last executing test programs:

6.011121404s ago: executing program 1 (id=3357):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xe, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x200000}, 0x1c)

6.008665334s ago: executing program 1 (id=3359):
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x0)
syz_usb_connect$uac1(0x5, 0xb6, &(0x7f0000000580)=ANY=[], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="e4000000", @ANYRES16, @ANYBLOB="04002bbd7000fedbdf250a000000200003801400020062617461647630000000000000000000080001000100000008000400030000000c00038008000300030000001400038008000500ac141443080001000000000008000500000200000800040001"], 0xe4}, 0x1, 0x0, 0x0, 0x81}, 0x800)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001c40), 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
r1 = syz_io_uring_setup(0x462, &(0x7f0000000280)={0x0, 0x40000024, 0x10, 0x3, 0x353}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
syz_io_uring_setup(0x19af, &(0x7f0000000340)={0x0, 0x2b13, 0x10100, 0x0, 0x25c, 0x0, r4}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x2, 0x4, r5, 0x0, 0x0, 0x0, 0x80000, 0x1})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

4.615810495s ago: executing program 0 (id=3372):
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
acct(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000800), 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="0600000000000000cd309e271a14000000", @ANYRES16=r4, @ANYBLOB="0100ffffffff0000400001000000"], 0x14}, 0x1, 0x620b}, 0x0)
r5 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMRESUME(r5, 0x5302)
writev(r2, 0x0, 0x0)
socket$inet(0x2, 0x1, 0x100)
close_range(r0, 0xffffffffffffffff, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$FUSE_INIT(r6, 0x0, 0x0)

4.005894066s ago: executing program 0 (id=3373):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0)
r1 = openat$comedi(0xffffff9c, &(0x7f0000001a80)='/dev/comedi3\x00', 0x103400, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @none}, 0x8)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_TIOCINQ(r2, 0x541b, &(0x7f0000000040))
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=@can_newroute={0x154, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_MOD_XOR={0x15, 0x3, {{{}, 0x0, 0x0, 0x0, 0x0, "8ca5be073cff296e"}, 0x2}}, @CGW_CS_CRC8={0x11e, 0x6, {0x1, 0x0, 0x0, 0x0, 0x20, "71ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c", 0x0, "5c8d586b2a88d81866930fca15c8a95d29e5b2ea"}}, @CGW_CS_XOR={0x8, 0x5, {0xfffffffffffffff7, 0x0, 0x8}}]}, 0x154}}, 0x0)
ioctl$COMEDI_INSNLIST(r1, 0x8008640b, &(0x7f0000000240)={0x868, &(0x7f00000020c0)=[{0x4000000, 0xff92, 0x0, 0x0, 0x1}]})

3.847719287s ago: executing program 2 (id=3374):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, r0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)

3.842814793s ago: executing program 2 (id=3375):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'veth0_to_bridge\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x4b)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r4, 0x5)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r5, 0x84, 0x4, &(0x7f0000000100)=0xfffffffb, 0x4)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'pimreg0\x00', <r7=>0x0})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYBLOB="f60202e55f5cd48db1d7992a72e5ec043d0591ed06b21db1917dc26f2adf24479ecb06eca96ecbfdeec8e4de642d1374f3dce17dc0e4fcc7cc60e1de5757afe0c4dafd67dd6a528c310874eb19a8dfa20ab3d134d138968c014879a233a36f328ffdf28b53f9f216b8e04e3f3a77eaa53945716265580144b6d55592b6aff53d4d54869d85f28ba434cc0aaa037cf9f8bacdc9d4e1a6dbc03951a89b59c215c6c893116079d7830a7420e2c6119cb3b5a85067dc362c9c5e8ac41e0b86bfe8e052985830f5b436"])
splice(r11, 0x0, r10, 0x0, 0xffffffffffff8000, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r8, r7, 0x25, 0x0, @val=@netfilter={0x1, 0x0, 0x7}}, 0x20)

