregistering): Released all slaves
[  105.474538][ T6934] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  105.479646][ T6934] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  105.485472][ T6934] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  105.504648][ T6934] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  105.545499][ T6934] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.566745][ T6934] 8021q: adding VLAN 0 to HW filter on device team0
[  105.571437][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.573813][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.580135][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.582365][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.633521][   T46] hsr_slave_0: left promiscuous mode
[  105.639984][   T46] hsr_slave_1: left promiscuous mode
[  105.642300][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.645107][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.647899][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.650362][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.670193][   T46] veth1_macvtap: left promiscuous mode
[  105.672161][   T46] veth0_macvtap: left promiscuous mode
[  105.674032][   T46] veth1_vlan: left promiscuous mode
[  105.676344][   T46] veth0_vlan: left promiscuous mode
[  105.977409][ T5304] Bluetooth: hci1: command tx timeout
[  106.071775][ T6979] fuse: Unknown parameter '·Kƒ0x0000000000000004'
[  106.197111][   T46] team0 (unregistering): Port device team_slave_1 removed
[  106.273705][   T46] team0 (unregistering): Port device team_slave_0 removed
[  106.711779][ T6934] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.883134][ T6934] veth0_vlan: entered promiscuous mode
[  106.889352][ T6934] veth1_vlan: entered promiscuous mode
[  106.906859][ T6934] veth0_macvtap: entered promiscuous mode
[  106.911616][ T6934] veth1_macvtap: entered promiscuous mode
[  106.920935][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.924158][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.928817][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.931997][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.936711][ T6934] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.941638][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.945953][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.949021][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.952325][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.955654][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.958943][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.962763][ T6934] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.970227][ T6934] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.973063][ T6934] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.976265][ T6934] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.978961][ T6934] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.020860][   T99] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.023300][   T99] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.052556][  T219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.056421][  T219] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.208910][ T7037] fuse: Unknown parameter 'grou00000000000000000000'
[  107.962271][ T7066] tmpfs: Bad value for 'nr_inodes'
[  108.044887][ T5304] Bluetooth: hci1: command tx timeout
[  108.280530][ T7082] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  108.282877][ T7082] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  108.286928][ T7082] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  108.288895][ T7082] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  108.301349][ T7082] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  108.303244][ T7082] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  108.321067][ T7082] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  108.322981][ T7082] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  108.339769][ T7088] tmpfs: Bad value for 'mpol'
[  109.061431][ T7108] 9pnet_fd: Insufficient options for proto=fd
[  109.674679][ T7116] lo speed is unknown, defaulting to 1000
[  109.677202][ T7116] lo speed is unknown, defaulting to 1000
[  109.680180][ T7116] lo speed is unknown, defaulting to 1000
[  109.710502][ T7116] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  109.754251][ T7116] lo speed is unknown, defaulting to 1000
[  109.759616][ T7116] lo speed is unknown, defaulting to 1000
[  109.764968][ T7116] lo speed is unknown, defaulting to 1000
[  109.769966][ T7116] lo speed is unknown, defaulting to 1000
[  109.774510][ T7116] lo speed is unknown, defaulting to 1000
[  110.931802][ T7137] tmpfs: Bad value for 'nr_inodes'
[  111.181023][ T7144] FAULT_INJECTION: forcing a failure.
[  111.181023][ T7144] name failslab, interval 1, probability 0, space 0, times 0
[  111.190290][ T7144] CPU: 2 UID: 0 PID: 7144 Comm: syz.4.274 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  111.190313][ T7144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.190323][ T7144] Call Trace:
[  111.190329][ T7144]  <TASK>
[  111.190335][ T7144]  dump_stack_lvl+0x16c/0x1f0
[  111.190365][ T7144]  should_fail_ex+0x512/0x640
[  111.190393][ T7144]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  111.190420][ T7144]  should_failslab+0xc2/0x120
[  111.190436][ T7144]  __kmalloc_cache_noprof+0x6a/0x3e0
[  111.190460][ T7144]  ? __ldsem_down_read_nested+0xe3/0x8d0
[  111.190477][ T7144]  ? serport_ldisc_read+0x10d/0x680
[  111.190500][ T7144]  serport_ldisc_read+0x10d/0x680
[  111.190516][ T7144]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[  111.190537][ T7144]  ? __pfx_serport_ldisc_read+0x10/0x10
[  111.190556][ T7144]  ? __pfx___might_resched+0x10/0x10
[  111.190588][ T7144]  tty_read+0x308/0x5d0
[  111.190617][ T7144]  ? __pfx_tty_read+0x10/0x10
[  111.190647][ T7144]  ? __lock_acquire+0x5ca/0x1ba0
[  111.190669][ T7144]  do_iter_readv_writev+0x735/0x950
[  111.190692][ T7144]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  111.190719][ T7144]  ? bpf_lsm_file_permission+0x9/0x10
[  111.190741][ T7144]  ? security_file_permission+0x71/0x210
[  111.190764][ T7144]  ? rw_verify_area+0xcf/0x680
[  111.190785][ T7144]  vfs_readv+0x4c5/0x8a0
[  111.190811][ T7144]  ? __pfx_vfs_readv+0x10/0x10
[  111.190846][ T7144]  ? __fget_files+0x20e/0x3c0
[  111.190868][ T7144]  ? __fget_files+0x180/0x3c0
[  111.190897][ T7144]  ? do_readv+0x132/0x330
[  111.190916][ T7144]  do_readv+0x132/0x330
[  111.190937][ T7144]  ? __pfx_do_readv+0x10/0x10
[  111.190960][ T7144]  ? rcu_is_watching+0x12/0xc0
[  111.190985][ T7144]  __do_fast_syscall_32+0x73/0x120
[  111.191014][ T7144]  do_fast_syscall_32+0x32/0x80
[  111.191039][ T7144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.191060][ T7144] RIP: 0023:0xf7f48579
[  111.191076][ T7144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.191091][ T7144] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  111.191108][ T7144] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  111.191119][ T7144] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  111.191129][ T7144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.191138][ T7144] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  111.191149][ T7144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.191173][ T7144]  </TASK>
[  111.318866][ T7147] overlayfs: missing 'lowerdir'
[  112.178381][ T7162] trusted_key: syz.2.278 sent an empty control message without MSG_MORE.
[  113.307239][ T7188] FAULT_INJECTION: forcing a failure.
[  113.307239][ T7188] name failslab, interval 1, probability 0, space 0, times 0
[  113.311329][ T7188] CPU: 1 UID: 0 PID: 7188 Comm: syz.4.283 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  113.311354][ T7188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.311361][ T7188] Call Trace:
[  113.311365][ T7188]  <TASK>
[  113.311369][ T7188]  dump_stack_lvl+0x16c/0x1f0
[  113.311388][ T7188]  should_fail_ex+0x512/0x640
[  113.311404][ T7188]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  113.311422][ T7188]  should_failslab+0xc2/0x120
[  113.311433][ T7188]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  113.311449][ T7188]  ? __alloc_skb+0x2b2/0x380
[  113.311465][ T7188]  __alloc_skb+0x2b2/0x380
[  113.311477][ T7188]  ? __pfx___alloc_skb+0x10/0x10
[  113.311492][ T7188]  ? find_held_lock+0x2b/0x80
[  113.311508][ T7188]  __ip6_append_data+0x2bb6/0x4710
[  113.311528][ T7188]  ? __pfx_raw6_getfrag+0x10/0x10
[  113.311547][ T7188]  ? __pfx___ip6_append_data+0x10/0x10
[  113.311563][ T7188]  ? ip6_setup_cork+0xd01/0x15d0
[  113.311580][ T7188]  ip6_append_data+0x1bd/0x4c0
[  113.311596][ T7188]  ? __pfx_raw6_getfrag+0x10/0x10
[  113.311611][ T7188]  rawv6_sendmsg+0x175a/0x4890
[  113.311631][ T7188]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  113.311648][ T7188]  ? __lock_acquire+0x5ca/0x1ba0
[  113.311664][ T7188]  ? __pfx___might_resched+0x10/0x10
[  113.311685][ T7188]  ? __pfx_aa_sk_perm+0x10/0x10
[  113.311698][ T7188]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  113.311713][ T7188]  ? inet_sendmsg+0x119/0x140
[  113.311723][ T7188]  inet_sendmsg+0x119/0x140
[  113.311733][ T7188]  ____sys_sendmsg+0x973/0xc70
[  113.311744][ T7188]  ? __pfx_____sys_sendmsg+0x10/0x10
[  113.311753][ T7188]  ? get_compat_msghdr+0x11a/0x170
[  113.311769][ T7188]  ? __pfx__kstrtoull+0x10/0x10
[  113.311788][ T7188]  ___sys_sendmsg+0x134/0x1d0
[  113.311803][ T7188]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.311823][ T7188]  ? find_held_lock+0x2b/0x80
[  113.311844][ T7188]  __sys_sendmmsg+0x2f9/0x420
[  113.311860][ T7188]  ? __pfx___sys_sendmmsg+0x10/0x10
[  113.311884][ T7188]  ? fput+0x70/0xf0
[  113.311894][ T7188]  ? ksys_write+0x1b9/0x240
[  113.311912][ T7188]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  113.311926][ T7188]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  113.311943][ T7188]  __do_fast_syscall_32+0x73/0x120
[  113.311959][ T7188]  do_fast_syscall_32+0x32/0x80
[  113.311975][ T7188]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.312012][ T7188] RIP: 0023:0xf7f48579
[  113.312024][ T7188] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.312037][ T7188] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  113.312048][ T7188] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000480
[  113.312054][ T7188] RDX: 00000000000002e9 RSI: 0000000000000000 RDI: 0000000000000000
[  113.312060][ T7188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.312066][ T7188] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.312072][ T7188] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.312085][ T7188]  </TASK>
[  113.418873][ T7188] xt_CT: You must specify a L4 protocol and not use inversions on it
[  113.424290][ T7189] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.433461][ T7189] bond0: (slave rose0): Enslaving as an active interface with an up link
[  113.580501][ T7205] fuse: Bad value for 'group_id'
[  113.582127][ T7205] fuse: Bad value for 'group_id'
[  113.885012][ T7211] lo speed is unknown, defaulting to 1000
[  113.887527][ T7211] lo speed is unknown, defaulting to 1000
[  113.889979][ T7211] lo speed is unknown, defaulting to 1000
[  114.910563][ T7230] lo speed is unknown, defaulting to 1000
[  114.914125][ T7230] lo speed is unknown, defaulting to 1000
[  114.925705][ T7230] lo speed is unknown, defaulting to 1000
[  115.437865][ T7230] serio: Serial port ptm0
[  115.706284][ T6015] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  115.870929][ T6015] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  115.883240][ T6015] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  115.901245][ T6015] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  116.069307][ T6015] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  116.075043][ T6015] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  116.083759][ T6015] usb 8-1: config 0 interface 0 has no altsetting 0
[  116.096212][ T6015] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  116.102925][ T6015] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  116.108989][ T6015] usb 8-1: Product: syz
[  116.111491][ T6015] usb 8-1: Manufacturer: syz
[  116.114386][ T6015] usb 8-1: SerialNumber: syz
[  116.200774][ T6015] usb 8-1: config 0 descriptor??
[  116.205774][ T7238] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  116.214406][ T6015] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  116.222831][ T6015] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  116.588057][ T5995] usb 8-1: USB disconnect, device number 4
[  116.591657][ T5995] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  116.741735][ T7253] tmpfs: Bad value for 'nr_inodes'
[  116.937139][ T7257] tmpfs: Bad value for 'nr_inodes'
[  117.420130][ T7270] netlink: 8 bytes leftover after parsing attributes in process `syz.4.300'.
[  117.626916][ T7281] netlink: 'syz.3.302': attribute type 12 has an invalid length.
[  117.629735][ T7281] netlink: 'syz.3.302': attribute type 29 has an invalid length.
[  117.632153][ T7281] netlink: 148 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.638985][ T7281] netlink: 'syz.3.302': attribute type 2 has an invalid length.
[  117.641477][ T7281] netlink: 43 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.644330][ T7283] netlink: 'syz.3.302': attribute type 12 has an invalid length.