2.906659165s ago: executing program 1 (id=3382):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
connect$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e1f, @empty}, 0x10)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x14)
accept4$netrom(0xffffffffffffffff, &(0x7f00000000c0)={{0x3, @netrom}, [@bcast, @null, @netrom, @rose, @rose, @rose, @bcast, @bcast]}, &(0x7f0000000140)=0x48, 0x80000)
r2 = dup(r1)
syz_fuse_handle_req(r2, &(0x7f0000004e80)="f06c71be9ea1e18b8ae22ed8926289f2dfe3916a56941f478ae8ca0aed14bc3991f195b27c7af06ebf182ccb3e2f2444bea100e2debf44795ed0ce5e49c83f903e6e70e21cb8e1aa750af8a3c61f8cade87d810c516dfd6b2c598002b4db7d7152500fa6e7b1ae59dfcf32b01a1a396da513a8da80ca4a99b720f13e611e3f360925089aa3efe5c80dbcf6ade9a5007320ea304c027db24d5f9b7ca847bf8a7a807190cd465d46ef14eafe74abbe48439ccd6cfa783d218c939977b209a4b593e942ee1b3f7b7174fcdf0ec6893200c2d04f34deb721909471281d1dc537629af23024a0d1ad89b9ded0a0ad575b5c49eb0ee0f19e3d691165bdbf277fde3488ce18bd38828b4c848343fb08f122691539eb607159b372aa2e2cc331650e7fce51d2d020d2d11d6a548facc605cd1dd1e0c8fd3725dde690e849fdf3cdf26fd65b6bc0077e17e73ad1a2c2edbd568146ddce9ec90b5fc2ae20d2b0f87d512f2ee46de31044e942e73540cad550cafb40df1530a429984467f87899cb7cca75170d5ca340571d568e8b6d35a64226c705561253ddaf01b3e042949d5cd9c249c9c593db8174501b7e257add090081144547a1559df490f1476d6b476a33d10b308553f8d2ddf02f291ec593b250d61b8804095ea87948bc09ba3905784a70e05cec13d77e3063de6bdfb6c42103701271ef623c7bdf2db92d01bd325d3fd3e86f54c26629bf15d4a294cdc5852825f224174d66fcaa582ecd40f61f616c3b64c21e26e23535dca6687c040f669609160d13a1d1eff44c6aec84ce1a10ea6f852eaf8535faec63865618d8564e136c986ee7de0aa6109a10f52cf28ea2a5919972b24f8d3c6aedea4c914fab435a07440e1176d839a56431cdcf004bb7ea0d038d3175c8ad1f190704802444d7faa10e34b90d3f81ff9b97b55f5acb7e6e81b60574c7f56f9590ac28eb3a37637b66703246479f2cee71bc47d8a57d91e47df2669657483d4fa3e9d117a01c62846c3eb1432e2e799c278ae74a1003f5d18f0c25ae0da401985f10cac6b1e6ef1e4ae400461c60d9fbe3b13e075b5e0ce08dea92e37f2f82d8261dce17ff32dd1c8817853dc0bdde67e0a2673b0b7fcf29deb9dc660568a5771ccc2aad4fbda9946cfd341252049a57c57017909922d59df8a3093e3842a29c7e0648bc247b716c46b8703d9077d3375674eb14d8ffd62c48f56686a5178c325c1f943928fb7fc40ea6d35d13c1e6f0dd97197855801151dad595e0e296aa0ac2ce855c7bc6508408dee3552eacee8a05a9ef4d7d1812ca69776a9f7914bd99e7d66957214788d4efc793d3129000cf573fccfb9c32b5b5ab94549f2a58e4163159f188a27bce5be0bed27cc6fc71d5940be14ab06b982dfa844c0ee76e8596f3b516547fb6451b9894633801ea53034b3f525e630dc0b26713a993219ed42a1761d6b9e4655e8df5d33134391d2412ca6d8b3a5e6965af27b99dd835939acf970ac02dcfbdd0a54566bee5c5ade1ed34258763b2c7071974c9e947ead135fe36304fce55ba2545af6a936b7ab321d055ac0706ee82bb4555b60d33a3b936e90cf809b8d95d28fc1f6c0cb3eca1c2e5602a608b588967ba28d1c4f94049f6c29645131e88bb161a67e7e937b1d18bf774af5253768cb1c009368d698a299951105bc2c7a4cc2b7e62d75e49aa202558aadd025ce5c3ed1a6e617ae3614ffbeebaa4d11ba6df8dbcf9b9a6ca7863fd4847fe28f2d35966db5e6df04745731b8adc988b068e8865393b2f3d594d686e202da8157020fd24c6d19e092a2d7180e4af732b8d96c78926229a5af1334e8c46e65e3a7c367549dc7f5c69897c766dc8fc9c852b56c0eed1edd9fccb06af30c15a7f54d130c48f5fb26b15cb89c74541fefeeb384aa2e652fe750f06a7c3cd18af7438ab2c619bb32f424d139bfd8c48ee24c30738cc9e435cdaf3cdf08121168b74341438a98707b5fbd3121b9219deb18ad7af48011dd4b85de317fddaa0bb32aed6ad405d590ebe71262179546d09fdbd6b77cfe8f9f8797a731de05e60efc6fc6f9bc77af87374c95e0360375382773f162b576587fcc041bf8ea4473fd886d31c279cb83167918f998861236dc017cd5aa4b924de6eb942c31ef433fe2034cce5091ea152cfb0a6cfb76e0b0155f6970036b8a9d2148e65711bbb2e40d8247c6ec7c04b7c34ba773984491864be9fd8e7dcf804d02a9b51d83085ed4c01d3dde63596efede95539e7e33a8c45237770d4d38776df27f415a316b6ddca9180515d4f460a544d65a70931a47cede47a862d1c108bef908761768631bf1057b6795e22709d7bc5fcf9b229618a50b8214ca103d2094ecc6d74e199c0fd804e0438ee8a77501b929da1a5cee932d8d7ec827c2b6766a3097852dca1d59b25c3b505c35af98a2e4eae86ad17d716476de7cfb549f8f07618e0817d4aa5221cb3acd7ca6eb4be20b0cd853affd79a09d61d9af1a4e2b2d2994f7bc74b5aec1ae26f6a21d1316ae4e7a447ab4e488d840f7cf7948ad6491fb5a70fef79d89463ac32f9f3e5faa6c341750948d36bb61dfb7cf59815a74d0776ee6142b2e74661acbcc8caba365edf2f988b991ea4a17828995fe374befc2829199393344ca9ac73cb8ce1f4d1ac3db0c5fd40d18836c27a04acdef316d03177e8bf993c7f31c2d443b40364915a686fedf0ebf3fd9e870df33ba5b4e35f6f699ff9c5b9d8914caa38751dd1c761690037833f6b60063e7e4cf071392c5da21908ada84c91b64b884b242ea98d021ad34bc665789f62e413e8790cfb2697ce8b28a2549d98f92dd2e11be3eef27ff72c14b49399ddbf01cd3e84871370d293d80db19c38d978563c85f34732023cc1910a759d40a0c7f6189fdae1f0b92a625d6218658caca97c4a0ceb925c04cebd947e05134fb12b16dbeb48244a4b81a284823497ed1aab8ea3ce981c34cdd8b4990587e9a3d555077879166d84df14cc99725caa8d52a2c1adf57f69011511ccd9cfe84b02404effa30accc2999ea3c0cb163719fbffc90ee6f773739e3e9305ebee2144e254e3ef62ac2a90fb69628504c0c62170e1499f5bead9713ca4d048c5a386dd00451eb5c31b0c49a447a7895d16db99f6492b97bfcfa93fb74481ab08c111de4cc97f9bc50f79403f357c93a134c24d9737b0ba9a8d469b7d99a25dcb85dbcbb528e9b24e1f821fb6f7404c65a0f54d53975d0d05062d0efe648b65307ab27f856bb25042bf021faf99a6453ae3e71673dcc58bab1d6235da7be87911e4102f3da2f416641ac1348a4c7be79e15fb50b872cddfc3b3b6b7d9096b327009bd346e882481ac3dc03dffe6a0710414ccd3438fef3776e29be79eeec3fc71e11eaaf21ad6b23da489093f4b35c673e9bf622397a4fa319dfdb2bc3f61e436d45f0a84b11cc48bdb8f881beb4609f34d30d42b29b690ab2a77e5c65a48921d8f5ae4c511597138bbce4e2f39cdfa625936bb29a9f291814ffc001a5084584f5b56ac222c0ba69b6bae9d568875f893c85a4e5d7e8b54de7912ded29a9eeb81921fb54a35bfbdadd633fb7edc090bfcc44a95a4477494eac43c54e617604183e8e060ad59d5db59f677663b5c07a56dde23ff113cb63b9c66eeacacb2b3799100495fb6d5c0d97324295e5c724973a2b338aec836d0c7f780fdb0270a44a8fb52a8942d78749b1d473aca27ab9c444021a6f60ee7de61079f84f3403ba8317c7ab20d730b8508d651c48ca1c951215e8a46aa579b9721be2936e50d0e09ca4478fc0e134ead7fe67ac247fd3ee2e5676b6b4c252f3fc09224f8c356f4a0e00f7b36d4a981302e0ac298fbc4db27e2047a3ae73668d30766b724d0644005a6ca4aa439fb78a8969c4d12969ebe11506e867552abeb3bf19d0fdf4cdbe98e61e6b50c3da3416dee00090a0e47351fa2ac47b3909693d41ba787476f9f4f25ceae83a24bdbc2fc38aff60de09b8ea0be585e82d6a9d9f095ab03362faabc080f677ebc70c991d77b4a15a72de1284554ad534de09766905b67bac0a7f8fed015f97d7feed6b1e81fe6799fb3a86756aa49f09ffc2b8a857aa14b56392eb310cdbff3a12b61c037212009be338ce681e215649125e93997312539869e078a4363056eba834d4bb2fc3b805ec13189f5a7df40c8b581e12d71339c329b50697152ef259fdad449b1ebfd5362f7aaf666a5f5dc4f7a6499b8a611a5aa37ea88d799c322242d010d1a11abf0c1641c9a06789089adc7d0a073da3399ffcfd600a34725cd91f903c8afc6cd2c97fb3822f381ae1789386659d1191877efd1698fc73d32062c78a2f0050dd675d676a86c4a8827e53eccf4ce547d88acf7283120e6ef1aaf0ba403b57f8c0159a08cb820b59cd7c2cc1aee55e5b6f55df47ac77f13c7e6cd08971557233e319ab53e840109cdda441323354b46d2e422cd86cb09a9da9229514d560166df7019b2919535597eabe3f2b36718fcd3880eb56ae53f5f12e25fc347faaa130a564f97e21151fde5163e1c82b91d12a97c393085cc7631f0fa88d4f52df57c4bb96d665a47edaeb174951badc2b3abb88b8246a2325228e21fa7eac286eaa18ff7d5314c003ca9362309cc7bc9992fd83ae2d5cf7225654bf08c98c1167e205955f6e1fc0eb8e60bb3911ab729438841ebc5f0eeefd80203fde5ec33b99787dbdbb073b3ac9072cbb76ced62e176f76cc5fb463bb7ae1315d2cc1f3a449d64f0cb9a4396e6427154768f01b68f3fa61c9be1a57c7646819c52e4ff6f5b5b43e6bfff6c3bafe722bf0e9a5e9f2bea72cac5780a548eaad0b8507c8feee63283f6c9f10269146cc801391500fb26469711e2a6495d4e9e45c0fc6753bb453f9347e92f3c97932b940d6530405aad8a057bc417f690e0e166f763962cf334a13df8231cedd9ed22207be09a850080b26f1d970fa6950e58ba6ea416c17d6efad4ccc14ab6d288b4343e46b0ccd4fc1d1cc7c87e7438d6449fafa5dd8d19c67b956a5898a4075867cd448bb94119a244f053f6889232667f0bd530526cef01da2f86944dbc9ae4557df8e04c6051cc723e988086e85d3b842935eddb9aee70fb87a35c865f62d6be26a39f8093efdbb777988aca6a1a968a8a96220888057f3f06734933dcde9e6ac82fb3db1c66c92d755c5eaed1d5cb762454c53a13008f30f749409cefb3c1d832f89d8f4983bd3ab00ba2c01a348afa5be2b144ba03b0a5d3986b8332017d033a1c82c98141102af589a4dda90417a6f27bda6ec856b2d0c836167a567a91eaaf413b76ba623e7a74211af0a3b8e296fcb3a432e7db01e691df3749a13cca67d6655197c929956ace5cda77b59b12e8c6179d0af7c77e102872166060858ad429b6eec25f4637d92412a4891d707d8a58c7cd5fae6f0f1f8fa9c15ce2d91f14317f6a4c002ea2ac92bb08dbefefed0c389d9fca0fe63b6d01366eb2d2e89ae5ba4d3eba5763889fd4c1853255d2873b0917303742a96efb11cd8e6bc778d37d953d283cbfb1480880f1383921ccb7a16dc514a00ed6fe5008500cd1627e663d41dbc1b39df477879dbc4586d8a661d4ee05c4bcca8d21212b7ba6e6560076fb4fd272b2fb4a4356c26f7a11ffa947fe9f8c018239dd9d5411b488101958eb39660115390df340249a8eaf20cee42561a2ffbdca65a095c2703d121d59b724aa9835c9a52d0e2298f8748580a6f0db1028d3cca4530e6829b1b78c170e48c7a6f52c47dd65a452838bed890df04167f1cb8c4c1ab594e874d1472e91620a929e05396152602f217e3d27b967f2f032da83d5952cca6f2977785405bead78a3214a7f4d6b9e0c045734c9b4e2eba82d39955f2bccd41ede1d0a2d5a2a39ae39558094d07151e4ee5f4f0755209e2ef8de52c590942bc18c788e153ef4d3062234994d1174f1db483ce989d6f42f9e0290722fb75ba20df0fe2afa43a5e9af6488778d8557aca54599bab5461100ed8b009271dbfab77a8949c90ba356ef9e130f2e53681de9020a12b06f635ae6e4ce0f8e2c3b283a9d24386edb2b9fd48fbd57593f8f064e23db45cd13fe2d51e4b2808d497983a9ddb3f53163f7b88123f3152dab9c4ee564395db25695361b25eeba21d09a0f3417741bbaa167df88822b16320603077df40e5d95ec38d14a45a18f51aa6b492e6115b35e74705ba4bd58093fd46c5f555fd9f7d453ccba5abf606939e88944321d1c2dca4b2a1567757d56ef83218b120bf7032faeb6789ab738911d4ef47fe160047e08106438fabe43295dbd1291c3ce6d1e3397f12de4c0125bd23818215b2d494973573ca9ddc983bcddb1e90fbe2aadc4c0b02c987771eb6e9fa7c4c7011aa1576649210d8ad36b203ebaae9aac00830a3a0244c522a64081d443f377f3e7521263bd40c5d84c2210eb4fdfd81db125c1f5b36204463664ab5c1dfc59946f4406c174f9552ec8df0253fffc74cdec337665ab74f762c92292a22e2dd52b83b84a123b67ae8e065f55bb3709a803743c0fa96ac236c4ade3ce16f0d169a712b67e9aa80992896ff03ac51a4f985750fa0d27e3f4164b7fcd80dc0c78c06dbd898bae606ada022266569581c6efe984a1a81b54581b56cf6648e33c9ed71ffb7fc94b5e4019832d553eca7fa154ae02df41a5c27856282c98c6fff3e9dc00ec45e67338569ea687e25dda1fa4b62d60847d13273a27520a02191c087dbe2e9d47b7f11ada6546b0c66b026f1916acf079f05ebc69bf3c82b1bee6ce4ed95b3978122078f717cb45dbd9cee6b8e5523b243c9c3ab27063dadc953fa3aa81e60daf4fbc38584cb3abbedc38e175a8feda09ffbb0785fa42b9c972742efab4ef5635fd810802649575d850e60b4b17d7359568b975954d935d15ed81f760434627adaaebd50996c681043d0ea5f61f8c8358849299d55b763cef7d833f9ef8750b462c711f9c763a3f95fa2c785a5e24a71b3be244968600f1dc87263090fa065d9f5b498333e19d82e5984fe7431ccb2d5815b5842f8b5f24bda6e835c8cfb6c3b63db5151e1c138135d89a6c523f3cdae319393ff3b05e07f11b456464d7d34a8e4ec93e3ca29dcf61f29d3e9390c925a17766a893751c7f42e3baf7eefa77b06e8200c2f4647e7fac0f7bf86012a7c957aca911a6dbd8dea0ad12e60813129b859794d8e38f39e797ba4729b269ac93d17000e8d1d0bd9e195d83fda977c3a0316f48dd150fcdaed9072c22c9a7b472616f00c5ce250ad6f6ad93da823ffe2a48f925fa3b6e9ab66d013d61cf7df56be9a25e4dda4fcc2a2d605a0aff8b8fd18a19f98bee0323563e427d80b46be5a981abd8e616fe3f5dd23828594e86e1dcf22d7749f3258c604798be30d9936e426d49c60bb9f88e8150fc892051eb2e82acf3bdbf16b9fa4f5e82c138ce201fb1d1de21aa2c699ce00212e4132cc0fcc665927aa41af5d2c45d879c0b534d5c74f2a9a2225993710318452f3c15b28c49efecd5a6c216a271bd0d625b4c9cfd56f2134578181d911645ab0265d560feedafcbe4ffaf4d63ba3b7bccb79d3574971998bfce00369a3c01b4c2c5e7e006f44ac38bdb4e1781830a1ccc9d1456673d90902cb29c51927f6cbfd67bfb24e02d8581e8f7dd996ae5afc5944bbfd57b2266e533d76a9f48774bada4e7e3b58aa5bba5dbb7998dfa8a076642d0b3fe6698d046217e8531bcecc8b2707834a4c21aa703b4da4aac7417adb843747125bb7744aba30d978782a24dc88f1e741fbb1ced581fd0a2807a93be5fa28040dd6f86063e8c931a8df6e9cde2c25f31432c65dd43fdbd2067a932da2e8a3f715067170248d7112a1ae7af4c84b72d065aaafcd03c2cd603f716579c682c7358e0e0e55ea5710531213b5f18a6432b2a0260b493a72863952b9fc7efe01855a4123ae206e90ad8b00e5454d681df308e718002e6e3d6fb709d06fc2f9ef25656b106a76bb06b1e506b97c367c413bb988b07d5c0915221161ad03e8fe8b8368da3ee38d92e928fd3b5780b93c2ac9c5fd27100bafabe1767a487e03192d756518f495c15bb8eac87572c14e88a64ec48769e98081923368e53df95f3f5d5391fe917238aa7c882ff55826ac54192c6b46f4f047069a6df7b313df0a38a2a5f9c6a8ba5be4ba6f91f6faba8f41969a10bcfaff9a000ca7a973ee4342c4b6377cb16edae11b52913bc5fc47b6a0388d8c5532c59457991ca36b77a2e480bb591c1759d17469748e6cf9278665425897d5f86638dd91c6487be2c719ae2d9de114c4ab33292b45255cd320ca1d9d3f34415a1d8a074818d24cd83d2b1db738d337deae672ab8805308fe2a11e415fda0709e2faf59440572e35f3dd54d1ca205f5896e2f9e905096b3fa73116ea914d8d968c909e03be2e42dc3670b4865f7949d2d4698b9979c9be4d02e08894f358be375784931fa097dcc408db3630b5287842b0b42e2835cbc08821d24b55ca71d15e00179ca4739fa61c6a3a32305a8d529c2f92b6e9a440117ec4a8889e47720d15260f464a990240871af9b20e36ea1da072688040c17f50ab532aade79dc3981b8d3194b1c58f74c030777233ae78f9fe81cb7005e9862951b95ac8f7d7292ab07d918a706567ea66492636c6f6a5c95bce0d6acb66af7f15b4153f7da539105578b090758f7272bc7664e7cf641365947db9dae84b92b83fb5321e3693a1938e28e7b6aed85f0927a5393e876ed233e8e9c8599a054689507053f5fb14f54a62b84a75a112699f97de6f20f602e7f2a0d16e97870e96de50308a4735669008bb53d64f6e6f753a5c53fe1027864aae703effef448bbfe7475bcc42fb4470c004498674bf7a56e1da596062330d00fe744d38f1ca3702725c9475cdf4dcf7ed250e2f4cb0a7bca8b506a5d91b759ec39d5e832502d9468a97b32fe13d722232933e0a709963f70da38be91ea2bdd7e38132b1bc3c7a488fc9439b3db3c6752c684d853cdaacc8025a8fa9fd532137c6943b2250d6165f875912f11a502f98b1990bc8ae6a96e146bdf9e9428ae01c04264327c2469fa32fd280f1cfea573dd8b8c1d7fe547a16c870bae47a29eb2462082b402d4df6be2f9b9f0c8d6310ec32b94b76a175ff8d04b5c10b35cfda26419515eadc2af36737d1a37f48f4ea46fc937871e3181533646122e266bbc3990ef3a1c582d873a0041cfd72406f028e53906a3494309cbaf4da24b09d0c1ba3c856e6436f7ac9e595890c6f4af4819b978a05eb3caff979dfa8cc48fb2d6e25cac18f99c9c57a6609aa968e39cd7334d61b22f1a3c599b50a9272e95f9765eb65e2486d32a56523802e76d63ee8138e36e399cf562fdb2064f90475cb974119115bfb036fe01bbd46c603184845c52f4ceda3826dead956e6a153c400513a4c3823018c086fe9e68d9ae7a6d1e04e78379258d7d888d61363604af3257e63503b598332dde7dba36881ca83db525315d5df9ab6b092b5e12578c2d6d28409da4801c7b64207257ea3b9cb0188db08ea7cba46a6606b9c6624ad368a4eac074fdb794c535a2eabce731a934119f95c572836da58745b387dc7aa563bfaaf4235773c58c3cf9a76260a652d1aabb202660581a05be481e3687c73f82d664ddb733b68f89d734b46d7c91033147e61be77e11d98de08393ab4c25da9a6b6c01721a4141b11362f8581fd655fb5e4a30726efaf68bc2dacfc47fed98ed8094ce91202831b8a998d324d7cf86fd26aa88e2e3e208b47b4179cc3724d6cdd33bde489cdaa70c884463063ee99d0350272746ce0772e72256c67f78a188405498eb731fa6a43141353d065dca6fb87a6ecf38fb989dfbf0c89afddfef72bc7d6fd8919a91002ea8dc7f13c3a376adc27021cbb7453c97520d9e86c3b9da30e8c68f70d11bfe108ecff0ecb38a59f0575a5eae0079c504ba8d445733e2efe0e6b051ebf60547707a66a19671867b7e49f0b9b74efc3b3fa39ce287bdccb7163ea85d944fb1b6c7c86d8e81a3a20f241215094d706b4dadbb6897eab38ecf399cf41fbcc6a82e21bb77cd93fd1bfd0e916b84f6ab20e48b041d3e97a5b2216fcc1ff47d07cd5f2d736f79291d00b49d9cc8ae8819d086f583a930612f549416bffd9cd58f0cdba540d2f7ea66d08dba5aba7f2bba5ef9c148e1efb3af6618230cc675ed94f28e560188a90e72500eec3ee5c1ced1493399a44ee74355fe11cc71fe80505eab48c4fa02746f6a4020f740d9c2dd5074d936fd4661ed8dd8efc6a2d614f55df76dfd2e509bf7506234474eedae12f9f6997ba90c213722c8298c583d8f6253a8bcf2d328378adf508b1d961be1af39efa0a279a5b4c3ee0da3e8a68a9e5e375b779f6015e4ccb34a8cdf93ff27055fe41c1cce8223e0dc870ab41ee299f6f515308340a6157f2c5cc2d0c932b98240345db5776eff9a0ea28fbca9858eec6a70bd2174ab8f9f3e0893cc1afc4664c511d31d7591a600f04c938af26a7fe24ea96a5e3a3806ad022295ebfccbe50af7688acc28d48e4400416af9266c3c996cfc101d243139ff8a0551667d3d48d4d88b7e5120d14d18fc1b4d9f80fd76f1f71301ed327773cf12eceb3866fad17442576fc41663cebb94310df4331f226fb80771618b504ca0c71aec3fedda1ce30cd0de8053f4c004a8d8b288d03a60bdb9ae27eab0d6028ef1928093fb17767afae194bdbb7e26176a521d088d7ead8c404a1e498ef8c9786764ab7658c856459373f2d99cfeaca8869d8b6596236008114df49aecbf7ee76b2687620e6d809a70ca29eb00950d49620c3db9911b2eaf9787a4d81c28f571208a10c9ad534cdde895b050be67333d6bf51ed264788086167bd99b7af42349a2ff70b5a00bb7f04d8c4715b6c222ba3bc15c32d00c88abb3159a3633e6687b500d400c54bb52e7ca5187143a62d8efa1ab652d8671aa40a237a8f1c099fa5a29a0a8ea683f7580c28e18958662e8a323a6f39b3603d060711dfcb0971e4e359c21fb68aeb24adcceb1c8ca436b03fc06ef4df90653b7b1d59b26d0090cf34264b7c4e17ea2093206fd37dc399819588d136ef2927b67c52633b69eb03fed90678b495de2504c0df129710b9fe0d64751572b4e5c6dcdb43cf171212a38f5fd1abad4ca53344669febac99d971df691af94a2dfaf9dcfd4332dbcfd03481feca9fd29d3c572ca589f383a2e7dc0ece37ed462b7543bb18439503510669323e687e8c4a2c19b8dd06a3298982daed4ffd0bdb38f9839f2bd058e1f97cbcc414f16fea22575999ed8d000cb01953380771defb9f991d397cd5877830bbfb9f206e845778029ccd67f5275552e83669afaa6cd3b9b54d811b42a2cdc42cd9d1ffac5b992e0671b1ec7c90bea258515525e76f72b21d4eb4ba7c8decefcfb8d5a9df16845cb264f38903d43ec47a15625ff5db24745dee593f05518da7a43ad672c35784bd5fd63efaa2c95f7dcf28eeb81c1758f7c7d04c00405728b0c5bdc81ad524d8719286940ca851b81d515ea3d9ed5cd43a504b3f2000826957a73a99cf83430289df71618cac5d7db787b3", 0x2000, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(r2, &(0x7f0000001000)={0x2020}, 0x2020)
write$vhost_msg(0xffffffffffffffff, 0x0, 0x0)