[  117.647658][ T7283] netlink: 'syz.3.302': attribute type 29 has an invalid length.
[  117.650096][ T7283] netlink: 148 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.652967][ T7283] netlink: 'syz.3.302': attribute type 2 has an invalid length.
[  117.657810][ T7283] netlink: 43 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.660982][ T7281] netlink: 52 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.663830][ T7281] netlink: 21 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.666923][ T7281] netlink: 21 bytes leftover after parsing attributes in process `syz.3.302'.
[  117.702819][ T7286] overlayfs: missing 'lowerdir'
[  117.787698][ T5995] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  118.154824][ T1460] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  118.158410][ T5995] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  118.161035][ T5995] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  118.164402][ T5995] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  118.167900][ T5995] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  118.171243][ T5995] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  118.175330][ T5995] usb 9-1: config 0 interface 0 has no altsetting 0
[  118.179480][ T5995] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  118.182281][ T5995] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  118.186693][ T5995] usb 9-1: Product: syz
[  118.187998][ T5995] usb 9-1: Manufacturer: syz
[  118.189465][ T5995] usb 9-1: SerialNumber: syz
[  118.192246][ T5995] usb 9-1: config 0 descriptor??
[  118.194866][ T7273] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  118.198999][ T5995] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  118.202768][ T5995] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  118.306649][ T1460] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  118.309278][ T1460] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  118.313028][ T1460] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  118.316605][ T1460] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  118.320070][ T1460] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  118.324367][ T1460] usb 6-1: config 0 interface 0 has no altsetting 0
[  118.328112][ T1460] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  118.331406][ T1460] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  118.334146][ T1460] usb 6-1: Product: syz
[  118.335541][ T1460] usb 6-1: Manufacturer: syz
[  118.337027][ T1460] usb 6-1: SerialNumber: syz
[  118.340088][ T1460] usb 6-1: config 0 descriptor??
[  118.342301][ T7290] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  118.345593][ T1460] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  118.349360][ T1460] ldusb 6-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  118.580036][   T63] usb 9-1: USB disconnect, device number 2
[  118.582927][   T63] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  118.613428][ T7300] tmpfs: Bad value for 'nr_inodes'
[  118.734088][ T6017] usb 6-1: USB disconnect, device number 6
[  118.740655][ T6017] ldusb 6-1:0.0: LD USB Device #1 now disconnected
[  118.954267][   T40] audit: type=1326 audit(1744916100.407:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7317 comm="syz.3.306" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  119.085792][ T7318] dlm: no local IP address has been set
[  119.087728][ T7318] dlm: cannot start dlm midcomms -107
[  119.471824][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.309'.
[  120.021621][ T7360] overlayfs: missing 'lowerdir'
[  120.461522][ T7370] tmpfs: Bad value for 'nr_inodes'
[  120.734763][ T5995] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  120.887011][ T5995] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  120.889557][ T5995] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  120.893136][ T5995] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  120.896706][ T5995] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  120.900380][ T5995] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  120.905543][ T5995] usb 7-1: config 0 interface 0 has no altsetting 0
[  120.909534][ T5995] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  120.913245][ T5995] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  120.916063][ T5995] usb 7-1: Product: syz
[  120.917384][ T5995] usb 7-1: Manufacturer: syz
[  120.918943][ T5995] usb 7-1: SerialNumber: syz
[  120.923041][ T5995] usb 7-1: config 0 descriptor??
[  120.926125][ T7372] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  120.929583][ T5995] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  120.934292][ T5995] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  121.066952][ T7384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.318'.
[  121.309990][ T5995] usb 7-1: USB disconnect, device number 7
[  121.315223][ T5995] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  121.897471][ T7402] tmpfs: Bad value for 'nr_inodes'
[  122.056850][ T7410] overlayfs: missing 'lowerdir'
[  122.467354][ T7419] FAULT_INJECTION: forcing a failure.
[  122.467354][ T7419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.471356][ T7419] CPU: 3 UID: 0 PID: 7419 Comm: syz.1.327 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  122.471370][ T7419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.471377][ T7419] Call Trace:
[  122.471380][ T7419]  <TASK>
[  122.471384][ T7419]  dump_stack_lvl+0x16c/0x1f0
[  122.471403][ T7419]  should_fail_ex+0x512/0x640
[  122.471418][ T7419]  _copy_from_iter+0x2a4/0x15b0
[  122.471433][ T7419]  ? __alloc_skb+0x200/0x380
[  122.471447][ T7419]  ? __pfx__copy_from_iter+0x10/0x10
[  122.471461][ T7419]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  122.471480][ T7419]  netlink_sendmsg+0x829/0xdd0
[  122.471498][ T7419]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.471514][ T7419]  ? __import_iovec+0x1c8/0x660
[  122.471530][ T7419]  ____sys_sendmsg+0xa95/0xc70
[  122.471541][ T7419]  ? __pfx_____sys_sendmsg+0x10/0x10
[  122.471550][ T7419]  ? get_compat_msghdr+0x11a/0x170
[  122.471569][ T7419]  ___sys_sendmsg+0x134/0x1d0
[  122.471583][ T7419]  ? __pfx____sys_sendmsg+0x10/0x10
[  122.471612][ T7419]  __sys_sendmsg+0x16d/0x220
[  122.471626][ T7419]  ? __pfx___sys_sendmsg+0x10/0x10
[  122.471645][ T7419]  ? rcu_is_watching+0x12/0xc0
[  122.471660][ T7419]  __do_fast_syscall_32+0x73/0x120
[  122.471677][ T7419]  do_fast_syscall_32+0x32/0x80
[  122.471693][ T7419]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.471707][ T7419] RIP: 0023:0xf7ff1579
[  122.471715][ T7419] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.471725][ T7419] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  122.471735][ T7419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  122.471741][ T7419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  122.471746][ T7419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  122.471752][ T7419] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.471758][ T7419] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.471770][ T7419]  </TASK>
[  122.754384][ T7425] loop9: detected capacity change from 0 to 7
[  122.761017][ T7425]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  122.763602][ T7425] loop9: partition table partially beyond EOD, truncated
[  122.771995][ T7425] loop9: p1 size 2437361653 extends beyond EOD, truncated
[  123.165909][ T7457] fuse: Unknown parameter 'group_id00000000000000000000'
[  123.804815][   T10] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  123.966472][   T10] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  123.969171][   T10] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  123.972632][   T10] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  123.977133][   T10] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  123.980591][   T10] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  123.984630][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  123.990929][   T10] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  123.999878][   T10] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  124.002589][   T10] usb 6-1: Product: syz
[  124.004123][   T10] usb 6-1: Manufacturer: syz
[  124.005748][   T10] usb 6-1: SerialNumber: syz
[  124.013391][   T10] usb 6-1: config 0 descriptor??
[  124.015629][ T7477] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  124.018901][   T10] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  124.025605][   T10] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  124.396285][   T29] usb 6-1: USB disconnect, device number 7
[  124.401081][   T29] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  125.308894][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.2.342'.
[  126.522295][ T7550] overlayfs: missing 'lowerdir'
[  127.518629][ T7572] overlayfs: missing 'lowerdir'
[  129.092373][ T7603] lo speed is unknown, defaulting to 1000
[  129.095114][ T7603] lo speed is unknown, defaulting to 1000
[  129.097605][ T7603] lo speed is unknown, defaulting to 1000
[  129.250387][ T7609] lo speed is unknown, defaulting to 1000
[  129.253424][ T7609] lo speed is unknown, defaulting to 1000
[  129.256525][ T7609] lo speed is unknown, defaulting to 1000
[  129.314825][ T5995] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  129.476561][ T5995] usb 7-1: Using ep0 maxpacket: 8
[  129.479568][ T5995] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  129.482085][ T5995] usb 7-1: config 0 has no interface number 0
[  129.483999][ T5995] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  129.487592][ T5995] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  129.491197][ T5995] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  129.494553][ T5995] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  129.498800][ T5995] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  129.501666][ T5995] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.506066][ T5995] usb 7-1: config 0 descriptor??
[  129.510373][ T5995] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  129.604119][ T7615] overlayfs: missing 'lowerdir'
[  130.199033][    C2] ldusb 7-1:0.55: usb_submit_urb failed (-1)
[  130.206303][ T6017] usb 7-1: USB disconnect, device number 8
[  130.210169][ T6017] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  130.510481][ T7645] hsr0: entered promiscuous mode
[  130.512657][ T7645] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  130.514881][ T7645] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  130.518829][ T7644] hsr0: left promiscuous mode
[  130.801335][ T7655] FAULT_INJECTION: forcing a failure.
[  130.801335][ T7655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.805544][ T7655] CPU: 0 UID: 0 PID: 7655 Comm: syz.1.380 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  130.805558][ T7655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.805565][ T7655] Call Trace:
[  130.805569][ T7655]  <TASK>
[  130.805573][ T7655]  dump_stack_lvl+0x16c/0x1f0
[  130.805592][ T7655]  should_fail_ex+0x512/0x640
[  130.805607][ T7655]  _copy_from_user+0x2e/0xd0
[  130.805621][ T7655]  get_compat_msghdr+0xa7/0x170
[  130.805635][ T7655]  ? __pfx_get_compat_msghdr+0x10/0x10
[  130.805649][ T7655]  ? __lock_acquire+0x5ca/0x1ba0
[  130.805661][ T7655]  ___sys_recvmsg+0x191/0x1a0
[  130.805676][ T7655]  ? __pfx____sys_recvmsg+0x10/0x10
[  130.805696][ T7655]  ? get_pid_task+0xe0/0x250
[  130.805706][ T7655]  ? __pfx___might_resched+0x10/0x10
[  130.805724][ T7655]  do_recvmmsg+0x568/0x740
[  130.805740][ T7655]  ? __pfx_do_recvmmsg+0x10/0x10
[  130.805762][ T7655]  ? __fget_files+0x20e/0x3c0
[  130.805780][ T7655]  __sys_recvmmsg+0x21c/0x280
[  130.805794][ T7655]  ? __pfx___sys_recvmmsg+0x10/0x10
[  130.805809][ T7655]  ? __pfx_ksys_write+0x10/0x10
[  130.805826][ T7655]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  130.805840][ T7655]  ? lockdep_hardirqs_on+0x7c/0x110
[  130.805855][ T7655]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  130.805871][ T7655]  __do_fast_syscall_32+0x73/0x120
[  130.805888][ T7655]  do_fast_syscall_32+0x32/0x80
[  130.805904][ T7655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  130.805917][ T7655] RIP: 0023:0xf7ff1579
[  130.805925][ T7655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  130.805935][ T7655] RSP: 002b:00000000f50d455c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  130.805945][ T7655] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080003700
[  130.805951][ T7655] RDX: 0000000000000600 RSI: 0000000000000000 RDI: 0000000000000000
[  130.805957][ T7655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  130.805962][ T7655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  130.805968][ T7655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  130.805980][ T7655]  </TASK>
[  131.338451][ T7662] fuse: Bad value for 'user_id'
[  131.340141][ T7662] fuse: Bad value for 'user_id'
[  131.752450][ T7671] netlink: 48 bytes leftover after parsing attributes in process `syz.1.385'.
[  131.812758][   T40] audit: type=1326 audit(1744916113.267:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.1.385" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x0
[  131.914114][ T7674] overlayfs: missing 'lowerdir'
[  132.008921][ T7676] mmap: syz.1.385 (7676) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  132.367196][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  132.369969][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  132.821205][ T7686] evm: overlay not supported
[  133.385680][ T7702] fuse: Bad value for 'fd'
[  133.708358][ T7715] netlink: 32 bytes leftover after parsing attributes in process `syz.3.396'.
[  134.289954][ T7722] netlink: 48 bytes leftover after parsing attributes in process `syz.1.400'.
[  134.574793][ T1460] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  134.776260][ T1460] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.779699][ T1460] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.782715][ T1460] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  134.786835][ T1460] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  134.789687][ T1460] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.793537][ T1460] usb 6-1: config 0 descriptor??
[  135.213026][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.216155][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.219819][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.222678][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.225192][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.227500][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.229849][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.232183][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.234575][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.237159][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.239516][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.241907][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.244255][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.246668][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.249077][ T1460] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  135.252033][ T1460] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  135.274994][ T1460] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  135.507375][ T7744] bridge0: port 3(netdevsim0) entered blocking state
[  135.509687][ T6017] usb 6-1: USB disconnect, device number 8
[  135.509722][ T7744] bridge0: port 3(netdevsim0) entered disabled state
[  135.513927][ T7744] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  135.525304][ T7744] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  135.528934][ T7744] bridge0: port 3(netdevsim0) entered blocking state
[  135.531118][ T7744] bridge0: port 3(netdevsim0) entered forwarding state
[  135.922514][ T7751] fuse: Bad value for 'fd'
[  136.363559][ T7766] tipc: Started in network mode
[  136.365759][ T7766] tipc: Node identity 4, cluster identity 4711
[  136.367723][ T7766] tipc: Node number set to 4
[  136.628807][ T7773] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  136.631674][ T7773] overlayfs: missing 'lowerdir'
[  136.660191][ T7773] IPVS: persistence engine module ip_vs_pe_ not found
[  136.734748][ T3232] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  136.739078][ T7779] netlink: 24 bytes leftover after parsing attributes in process `syz.2.416'.
[  136.760125][ T7779] nbd: socks must be embedded in a SOCK_ITEM attr
[  136.763111][ T7084] block nbd64: NBD_DISCONNECT
[  136.886454][ T3232] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  136.889737][ T3232] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  136.894124][ T3232] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  136.898575][ T3232] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  136.902879][ T3232] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  136.908125][ T3232] usb 6-1: config 0 interface 0 has no altsetting 0
[  136.912516][ T3232] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  136.916805][ T3232] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  136.920165][ T3232] usb 6-1: Product: syz
[  136.921852][ T3232] usb 6-1: Manufacturer: syz
[  136.923719][ T3232] usb 6-1: SerialNumber: syz
[  136.927710][ T3232] usb 6-1: config 0 descriptor??
[  136.930186][ T7769] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  136.934005][ T3232] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  136.939694][ T3232] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  136.951547][ T1460] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  137.114814][ T1460] usb 9-1: Using ep0 maxpacket: 8
[  137.118703][ T1460] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  137.121348][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  137.124978][ T1460] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  137.128629][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  137.132155][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  137.136734][ T1460] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  137.139092][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  137.142600][ T1460] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  137.146389][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  137.149833][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  137.154394][ T1460] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  137.157035][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  137.160529][ T1460] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  137.164116][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  137.167644][ T1460] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  137.175526][ T1460] usb 9-1: string descriptor 0 read error: -22
[  137.177573][ T1460] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  137.180418][ T1460] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.191203][ T1460] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  137.307818][ T3232] usb 6-1: USB disconnect, device number 9
[  137.311758][ T3232] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  137.625459][ T7784] loop2: detected capacity change from 0 to 7
[  137.629784][ T7784] Dev loop2: unable to read RDB block 7
[  137.631731][ T7784]  loop2: unable to read partition table
[  137.634230][ T7784] loop2: partition table beyond EOD, truncated
[  137.637202][ T7784] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  137.784248][ T1016] usb 9-1: USB disconnect, device number 3
[  139.122235][ T7818] bond0: entered promiscuous mode
[  139.124141][ T7818] bond_slave_0: entered promiscuous mode
[  139.126596][ T7818] bond_slave_1: entered promiscuous mode
[  139.922361][ T7848] fuse: Bad value for 'fd'
[  140.523657][ T7850] netlink: 32 bytes leftover after parsing attributes in process `syz.2.435'.
[  140.900635][ T7863] lo speed is unknown, defaulting to 1000
[  140.911458][ T7863] lo speed is unknown, defaulting to 1000
[  140.917418][ T7863] lo speed is unknown, defaulting to 1000
[  142.019274][ T7885] overlayfs: missing 'workdir'
[  142.893922][ T7903] fuse: Bad value for 'fd'
[  143.680225][ T7911] netlink: 24 bytes leftover after parsing attributes in process `syz.1.452'.
[  144.204808][ T3232] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  144.364837][ T3232] usb 6-1: Using ep0 maxpacket: 8
[  144.368066][ T3232] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  144.370584][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  144.374923][ T3232] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  144.379737][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  144.384293][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  144.389459][ T3232] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  144.392672][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  144.397279][ T3232] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  144.401940][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  144.406542][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  144.411556][ T3232] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  144.414645][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  144.419333][ T3232] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  144.424177][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  144.428790][ T3232] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  144.435970][ T3232] usb 6-1: string descriptor 0 read error: -22
[  144.438829][ T3232] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  144.442571][ T3232] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.454588][ T3232] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  144.728550][ T7931] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  144.736693][ T7931] CIFS mount error: No usable UNC path provided in device string!
[  144.736693][ T7931] 
[  144.739842][ T7931] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  144.967377][ T7932] loop2: detected capacity change from 0 to 7
[  144.971857][ T7932] Dev loop2: unable to read RDB block 7
[  144.973979][ T7932]  loop2: unable to read partition table
[  144.977583][ T7932] loop2: partition table beyond EOD, truncated
[  144.979655][ T7932] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  145.137303][ T6017] usb 6-1: USB disconnect, device number 10
[  145.798578][ T7954] af_packet: tpacket_rcv: packet too big, clamped from 18 to 4294967272. macoff=96
[  146.102416][ T7969] lo speed is unknown, defaulting to 1000
[  146.106547][ T7969] lo speed is unknown, defaulting to 1000
[  146.109625][ T7969] lo speed is unknown, defaulting to 1000
[  146.729591][ T7983] lo speed is unknown, defaulting to 1000
[  146.733118][ T7983] lo speed is unknown, defaulting to 1000
[  146.735796][ T7983] lo speed is unknown, defaulting to 1000
[  147.003658][ T7993] tmpfs: Bad value for 'nr_inodes'
[  147.314791][ T3232] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  147.465257][ T3232] usb 8-1: Using ep0 maxpacket: 8
[  147.521613][ T3232] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  147.523989][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  147.527550][ T3232] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  147.531122][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  147.534513][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  147.538776][ T3232] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  147.541161][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  147.544602][ T3232] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  147.548431][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  147.551837][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  147.555745][ T3232] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  147.558045][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  147.561454][ T3232] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  147.565160][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  147.568510][ T3232] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  147.573551][ T3232] usb 8-1: string descriptor 0 read error: -22
[  147.575776][ T3232] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  147.578570][ T3232] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.585803][ T3232] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  148.044381][ T8006] loop2: detected capacity change from 0 to 7
[  148.064856][ T8006] Dev loop2: unable to read RDB block 7
[  148.066678][ T8006]  loop2: unable to read partition table
[  148.068590][ T8006] loop2: partition table beyond EOD, truncated
[  148.070573][ T8006] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  148.147802][ T3232] usb 8-1: USB disconnect, device number 5
[  148.232231][ T8013] FAULT_INJECTION: forcing a failure.
[  148.232231][ T8013] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  148.236400][ T8013] CPU: 1 UID: 0 PID: 8013 Comm: syz.1.477 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  148.236425][ T8013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.236432][ T8013] Call Trace:
[  148.236436][ T8013]  <TASK>
[  148.236441][ T8013]  dump_stack_lvl+0x16c/0x1f0
[  148.236460][ T8013]  should_fail_ex+0x512/0x640
[  148.236475][ T8013]  should_fail_alloc_page+0xe7/0x130
[  148.236487][ T8013]  prepare_alloc_pages+0x3c2/0x610
[  148.236503][ T8013]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  148.236522][ T8013]  ? __lock_acquire+0xaa4/0x1ba0
[  148.236533][ T8013]  ? find_held_lock+0x2b/0x80
[  148.236547][ T8013]  ? psi_task_switch+0x201/0x8e0
[  148.236563][ T8013]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  148.236580][ T8013]  ? lock_acquire+0x179/0x350
[  148.236589][ T8013]  ? find_held_lock+0x2b/0x80
[  148.236604][ T8013]  ? rcu_is_watching+0x12/0xc0
[  148.236617][ T8013]  ? finish_task_switch.isra.0+0x221/0xc10
[  148.236632][ T8013]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.236647][ T8013]  ? finish_task_switch.isra.0+0x221/0xc10
[  148.236661][ T8013]  ? rcu_is_watching+0x12/0xc0
[  148.236673][ T8013]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  148.236686][ T8013]  ? policy_nodemask+0xea/0x4e0
[  148.236697][ T8013]  alloc_pages_mpol+0x1fb/0x550
[  148.236707][ T8013]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  148.236721][ T8013]  alloc_pages_noprof+0x131/0x390
[  148.236731][ T8013]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  148.236745][ T8013]  get_free_pages_noprof+0xc/0x40
[  148.236756][ T8013]  kasan_populate_vmalloc_pte+0x2d/0x160
[  148.236771][ T8013]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  148.236785][ T8013]  __apply_to_page_range+0x617/0xd60
[  148.236801][ T8013]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  148.236817][ T8013]  ? __pfx___apply_to_page_range+0x10/0x10
[  148.236831][ T8013]  ? alloc_vmap_area+0x872/0x2970
[  148.236845][ T8013]  alloc_vmap_area+0x919/0x2970
[  148.236863][ T8013]  ? __pfx_alloc_vmap_area+0x10/0x10
[  148.236878][ T8013]  __get_vm_area_node+0x1a7/0x300
[  148.236893][ T8013]  __vmalloc_node_range_noprof+0x277/0x1540
[  148.236908][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.236920][ T8013]  ? __ia32_sys_bpf+0x76/0xe0
[  148.236932][ T8013]  ? __do_fast_syscall_32+0x73/0x120
[  148.236947][ T8013]  ? do_fast_syscall_32+0x32/0x80
[  148.236966][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.236982][ T8013]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  148.237001][ T8013]  __kvmalloc_node_noprof+0x2ff/0x600
[  148.237017][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.237030][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.237052][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.237063][ T8013]  bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.237076][ T8013]  ? find_held_lock+0x2b/0x80
[  148.237089][ T8013]  ? __fget_files+0x204/0x3c0