2.905609642s ago: executing program 1 (id=3383):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000002300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040050}, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000380)={0x0, 0x2003, 0x3, 0x7fff, 0xfe, "0062ba7d8a000000160000400000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
read$FUSE(r2, &(0x7f0000002d40)={0x2020}, 0x2020)
read$watch_queue(r2, &(0x7f0000001d40)=""/4095, 0xff5)

2.832063739s ago: executing program 2 (id=3384):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x1, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f00004ea000/0x4000)=nil, 0x4000, 0x7, 0x40010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000480)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1", @ANYBLOB="fa38bd6ca2dbd8b9ec760cb10982dd6e7cc1bd90ccf0098e8c68d027d346b51ddcfc1687a4b88fd81ff890b6269e1b493b72d743fea9c4d73386548ae706cafac25779eb12c4db7790140ccb36be0ae50f4d1552bb2dcad037f7d80c6acf4df29ae069363aad9065a7d638576aa32234d80298cd12582cc53411da0009db1601b715459ab6faaeaefca14c8ae596428d5be474d11f012f201e2be14afa90970bd02a507f25172089b7460f8d5d", @ANYRESDEC=r0, @ANYBLOB="d64a88940ad83ada2e31884d51691f2e08f5de84933e124a507ab78f6a44a7b9c371bbc5ab8bc410bce5847d37aad2eb422f38c04736fa36521a033b93b0ff16b819f37dff2186b09d44b3fd0ad71f0a59e5eeb9d6290ae8321ab279f90cd7e4b2bfd6351d357170ccf1c83d684e7f7dd6dc94fb5f9a5419e29c7dff684d61f83cef517f31a3323b5c28aaf8b37cce4b0ebbd2adb217133ba484a76e7903f49a13308b679aa104c704ab24ba652d7e557dd33d49b2944c2e2b6abdd1ff4e71e355735543bbcbd254986fd98da000b4b5da224a628e2aab85e346", @ANYBLOB="0229d8f9a2aba9c234fd21ae67f71f3a4f5b369c478373b6e027dea4996af528898215fe2b19b62dd70f9c18ffa62dc445f302c7648ff12ac47cfa4028f53a17a49cbfc0f50b4ae07e1c63169d456cb7d81ebe3dc7ea75da9c289ca91af6de1d30bc09f38ff938bb27e88a8dd236a2ee2ebf57d2c92376d70f68546d0d8c4289f0df9dab0bf5ce10fe30ac6d53366c74df5aa436c50f75c3073d76b7a3616cd87607f49f8a8d3dfd9443747478d53540f4ff13e225f451de939bc68fb554a311b310a07e14620620", @ANYRES8=0x0], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f00000006c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000004c0)={r5, r6, 0x26, 0x0, @val=@kprobe_multi=@addrs={0x0, 0x0, 0x0, 0x0, 0x592}}, 0x30)
bpf$LINK_DETACH(0x22, &(0x7f0000000480)=r7, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r7, 0x0, 0x0}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f0000000680)={0xb, 0x10, 0xfa00, {&(0x7f0000000540), 0xffffffffffffffff, 0x10001}}, 0x18)
sendmsg$NL80211_CMD_REQ_SET_REG(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x10048894)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020, 0x0, 0x0, <r8=>0x0}, 0x2020)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x3, @thr={0x0, 0x0}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mount$cgroup(0x0, 0x0, &(0x7f00000001c0), 0x2010042, &(0x7f0000000000))
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x40078, 0x0)
mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x10400, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e24,posixacl,smackfsroot=+%,rootcontext=user_u,measure,permit_directio,fowner>', @ANYRESDEC=r8, @ANYBLOB='\x00'])

2.831587144s ago: executing program 2 (id=3385):
r0 = userfaultfd(0x80001)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x684})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x300, 0x0, 0x2, 0x9, 0x0, 0x7}, 0x20)
r3 = msgget$private(0x0, 0x3ac)
msgrcv(r3, 0x0, 0x0, 0x1, 0x1000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1042, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r4, &(0x7f00000002c0)=ANY=[@ANYRES16=r3], 0xfff7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x300, 0x0, 0x2, 0x8, 0x6, 0xb}, 0x20)
socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfa11, 0xffffffff}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[], 0x5c}}, 0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x3, 0x5)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_emit_ethernet(0x6e, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86e96000000000382bbb165f8f000000000000dac4ad9e000000fe8000000000000000000000000000aa67000000000000002100000000309078210600ed8fbab2e630c3e6a031fd2ad9265431bda90f00000000000000a49bf2ed00000000000000001b27a1046b7f3ffc0190a64292fe0f21296f62098cbe3408fbaeb2456465e22e80fc70550f99ea71d5e87f437c1bb95c7bf6b87d02ba016ddfebf8931d689e4b2d09632b814df792800fd9c397e650d43c9ff99f0cda2a0c3a06c381ed1643082a189bd9d988f9f9fde7308748029ddd17566cefa5bc9b97b9e3d0a7b353228b8baa3d02532c7184e9aa06"], 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r7, &(0x7f0000000f80)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x86, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7fffffff}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000280)="8a", 0x1}], 0x1}}, {{&(0x7f0000000540)={0xa, 0x4e21, 0x8075, @dev={0xfe, 0x80, '\x00', 0x6}, 0x2}, 0x1c, &(0x7f0000000e00)=[{&(0x7f0000000ac0)='^', 0x1}], 0x1}}], 0x2, 0x40000c0)
shutdown(r7, 0x1)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r7, 0x84, 0x71, &(0x7f0000000300)={0x0, 0x5}, &(0x7f0000000340)=0x8)

2.586024795s ago: executing program 3 (id=3387):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(0x0, r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
close(0x3)

2.445949255s ago: executing program 3 (id=3388):
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x7, 0x4)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x26, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5, 0x12, r2, 0x0)
futimesat(r2, 0x0, &(0x7f0000000000)={{0x77359400}})
get_mempolicy(&(0x7f0000005a40), &(0x7f0000005a80), 0x3, &(0x7f0000ffc000/0x4000)=nil, 0x4)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb)

2.445740336s ago: executing program 3 (id=3389):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000200)={'nat\x00', 0x0, 0x0, 0x0, [0x8, 0x8, 0x9bc6, 0x80008, 0x43, 0x7fffffff], 0x1, 0x0, 0x0, [{}]}, 0x60)

2.409554606s ago: executing program 3 (id=3390):
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ptrace$poke(0x5, 0x0, &(0x7f0000000080), 0xf5)
ptrace$PTRACE_SETSIGMASK(0x420b, 0x0, 0x8, &(0x7f00000005c0)={[0x8]})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x3b94, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)=@o_path={&(0x7f0000000540)='./file0\x00', 0x0, 0x4010, r5}, 0x14)
ioctl$DRM_IOCTL_MODE_ADDFB(r4, 0xc01c64ae, &(0x7f0000000040)={0x0, 0x6, 0xa, 0xffffffff, 0x2, 0x2, 0x3e7})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4e14, 0x912a, 0x41, 0x0, 0x0)

2.17637744s ago: executing program 0 (id=3391):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000002300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040050}, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000380)={0x0, 0x2003, 0x3, 0x7fff, 0xfe, "0062ba7d8a000000160000400000f738096304"})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
r3 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r3, 0x48e9, 0x0, 0x2, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x80101, 0x101)
r6 = dup3(0xffffffffffffffff, r0, 0x80000)
read$FUSE(r6, &(0x7f0000002d40)={0x2020}, 0x2020)
read$watch_queue(r6, &(0x7f0000001d40)=""/4095, 0xfff)

2.04480014s ago: executing program 1 (id=3392):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
syz_usb_connect$uac1(0x5, 0xb6, &(0x7f0000000580)=ANY=[], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001c40), 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
syz_io_uring_setup(0x19af, &(0x7f0000000340)={0x0, 0x2b13, 0x10100, 0x0, 0x25c}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x2, 0x4, r1, 0x0, 0x0, 0x0, 0x80000, 0x1})
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1.357655344s ago: executing program 0 (id=3393):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
lsm_list_modules(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x30, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x808}]}]}, 0x30}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x200000)
mkdir(0x0, 0xfffffffffffffffe)

821.599107ms ago: executing program 2 (id=3394):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
setsockopt$inet6_int(r2, 0x29, 0xcf, &(0x7f0000000200)=0xff, 0x4)

646.100658ms ago: executing program 1 (id=3395):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r2}, 0xc)
r3 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e28, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x5, 0x10}, 0xc)
r4 = dup(r0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
pipe2$9p(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4000)
write$binfmt_elf64(r4, &(0x7f0000000500)=ANY=[], 0x78)
write$P9_RSETATTR(r6, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r5, 0x0, r0, 0x0, 0xffff, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
write$P9_RLINK(r4, &(0x7f0000000140)={0x7, 0x47, 0x2}, 0x7)

617.931443ms ago: executing program 3 (id=3396):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, 0x0, 0x0)
close(0x3)

415.539973ms ago: executing program 0 (id=3397):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, 0x0, 0x0)

345.416211ms ago: executing program 3 (id=3398):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10)
listen(r1, 0xffffffff)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
write$dsp(r3, &(0x7f00000004c0)='\x00', 0x1)
ioctl$SNDCTL_DSP_SYNC(r3, 0x5001, 0x0)
poll(&(0x7f0000000040)=[{r3, 0x204}], 0x1, 0xd64)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f00000002c0)={0x5, 0xc, 0x2})
chroot(&(0x7f0000000300)='.\x00')
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r4)
socket$packet(0x11, 0x2, 0x300)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x4e23, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000cbd70100400000005000000080009000200000008000c00a80a000008000b00000000000600010007"], 0x40}, 0x1, 0x0, 0x0, 0x40811}, 0x20)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0xe22, 0xfff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
syz_emit_ethernet(0x50, &(0x7f0000000780)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "910100", 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "51f84227a41c"}}}}}}}, 0x0)

345.11024ms ago: executing program 0 (id=3399):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
socket$packet(0x11, 0x2, 0x300)
socket$kcm(0x11, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r2)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
socket$nl_route(0x10, 0x3, 0x0)
r3 = io_uring_setup(0x7da, &(0x7f0000000080)={0x0, 0xfac7, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0), 0x0)

0s ago: executing program 2 (id=3400):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000002a80)={0x81, 0x0, 0x3})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (fail_nth: 5)

kernel console output (not intermixed with test programs):