[  148.237106][ T8013]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  148.237118][ T8013]  ? __fget_files+0x20e/0x3c0
[  148.237136][ T8013]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  148.237150][ T8013]  __sys_bpf+0x3fb6/0x4d80
[  148.237161][ T8013]  ? rcu_is_watching+0x12/0xc0
[  148.237175][ T8013]  ? __pfx___sys_bpf+0x10/0x10
[  148.237185][ T8013]  ? __schedule+0x1186/0x5de0
[  148.237199][ T8013]  ? __pfx___schedule+0x10/0x10
[  148.237211][ T8013]  ? ksys_write+0x190/0x240
[  148.237242][ T8013]  __ia32_sys_bpf+0x76/0xe0
[  148.237255][ T8013]  __do_fast_syscall_32+0x73/0x120
[  148.237272][ T8013]  do_fast_syscall_32+0x32/0x80
[  148.237288][ T8013]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.237301][ T8013] RIP: 0023:0xf7ff1579
[  148.237310][ T8013] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  148.237320][ T8013] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  148.237330][ T8013] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000800005c0
[  148.237336][ T8013] RDX: 000000000000003c RSI: 0000000000000000 RDI: 0000000000000000
[  148.237342][ T8013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.237348][ T8013] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  148.237354][ T8013] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.237367][ T8013]  </TASK>
[  148.237682][ T8013] warn_alloc: 2 callbacks suppressed
[  148.237730][ T8013] syz.1.477: vmalloc error: size 6280512, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  148.374250][ T8013] CPU: 1 UID: 0 PID: 8013 Comm: syz.1.477 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  148.374276][ T8013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.374283][ T8013] Call Trace:
[  148.374287][ T8013]  <TASK>
[  148.374292][ T8013]  dump_stack_lvl+0x16c/0x1f0
[  148.374312][ T8013]  warn_alloc+0x248/0x3a0
[  148.374329][ T8013]  ? __pfx_warn_alloc+0x10/0x10
[  148.374346][ T8013]  ? kfree+0x2b6/0x4d0
[  148.374363][ T8013]  ? __get_vm_area_node+0x1e5/0x300
[  148.374379][ T8013]  __vmalloc_node_range_noprof+0xd31/0x1540
[  148.374392][ T8013]  ? __ia32_sys_bpf+0x76/0xe0
[  148.374405][ T8013]  ? __do_fast_syscall_32+0x73/0x120
[  148.374421][ T8013]  ? do_fast_syscall_32+0x32/0x80
[  148.374440][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.374456][ T8013]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  148.374476][ T8013]  __kvmalloc_node_noprof+0x2ff/0x600
[  148.374492][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.374504][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.374519][ T8013]  ? bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.374531][ T8013]  bpf_uprobe_multi_link_attach+0x491/0x1070
[  148.374544][ T8013]  ? find_held_lock+0x2b/0x80
[  148.374557][ T8013]  ? __fget_files+0x204/0x3c0
[  148.374575][ T8013]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  148.374587][ T8013]  ? __fget_files+0x20e/0x3c0
[  148.374604][ T8013]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  148.374619][ T8013]  __sys_bpf+0x3fb6/0x4d80
[  148.374630][ T8013]  ? rcu_is_watching+0x12/0xc0
[  148.374645][ T8013]  ? __pfx___sys_bpf+0x10/0x10
[  148.374655][ T8013]  ? __schedule+0x1186/0x5de0
[  148.374668][ T8013]  ? __pfx___schedule+0x10/0x10
[  148.374691][ T8013]  ? ksys_write+0x190/0x240
[  148.374724][ T8013]  __ia32_sys_bpf+0x76/0xe0
[  148.374737][ T8013]  __do_fast_syscall_32+0x73/0x120
[  148.374754][ T8013]  do_fast_syscall_32+0x32/0x80
[  148.374770][ T8013]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.374783][ T8013] RIP: 0023:0xf7ff1579
[  148.374792][ T8013] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  148.374803][ T8013] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  148.374812][ T8013] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000800005c0
[  148.374819][ T8013] RDX: 000000000000003c RSI: 0000000000000000 RDI: 0000000000000000
[  148.374825][ T8013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.374831][ T8013] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  148.374836][ T8013] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.374849][ T8013]  </TASK>
[  148.456978][    C1] vkms_vblank_simulate: vblank timer overrun
[  148.459302][ T8013] Mem-Info:
[  148.460556][ T8013] active_anon:15332 inactive_anon:0 isolated_anon:0
[  148.460556][ T8013]  active_file:4545 inactive_file:48481 isolated_file:0
[  148.460556][ T8013]  unevictable:1770 dirty:331 writeback:0
[  148.460556][ T8013]  slab_reclaimable:5755 slab_unreclaimable:59315
[  148.460556][ T8013]  mapped:31348 shmem:11087 pagetables:985
[  148.460556][ T8013]  sec_pagetables:298 bounce:0
[  148.460556][ T8013]  kernel_misc_reclaimable:0
[  148.460556][ T8013]  free:36570 free_pcp:1936 free_cma:0
[  148.474927][ T8013] Node 0 active_anon:3736kB inactive_anon:0kB active_file:0kB inactive_file:18616kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7424kB dirty:8kB writeback:0kB shmem:4240kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9136kB pagetables:1060kB sec_pagetables:1124kB all_unreclaimable? yes Balloon:0kB
[  148.485484][ T8013] Node 1 active_anon:57592kB inactive_anon:0kB active_file:18180kB inactive_file:175308kB unevictable:3544kB isolated(anon):0kB isolated(file):0kB mapped:117968kB dirty:1316kB writeback:0kB shmem:40108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3792kB pagetables:2880kB sec_pagetables:68kB all_unreclaimable? no Balloon:0kB
[  148.497074][ T8013] Node 0 DMA free:2816kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:76kB free_cma:0kB
[  148.506078][ T8013] lowmem_reserve[]: 0 290 290 290 290
[  148.507848][ T8013] Node 0 DMA32 free:27828kB boost:10240kB min:23576kB low:26908kB high:30240kB reserved_highatomic:4096KB active_anon:3736kB inactive_anon:0kB active_file:0kB inactive_file:18616kB unevictable:3536kB writepending:8kB present:1032196kB managed:297472kB mlocked:0kB bounce:0kB free_pcp:1492kB local_pcp:208kB free_cma:0kB
[  148.525373][ T8013] lowmem_reserve[]: 0 0 0 0 0
[  148.527481][ T8013] Node 1 DMA32 free:116160kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:57592kB inactive_anon:0kB active_file:18180kB inactive_file:175308kB unevictable:3544kB writepending:1316kB present:1048432kB managed:948284kB mlocked:8kB bounce:0kB free_pcp:5244kB local_pcp:4236kB free_cma:0kB
[  148.538175][ T8013] lowmem_reserve[]: 0 0 0 0 0
[  148.540086][ T8013] Node 0 DMA: 44*4kB (UM) 18*8kB (U) 12*16kB (U) 14*32kB (UM) 3*64kB (UM) 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2816kB
[  148.545527][ T8013] Node 0 DMA32: 675*4kB (UEH) 249*8kB (UEH) 56*16kB (UEH) 79*32kB (UMEH) 74*64kB (UMEH) 39*128kB (UMEH) 17*256kB (UME) 9*512kB (UME) 1*1024kB (E) 0*2048kB 0*4096kB = 27828kB
[  148.551182][ T8013] Node 1 DMA32: 145*4kB (ME) 735*8kB (UME) 366*16kB (UME) 281*32kB (UME) 195*64kB (UME) 58*128kB (UME) 34*256kB (UME) 25*512kB (UME) 12*1024kB (UM) 4*2048kB (UM) 8*4096kB (M) = 115964kB
[  148.556913][ T8013] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  148.559865][ T8013] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  148.562650][ T8013] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  148.565548][ T8013] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  148.568356][ T8013] 64115 total pagecache pages
[  148.569943][ T8013] 0 pages in swap cache
[  148.571503][ T8013] Free swap  = 124996kB
[  148.573241][ T8013] Total swap = 124996kB
[  148.575129][ T8013] 524155 pages RAM
[  148.576750][ T8013] 0 pages HighMem/MovableOnly
[  148.578351][ T8013] 208876 pages reserved
[  148.579884][ T8013] 0 pages cma reserved
[  149.390433][ T8033] overlayfs: missing 'lowerdir'
[  150.015268][ T8035] overlayfs: missing 'workdir'
[  150.024792][ T8039] lo speed is unknown, defaulting to 1000
[  150.028053][ T8039] lo speed is unknown, defaulting to 1000
[  150.034448][ T8039] lo speed is unknown, defaulting to 1000
[  150.254945][   T57] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  150.294617][ T8048] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  150.297532][ T8048] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  150.306252][ T8048] vhci_hcd vhci_hcd.0: Device attached
[  150.308892][ T8049] vhci_hcd: connection closed
[  150.310288][ T1136] vhci_hcd: stop threads
[  150.313472][ T1136] vhci_hcd: release socket
[  150.315201][ T1136] vhci_hcd: disconnect device
[  150.425180][   T57] usb 7-1: Using ep0 maxpacket: 16
[  150.427575][   T57] usb 7-1: too many configurations: 123, using maximum allowed: 8
[  150.430828][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.434792][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.438598][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.442524][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.446592][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.450491][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.454370][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.458300][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.462142][   T57] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  150.465016][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  150.467481][   T57] usb 7-1: SerialNumber: syz
[  150.470958][   T57] usb 7-1: config 0 descriptor??
[  150.475394][   T57] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input5
[  150.691866][ T5348] bcm5974 7-1:0.0: could not read from device
[  150.701906][ T5348] bcm5974 7-1:0.0: could not read from device
[  150.705509][ T5348] bcm5974 7-1:0.0: could not read from device
[  150.705639][   T57] usb 7-1: USB disconnect, device number 9
[  151.068118][ T8056] fuse: Invalid rootmode
[  151.241039][ T8062] overlayfs: missing 'lowerdir'
[  151.317482][ T8065] ref_ctr_offset mismatch. inode: 0x30a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa
[  151.424867][ T8069] FAULT_INJECTION: forcing a failure.
[  151.424867][ T8069] name failslab, interval 1, probability 0, space 0, times 0
[  151.429915][ T8069] CPU: 1 UID: 0 PID: 8069 Comm: syz.1.496 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  151.429934][ T8069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.429943][ T8069] Call Trace:
[  151.429948][ T8069]  <TASK>
[  151.429954][ T8069]  dump_stack_lvl+0x16c/0x1f0
[  151.429983][ T8069]  should_fail_ex+0x512/0x640
[  151.429998][ T8069]  ? __kmalloc_noprof+0xbf/0x510
[  151.430020][ T8069]  ? offload_action_alloc+0x29/0xf0
[  151.430035][ T8069]  should_failslab+0xc2/0x120
[  151.430049][ T8069]  __kmalloc_noprof+0xd2/0x510
[  151.430074][ T8069]  offload_action_alloc+0x29/0xf0
[  151.430091][ T8069]  tcf_action_offload_add_ex+0x1b5/0x670
[  151.430108][ T8069]  ? __pfx_tcf_action_offload_add_ex+0x10/0x10
[  151.430143][ T8069]  ? tcf_action_fill_size+0x110/0x340
[  151.430162][ T8069]  tcf_action_init+0x661/0x9c0
[  151.430183][ T8069]  ? __pfx_tcf_action_init+0x10/0x10
[  151.430196][ T8069]  ? lock_acquire+0x179/0x350
[  151.430226][ T8069]  ? kernel_text_address+0x8d/0x100
[  151.430245][ T8069]  ? __kernel_text_address+0xd/0x40
[  151.430263][ T8069]  ? unwind_get_return_address+0x59/0xa0
[  151.430304][ T8069]  ? kasan_save_stack+0x42/0x60
[  151.430325][ T8069]  ? kasan_save_stack+0x33/0x60
[  151.430344][ T8069]  ? kasan_save_track+0x14/0x30
[  151.430363][ T8069]  ? kasan_save_free_info+0x3b/0x60
[  151.430381][ T8069]  ? __kasan_slab_free+0x51/0x70
[  151.430408][ T8069]  tcf_action_add+0xee/0x5c0
[  151.430431][ T8069]  ? __pfx_tcf_action_add+0x10/0x10
[  151.430486][ T8069]  ? __nla_parse+0x40/0x60
[  151.430511][ T8069]  tc_ctl_action+0x35b/0x470
[  151.430527][ T8069]  ? __pfx_tc_ctl_action+0x10/0x10
[  151.430553][ T8069]  ? __pfx_tc_ctl_action+0x10/0x10
[  151.430572][ T8069]  rtnetlink_rcv_msg+0x3c6/0xe90
[  151.430598][ T8069]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  151.430632][ T8069]  netlink_rcv_skb+0x16a/0x440
[  151.430657][ T8069]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  151.430678][ T8069]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  151.430713][ T8069]  ? netlink_deliver_tap+0x1ae/0xd30
[  151.430740][ T8069]  netlink_unicast+0x53a/0x7f0
[  151.430784][ T8069]  ? __pfx_netlink_unicast+0x10/0x10
[  151.430816][ T8069]  netlink_sendmsg+0x8d1/0xdd0
[  151.430844][ T8069]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.430870][ T8069]  ? __import_iovec+0x1c8/0x660
[  151.430895][ T8069]  ____sys_sendmsg+0xa95/0xc70
[  151.430914][ T8069]  ? __pfx_____sys_sendmsg+0x10/0x10
[  151.430928][ T8069]  ? get_compat_msghdr+0x11a/0x170
[  151.430960][ T8069]  ___sys_sendmsg+0x134/0x1d0
[  151.430990][ T8069]  ? __pfx____sys_sendmsg+0x10/0x10
[  151.431043][ T8069]  __sys_sendmsg+0x16d/0x220
[  151.431065][ T8069]  ? __pfx___sys_sendmsg+0x10/0x10
[  151.431097][ T8069]  ? rcu_is_watching+0x12/0xc0
[  151.431120][ T8069]  __do_fast_syscall_32+0x73/0x120
[  151.431147][ T8069]  do_fast_syscall_32+0x32/0x80
[  151.431171][ T8069]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  151.431192][ T8069] RIP: 0023:0xf7ff1579
[  151.431206][ T8069] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  151.431222][ T8069] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  151.431238][ T8069] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  151.431249][ T8069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  151.431259][ T8069] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  151.431269][ T8069] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  151.431279][ T8069] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  151.431302][ T8069]  </TASK>
[  151.796797][ T8077] overlayfs: missing 'lowerdir'
[  152.836833][ T8102] netlink: 8 bytes leftover after parsing attributes in process `syz.3.507'.