ll_32+0xde/0x660
[  854.689119][T13463]  do_fast_syscall_32+0x32/0x70
[  854.689144][T13463]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  854.689165][T13463] RIP: 0023:0xf742d579
[  854.689179][T13463] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  854.689195][T13463] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  854.689213][T13463] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  854.689224][T13463] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  854.689234][T13463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  854.689244][T13463] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  854.689254][T13463] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  854.689277][T13463]  </TASK>
[  854.932556][ T9369] ldm_validate_partition_table(): Disk read failed.
[  854.944537][ T9369] Dev nbd3: unable to read RDB block 0
[  854.947388][ T9369]  nbd3: unable to read partition table
[  855.044073][  T604] usb 8-1: new high-speed USB device number 81 using dummy_hcd
[  855.123561][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  855.123580][   T40] audit: type=1326 audit(1770717645.205:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.133998][   T40] audit: type=1326 audit(1770717645.205:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.142754][   T40] audit: type=1326 audit(1770717645.225:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.161922][   T40] audit: type=1326 audit(1770717645.245:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.205424][T13480] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2872'.
[  855.223986][  T604] usb 8-1: Using ep0 maxpacket: 8
[  855.227564][  T604] usb 8-1: config 0 has no interfaces?
[  855.229773][  T604] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  855.233523][  T604] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  855.241221][  T604] usb 8-1: config 0 descriptor??
[  855.407287][T13481] netlink: 'syz.0.2871': attribute type 1 has an invalid length.
[  855.436461][T13481] 8021q: adding VLAN 0 to HW filter on device bond1
[  855.455686][T13467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  855.457522][T13482] binder: 13479:13482 ioctl 0 80000040 returned -22
[  855.499051][T13467] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  855.542458][   T40] audit: type=1326 audit(1770717645.625:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.564072][   T40] audit: type=1326 audit(1770717645.625:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.578081][T13481] bond1: (slave veth3): Enslaving as an active interface with a down link
[  855.584095][  T604] usb 8-1: USB disconnect, device number 81
[  855.780262][   T40] audit: type=1326 audit(1770717645.765:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.786456][   T40] audit: type=1326 audit(1770717645.825:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  855.792606][   T40] audit: type=1326 audit(1770717645.825:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13474 comm="syz.0.2871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  856.128119][T13492] FAULT_INJECTION: forcing a failure.
[  856.128119][T13492] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  856.132521][T13492] CPU: 2 UID: 0 PID: 13492 Comm: syz.1.2875 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  856.132539][T13492] Tainted: [L]=SOFTLOCKUP
[  856.132543][T13492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  856.132549][T13492] Call Trace:
[  856.132554][T13492]  <TASK>
[  856.132559][T13492]  dump_stack_lvl+0x100/0x190
[  856.132576][T13492]  should_fail_ex.cold+0x5/0xa
[  856.132593][T13492]  ? prepare_alloc_pages+0x16d/0x5f0
[  856.132610][T13492]  should_fail_alloc_page+0xeb/0x140
[  856.132626][T13492]  prepare_alloc_pages+0x1f0/0x5f0
[  856.132644][T13492]  __alloc_frozen_pages_noprof+0x193/0x2410
[  856.132661][T13492]  ? aa_label_next_confined+0xf5/0x160
[  856.132678][T13492]  ? unix_peer_perm+0x4ab/0xc60
[  856.132690][T13492]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  856.132703][T13492]  ? __alloc_skb+0x186/0x410
[  856.132731][T13492]  ? __pfx_unix_peer_perm+0x10/0x10
[  856.132744][T13492]  ? __alloc_skb+0x220/0x410
[  856.132759][T13492]  ? __alloc_skb+0x35d/0x410
[  856.132778][T13492]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  856.132791][T13492]  ? policy_nodemask+0xed/0x4f0
[  856.132806][T13492]  alloc_pages_mpol+0x1fb/0x550
[  856.132821][T13492]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  856.132839][T13492]  folio_alloc_mpol_noprof+0x36/0x340
[  856.132857][T13492]  vma_alloc_folio_noprof+0xed/0x1d0
[  856.132873][T13492]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  856.132889][T13492]  ? rcu_read_unlock+0x2d/0xb0
[  856.132903][T13492]  ? rcu_read_unlock+0x2d/0xb0
[  856.132914][T13492]  ? __lock_acquire+0x4a5/0x2630
[  856.132931][T13492]  do_wp_page+0xf09/0x4c10
[  856.132950][T13492]  ? __pfx_do_wp_page+0x10/0x10
[  856.132967][T13492]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  856.132980][T13492]  __handle_mm_fault+0x1ac0/0x2b50
[  856.132993][T13492]  ? mt_find+0x45e/0x8e0
[  856.133010][T13492]  ? __pfx___handle_mm_fault+0x10/0x10
[  856.133020][T13492]  ? __pfx_mt_find+0x10/0x10
[  856.133042][T13492]  ? find_vma+0xbf/0x140
[  856.133056][T13492]  ? __pfx_find_vma+0x10/0x10
[  856.133071][T13492]  handle_mm_fault+0x36d/0xa20
[  856.133084][T13492]  do_user_addr_fault+0x74c/0x12f0
[  856.133101][T13492]  exc_page_fault+0x6f/0xd0
[  856.133116][T13492]  asm_exc_page_fault+0x26/0x30
[  856.133126][T13492] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[  856.133141][T13492] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 01 bb 03 00 90 90 90 90 90 90 90 90 90 90
[  856.133152][T13492] RSP: 0018:ffffc900033afcc0 EFLAGS: 00050293
[  856.133161][T13492] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000800bd01c
[  856.133168][T13492] RDX: 00000000800bd000 RSI: ffffffff8941b693 RDI: ffff8880229a0000
[  856.133174][T13492] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  856.133181][T13492] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000080040000
[  856.133187][T13492] R13: 0000000000000317 R14: 0000000000000318 R15: 00000000800bd000
[  856.133198][T13492]  ? __sys_sendmmsg+0x313/0x430
[  856.133210][T13492]  __sys_sendmmsg+0x323/0x430
[  856.133222][T13492]  ? __pfx___sys_sendmmsg+0x10/0x10
[  856.133238][T13492]  ? __fget_files+0x215/0x3d0
[  856.133255][T13492]  ? fput+0x79/0x100
[  856.133269][T13492]  ? ksys_write+0x1ac/0x250
[  856.133280][T13492]  ? __pfx_ksys_write+0x10/0x10
[  856.133292][T13492]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  856.133303][T13492]  ? lockdep_hardirqs_on+0x78/0x100
[  856.133317][T13492]  __do_fast_syscall_32+0xde/0x660
[  856.133334][T13492]  do_fast_syscall_32+0x32/0x70
[  856.133349][T13492]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  856.133362][T13492] RIP: 0023:0xf742d579
[  856.133370][T13492] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  856.133380][T13492] RSP: 002b:00000000f543550c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  856.133389][T13492] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000800bd000
[  856.133396][T13492] RDX: 0000000000000318 RSI: 0000000000000000 RDI: 0000000000000000
[  856.133402][T13492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  856.133408][T13492] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  856.133414][T13492] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  856.133427][T13492]  </TASK>
[  856.324523][   T40] audit: type=1326 audit(1770717646.415:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13490 comm="syz.0.2874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  856.398772][ T1152] Bluetooth: hci3: Frame reassembly failed (-84)
[  856.531978][T13507] netlink: 'syz.3.2881': attribute type 7 has an invalid length.
[  856.538014][T13507] netlink: 'syz.3.2881': attribute type 8 has an invalid length.
[  856.569717][T13509] FAULT_INJECTION: forcing a failure.
[  856.569717][T13509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  856.574738][T13509] CPU: 3 UID: 0 PID: 13509 Comm: syz.3.2882 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  856.574757][T13509] Tainted: [L]=SOFTLOCKUP
[  856.574761][T13509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  856.574768][T13509] Call Trace:
[  856.574773][T13509]  <TASK>
[  856.574777][T13509]  dump_stack_lvl+0x100/0x190
[  856.574794][T13509]  should_fail_ex.cold+0x5/0xa
[  856.574812][T13509]  _copy_from_iter+0x1f4/0x1690
[  856.574826][T13509]  ? __alloc_skb+0x220/0x410
[  856.574841][T13509]  ? __alloc_skb+0x35d/0x410
[  856.574861][T13509]  ? __pfx__copy_from_iter+0x10/0x10
[  856.574876][T13509]  ? netlink_autobind.isra.0+0x80/0x370
[  856.574902][T13509]  netlink_sendmsg+0x808/0xda0
[  856.574922][T13509]  ? __pfx_netlink_sendmsg+0x10/0x10
[  856.574944][T13509]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  856.574972][T13509]  ____sys_sendmsg+0xa54/0xc30
[  856.574997][T13509]  ? __pfx_____sys_sendmsg+0x10/0x10
[  856.575018][T13509]  ___sys_sendmsg+0x190/0x1e0
[  856.575033][T13509]  ? __pfx____sys_sendmsg+0x10/0x10
[  856.575068][T13509]  __sys_sendmsg+0x170/0x220
[  856.575079][T13509]  ? __pfx___sys_sendmsg+0x10/0x10
[  856.575094][T13509]  ? __pfx_ksys_write+0x10/0x10
[  856.575109][T13509]  __do_fast_syscall_32+0xde/0x660
[  856.575127][T13509]  do_fast_syscall_32+0x32/0x70
[  856.575143][T13509]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  856.575157][T13509] RIP: 0023:0xf7fe7579
[  856.575168][T13509] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  856.575184][T13509] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  856.575201][T13509] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  856.575213][T13509] RDX: 0000000004000820 RSI: 0000000000000000 RDI: 0000000000000000
[  856.575224][T13509] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  856.575234][T13509] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  856.575246][T13509] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  856.575267][T13509]  </TASK>
[  856.684414][T13511] openvswitch: netlink: IP tunnel dst address not specified
[  856.784025][ T6008] usb 7-1: new high-speed USB device number 72 using dummy_hcd
[  856.819008][T13512] FAULT_INJECTION: forcing a failure.
[  856.819008][T13512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  856.823244][T13512] CPU: 0 UID: 0 PID: 13512 Comm: syz.3.2883 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  856.823262][T13512] Tainted: [L]=SOFTLOCKUP
[  856.823266][T13512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  856.823273][T13512] Call Trace:
[  856.823278][T13512]  <TASK>
[  856.823283][T13512]  dump_stack_lvl+0x100/0x190
[  856.823313][T13512]  should_fail_ex.cold+0x5/0xa
[  856.823344][T13512]  _copy_from_iter+0x1f4/0x1690
[  856.823358][T13512]  ? __alloc_skb+0x220/0x410
[  856.823373][T13512]  ? __alloc_skb+0x35d/0x410
[  856.823389][T13512]  ? __pfx__copy_from_iter+0x10/0x10
[  856.823400][T13512]  ? netlink_autobind.isra.0+0x80/0x370
[  856.823417][T13512]  netlink_sendmsg+0x808/0xda0
[  856.823432][T13512]  ? __pfx_netlink_sendmsg+0x10/0x10
[  856.823445][T13512]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  856.823463][T13512]  ____sys_sendmsg+0xa54/0xc30
[  856.823479][T13512]  ? __pfx_____sys_sendmsg+0x10/0x10
[  856.823499][T13512]  ___sys_sendmsg+0x190/0x1e0
[  856.823514][T13512]  ? __pfx____sys_sendmsg+0x10/0x10
[  856.823545][T13512]  __sys_sendmsg+0x170/0x220
[  856.823556][T13512]  ? __pfx___sys_sendmsg+0x10/0x10
[  856.823571][T13512]  ? __pfx_ksys_write+0x10/0x10
[  856.823586][T13512]  __do_fast_syscall_32+0xde/0x660
[  856.823603][T13512]  do_fast_syscall_32+0x32/0x70
[  856.823618][T13512]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  856.823631][T13512] RIP: 0023:0xf7fe7579
[  856.823640][T13512] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  856.823651][T13512] RSP: 002b:00000000f548550c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  856.823661][T13512] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  856.823668][T13512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  856.823675][T13512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  856.823681][T13512] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  856.823687][T13512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  856.823701][T13512]  </TASK>
[  856.925151][ T6008] usb 7-1: device descriptor read/64, error -71
[  857.163984][ T6008] usb 7-1: new high-speed USB device number 73 using dummy_hcd
[  857.294008][ T6008] usb 7-1: device descriptor read/64, error -71
[  857.404354][ T6008] usb usb7-port1: attempt power cycle
[  857.757998][ T6008] usb 7-1: new high-speed USB device number 74 using dummy_hcd
[  857.789305][ T6008] usb 7-1: device descriptor read/8, error -71
[  857.813544][T13520] 9pnet_virtio: no channels available for device �q�Y�3aK
[  858.033987][ T6008] usb 7-1: new high-speed USB device number 75 using dummy_hcd
[  858.054741][ T6008] usb 7-1: device descriptor read/8, error -71
[  858.164187][ T6008] usb usb7-port1: unable to enumerate USB device
[  858.193824][T13526] syzkaller0: entered promiscuous mode
[  858.196269][T13526] syzkaller0: entered allmulticast mode
[  858.204366][T13526] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  858.210252][T13526] tipc: Resetting bearer <eth:syzkaller0>
[  858.223008][T13526] tipc: Disabling bearer <eth:syzkaller0>
[  858.262363][T13527] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2887'.
[  858.339712][T13529] openvswitch: netlink: IP tunnel dst address not specified
[  858.444040][ T5950] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  858.444026][ T5951] Bluetooth: hci3: command 0x1003 tx timeout
[  859.000851][T13534] /dev/nullb0: Can't open blockdev
[  859.010246][   T53] IPVS: starting estimator thread 0...
[  859.094200][T13535] IPVS: using max 44 ests per chain, 105600 per kthread
[  859.254048][ T6008] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  859.384081][ T6008] usb 5-1: device descriptor read/64, error -71
[  859.624118][ T6008] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  859.745156][ T6024] usb 8-1: new high-speed USB device number 82 using dummy_hcd
[  859.756541][ T6008] usb 5-1: device descriptor read/64, error -71
[  859.826073][T13560] FAULT_INJECTION: forcing a failure.
[  859.826073][T13560] name failslab, interval 1, probability 0, space 0, times 0
[  859.830279][T13560] CPU: 3 UID: 0 PID: 13560 Comm: syz.2.2899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  859.830297][T13560] Tainted: [L]=SOFTLOCKUP
[  859.830301][T13560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  859.830308][T13560] Call Trace:
[  859.830312][T13560]  <TASK>
[  859.830317][T13560]  dump_stack_lvl+0x100/0x190
[  859.830335][T13560]  should_fail_ex.cold+0x5/0xa
[  859.830354][T13560]  should_failslab+0xc2/0x120
[  859.830368][T13560]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  859.830383][T13560]  ? __alloc_skb+0x156/0x410
[  859.830403][T13560]  ? __alloc_skb+0x156/0x410
[  859.830418][T13560]  __alloc_skb+0x156/0x410
[  859.830433][T13560]  ? __alloc_skb+0x35d/0x410
[  859.830448][T13560]  ? __pfx___alloc_skb+0x10/0x10
[  859.830470][T13560]  hci_sock_sendmsg+0x1b01/0x2620
[  859.830489][T13560]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  859.830506][T13560]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  859.830525][T13560]  sock_write_iter+0x566/0x610
[  859.830539][T13560]  ? __pfx_sock_write_iter+0x10/0x10
[  859.830558][T13560]  ? bpf_lsm_file_permission+0x9/0x10
[  859.830572][T13560]  ? security_file_permission+0x76/0x210
[  859.830586][T13560]  ? rw_verify_area+0xce/0x6d0
[  859.830597][T13560]  vfs_write+0x6ac/0x1070
[  859.830609][T13560]  ? __pfx_sock_write_iter+0x10/0x10
[  859.830624][T13560]  ? __pfx_vfs_write+0x10/0x10
[  859.830634][T13560]  ? find_held_lock+0x2b/0x80
[  859.830654][T13560]  ksys_write+0x1f8/0x250
[  859.830668][T13560]  ? __pfx_ksys_write+0x10/0x10
[  859.830679][T13560]  ? __pfx_ksys_write+0x10/0x10
[  859.830693][T13560]  __do_fast_syscall_32+0xde/0x660
[  859.830717][T13560]  do_fast_syscall_32+0x32/0x70
[  859.830732][T13560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  859.830746][T13560] RIP: 0023:0xf7fb1579
[  859.830755][T13560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  859.830769][T13560] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  859.830781][T13560] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000080000000
[  859.830788][T13560] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000000
[  859.830794][T13560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  859.830800][T13560] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  859.830807][T13560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  859.830821][T13560]  </TASK>
[  859.830828][T13560] Bluetooth: MGMT ver 1.23
[  859.864208][ T6008] usb usb5-port1: attempt power cycle
[  859.893975][ T6024] usb 8-1: Using ep0 maxpacket: 8
[  859.932927][ T6024] usb 8-1: config 0 has no interfaces?
[  859.936044][ T6024] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  859.939968][ T6024] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.978836][ T6024] usb 8-1: config 0 descriptor??
[  860.194164][T13539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  860.198308][T13539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  860.211782][  T851] usb 8-1: USB disconnect, device number 82
[  860.234551][ T6008] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  860.256059][ T6008] usb 5-1: device descriptor read/8, error -71
[  860.484012][   T24] usb 7-1: new high-speed USB device number 76 using dummy_hcd
[  860.504177][ T6008] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  860.526107][ T6008] usb 5-1: device descriptor read/8, error -71
[  860.550375][T13568] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  860.552591][T13568] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  860.555427][T13568] vhci_hcd vhci_hcd.0: Device attached
[  860.614051][   T24] usb 7-1: device descriptor read/64, error -71
[  860.634169][ T6008] usb usb5-port1: unable to enumerate USB device
[  860.805707][ T6004] usb 39-1: new high-speed USB device number 3 using vhci_hcd
[  860.872791][   T24] usb 7-1: new high-speed USB device number 77 using dummy_hcd
[  860.989854][T13569] vhci_hcd: connection reset by peer
[  860.992649][ T1152] vhci_hcd vhci_hcd.1: stop threads
[  860.995379][ T1152] vhci_hcd vhci_hcd.1: release socket
[  860.997881][ T1152] vhci_hcd vhci_hcd.1: disconnect device
[  861.014123][   T24] usb 7-1: device descriptor read/64, error -71
[  861.123992][   T53] usb 8-1: new low-speed USB device number 83 using dummy_hcd
[  861.124373][   T24] usb usb7-port1: attempt power cycle
[  861.334019][   T53] usb 8-1: Invalid ep0 maxpacket: 64
[  861.733985][   T24] usb 7-1: new high-speed USB device number 78 using dummy_hcd
[  861.754809][   T24] usb 7-1: device descriptor read/8, error -71
[  861.823984][   T53] usb 8-1: new low-speed USB device number 84 using dummy_hcd
[  861.994080][   T53] usb 8-1: Invalid ep0 maxpacket: 64
[  861.994116][   T24] usb 7-1: new high-speed USB device number 79 using dummy_hcd
[  862.000450][   T53] usb usb8-port1: attempt power cycle
[  862.014428][   T24] usb 7-1: device descriptor read/8, error -71
[  862.119031][T13590] FAULT_INJECTION: forcing a failure.
[  862.119031][T13590] name failslab, interval 1, probability 0, space 0, times 0
[  862.124223][   T24] usb usb7-port1: unable to enumerate USB device
[  862.126340][T13590] CPU: 3 UID: 0 PID: 13590 Comm: syz.1.2910 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  862.126379][T13590] Tainted: [L]=SOFTLOCKUP
[  862.126385][T13590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  862.126394][T13590] Call Trace:
[  862.126400][T13590]  <TASK>
[  862.126407][T13590]  dump_stack_lvl+0x100/0x190
[  862.126431][T13590]  should_fail_ex.cold+0x5/0xa
[  862.126457][T13590]  should_failslab+0xc2/0x120
[  862.126478][T13590]  __kmalloc_cache_noprof+0x80/0x810
[  862.126495][T13590]  ? dev_ethtool+0x1a9/0x5d70
[  862.126519][T13590]  ? dev_ethtool+0x1a9/0x5d70
[  862.126539][T13590]  dev_ethtool+0x1a9/0x5d70
[  862.126558][T13590]  ? stack_trace_save+0x8e/0xc0
[  862.126575][T13590]  ? __pfx_stack_trace_save+0x10/0x10
[  862.126592][T13590]  ? stack_depot_save_flags+0x27/0x9c0
[  862.126610][T13590]  ? __lock_acquire+0x4a5/0x2630
[  862.126633][T13590]  ? __pfx_dev_ethtool+0x10/0x10
[  862.126653][T13590]  ? kasan_save_track+0x14/0x30
[  862.126670][T13590]  ? kasan_save_free_info+0x3b/0x70
[  862.126683][T13590]  ? __kasan_slab_free+0x5f/0x80
[  862.126702][T13590]  ? tomoyo_path_number_perm+0x46d/0x580
[  862.126719][T13590]  ? security_file_ioctl_compat+0xd3/0x230
[  862.126737][T13590]  ? __ia32_compat_sys_ioctl+0xc2/0x360
[  862.126759][T13590]  ? __do_fast_syscall_32+0xde/0x660
[  862.126781][T13590]  ? do_fast_syscall_32+0x32/0x70
[  862.126800][T13590]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  862.126845][T13590]  ? kasan_quarantine_put+0x104/0x240
[  862.126862][T13590]  ? lockdep_hardirqs_on+0x78/0x100
[  862.126890][T13590]  ? __lock_acquire+0x4a5/0x2630
[  862.126912][T13590]  ? tomoyo_path_number_perm+0x188/0x580
[  862.126937][T13590]  ? find_held_lock+0x2b/0x80
[  862.126952][T13590]  ? dev_load+0x8e/0x240
[  862.126980][T13590]  ? dev_load+0x8e/0x240
[  862.127007][T13590]  dev_ioctl+0x63b/0x1070
[  862.127023][T13590]  compat_sock_ioctl+0x4f9/0x760
[  862.127048][T13590]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  862.127080][T13590]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  862.127102][T13590]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  862.127128][T13590]  __do_fast_syscall_32+0xde/0x660
[  862.127152][T13590]  do_fast_syscall_32+0x32/0x70
[  862.127174][T13590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  862.127193][T13590] RIP: 0023:0xf742d579
[  862.127206][T13590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  862.127222][T13590] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  862.127238][T13590] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[  862.127249][T13590] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  862.127259][T13590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  862.127268][T13590] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  862.127277][T13590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  862.127299][T13590]  </TASK>
[  862.433969][   T53] usb 8-1: new low-speed USB device number 85 using dummy_hcd
[  862.694013][   T24] usb 6-1: new high-speed USB device number 76 using dummy_hcd
[  862.784277][   T53] usb 8-1: Invalid ep0 maxpacket: 64
[  862.855015][   T24] usb 6-1: Using ep0 maxpacket: 8
[  862.858073][   T24] usb 6-1: config 0 has no interfaces?
[  862.860349][   T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  862.865741][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  862.871919][   T24] usb 6-1: config 0 descriptor??
[  863.078047][T13594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  863.082344][T13594] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  863.094917][ T6008] usb 6-1: USB disconnect, device number 76
[  863.363971][   T53] usb 8-1: new low-speed USB device number 86 using dummy_hcd
[  863.394366][   T53] usb 8-1: Invalid ep0 maxpacket: 64
[  863.396367][   T53] usb usb8-port1: unable to enumerate USB device
[  863.433112][T13612] FAULT_INJECTION: forcing a failure.
[  863.433112][T13612] name failslab, interval 1, probability 0, space 0, times 0
[  863.437693][T13612] CPU: 0 UID: 0 PID: 13612 Comm: syz.2.2919 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  863.437711][T13612] Tainted: [L]=SOFTLOCKUP
[  863.437715][T13612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  863.437721][T13612] Call Trace:
[  863.437725][T13612]  <TASK>
[  863.437730][T13612]  dump_stack_lvl+0x100/0x190
[  863.437747][T13612]  should_fail_ex.cold+0x5/0xa
[  863.437765][T13612]  should_failslab+0xc2/0x120
[  863.437780][T13612]  __kvmalloc_node_noprof+0x101/0xac0
[  863.437794][T13612]  ? alloc_fdtable+0x17f/0x2d0
[  863.437807][T13612]  ? alloc_fdtable+0x17f/0x2d0
[  863.437816][T13612]  alloc_fdtable+0x17f/0x2d0
[  863.437827][T13612]  dup_fd+0x995/0xd10
[  863.437839][T13612]  ? do_raw_spin_unlock+0x145/0x1e0
[  863.437850][T13612]  ? _raw_spin_unlock+0x28/0x50
[  863.437862][T13612]  ? copy_fs_struct+0x2a0/0x340
[  863.437879][T13612]  ksys_unshare+0x78f/0xab0
[  863.437895][T13612]  ? __pfx_ksys_unshare+0x10/0x10
[  863.437918][T13612]  ? __pfx_ksys_write+0x10/0x10
[  863.437932][T13612]  __ia32_sys_unshare+0x30/0x40
[  863.437947][T13612]  __do_fast_syscall_32+0xde/0x660
[  863.437964][T13612]  do_fast_syscall_32+0x32/0x70
[  863.437979][T13612]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  863.437992][T13612] RIP: 0023:0xf7fb1579
[  863.438001][T13612] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  863.438012][T13612] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000136
[  863.438023][T13612] RAX: ffffffffffffffda RBX: 0000000022020600 RCX: 0000000000000000
[  863.438030][T13612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  863.438036][T13612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  863.438042][T13612] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  863.438048][T13612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  863.438061][T13612]  </TASK>
[  863.494371][   T40] kauditd_printk_skb: 39 callbacks suppressed
[  863.494383][   T40] audit: type=1326 audit(1770717653.585:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.502059][T13616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2921'.
[  863.503453][   T40] audit: type=1326 audit(1770717653.585:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.505003][T13616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2921'.
[  863.507496][   T40] audit: type=1326 audit(1770717653.585:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.534164][   T40] audit: type=1326 audit(1770717653.585:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.542327][   T40] audit: type=1326 audit(1770717653.585:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.549483][   T40] audit: type=1326 audit(1770717653.585:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.556182][   T40] audit: type=1326 audit(1770717653.585:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.562868][   T40] audit: type=1326 audit(1770717653.585:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.569660][   T40] audit: type=1326 audit(1770717653.585:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  863.576464][   T40] audit: type=1326 audit(1770717653.585:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.0.2921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  864.160664][T13634] syzkaller0: entered promiscuous mode
[  864.162504][T13634] syzkaller0: entered allmulticast mode
[  864.169879][T13634] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  864.173563][T13634] tipc: Resetting bearer <eth:syzkaller0>
[  864.185256][T13634] tipc: Disabling bearer <eth:syzkaller0>
[  864.472902][T13641] FAULT_INJECTION: forcing a failure.
[  864.472902][T13641] name failslab, interval 1, probability 0, space 0, times 0
[  864.477723][T13641] CPU: 3 UID: 0 PID: 13641 Comm: syz.2.2930 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  864.477742][T13641] Tainted: [L]=SOFTLOCKUP
[  864.477746][T13641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  864.477753][T13641] Call Trace:
[  864.477757][T13641]  <TASK>
[  864.477762][T13641]  dump_stack_lvl+0x100/0x190
[  864.477779][T13641]  should_fail_ex.cold+0x5/0xa
[  864.477795][T13641]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  864.477809][T13641]  should_failslab+0xc2/0x120
[  864.477824][T13641]  kmem_cache_alloc_noprof+0x83/0x780
[  864.477837][T13641]  ? skb_clone+0x190/0x400
[  864.477850][T13641]  ? skb_clone+0x190/0x400
[  864.477867][T13641]  skb_clone+0x190/0x400
[  864.477878][T13641]  netlink_deliver_tap+0xaed/0xcc0
[  864.477892][T13641]  netlink_unicast+0x650/0x870
[  864.477906][T13641]  ? __pfx_netlink_unicast+0x10/0x10
[  864.477922][T13641]  netlink_sendmsg+0x8b0/0xda0
[  864.477936][T13641]  ? __pfx_netlink_sendmsg+0x10/0x10
[  864.477949][T13641]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  864.477969][T13641]  ____sys_sendmsg+0xa54/0xc30
[  864.477984][T13641]  ? __pfx_____sys_sendmsg+0x10/0x10
[  864.478004][T13641]  ___sys_sendmsg+0x190/0x1e0
[  864.478019][T13641]  ? __pfx____sys_sendmsg+0x10/0x10
[  864.478050][T13641]  __sys_sendmsg+0x170/0x220
[  864.478061][T13641]  ? __pfx___sys_sendmsg+0x10/0x10
[  864.478076][T13641]  ? __pfx_ksys_write+0x10/0x10
[  864.478091][T13641]  __do_fast_syscall_32+0xde/0x660
[  864.478108][T13641]  do_fast_syscall_32+0x32/0x70
[  864.478124][T13641]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  864.478139][T13641] RIP: 0023:0xf7fb1579
[  864.478147][T13641] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  864.478157][T13641] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  864.478168][T13641] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  864.478175][T13641] RDX: 00000000040040c4 RSI: 0000000000000000 RDI: 0000000000000000
[  864.478181][T13641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  864.478187][T13641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  864.478193][T13641] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  864.478207][T13641]  </TASK>
[  864.556528][ T6008] usb 6-1: new high-speed USB device number 77 using dummy_hcd
[  864.558590][T13641] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2930'.
[  864.714104][ T6008] usb 6-1: Using ep0 maxpacket: 8
[  864.736094][T13643] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  864.759810][T13643] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  864.810398][T13649] IPv6: NLM_F_REPLACE set, but no existing node found!
[  864.982268][T13651] 9pnet_virtio: no channels available for device syz
[  865.131908][T13651] overlay: Unknown parameter '/'
[  865.365332][T13653] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  865.836106][T13653] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  865.840274][T13653] overlayfs: failed to look up (tracing) for ino (-66)
[  865.841017][ T6008] usb 6-1: config 0 interface 0 has no altsetting 0
[  865.845466][ T6008] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  865.848363][ T6008] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  865.858025][ T6008] usb 6-1: config 0 descriptor??
[  866.874017][ T3082] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  866.951057][ T6008] mcp2221 0003:04D8:00DD.0011: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  867.036040][ T3082] usb 5-1: Using ep0 maxpacket: 8
[  867.042865][ T3082] usb 5-1: config 0 has no interfaces?
[  867.046198][ T3082] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  867.049770][ T3082] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  867.063046][ T3082] usb 5-1: config 0 descriptor??
[  867.148177][ T3082] usb 6-1: USB disconnect, device number 77
[  867.164055][ T6004] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  867.225951][T13664] FAULT_INJECTION: forcing a failure.
[  867.225951][T13664] name failslab, interval 1, probability 0, space 0, times 0
[  867.230020][T13664] CPU: 0 UID: 0 PID: 13664 Comm: syz.3.2935 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  867.230039][T13664] Tainted: [L]=SOFTLOCKUP
[  867.230043][T13664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  867.230050][T13664] Call Trace:
[  867.230055][T13664]  <TASK>
[  867.230060][T13664]  dump_stack_lvl+0x100/0x190
[  867.230077][T13664]  should_fail_ex.cold+0x5/0xa
[  867.230093][T13664]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  867.230107][T13664]  should_failslab+0xc2/0x120
[  867.230122][T13664]  kmem_cache_alloc_noprof+0x83/0x780
[  867.230135][T13664]  ? skb_clone+0x190/0x400
[  867.230149][T13664]  ? skb_clone+0x190/0x400
[  867.230159][T13664]  skb_clone+0x190/0x400
[  867.230170][T13664]  netlink_deliver_tap+0xaed/0xcc0
[  867.230185][T13664]  netlink_unicast+0x650/0x870
[  867.230198][T13664]  ? __pfx_netlink_unicast+0x10/0x10
[  867.230214][T13664]  netlink_sendmsg+0x8b0/0xda0
[  867.230228][T13664]  ? __pfx_netlink_sendmsg+0x10/0x10
[  867.230242][T13664]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  867.230261][T13664]  ____sys_sendmsg+0xa54/0xc30
[  867.230276][T13664]  ? __pfx_____sys_sendmsg+0x10/0x10
[  867.230296][T13664]  ___sys_sendmsg+0x190/0x1e0
[  867.230311][T13664]  ? __pfx____sys_sendmsg+0x10/0x10
[  867.230342][T13664]  __sys_sendmsg+0x170/0x220
[  867.230353][T13664]  ? __pfx___sys_sendmsg+0x10/0x10
[  867.230368][T13664]  ? __pfx_ksys_write+0x10/0x10
[  867.230383][T13664]  __do_fast_syscall_32+0xde/0x660
[  867.230401][T13664]  do_fast_syscall_32+0x32/0x70
[  867.230416][T13664]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  867.230430][T13664] RIP: 0023:0xf7fe7579