[  152.839571][ T8102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.507'.
[  152.844360][ T8103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.507'.
[  152.847524][ T8103] netlink: 4 bytes leftover after parsing attributes in process `syz.3.507'.
[  153.064047][ T8107] fuse: Invalid rootmode
[  153.336779][ T8109] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  153.339926][ T8109] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  153.704337][ T8119] overlayfs: missing 'lowerdir'
[  155.126924][ T8155] fuse: Bad value for 'rootmode'
[  155.296851][ T8158] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  155.299793][ T8158] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  156.106676][ T8177] overlayfs: missing 'lowerdir'
[  156.870134][ T8189] devtmpfs: Bad value for 'mpol'
[  156.890154][ T8189] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  157.125599][ T8195] fuse: Unknown parameter ''
[  157.129632][ T8195] 9pnet: Unknown protocol version @p2000.uš‹ú¿ê~<¡¼ÙÆ•¢¡*Ï6
[  157.539653][ T8201] fuse: Bad value for 'rootmode'
[  157.712837][ T8205] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  157.716601][ T8205] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  159.110287][ T8240] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  159.229501][ T8244] devtmpfs: Bad value for 'mpol'
[  159.279113][ T8244] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  159.500864][ T8248] 9pnet_virtio: no channels available for device syz
[  159.776120][ T8254] fuse: Bad value for 'rootmode'
[  160.714821][ T3232] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  160.874807][ T3232] usb 7-1: Using ep0 maxpacket: 8
[  160.885765][ T3232] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  160.889759][ T3232] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  160.894863][ T3232] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.903738][ T3232] usb 7-1: config 0 descriptor??
[  161.140617][ T3232] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  161.148893][ T3232] usb 7-1: USB disconnect, device number 10
[  163.341542][ T5304] block nbd1: Receive control failed (result -104)
[  163.356854][ T7019] block nbd1: shutting down sockets
[  163.744312][ T6015] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  163.909746][ T6015] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  163.921676][ T6015] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  163.942090][ T6015] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  164.065104][ T6015] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  164.073082][ T6015] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  164.077467][ T6015] usb 8-1: config 0 interface 0 has no altsetting 0
[  164.081406][ T6015] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  164.084446][ T6015] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  164.088032][ T6015] usb 8-1: Product: syz
[  164.089512][ T6015] usb 8-1: Manufacturer: syz
[  164.091176][ T6015] usb 8-1: SerialNumber: syz
[  164.094538][ T6015] usb 8-1: config 0 descriptor??
[  164.096818][ T8332] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  164.101619][ T6015] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  164.107826][ T6015] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  164.484967][ T3232] usb 8-1: USB disconnect, device number 6
[  164.488899][ T3232] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  164.554818][ T1016] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  164.707999][ T1016] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  164.712510][ T1016] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.717159][ T1016] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.720526][ T1016] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  164.728529][ T1016] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  164.732355][ T1016] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  164.736197][ T1016] usb 6-1: Manufacturer: syz
[  164.739592][ T1016] usb 6-1: config 0 descriptor??
[  164.946120][ T8348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.949243][ T8348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.156654][ T1016] appleir 0003:05AC:8243.0003: unknown main item tag 0x0
[  165.159240][ T1016] appleir 0003:05AC:8243.0003: No inputs registered, leaving
[  165.165001][ T1016] appleir 0003:05AC:8243.0003: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  165.691771][ T6014] usb 6-1: USB disconnect, device number 11
[  166.635601][ T8378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.587'.
[  166.691008][ T8379] ip6t_rpfilter: unknown options
[  166.984978][ T6014] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  167.136078][ T6014] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  167.138682][ T6014] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  167.142019][ T6014] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  167.145491][ T6014] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  167.148834][ T6014] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  167.152904][ T6014] usb 9-1: config 0 interface 0 has no altsetting 0
[  167.206566][ T6014] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  167.209378][ T6014] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  167.211965][ T6014] usb 9-1: Product: syz
[  167.213265][ T6014] usb 9-1: Manufacturer: syz
[  167.214771][ T6014] usb 9-1: SerialNumber: syz
[  167.217351][ T6014] usb 9-1: config 0 descriptor??
[  167.219411][ T8383] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  167.223166][ T6014] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  167.234912][ T6014] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  167.599063][ T6016] usb 9-1: USB disconnect, device number 4
[  167.602282][ T6016] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  168.062564][ T8401] netlink: 4 bytes leftover after parsing attributes in process `syz.2.593'.
[  168.066191][ T8401] netlink: 4 bytes leftover after parsing attributes in process `syz.2.593'.
[  168.522678][ T5304] block nbd2: Receive control failed (result -104)
[  168.528663][ T8416] block nbd2: shutting down sockets
[  168.638185][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.600'.
[  171.446865][   T40] audit: type=1326 audit(1744916152.907:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8490 comm="syz.2.617" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f56579 code=0x0
[  171.854826][ T6017] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  172.010022][ T6017] usb 6-1: config 0 has no interfaces?
[  172.012667][ T6017] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  172.016782][ T6017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.024547][ T6017] usb 6-1: config 0 descriptor??
[  172.238215][ T6017] usb 6-1: USB disconnect, device number 12
[  174.484793][ T6014] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  174.555980][ T8548] netlink: 48 bytes leftover after parsing attributes in process `syz.4.632'.
[  174.604777][ T8548] wireguard0: entered promiscuous mode
[  174.606774][ T8548] wireguard0: entered allmulticast mode
[  174.637261][ T6014] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  174.639897][ T6014] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  174.643380][ T6014] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  174.647119][ T6014] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  174.650603][ T6014] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  174.674770][ T6014] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.681136][ T6014] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  174.684088][ T6014] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  174.691684][ T6014] usb 8-1: Product: syz
[  174.694771][ T6014] usb 8-1: Manufacturer: syz
[  174.704763][ T6014] usb 8-1: SerialNumber: syz
[  174.713585][ T6014] usb 8-1: config 0 descriptor??
[  174.721666][ T8539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  174.725557][ T6014] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  174.736648][ T6014] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  175.064952][   T57] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  175.098871][ T6014] usb 8-1: USB disconnect, device number 7
[  175.102498][ T6014] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  175.216374][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.220844][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.225429][   T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  175.230735][   T57] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  175.234470][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.243784][   T57] usb 6-1: config 0 descriptor??
[  175.668048][ T8555] netlink: 'syz.1.636': attribute type 12 has an invalid length.
[  175.676777][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.680647][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.682945][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.686706][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.689012][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.691360][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.693654][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.696591][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.699651][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.702798][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.706077][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.709140][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.715320][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.717752][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.720053][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  175.722666][   T57] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  175.727951][   T57] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  176.011105][ T6014] usb 6-1: USB disconnect, device number 13
[  176.069094][   T40] audit: type=1326 audit(1744916157.527:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.084036][   T40] audit: type=1326 audit(1744916157.527:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.094838][   T40] audit: type=1326 audit(1744916157.527:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.102082][   T40] audit: type=1326 audit(1744916157.527:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.111358][   T40] audit: type=1326 audit(1744916157.527:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.119287][   T40] audit: type=1326 audit(1744916157.527:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.126267][   T40] audit: type=1326 audit(1744916157.527:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.133141][   T40] audit: type=1326 audit(1744916157.527:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.139952][   T40] audit: type=1326 audit(1744916157.527:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.2.631" exe="/syz-executor" sig=0 arch=40000003 syscall=444 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  176.536281][ T8574] fuse: Unknown parameter 'user_i00000000000000000000'
[  177.332982][ T8586] lo speed is unknown, defaulting to 1000
[  177.339312][ T8586] lo speed is unknown, defaulting to 1000
[  177.344629][ T8586] lo speed is unknown, defaulting to 1000
[  178.711323][ T1016] IPVS: starting estimator thread 0...
[  178.805246][ T8620] IPVS: using max 43 ests per chain, 103200 per kthread
[  179.941033][ T8650] team0 (unregistering): Port device team_slave_0 removed
[  179.947713][ T8650] team0 (unregistering): Port device team_slave_1 removed
[  180.848113][ T5995] IPVS: starting estimator thread 0...
[  180.945083][ T8674] IPVS: using max 43 ests per chain, 103200 per kthread
[  182.081424][ T8701] FAULT_INJECTION: forcing a failure.
[  182.081424][ T8701] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  182.088341][ T8701] CPU: 3 UID: 0 PID: 8701 Comm: syz.2.674 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  182.088365][ T8701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.088377][ T8701] Call Trace:
[  182.088383][ T8701]  <TASK>
[  182.088389][ T8701]  dump_stack_lvl+0x16c/0x1f0
[  182.088419][ T8701]  should_fail_ex+0x512/0x640
[  182.088444][ T8701]  should_fail_alloc_page+0xe7/0x130
[  182.088463][ T8701]  prepare_alloc_pages+0x3c2/0x610
[  182.088488][ T8701]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  182.088519][ T8701]  ? do_user_addr_fault+0x843/0x1370
[  182.088547][ T8701]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  182.088572][ T8701]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.088606][ T8701]  ? _copy_from_iter+0x38c/0x15b0
[  182.088627][ T8701]  ? _copy_from_iter+0x161/0x15b0
[  182.088648][ T8701]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  182.088668][ T8701]  ? policy_nodemask+0xea/0x4e0
[  182.088687][ T8701]  alloc_pages_mpol+0x1fb/0x550
[  182.088704][ T8701]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  182.088728][ T8701]  alloc_pages_noprof+0x131/0x390
[  182.088746][ T8701]  anon_pipe_write+0xbc2/0x1a70
[  182.088782][ T8701]  ? __pfx_anon_pipe_write+0x10/0x10
[  182.088809][ T8701]  ? apparmor_file_permission+0x251/0x400
[  182.088830][ T8701]  ? bpf_lsm_file_permission+0x9/0x10
[  182.088851][ T8701]  ? security_file_permission+0x71/0x210
[  182.088874][ T8701]  ? rw_verify_area+0xcf/0x680
[  182.088898][ T8701]  vfs_write+0x5ba/0x1180
[  182.088921][ T8701]  ? __pfx_anon_pipe_write+0x10/0x10
[  182.088954][ T8701]  ? __pfx_vfs_write+0x10/0x10
[  182.088974][ T8701]  ? find_held_lock+0x2b/0x80
[  182.089012][ T8701]  ksys_write+0x205/0x240
[  182.089036][ T8701]  ? __pfx_ksys_write+0x10/0x10
[  182.089061][ T8701]  ? rcu_is_watching+0x12/0xc0
[  182.089086][ T8701]  __do_fast_syscall_32+0x73/0x120
[  182.089114][ T8701]  do_fast_syscall_32+0x32/0x80
[  182.089139][ T8701]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.089159][ T8701] RIP: 0023:0xf7f56579
[  182.089174][ T8701] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.089189][ T8701] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  182.089206][ T8701] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000340
[  182.089218][ T8701] RDX: 0000000000011000 RSI: 0000000000000000 RDI: 0000000000000000
[  182.089228][ T8701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.089238][ T8701] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  182.089247][ T8701] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.089271][ T8701]  </TASK>
[  182.197577][    C3] vkms_vblank_simulate: vblank timer overrun
[  184.121691][ T8744] syz.4.687 (8744): drop_caches: 2
[  184.400395][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  184.400411][   T40] audit: type=1326 audit(1744916165.857:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.2.690" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x0
[  184.455874][ T8761] dlm: no local IP address has been set
[  184.457705][ T8761] dlm: cannot start dlm midcomms -107
[  185.551527][ T8783] fuse: Bad value for 'group_id'
[  185.553143][ T8783] fuse: Bad value for 'group_id'
[  185.846086][ T8785] lo speed is unknown, defaulting to 1000
[  185.851131][ T8785] lo speed is unknown, defaulting to 1000
[  185.856008][ T8785] lo speed is unknown, defaulting to 1000
[  186.501390][ T8796] input: syz0 as /devices/virtual/input/input6
[  187.110316][ T8816] FAULT_INJECTION: forcing a failure.