[  867.230438][T13664] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  867.230449][T13664] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  867.230460][T13664] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  867.230467][T13664] RDX: 0000000000002014 RSI: 0000000000000000 RDI: 0000000000000000
[  867.230473][T13664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  867.230480][T13664] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  867.230486][T13664] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  867.230500][T13664]  </TASK>
[  867.230515][T13664] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2935'.
[  867.285432][T13658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  867.316260][T13658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  867.328071][   T53] usb 5-1: USB disconnect, device number 61
[  867.764410][T13674] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  868.433955][ T3082] usb 6-1: new high-speed USB device number 78 using dummy_hcd
[  868.620204][ T3082] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  868.624731][ T3082] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  868.628702][ T3082] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  868.633645][ T3082] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.639255][ T3082] usb 6-1: config 0 descriptor??
[  869.385741][T13712] vcan0: tx drop: invalid da for name 0x0000008000000000
[  869.853685][T13725] 9pnet_fd: Insufficient options for proto=fd
[  871.133998][   T53] usb 6-1: USB disconnect, device number 78
[  872.070232][T13754] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2962'.
[  872.595634][T13763] FAULT_INJECTION: forcing a failure.
[  872.595634][T13763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  872.600714][T13763] CPU: 1 UID: 0 PID: 13763 Comm: syz.0.2966 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  872.600733][T13763] Tainted: [L]=SOFTLOCKUP
[  872.600737][T13763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  872.600744][T13763] Call Trace:
[  872.600748][T13763]  <TASK>
[  872.600754][T13763]  dump_stack_lvl+0x100/0x190
[  872.600771][T13763]  should_fail_ex.cold+0x5/0xa
[  872.600790][T13763]  _copy_from_user+0x2e/0xd0
[  872.600802][T13763]  binder_thread_write+0x953/0x4d70
[  872.600823][T13763]  ? __lock_acquire+0x4a5/0x2630
[  872.600838][T13763]  ? __pfx_binder_thread_write+0x10/0x10
[  872.600855][T13763]  ? binder_debug+0xe0/0x190
[  872.600866][T13763]  ? __pfx_binder_debug+0x10/0x10
[  872.600878][T13763]  ? binder_debug+0xe0/0x190
[  872.600889][T13763]  ? __pfx_binder_debug+0x10/0x10
[  872.600908][T13763]  ? __pfx_binder_ioctl+0x10/0x10
[  872.600921][T13763]  binder_ioctl+0x28b8/0x7450
[  872.600937][T13763]  ? tomoyo_path_number_perm+0x28f/0x580
[  872.600948][T13763]  ? tomoyo_path_number_perm+0x28f/0x580
[  872.600962][T13763]  ? tomoyo_path_number_perm+0x188/0x580
[  872.600974][T13763]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  872.600986][T13763]  ? __pfx_binder_ioctl+0x10/0x10
[  872.601003][T13763]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  872.601015][T13763]  ? do_vfs_ioctl+0x226/0x13e0
[  872.601031][T13763]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  872.601051][T13763]  ? find_held_lock+0x2b/0x80
[  872.601061][T13763]  ? hook_file_ioctl_common+0x146/0x410
[  872.601075][T13763]  ? __fget_files+0x21f/0x3d0
[  872.601088][T13763]  ? __pfx_binder_ioctl+0x10/0x10
[  872.601101][T13763]  compat_ptr_ioctl+0x6e/0xa0
[  872.601117][T13763]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  872.601132][T13763]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  872.601150][T13763]  __do_fast_syscall_32+0xde/0x660
[  872.601169][T13763]  do_fast_syscall_32+0x32/0x70
[  872.601184][T13763]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  872.601198][T13763] RIP: 0023:0xf73fd579
[  872.601208][T13763] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  872.601218][T13763] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  872.601229][T13763] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0306201
[  872.601235][T13763] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  872.601242][T13763] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  872.601248][T13763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  872.601254][T13763] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  872.601267][T13763]  </TASK>
[  872.601274][T13763] binder: 13762:13763 ioctl c0306201 80000100 returned -14
[  873.333456][T13787] syzkaller0: entered promiscuous mode
[  873.335471][    T9] usb 8-1: new high-speed USB device number 87 using dummy_hcd
[  873.338773][T13787] syzkaller0: entered allmulticast mode
[  873.345349][T13787] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  873.348665][T13787] tipc: Resetting bearer <eth:syzkaller0>
[  873.358581][T13787] tipc: Disabling bearer <eth:syzkaller0>
[  873.525262][    T9] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  873.528119][    T9] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  873.531336][    T9] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  873.534548][    T9] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  873.538364][    T9] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  873.543076][    T9] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  873.546562][    T9] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  873.549231][    T9] usb 8-1: Product: syz
[  873.550653][    T9] usb 8-1: Manufacturer: syz
[  873.555207][    T9] cdc_wdm 8-1:1.0: skipping garbage
[  873.557354][    T9] cdc_wdm 8-1:1.0: skipping garbage
[  873.562109][    T9] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  873.564400][    T9] cdc_wdm 8-1:1.0: Unknown control protocol
[  873.762476][   T53] usb 8-1: USB disconnect, device number 87
[  874.386599][T13803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2978'.
[  874.389986][T13803] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2978'.
[  874.762197][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  874.804157][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  874.912945][T13819] FAULT_INJECTION: forcing a failure.
[  874.912945][T13819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  874.917179][T13819] CPU: 1 UID: 0 PID: 13819 Comm: syz.3.2982 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  874.917198][T13819] Tainted: [L]=SOFTLOCKUP
[  874.917202][T13819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  874.917209][T13819] Call Trace:
[  874.917214][T13819]  <TASK>
[  874.917219][T13819]  dump_stack_lvl+0x100/0x190
[  874.917257][T13819]  should_fail_ex.cold+0x5/0xa
[  874.917275][T13819]  _copy_to_user+0x32/0xd0
[  874.917298][T13819]  msr_read+0x14e/0x250
[  874.917314][T13819]  ? __pfx_msr_read+0x10/0x10
[  874.917328][T13819]  ? bpf_lsm_file_permission+0x9/0x10
[  874.917342][T13819]  ? security_file_permission+0x76/0x210
[  874.917355][T13819]  ? rw_verify_area+0xce/0x6d0
[  874.917366][T13819]  ? __pfx_msr_read+0x10/0x10
[  874.917380][T13819]  vfs_read+0x1e4/0xb30
[  874.917393][T13819]  ? __pfx_vfs_read+0x10/0x10
[  874.917403][T13819]  ? find_held_lock+0x2b/0x80
[  874.917414][T13819]  ? __fget_files+0x215/0x3d0
[  874.917424][T13819]  ? __fget_files+0x215/0x3d0
[  874.917438][T13819]  ? __fget_files+0x21f/0x3d0
[  874.917452][T13819]  ksys_read+0x12a/0x250
[  874.917463][T13819]  ? __pfx_ksys_read+0x10/0x10
[  874.917474][T13819]  ? __pfx_ksys_write+0x10/0x10
[  874.917488][T13819]  __do_fast_syscall_32+0xde/0x660
[  874.917513][T13819]  do_fast_syscall_32+0x32/0x70
[  874.917532][T13819]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  874.917546][T13819] RIP: 0023:0xf7fe7579
[  874.917555][T13819] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  874.917565][T13819] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  874.917576][T13819] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080019680
[  874.917583][T13819] RDX: 0000000000018ff8 RSI: 0000000000000000 RDI: 0000000000000000
[  874.917590][T13819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  874.917596][T13819] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  874.917602][T13819] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  874.917615][T13819]  </TASK>
[  875.520914][T13839] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2986'.
[  876.094446][T13852] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  876.096592][T13852] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  876.099783][T13852] vhci_hcd vhci_hcd.0: Device attached
[  876.111883][T13852] random: crng reseeded on system resumption
[  876.166783][T13852] EXT4-fs (sr0): unable to read superblock
[  876.374070][ T3082] usb 42-1: SetAddress Request (2) to port 0
[  876.376058][ T3082] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  876.539986][T13853] vhci_hcd: connection reset by peer
[  876.549980][ T1142] vhci_hcd vhci_hcd.2: stop threads
[  876.553216][ T1142] vhci_hcd vhci_hcd.2: release socket
[  876.556062][ T1142] vhci_hcd vhci_hcd.2: disconnect device
[  876.617357][T13860] FAULT_INJECTION: forcing a failure.
[  876.617357][T13860] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  876.623361][T13860] CPU: 3 UID: 0 PID: 13860 Comm: syz.1.2996 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  876.623390][T13860] Tainted: [L]=SOFTLOCKUP
[  876.623397][T13860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  876.623407][T13860] Call Trace:
[  876.623414][T13860]  <TASK>
[  876.623422][T13860]  dump_stack_lvl+0x100/0x190
[  876.623448][T13860]  should_fail_ex.cold+0x5/0xa
[  876.623473][T13860]  ? prepare_alloc_pages+0x16d/0x5f0
[  876.623499][T13860]  should_fail_alloc_page+0xeb/0x140
[  876.623521][T13860]  prepare_alloc_pages+0x1f0/0x5f0
[  876.623571][T13860]  __alloc_frozen_pages_noprof+0x193/0x2410
[  876.623596][T13860]  ? find_held_lock+0x2b/0x80
[  876.623613][T13860]  ? get_pid_task+0xfc/0x250
[  876.623634][T13860]  ? get_pid_task+0xfc/0x250
[  876.623657][T13860]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  876.623678][T13860]  ? proc_fail_nth_write+0x9f/0x220
[  876.623697][T13860]  ? find_held_lock+0x2b/0x80
[  876.623717][T13860]  ? find_held_lock+0x2b/0x80
[  876.623734][T13860]  ? ksys_write+0x190/0x250
[  876.623757][T13860]  ? ksys_write+0x190/0x250
[  876.623774][T13860]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  876.623793][T13860]  ? policy_nodemask+0xed/0x4f0
[  876.623816][T13860]  alloc_pages_mpol+0x1fb/0x550
[  876.623838][T13860]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  876.623859][T13860]  ? __fget_files+0x21f/0x3d0
[  876.623897][T13860]  alloc_pages_noprof+0x131/0x390
[  876.623920][T13860]  get_free_pages_noprof+0x10/0xb0
[  876.623940][T13860]  ? __pfx_ksys_write+0x10/0x10
[  876.623956][T13860]  __do_sys_mincore+0xf7/0x610
[  876.623973][T13860]  ? rcu_is_watching+0x12/0xc0
[  876.623991][T13860]  __do_fast_syscall_32+0xde/0x660
[  876.624017][T13860]  do_fast_syscall_32+0x32/0x70
[  876.624053][T13860]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  876.624074][T13860] RIP: 0023:0xf742d579
[  876.624088][T13860] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  876.624103][T13860] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 00000000000000da
[  876.624120][T13860] RAX: ffffffffffffffda RBX: 0000000080d62000 RCX: 0000000000002000
[  876.624131][T13860] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  876.624140][T13860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  876.624150][T13860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  876.624159][T13860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  876.624179][T13860]  </TASK>
[  876.749105][T13864] syzkaller0: entered promiscuous mode
[  876.750897][T13864] syzkaller0: entered allmulticast mode
[  876.756234][T13864] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  876.759552][T13864] tipc: Resetting bearer <eth:syzkaller0>
[  876.778981][T13864] tipc: Disabling bearer <eth:syzkaller0>
[  876.890633][T13866] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2999'.
[  877.219786][T13874] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  878.305134][T13886] syzkaller0: entered promiscuous mode
[  878.306944][T13886] syzkaller0: entered allmulticast mode
[  878.314866][T13886] tipc: Started in network mode
[  878.317913][T13886] tipc: Node identity f619c5e4e3aa, cluster identity 4711
[  878.321255][T13886] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  878.327825][T13886] tipc: Resetting bearer <eth:syzkaller0>
[  878.343541][T13886] tipc: Disabling bearer <eth:syzkaller0>
[  878.426734][T13888] lo speed is unknown, defaulting to 1000
[  878.429134][T13888] lo speed is unknown, defaulting to 1000
[  878.431400][T13888] lo speed is unknown, defaulting to 1000
[  878.455826][T13888] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  878.468116][T13888] lo speed is unknown, defaulting to 1000
[  878.471317][T13888] lo speed is unknown, defaulting to 1000
[  878.479985][T13888] lo speed is unknown, defaulting to 1000
[  878.486295][T13888] lo speed is unknown, defaulting to 1000
[  878.518768][T13888] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3006'.
[  878.784088][    T9] usb 7-1: new high-speed USB device number 80 using dummy_hcd
[  879.134331][    T9] usb 7-1: device descriptor read/64, error -71
[  879.544257][    T9] usb 7-1: new high-speed USB device number 81 using dummy_hcd
[  879.734272][    T9] usb 7-1: device descriptor read/64, error -71
[  879.854180][    T9] usb usb7-port1: attempt power cycle
[  880.224037][    T9] usb 7-1: new high-speed USB device number 82 using dummy_hcd
[  880.244614][    T9] usb 7-1: device descriptor read/8, error -71
[  880.648524][    T9] usb 7-1: new high-speed USB device number 83 using dummy_hcd
[  880.667730][    T9] usb 7-1: device descriptor read/8, error -71
[  880.812307][    T9] usb usb7-port1: unable to enumerate USB device
[  881.466756][ T3082] usb 42-1: device descriptor read/8, error -110
[  881.878840][ T3082] usb usb42-port1: attempt power cycle
[  882.065502][T13968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3029'.
[  882.592077][T13961] orangefs_mount: mount request failed with -4
[  882.604493][ T3082] usb usb42-port1: unable to enumerate USB device
[  882.744087][    T9] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  882.903981][    T9] usb 5-1: Using ep0 maxpacket: 8
[  882.909451][    T9] usb 5-1: config 0 has no interfaces?
[  882.911998][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  882.918670][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  882.924342][ T3082] usb 6-1: new high-speed USB device number 79 using dummy_hcd
[  882.930661][    T9] usb 5-1: config 0 descriptor??
[  883.063984][ T3082] usb 6-1: device descriptor read/64, error -71
[  883.147401][T13978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  883.162591][T13978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  883.217391][    T9] usb 5-1: USB disconnect, device number 62
[  883.334017][ T3082] usb 6-1: new high-speed USB device number 80 using dummy_hcd
[  883.624064][ T3082] usb 6-1: device descriptor read/64, error -71
[  883.737829][ T3082] usb usb6-port1: attempt power cycle
[  883.846789][ T6008] usb 7-1: new high-speed USB device number 84 using dummy_hcd
[  884.004380][ T6008] usb 7-1: Using ep0 maxpacket: 8
[  884.010123][ T6008] usb 7-1: config 0 has no interfaces?
[  884.012545][ T6008] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  884.016813][ T6008] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.036273][ T6008] usb 7-1: config 0 descriptor??
[  884.074307][ T3082] usb 6-1: new high-speed USB device number 81 using dummy_hcd
[  884.094655][ T3082] usb 6-1: device descriptor read/8, error -71
[  884.243581][T14003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  884.247719][T14003] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  884.263385][ T6008] usb 7-1: USB disconnect, device number 84
[  884.337634][ T3082] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[  884.366911][ T3082] usb 6-1: device descriptor read/8, error -71
[  884.485745][ T3082] usb usb6-port1: unable to enumerate USB device
[  885.101891][T14018] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3046'.
[  885.137681][T14020] comedi comedi0: adq12b: I/O port conflict (0x10008001,16)
[  885.207706][T14024] syzkaller0: entered promiscuous mode
[  885.210093][T14024] syzkaller0: entered allmulticast mode
[  885.376810][T14031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3051'.
[  885.398540][T14031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3051'.