[  187.110316][ T8816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.114281][ T8816] CPU: 1 UID: 0 PID: 8816 Comm: syz.4.702 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  187.114296][ T8816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.114303][ T8816] Call Trace:
[  187.114307][ T8816]  <TASK>
[  187.114311][ T8816]  dump_stack_lvl+0x16c/0x1f0
[  187.114330][ T8816]  should_fail_ex+0x512/0x640
[  187.114345][ T8816]  _copy_from_user+0x2e/0xd0
[  187.114358][ T8816]  get_compat_msghdr+0xa7/0x170
[  187.114373][ T8816]  ? __pfx_get_compat_msghdr+0x10/0x10
[  187.114387][ T8816]  ? __lock_acquire+0x5ca/0x1ba0
[  187.114400][ T8816]  ___sys_recvmsg+0x191/0x1a0
[  187.114415][ T8816]  ? __pfx____sys_recvmsg+0x10/0x10
[  187.114436][ T8816]  ? get_pid_task+0xe0/0x250
[  187.114446][ T8816]  ? __pfx___might_resched+0x10/0x10
[  187.114464][ T8816]  do_recvmmsg+0x568/0x740
[  187.114479][ T8816]  ? __pfx_do_recvmmsg+0x10/0x10
[  187.114501][ T8816]  ? __fget_files+0x20e/0x3c0
[  187.114519][ T8816]  __sys_recvmmsg+0x21c/0x280
[  187.114533][ T8816]  ? __pfx___sys_recvmmsg+0x10/0x10
[  187.114548][ T8816]  ? __pfx_ksys_write+0x10/0x10
[  187.114565][ T8816]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  187.114580][ T8816]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.114594][ T8816]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  187.114610][ T8816]  __do_fast_syscall_32+0x73/0x120
[  187.114630][ T8816]  do_fast_syscall_32+0x32/0x80
[  187.114646][ T8816]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.114660][ T8816] RIP: 0023:0xf7f48579
[  187.114668][ T8816] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.114689][ T8816] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  187.114701][ T8816] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800021c0
[  187.114708][ T8816] RDX: 000000000000005b RSI: 0000000000000002 RDI: 0000000000000000
[  187.114714][ T8816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  187.114720][ T8816] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.114726][ T8816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.114739][ T8816]  </TASK>
[  187.336073][   T63] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  187.489770][   T63] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  187.493185][   T63] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  187.498240][   T63] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  187.502821][   T63] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  187.507458][   T63] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  187.512750][   T63] usb 8-1: config 0 interface 0 has no altsetting 0
[  187.517714][   T63] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  187.521472][   T63] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  187.524438][   T63] usb 8-1: Product: syz
[  187.525808][   T63] usb 8-1: Manufacturer: syz
[  187.527787][   T63] usb 8-1: SerialNumber: syz
[  187.531741][   T63] usb 8-1: config 0 descriptor??
[  187.534435][ T8814] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  187.539256][   T63] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  187.544230][   T63] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  187.897758][ T8827] fuse: Bad value for 'group_id'
[  187.899661][ T8827] fuse: Bad value for 'group_id'
[  187.925471][   T63] usb 8-1: USB disconnect, device number 8
[  187.928991][   T63] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  188.054970][ T6014] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  188.216083][ T6014] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  188.218158][ T8830] lo speed is unknown, defaulting to 1000
[  188.218591][ T6014] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  188.223056][ T8830] lo speed is unknown, defaulting to 1000
[  188.224143][ T6014] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  188.232175][ T8830] lo speed is unknown, defaulting to 1000
[  188.368224][ T6014] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  188.372079][ T6014] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  188.376294][ T6014] usb 6-1: config 0 interface 0 has no altsetting 0
[  188.380422][ T6014] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  188.384038][ T6014] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  188.387781][ T6014] usb 6-1: Product: syz
[  188.389439][ T6014] usb 6-1: Manufacturer: syz
[  188.391329][ T6014] usb 6-1: SerialNumber: syz
[  188.395089][ T6014] usb 6-1: config 0 descriptor??
[  188.397134][ T8822] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  188.402131][ T6014] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  188.406962][ T6014] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  188.770601][ T1016] usb 6-1: USB disconnect, device number 14
[  188.776098][ T1016] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  189.082774][ T8850] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  189.108536][ T8852] netlink: 56 bytes leftover after parsing attributes in process `syz.2.717'.
[  190.167033][ T8881] netlink: 256 bytes leftover after parsing attributes in process `syz.2.724'.
[  190.170169][ T8881] FAULT_INJECTION: forcing a failure.
[  190.170169][ T8881] name failslab, interval 1, probability 0, space 0, times 0
[  190.174149][ T8881] CPU: 2 UID: 0 PID: 8881 Comm: syz.2.724 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  190.174164][ T8881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.174171][ T8881] Call Trace:
[  190.174175][ T8881]  <TASK>
[  190.174179][ T8881]  dump_stack_lvl+0x16c/0x1f0
[  190.174199][ T8881]  should_fail_ex+0x512/0x640
[  190.174211][ T8881]  ? __kmalloc_noprof+0xbf/0x510
[  190.174229][ T8881]  ? __alloc_workqueue+0xd5c/0x1810
[  190.174245][ T8881]  should_failslab+0xc2/0x120
[  190.174260][ T8881]  __kmalloc_noprof+0xd2/0x510
[  190.174275][ T8881]  ? __asan_memcpy+0x3c/0x60
[  190.174297][ T8881]  __alloc_workqueue+0xd5c/0x1810
[  190.174313][ T8881]  ? hwsim_add_one+0x4f7/0x1380
[  190.174329][ T8881]  ? genl_family_rcv_msg_doit+0x206/0x2f0
[  190.174340][ T8881]  ? genl_rcv_msg+0x55c/0x800
[  190.174348][ T8881]  ? netlink_rcv_skb+0x16a/0x440
[  190.174363][ T8881]  ? genl_rcv+0x28/0x40
[  190.174394][ T8881]  ? netlink_unicast+0x53a/0x7f0
[  190.174409][ T8881]  ? netlink_sendmsg+0x8d1/0xdd0
[  190.174423][ T8881]  ? ____sys_sendmsg+0xa95/0xc70
[  190.174433][ T8881]  ? ___sys_sendmsg+0x134/0x1d0
[  190.174445][ T8881]  ? __sys_sendmsg+0x16d/0x220
[  190.174460][ T8881]  alloc_workqueue+0xd2/0x200
[  190.174477][ T8881]  ? __pfx_alloc_workqueue+0x10/0x10
[  190.174501][ T8881]  ieee802154_register_hw+0x10b/0xa60
[  190.174520][ T8881]  ? __pfx_ieee802154_register_hw+0x10/0x10
[  190.174543][ T8881]  hwsim_add_one+0x6ab/0x1380
[  190.174573][ T8881]  ? __pfx_hwsim_add_one+0x10/0x10
[  190.174591][ T8881]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  190.174602][ T8881]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  190.174616][ T8881]  genl_family_rcv_msg_doit+0x206/0x2f0
[  190.174628][ T8881]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  190.174638][ T8881]  ? trace_cap_capable+0x18d/0x200
[  190.174653][ T8881]  ? bpf_lsm_capable+0x9/0x10
[  190.174668][ T8881]  ? security_capable+0x7e/0x260
[  190.174679][ T8881]  ? ns_capable+0xd7/0x110
[  190.174694][ T8881]  genl_rcv_msg+0x55c/0x800
[  190.174706][ T8881]  ? __pfx_genl_rcv_msg+0x10/0x10
[  190.174716][ T8881]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  190.174734][ T8881]  ? __lock_acquire+0xaa4/0x1ba0
[  190.174747][ T8881]  netlink_rcv_skb+0x16a/0x440
[  190.174762][ T8881]  ? __pfx_genl_rcv_msg+0x10/0x10
[  190.174773][ T8881]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  190.174796][ T8881]  ? __pfx_down_read+0x10/0x10
[  190.174806][ T8881]  ? netlink_deliver_tap+0x1ae/0xd30
[  190.174823][ T8881]  genl_rcv+0x28/0x40
[  190.174839][ T8881]  netlink_unicast+0x53a/0x7f0
[  190.174856][ T8881]  ? __pfx_netlink_unicast+0x10/0x10
[  190.174876][ T8881]  netlink_sendmsg+0x8d1/0xdd0
[  190.174894][ T8881]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.174910][ T8881]  ? __import_iovec+0x1c8/0x660
[  190.174933][ T8881]  ____sys_sendmsg+0xa95/0xc70
[  190.174945][ T8881]  ? __pfx_____sys_sendmsg+0x10/0x10
[  190.174954][ T8881]  ? get_compat_msghdr+0x11a/0x170
[  190.174974][ T8881]  ___sys_sendmsg+0x134/0x1d0
[  190.174988][ T8881]  ? __pfx____sys_sendmsg+0x10/0x10
[  190.175020][ T8881]  __sys_sendmsg+0x16d/0x220
[  190.175034][ T8881]  ? __pfx___sys_sendmsg+0x10/0x10
[  190.175054][ T8881]  ? rcu_is_watching+0x12/0xc0
[  190.175069][ T8881]  __do_fast_syscall_32+0x73/0x120
[  190.175087][ T8881]  do_fast_syscall_32+0x32/0x80
[  190.175103][ T8881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.175117][ T8881] RIP: 0023:0xf7f56579
[  190.175125][ T8881] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.175136][ T8881] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  190.175146][ T8881] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  190.175153][ T8881] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  190.175159][ T8881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.175164][ T8881] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.175170][ T8881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.175183][ T8881]  </TASK>
[  190.804807][   T29] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  190.928190][ T8895] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  191.057030][   T29] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  191.060002][   T29] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  191.063686][   T29] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  191.067519][   T29] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  191.071210][   T29] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  191.075458][   T29] usb 9-1: config 0 interface 0 has no altsetting 0
[  191.080066][   T29] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  191.083775][   T29] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  191.087530][   T29] usb 9-1: Product: syz
[  191.089208][   T29] usb 9-1: Manufacturer: syz
[  191.091068][   T29] usb 9-1: SerialNumber: syz
[  191.096183][   T29] usb 9-1: config 0 descriptor??
[  191.098533][ T8888] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  191.101923][   T29] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  191.108031][   T29] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  191.735792][ T1016] usb 9-1: USB disconnect, device number 5
[  191.738641][ T1016] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  191.837424][ T8902] loop9: detected capacity change from 0 to 7
[  191.844282][ T8902]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  191.846506][ T8902] loop9: partition table partially beyond EOD, truncated
[  191.849343][ T8902] loop9: p1 size 2437361653 extends beyond EOD, truncated
[  191.865322][ T8905] vlan2: entered allmulticast mode
[  191.866912][ T8905] bond0: entered allmulticast mode
[  191.868498][ T8905] bond_slave_0: entered allmulticast mode
[  191.870240][ T8905] bond_slave_1: entered allmulticast mode
[  192.167856][ T8877] lo speed is unknown, defaulting to 1000
[  192.180467][ T8877] lo speed is unknown, defaulting to 1000
[  192.183383][ T8877] lo speed is unknown, defaulting to 1000
[  193.808306][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  193.810628][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  193.987703][ T8960] wireguard0: entered promiscuous mode
[  193.989506][ T8960] wireguard0: entered allmulticast mode
[  194.203969][ T8965] lo speed is unknown, defaulting to 1000
[  194.206855][ T8965] lo speed is unknown, defaulting to 1000
[  194.209287][ T8965] lo speed is unknown, defaulting to 1000
[  194.370634][ T8970] lo speed is unknown, defaulting to 1000
[  194.374260][ T8970] lo speed is unknown, defaulting to 1000
[  194.378442][ T8970] lo speed is unknown, defaulting to 1000
[  194.445152][   T29] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  194.614126][   T29] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  194.617093][   T29] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  194.620956][   T29] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  194.629479][   T29] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  194.636187][   T29] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  194.644836][   T29] usb 9-1: config 0 interface 0 has no altsetting 0
[  194.651983][   T29] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  194.655793][   T29] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  194.658776][   T29] usb 9-1: Product: syz
[  194.660258][   T29] usb 9-1: Manufacturer: syz
[  194.661769][   T29] usb 9-1: SerialNumber: syz
[  194.674902][   T29] usb 9-1: config 0 descriptor??
[  194.679482][ T8967] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  194.684500][   T29] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  194.695694][   T29] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  195.062485][   T10] usb 9-1: USB disconnect, device number 6
[  195.072387][   T10] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  195.610856][ T5995] IPVS: starting estimator thread 0...
[  195.725580][ T8998] IPVS: using max 43 ests per chain, 103200 per kthread
[  196.171189][   T40] audit: type=1326 audit(1744916177.627:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.181447][   T40] audit: type=1326 audit(1744916177.627:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.193590][   T40] audit: type=1326 audit(1744916177.627:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.202868][   T40] audit: type=1326 audit(1744916177.627:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.211633][   T40] audit: type=1326 audit(1744916177.627:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.220024][   T40] audit: type=1326 audit(1744916177.627:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.228357][   T40] audit: type=1326 audit(1744916177.627:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.236852][   T40] audit: type=1326 audit(1744916177.627:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.245463][   T40] audit: type=1326 audit(1744916177.627:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.253428][   T40] audit: type=1326 audit(1744916177.627:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9007 comm="syz.1.753" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000
[  196.510795][ T9017] netlink: 256 bytes leftover after parsing attributes in process `syz.4.756'.
[  197.556214][ T9040] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  198.882356][ T9068] random: crng reseeded on system resumption
[  199.240696][ T9077] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  200.524846][ T6014] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  200.534789][   T10] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  200.686645][ T6014] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  200.689266][ T6014] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  200.692624][ T6014] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  200.696092][ T6014] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  200.700123][ T6014] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  200.705711][   T10] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  200.708753][   T10] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  200.712485][ T6014] usb 7-1: config 0 interface 0 has no altsetting 0
[  200.714658][   T10] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  200.718692][   T10] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  200.722142][   T10] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  200.726411][   T10] usb 8-1: config 0 interface 0 has no altsetting 0
[  200.729386][ T6014] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  200.732235][ T6014] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  200.735660][ T6014] usb 7-1: Product: syz
[  200.737069][ T6014] usb 7-1: Manufacturer: syz
[  200.738628][   T10] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  200.741441][   T10] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  200.744031][   T10] usb 8-1: Product: syz
[  200.745559][ T6014] usb 7-1: SerialNumber: syz
[  200.747667][   T10] usb 8-1: Manufacturer: syz
[  200.749128][   T10] usb 8-1: SerialNumber: syz
[  200.755115][ T6014] usb 7-1: config 0 descriptor??
[  200.757259][ T9103] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  200.763796][ T6014] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  200.766976][   T10] usb 8-1: config 0 descriptor??
[  200.768979][ T9104] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  200.769713][ T6014] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  200.774836][   T10] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  200.779205][   T10] ldusb 8-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  201.133630][ T3232] usb 7-1: USB disconnect, device number 11
[  201.136975][ T3232] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  201.148820][ T5995] usb 8-1: USB disconnect, device number 9
[  201.157960][ T5995] ldusb 8-1:0.0: LD USB Device #1 now disconnected
[  203.113540][ T9140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.791'.
[  203.116463][ T9140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.791'.
[  203.121747][ T9140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.791'.
[  203.124765][ T9140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.791'.
[  203.188237][ T9144] xt_socket: unknown flags 0x4
[  203.850248][ T9168] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  203.852387][ T9168] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  203.856411][ T9168] vhci_hcd vhci_hcd.0: Device attached
[  203.861050][ T9169] usbip_core: unknown command
[  203.862621][ T9169] vhci_hcd: unknown pdu 0
[  203.866599][ T9169] usbip_core: unknown command
[  203.869466][ T1236] vhci_hcd: stop threads
[  203.870813][ T1236] vhci_hcd: release socket
[  203.872395][ T1236] vhci_hcd: disconnect device
[  204.331821][ T9175] block device autoloading is deprecated and will be removed.
[  205.072479][ T9186] netlink: 20 bytes leftover after parsing attributes in process `syz.3.806'.
[  205.101805][ T9191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.808'.
[  206.241951][ T9207] netlink: 48 bytes leftover after parsing attributes in process `syz.3.812'.
[  206.357872][ T9207] wireguard0: entered promiscuous mode
[  206.359781][ T9207] wireguard0: entered allmulticast mode
[  207.436805][ T9231] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  209.608866][ T9277] 9pnet_fd: Insufficient options for proto=fd
[  209.892977][ T9285] netlink: 'syz.4.833': attribute type 10 has an invalid length.
[  210.711192][ T9315] netlink: 36 bytes leftover after parsing attributes in process `syz.3.841'.
[  211.153581][ T9327] fuse: Unknown parameter 'fd0x0000000000000007'
[  211.240585][ T9331] block nbd1: not configured, cannot reconfigure
[  211.664828][   T57] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  211.829401][   T57] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  211.831947][   T57] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  211.849254][   T57] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  211.859274][   T57] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  211.862661][   T57] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  211.874785][   T57] usb 8-1: config 0 interface 0 has no altsetting 0
[  211.878479][   T57] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  211.881379][   T57] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  211.883934][   T57] usb 8-1: Product: syz
[  211.891720][   T57] usb 8-1: Manufacturer: syz
[  211.893177][   T57] usb 8-1: SerialNumber: syz
[  211.912590][   T57] usb 8-1: config 0 descriptor??
[  211.914667][ T9338] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  211.918236][   T57] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  211.933753][   T57] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  212.055317][ T9333] syz.1.848: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1
[  212.059642][ T9333] CPU: 0 UID: 0 PID: 9333 Comm: syz.1.848 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  212.059668][ T9333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.059676][ T9333] Call Trace:
[  212.059680][ T9333]  <TASK>
[  212.059684][ T9333]  dump_stack_lvl+0x16c/0x1f0
[  212.059705][ T9333]  warn_alloc+0x248/0x3a0
[  212.059723][ T9333]  ? __pfx_warn_alloc+0x10/0x10
[  212.059738][ T9333]  ? psi_group_change+0x6dc/0xd20
[  212.059759][ T9333]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  212.059774][ T9333]  ? psi_memstall_leave+0x1e1/0x2d0
[  212.059790][ T9333]  ? psi_memstall_leave+0x1e6/0x2d0
[  212.059820][ T9333]  __alloc_frozen_pages_noprof+0x141a/0x23a0
[  212.059844][ T9333]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  212.059860][ T9333]  ? irqentry_exit+0x3b/0x90
[  212.059874][ T9333]  ? lockdep_hardirqs_on+0x7c/0x110
[  212.059893][ T9333]  ? policy_nodemask+0x60/0x4e0
[  212.059903][ T9333]  ? write_comp_data+0x42/0x90
[  212.059914][ T9333]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.059926][ T9333]  ? policy_nodemask+0xea/0x4e0
[  212.059936][ T9333]  alloc_pages_mpol+0x1fb/0x550
[  212.059947][ T9333]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  212.059957][ T9333]  ? alloc_pages_noprof+0x115/0x390
[  212.059969][ T9333]  alloc_pages_noprof+0x131/0x390
[  212.059979][ T9333]  kimage_alloc_pages+0x75/0x300
[  212.059992][ T9333]  kimage_alloc_control_pages+0x15d/0x910
[  212.060007][ T9333]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  212.060023][ T9333]  do_kexec_load+0x480/0x8d0
[  212.060036][ T9333]  ? __pfx_do_kexec_load+0x10/0x10
[  212.060052][ T9333]  __do_compat_sys_kexec_load+0x2cd/0x320
[  212.060066][ T9333]  ? __pfx___do_compat_sys_kexec_load+0x10/0x10
[  212.060079][ T9333]  ? rcu_is_watching+0x12/0xc0
[  212.060093][ T9333]  ? rcu_is_watching+0x12/0xc0
[  212.060108][ T9333]  __do_fast_syscall_32+0x73/0x120
[  212.060124][ T9333]  do_fast_syscall_32+0x32/0x80
[  212.060140][ T9333]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.060154][ T9333] RIP: 0023:0xf7ff1579
[  212.060163][ T9333] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.060173][ T9333] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 000000000000011b
[  212.060183][ T9333] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003
[  212.060189][ T9333] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000
[  212.060195][ T9333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.060201][ T9333] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  212.060207][ T9333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.060220][ T9333]  </TASK>
[  212.060325][ T9333] Mem-Info:
[  212.145619][ T9333] active_anon:3035 inactive_anon:5986 isolated_anon:350
[  212.145619][ T9333]  active_file:2441 inactive_file:8863 isolated_file:0
[  212.145619][ T9333]  unevictable:1418 dirty:320 writeback:0
[  212.145619][ T9333]  slab_reclaimable:5753 slab_unreclaimable:62787
[  212.145619][ T9333]  mapped:26361 shmem:5282 pagetables:1049
[  212.145619][ T9333]  sec_pagetables:308 bounce:0
[  212.145619][ T9333]  kernel_misc_reclaimable:0
[  212.145619][ T9333]  free:29004 free_pcp:1290 free_cma:0
[  212.159591][ T9333] Node 0 active_anon:848kB inactive_anon:400kB active_file:1240kB inactive_file:116kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1820kB dirty:0kB writeback:0kB shmem:4260kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9104kB pagetables:1072kB sec_pagetables:1128kB all_unreclaimable? no Balloon:0kB
[  212.169671][ T9333] Node 1 active_anon:11392kB inactive_anon:23544kB active_file:8524kB inactive_file:35280kB unevictable:2736kB isolated(anon):800kB isolated(file):0kB mapped:103624kB dirty:1280kB writeback:0kB shmem:16868kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4212kB pagetables:3124kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB
[  212.180094][ T9333] Node 0 DMA free:1924kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  212.204278][ T9333] lowmem_reserve[]: 0 290 290 290 290
[  212.206495][ T9333] Node 0 DMA32 free:20512kB boost:6144kB min:19480kB low:22812kB high:26144kB reserved_highatomic:2048KB active_anon:696kB inactive_anon:616kB active_file:1160kB inactive_file:680kB unevictable:3536kB writepending:0kB present:1032196kB managed:297472kB mlocked:0kB bounce:0kB free_pcp:196kB local_pcp:0kB free_cma:0kB
[  212.215699][ T9333] lowmem_reserve[]: 0 0 0 0 0
[  212.217531][ T9333] Node 1 DMA32 free:100456kB boost:4096kB min:51244kB low:63028kB high:74812kB reserved_highatomic:0KB active_anon:11408kB inactive_anon:23536kB active_file:8524kB inactive_file:35280kB unevictable:3536kB writepending:1364kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  212.228314][ T9333] lowmem_reserve[]: 0 0 0 0 0
[  212.229888][ T9333] Node 0 DMA: 3*4kB (UM) 0*8kB 0*16kB 1*32kB (M) 3*64kB (UM) 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 1900kB
[  212.234530][ T9333] Node 0 DMA32: 235*4kB (UMEH) 178*8kB (UMEH) 149*16kB (UMEH) 103*32kB (UMEH) 61*64kB (UMEH) 32*128kB (UMEH) 12*256kB (UME) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 20652kB
[  212.244586][ T9333] Node 1 DMA32: 541*4kB (UME) 773*8kB (ME) 601*16kB (UME) 375*32kB (UME) 367*64kB (UME) 108*128kB (UME) 65*256kB (UME) 27*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 98764kB
[  212.251247][ T9333] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  212.258186][ T9333] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  212.261060][ T9333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  212.264278][ T9333] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  212.300943][ T3232] usb 8-1: USB disconnect, device number 10
[  212.314810][ T3232] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  212.317152][ T9333] 16244 total pagecache pages
[  212.318629][ T9333] 1 pages in swap cache
[  212.319903][ T9333] Free swap  = 121172kB
[  212.321182][ T9333] Total swap = 124996kB
[  212.322458][ T9333] 524155 pages RAM
[  212.334734][ T9333] 0 pages HighMem/MovableOnly
[  212.336254][ T9333] 208876 pages reserved
[  212.337551][ T9333] 0 pages cma reserved
[  212.709280][ T9333] kexec: Could not allocate control_code_buffer
[  213.564517][ T9379] fuse: Unknown parameter 'fd0x0000000000000007'
[  213.785405][ T9397] 
[  213.786204][ T9397] ======================================================
[  213.788385][ T9397] WARNING: possible circular locking dependency detected
[  213.790612][ T9397] 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 Not tainted
[  213.793822][ T9397] ------------------------------------------------------
[  213.796663][ T9397] syz.2.867/9397 is trying to acquire lock:
[  213.798511][ T9397] ffffffff9012e7e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240
[  213.801543][ T9397] 
[  213.801543][ T9397] but task is already holding lock:
[  213.803823][ T9397] ffff888075fd1628 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00
[  213.806944][ T9397] 
[  213.806944][ T9397] which lock already depends on the new lock.
[  213.806944][ T9397] 
[  213.810326][ T9397] 
[  213.810326][ T9397] the existing dependency chain (in reverse order) is:
[  213.813199][ T9397] 
[  213.813199][ T9397] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  213.815853][ T9397]        __mutex_lock+0x199/0xb90
[  213.817429][ T9397]        smc_switch_to_fallback+0x2d/0x9f0
[  213.819288][ T9397]        smc_sendmsg+0x13d/0x520
[  213.820833][ T9397]        __sys_sendto+0x495/0x510
[  213.822439][ T9397]        __ia32_sys_sendto+0xdd/0x1b0
[  213.824094][ T9397]        __do_fast_syscall_32+0x73/0x120
[  213.825845][ T9397]        do_fast_syscall_32+0x32/0x80
[  213.827526][ T9397]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.829824][ T9397] 
[  213.829824][ T9397] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  213.832602][ T9397]        lock_sock_nested+0x41/0xf0
[  213.834226][ T9397]        sockopt_lock_sock+0x54/0x70
[  213.835888][ T9397]        do_ip_setsockopt+0xfe/0x3240
[  213.837572][ T9397]        ip_setsockopt+0x59/0xf0
[  213.839237][ T9397]        udp_setsockopt+0x7d/0xd0
[  213.841048][ T9397]        do_sock_setsockopt+0x221/0x470
[  213.842841][ T9397]        __sys_setsockopt+0x1a0/0x230
[  213.844589][ T9397]        __ia32_sys_setsockopt+0xbc/0x160
[  213.846396][ T9397]        __do_fast_syscall_32+0x73/0x120
[  213.848549][ T9397]        do_fast_syscall_32+0x32/0x80
[  213.850658][ T9397]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.852901][ T9397] 
[  213.852901][ T9397] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  213.855244][ T9397]        __lock_acquire+0x1173/0x1ba0
[  213.856954][ T9397]        lock_acquire+0x179/0x350
[  213.858578][ T9397]        __mutex_lock+0x199/0xb90
[  213.860613][ T9397]        do_ip_setsockopt+0xf6/0x3240
[  213.862746][ T9397]        ip_setsockopt+0x59/0xf0
[  213.864341][ T9397]        tcp_setsockopt+0xa4/0x100
[  213.865996][ T9397]        smc_setsockopt+0x1b3/0xa00
[  213.867872][ T9397]        do_sock_setsockopt+0x221/0x470
[  213.870206][ T9397]        __sys_setsockopt+0x1a0/0x230
[  213.872469][ T9397]        __ia32_sys_setsockopt+0xbc/0x160
[  213.874814][ T9397]        __do_fast_syscall_32+0x73/0x120
[  213.877169][ T9397]        do_fast_syscall_32+0x32/0x80
[  213.879393][ T9397]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.882191][ T9397] 
[  213.882191][ T9397] other info that might help us debug this:
[  213.882191][ T9397] 
[  213.886355][ T9397] Chain exists of:
[  213.886355][ T9397]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  213.886355][ T9397] 
[  213.891023][ T9397]  Possible unsafe locking scenario:
[  213.891023][ T9397] 
[  213.893338][ T9397]        CPU0                    CPU1
[  213.895029][ T9397]        ----                    ----
[  213.896704][ T9397]   lock(&smc->clcsock_release_lock);
[  213.898369][ T9397]                                lock(sk_lock-AF_INET);
[  213.901077][ T9397]                                lock(&smc->clcsock_release_lock);
[  213.903933][ T9397]   lock(rtnl_mutex);
[  213.905225][ T9397] 
[  213.905225][ T9397]  *** DEADLOCK ***
[  213.905225][ T9397] 
[  213.908347][ T9397] 1 lock held by syz.2.867/9397:
[  213.910405][ T9397]  #0: ffff888075fd1628 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00
[  213.913918][ T9397] 
[  213.913918][ T9397] stack backtrace:
[  213.915802][ T9397] CPU: 3 UID: 0 PID: 9397 Comm: syz.2.867 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  213.915817][ T9397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.915824][ T9397] Call Trace:
[  213.915829][ T9397]  <TASK>
[  213.915833][ T9397]  dump_stack_lvl+0x116/0x1f0
[  213.915850][ T9397]  print_circular_bug+0x275/0x350
[  213.915868][ T9397]  check_noncircular+0x14c/0x170
[  213.915885][ T9397]  __lock_acquire+0x1173/0x1ba0
[  213.915898][ T9397]  lock_acquire+0x179/0x350
[  213.915911][ T9397]  ? do_ip_setsockopt+0xf6/0x3240
[  213.915928][ T9397]  ? __pfx___might_resched+0x10/0x10
[  213.915954][ T9397]  ? __schedule+0x1186/0x5de0
[  213.915978][ T9397]  __mutex_lock+0x199/0xb90
[  213.916002][ T9397]  ? do_ip_setsockopt+0xf6/0x3240
[  213.916016][ T9397]  ? do_ip_setsockopt+0xf6/0x3240
[  213.916026][ T9397]  ? __pfx___mutex_lock+0x10/0x10
[  213.916042][ T9397]  ? __mutex_trylock_common+0xe9/0x250
[  213.916053][ T9397]  ? do_ip_setsockopt+0xf6/0x3240
[  213.916062][ T9397]  ? rtnl_lock+0x9/0x20
[  213.916070][ T9397]  do_ip_setsockopt+0xf6/0x3240
[  213.916081][ T9397]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  213.916090][ T9397]  ? __mutex_lock+0x1ca/0xb90
[  213.916105][ T9397]  ? smc_setsockopt+0x100/0xa00
[  213.916116][ T9397]  ? __pfx___mutex_lock+0x10/0x10
[  213.916131][ T9397]  ip_setsockopt+0x59/0xf0
[  213.916141][ T9397]  tcp_setsockopt+0xa4/0x100
[  213.916153][ T9397]  smc_setsockopt+0x1b3/0xa00
[  213.916163][ T9397]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  213.916179][ T9397]  ? __pfx_smc_setsockopt+0x10/0x10
[  213.916189][ T9397]  ? errseq_sample+0x53/0x70
[  213.916202][ T9397]  ? __pfx_smc_setsockopt+0x10/0x10
[  213.916213][ T9397]  do_sock_setsockopt+0x221/0x470
[  213.916228][ T9397]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  213.916246][ T9397]  __sys_setsockopt+0x1a0/0x230
[  213.916259][ T9397]  __ia32_sys_setsockopt+0xbc/0x160
[  213.916271][ T9397]  ? lockdep_hardirqs_on+0x7c/0x110
[  213.916285][ T9397]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  213.916300][ T9397]  __do_fast_syscall_32+0x73/0x120
[  213.916315][ T9397]  do_fast_syscall_32+0x32/0x80
[  213.916330][ T9397]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.916343][ T9397] RIP: 0023:0xf7f56579
[  213.916352][ T9397] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  213.916362][ T9397] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  213.916372][ T9397] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  213.916383][ T9397] RDX: 000000000000002b RSI: 0000000080000440 RDI: 0000000000000104
[  213.916391][ T9397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.916397][ T9397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.916404][ T9397] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.916413][ T9397]  </TASK>
[  214.016358][ T9397] netlink: 76 bytes leftover after parsing attributes in process `syz.2.867'.

VM DIAGNOSIS:
18:56:35  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b53f880 RCX=ffffffff81af2589 RDX=ffff88801f18c880
RSI=ffffffff81af2563 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000109f938
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed10056a7f11 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b23b180
RIP=ffffffff81af256a RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080726000 CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000089a05b RBX=0000000000000001 RCX=ffffffff8b703439 RDX=0000000000000000
RSI=ffffffff8dbeb567 RDI=ffffffff8bf45100 RBP=ffffed1003b57488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000
R12=0000000000000001 R13=ffff88801daba440 R14=ffffffff90868110 R15=0000000000000000
RIP=ffffffff8b701ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f455c0 CR3=00000000222c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000001b2da000 RBX=000000001b2da000 RCX=ffffffff82205fcb RDX=ffff888021640000
RSI=0000000000000001 RDI=0000000000000000 RBP=8000000000000025 RSP=ffffc90002d775a0
R8 =0000000000000007 R9 =0000000000000000 R10=8000000000000025 R11=ffff88804115c2b0
R12=0000000000000001 R13=ffffea00006cb680 R14=ffffea00006cb680 R15=dffffc0000000000
RIP=ffffffff82206643 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4157c90d00 ffffffff 00c00000
GS =0000 ffff8880979b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558374458000 CR3=000000004faf2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=78d937da78d937da 78d937da78d937da 78d937da78d937da 78d937da78d937da 78d937da78d937da 78d937da78d937da 78d937da78d937da 78d937da78d937da
ZMM22=57d3b9bc57d3b9bc 57d3b9bc57d3b9bc 57d3b9bc57d3b9bc 57d3b9bc57d3b9bc 57d3b9bc57d3b9bc 57d3b9bc57d3b9bc 57d3b9bc57d3b9bc 57d3b9bc57d3b9bc
ZMM23=4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9 4b6e2ac94b6e2ac9
ZMM24=f7658d90f7658d90 f7658d90f7658d90 f7658d90f7658d90 f7658d90f7658d90 f7658d90f7658d90 f7658d90f7658d90 f7658d90f7658d90 f7658d90f7658d90
ZMM25=fece31a6fece31a6 fece31a6fece31a6 fece31a6fece31a6 fece31a6fece31a6 fece31a6fece31a6 fece31a6fece31a6 fece31a6fece31a6 fece31a6fece31a6
ZMM26=301b6b53301b6b53 301b6b53301b6b53 301b6b53301b6b53 301b6b53301b6b53 301b6b53301b6b53 301b6b53301b6b53 301b6b53301b6b53 301b6b53301b6b53
ZMM27=ab11f305ab11f305 ab11f305ab11f305 ab11f305ab11f305 ab11f305ab11f305 ab11f305ab11f305 ab11f305ab11f305 ab11f305ab11f305 ab11f305ab11f305
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=f40c0000f40c0000 f40c0000f40c0000 f40c0000f40c0000 f40c0000f40c0000 f40c0000f40c0000 f40c0000f40c0000 f40c0000f40c0000 f40c0000f40c0000
info registers vcpu 3

CPU#3
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854bdb65 RDI=ffffffff9ae12b40 RBP=ffffffff9ae12b00 RSP=ffffc900044772c8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000039 R14=ffffffff9ae12b00 R15=ffffffff854bdb00
RIP=ffffffff854bdb8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ab9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c340ee4 CR3=000000002adb2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000