[  885.425147][T14028] binder: 14017:14028 ioctl 0 80000040 returned -22
[  885.508207][T14031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3051'.
[  886.453948][ T6008] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  886.595504][ T6008] usb 5-1: device descriptor read/64, error -71
[  886.844061][ T6008] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  886.844066][ T6004] usb 8-1: new high-speed USB device number 88 using dummy_hcd
[  886.974795][ T6008] usb 5-1: device descriptor read/64, error -71
[  887.004087][ T6004] usb 8-1: Using ep0 maxpacket: 8
[  887.007318][ T6004] usb 8-1: config 0 has no interfaces?
[  887.009972][ T6004] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  887.013705][ T6004] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  887.021367][ T6004] usb 8-1: config 0 descriptor??
[  887.084254][ T6008] usb usb5-port1: attempt power cycle
[  887.240501][T14079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  887.244576][T14079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  887.257741][  T829] usb 8-1: USB disconnect, device number 88
[  887.322983][T14103] syzkaller0: entered promiscuous mode
[  887.331716][T14103] syzkaller0: entered allmulticast mode
[  887.340537][T14103] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  887.345023][T14103] tipc: Resetting bearer <eth:syzkaller0>
[  887.382479][T14103] tipc: Disabling bearer <eth:syzkaller0>
[  887.475689][ T6008] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  887.903991][  T829] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[  888.013968][ T6008] usb 5-1: device descriptor read/8, error -71
[  888.063997][  T829] usb 6-1: Using ep0 maxpacket: 8
[  888.069592][  T829] usb 6-1: config 0 has no interfaces?
[  888.071938][  T829] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  888.077747][  T829] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  888.088031][  T829] usb 6-1: config 0 descriptor??
[  888.367414][T14109] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  888.372816][T14109] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  888.488352][ T6024] usb 6-1: USB disconnect, device number 83
[  888.620130][T14123] netlink: 'syz.2.3068': attribute type 10 has an invalid length.
[  888.623122][T14123] bond0: (slave wlan1): Opening slave failed
[  888.662888][ T6008] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  888.685251][ T6008] usb 5-1: device descriptor read/8, error -71
[  888.804627][ T6008] usb usb5-port1: unable to enumerate USB device
[  889.422356][T14139] syzkaller0: entered promiscuous mode
[  889.424371][T14139] syzkaller0: entered allmulticast mode
[  889.431608][T14139] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  889.674284][T14139] tipc: Resetting bearer <eth:syzkaller0>
[  889.703012][T14139] tipc: Disabling bearer <eth:syzkaller0>
[  890.084017][ T6008] usb 8-1: new high-speed USB device number 89 using dummy_hcd
[  890.254033][ T6008] usb 8-1: Using ep0 maxpacket: 8
[  890.265153][ T6008] usb 8-1: config 0 has no interfaces?
[  890.267594][ T6008] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  890.271664][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  890.285775][ T6008] usb 8-1: config 0 descriptor??
[  890.461809][T14166] FAULT_INJECTION: forcing a failure.
[  890.461809][T14166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  890.467127][T14166] CPU: 2 UID: 0 PID: 14166 Comm: syz.1.3084 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  890.467146][T14166] Tainted: [L]=SOFTLOCKUP
[  890.467150][T14166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  890.467157][T14166] Call Trace:
[  890.467161][T14166]  <TASK>
[  890.467165][T14166]  dump_stack_lvl+0x100/0x190
[  890.467182][T14166]  should_fail_ex.cold+0x5/0xa
[  890.467200][T14166]  _copy_from_iter+0x1f4/0x1690
[  890.467213][T14166]  ? __alloc_skb+0x220/0x410
[  890.467229][T14166]  ? __alloc_skb+0x35d/0x410
[  890.467245][T14166]  ? __pfx__copy_from_iter+0x10/0x10
[  890.467256][T14166]  ? netlink_autobind.isra.0+0x80/0x370
[  890.467273][T14166]  netlink_sendmsg+0x808/0xda0
[  890.467287][T14166]  ? __pfx_netlink_sendmsg+0x10/0x10
[  890.467301][T14166]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  890.467320][T14166]  ____sys_sendmsg+0xa54/0xc30
[  890.467335][T14166]  ? __pfx_____sys_sendmsg+0x10/0x10
[  890.467354][T14166]  ___sys_sendmsg+0x190/0x1e0
[  890.467369][T14166]  ? __pfx____sys_sendmsg+0x10/0x10
[  890.467416][T14166]  __sys_sendmsg+0x170/0x220
[  890.467439][T14166]  ? __pfx___sys_sendmsg+0x10/0x10
[  890.467457][T14166]  ? __pfx_ksys_write+0x10/0x10
[  890.467469][T14166]  ? fput+0x79/0x100
[  890.467484][T14166]  __do_fast_syscall_32+0xde/0x660
[  890.467502][T14166]  do_fast_syscall_32+0x32/0x70
[  890.467517][T14166]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  890.467530][T14166] RIP: 0023:0xf742d579
[  890.467539][T14166] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  890.467550][T14166] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  890.467561][T14166] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  890.467568][T14166] RDX: 0000000000000098 RSI: 0000000000000000 RDI: 0000000000000000
[  890.467574][T14166] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  890.467580][T14166] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  890.467586][T14166] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  890.467600][T14166]  </TASK>
[  890.539770][T14155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  890.542593][T14155] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  890.546742][T14168] syzkaller0: entered promiscuous mode
[  890.548666][T14168] syzkaller0: entered allmulticast mode
[  890.555334][   T24] usb 8-1: USB disconnect, device number 89
[  890.576449][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  890.576481][   T40] audit: type=1326 audit(1770717680.665:146): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=14169 comm="syz.1.3085" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf742d579 code=0x0
[  890.644858][T14173] syzkaller0: entered promiscuous mode
[  890.647010][T14173] syzkaller0: entered allmulticast mode
[  890.662343][T14173] tipc: Started in network mode
[  890.664140][T14173] tipc: Node identity 7e240d9d257, cluster identity 4711
[  890.666814][T14173] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  890.670278][T14173] tipc: Resetting bearer <eth:syzkaller0>
[  890.681390][T14173] tipc: Disabling bearer <eth:syzkaller0>
[  891.044052][T14188] binder: BINDER_SET_CONTEXT_MGR already set
[  891.046421][T14188] binder: 14187:14188 ioctl 4018620d 80004a80 returned -16
[  892.124005][ T5951] Bluetooth: hci4: command 0x0406 tx timeout
[  892.211197][ T5991] usb 7-1: new high-speed USB device number 85 using dummy_hcd
[  892.306851][T14229] syzkaller0: entered promiscuous mode
[  892.308831][T14229] syzkaller0: entered allmulticast mode
[  892.384917][ T5991] usb 7-1: Using ep0 maxpacket: 8
[  892.389682][ T5991] usb 7-1: config 0 has no interfaces?
[  892.391519][ T5991] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  892.395698][ T5991] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  892.399314][ T5991] usb 7-1: config 0 descriptor??
[  892.400159][T14238] binder: BINDER_SET_CONTEXT_MGR already set
[  892.402990][T14238] binder: 14237:14238 ioctl 4018620d 80004a80 returned -16
[  892.605544][T14208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  892.608516][T14208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  892.623800][    T9] usb 7-1: USB disconnect, device number 85
[  892.694847][T14245] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  893.314951][   T40] audit: type=1326 audit(1770717683.405:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.324597][   T40] audit: type=1326 audit(1770717683.405:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.332781][   T40] audit: type=1326 audit(1770717683.415:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.340509][   T40] audit: type=1326 audit(1770717683.415:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.347940][   T40] audit: type=1326 audit(1770717683.415:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.355609][   T40] audit: type=1326 audit(1770717683.415:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.362486][   T40] audit: type=1326 audit(1770717683.415:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.369642][   T40] audit: type=1326 audit(1770717683.415:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.376659][   T40] audit: type=1326 audit(1770717683.415:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14261 comm="syz.3.3112" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  893.424433][T14270] can0: slcan on pty26.
[  893.923981][ T5991] usb 6-1: new high-speed USB device number 84 using dummy_hcd
[  894.073980][ T5991] usb 6-1: Using ep0 maxpacket: 8
[  894.076842][ T5991] usb 6-1: config 0 has no interfaces?
[  894.078625][ T5991] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  894.081461][ T5991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  894.088729][ T5991] usb 6-1: config 0 descriptor??
[  894.186228][T14261] can0 (unregistered): slcan off pty26.
[  894.295086][T14282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  894.296886][T14300] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  894.300334][T14300] overlayfs: failed to set xattr on upper
[  894.302183][T14300] overlayfs: ...falling back to redirect_dir=nofollow.
[  894.304807][T14300] overlayfs: ...falling back to index=off.
[  894.305761][T14282] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  894.306870][T14300] overlayfs: ...falling back to uuid=null.
[  894.318021][ T6024] usb 6-1: USB disconnect, device number 84
[  894.349054][T14304] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  894.359310][T14304] tipc: Disabling bearer <eth:syzkaller0>
[  894.915342][ T5991] usb 8-1: new high-speed USB device number 90 using dummy_hcd
[  895.075787][ T5991] usb 8-1: Using ep0 maxpacket: 8
[  895.079150][ T5991] usb 8-1: config 0 has no interfaces?
[  895.081461][ T5991] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  895.085897][ T5991] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  895.089922][ T5991] usb 8-1: config 0 descriptor??
[  895.202478][T14332] program syz.1.3130 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  895.206702][T14332] .: renamed from bond0 (while UP)
[  895.266747][T14334] FAULT_INJECTION: forcing a failure.
[  895.266747][T14334] name failslab, interval 1, probability 0, space 0, times 0
[  895.272016][T14334] CPU: 2 UID: 0 PID: 14334 Comm: syz.2.3131 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  895.272043][T14334] Tainted: [L]=SOFTLOCKUP
[  895.272049][T14334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  895.272060][T14334] Call Trace:
[  895.272067][T14334]  <TASK>
[  895.272073][T14334]  dump_stack_lvl+0x100/0x190
[  895.272101][T14334]  should_fail_ex.cold+0x5/0xa
[  895.272127][T14334]  should_failslab+0xc2/0x120
[  895.272148][T14334]  __kmalloc_cache_noprof+0x80/0x810
[  895.272165][T14334]  ? allocate_cgrp_cset_links+0xca/0x230
[  895.272187][T14334]  ? allocate_cgrp_cset_links+0xca/0x230
[  895.272202][T14334]  allocate_cgrp_cset_links+0xca/0x230
[  895.272224][T14334]  find_css_set+0x784/0x1c80
[  895.272253][T14334]  ? __pfx_find_css_set+0x10/0x10
[  895.272294][T14334]  cgroup_migrate_prepare_dst+0x10b/0x7f0
[  895.272324][T14334]  cgroup_attach_task+0x3e4/0x710
[  895.272348][T14334]  ? __pfx_cgroup_attach_task+0x10/0x10
[  895.272370][T14334]  ? percpu_down_write+0x22d/0x3e0
[  895.272416][T14334]  __cgroup1_procs_write.isra.0+0x2c4/0x420
[  895.272441][T14334]  ? __pfx___cgroup1_procs_write.isra.0+0x10/0x10
[  895.272465][T14334]  ? kernfs_root+0xf8/0x2a0
[  895.272491][T14334]  cgroup_file_write+0x1e9/0x790
[  895.272510][T14334]  ? __pfx_cgroup1_procs_write+0x10/0x10
[  895.272532][T14334]  ? __pfx_cgroup_file_write+0x10/0x10
[  895.272574][T14334]  kernfs_fop_write_iter+0x3e0/0x5f0
[  895.272591][T14334]  ? __pfx_cgroup_file_write+0x10/0x10
[  895.272615][T14334]  vfs_write+0x6ac/0x1070
[  895.272634][T14334]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  895.272654][T14334]  ? __pfx_vfs_write+0x10/0x10
[  895.272694][T14334]  ksys_write+0x12a/0x250
[  895.272714][T14334]  ? __pfx_ksys_write+0x10/0x10
[  895.272731][T14334]  ? __pfx_ksys_write+0x10/0x10
[  895.272755][T14334]  __do_fast_syscall_32+0xde/0x660
[  895.272783][T14334]  do_fast_syscall_32+0x32/0x70
[  895.272807][T14334]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  895.272826][T14334] RIP: 0023:0xf7fb1579
[  895.272841][T14334] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  895.272856][T14334] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  895.272874][T14334] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800001c0
[  895.272884][T14334] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  895.272894][T14334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  895.272905][T14334] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  895.272915][T14334] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  895.272938][T14334]  </TASK>
[  895.328302][T14320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  895.380246][T14337] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3133'.
[  895.395413][T14320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  895.401359][T14338] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  895.414712][T14338] tipc: Disabling bearer <eth:syzkaller0>
[  895.427087][  T829] usb 8-1: USB disconnect, device number 90
[  895.634178][T14354] FAULT_INJECTION: forcing a failure.
[  895.634178][T14354] name failslab, interval 1, probability 0, space 0, times 0
[  895.638500][T14354] CPU: 2 UID: 0 PID: 14354 Comm: syz.0.3139 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  895.638519][T14354] Tainted: [L]=SOFTLOCKUP
[  895.638523][T14354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  895.638529][T14354] Call Trace:
[  895.638533][T14354]  <TASK>
[  895.638538][T14354]  dump_stack_lvl+0x100/0x190
[  895.638555][T14354]  should_fail_ex.cold+0x5/0xa
[  895.638574][T14354]  should_failslab+0xc2/0x120
[  895.638588][T14354]  __kmalloc_cache_noprof+0x80/0x810
[  895.638599][T14354]  ? rtnl_newlink+0x126/0x2380
[  895.638613][T14354]  ? __pfx_rtnl_newlink+0x10/0x10
[  895.638623][T14354]  ? rtnl_newlink+0x126/0x2380
[  895.638632][T14354]  rtnl_newlink+0x126/0x2380
[  895.638654][T14354]  ? __pfx_rtnl_newlink+0x10/0x10
[  895.638665][T14354]  ? kasan_quarantine_put+0x104/0x240
[  895.638677][T14354]  ? lockdep_hardirqs_on+0x78/0x100
[  895.638693][T14354]  ? kmem_cache_free+0x143/0x720
[  895.638703][T14354]  ? sk_tx_queue_get+0x119/0x270
[  895.638719][T14354]  ? __lock_acquire+0x4a5/0x2630
[  895.638735][T14354]  ? consume_skb+0xd6/0x110
[  895.638747][T14354]  ? find_held_lock+0x2b/0x80
[  895.638762][T14354]  ? find_held_lock+0x2b/0x80
[  895.638773][T14354]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  895.638783][T14354]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  895.638795][T14354]  ? __pfx_rtnl_newlink+0x10/0x10
[  895.638806][T14354]  rtnetlink_rcv_msg+0x95e/0xe90
[  895.638819][T14354]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  895.638833][T14354]  ? ref_tracker_free+0x37e/0x6c0
[  895.638847][T14354]  netlink_rcv_skb+0x159/0x420
[  895.638859][T14354]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  895.638871][T14354]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  895.638887][T14354]  ? netlink_deliver_tap+0x1ae/0xcc0
[  895.638900][T14354]  netlink_unicast+0x5aa/0x870
[  895.638913][T14354]  ? __pfx_netlink_unicast+0x10/0x10
[  895.638929][T14354]  netlink_sendmsg+0x8b0/0xda0
[  895.638943][T14354]  ? __pfx_netlink_sendmsg+0x10/0x10
[  895.638956][T14354]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  895.638975][T14354]  ____sys_sendmsg+0xa54/0xc30
[  895.638990][T14354]  ? __pfx_____sys_sendmsg+0x10/0x10
[  895.639009][T14354]  ___sys_sendmsg+0x190/0x1e0
[  895.639024][T14354]  ? __pfx____sys_sendmsg+0x10/0x10
[  895.639054][T14354]  __sys_sendmsg+0x170/0x220
[  895.639065][T14354]  ? __pfx___sys_sendmsg+0x10/0x10
[  895.639080][T14354]  ? __pfx_ksys_write+0x10/0x10
[  895.639096][T14354]  __do_fast_syscall_32+0xde/0x660
[  895.639112][T14354]  do_fast_syscall_32+0x32/0x70
[  895.639128][T14354]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  895.639141][T14354] RIP: 0023:0xf73fd579
[  895.639150][T14354] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  895.639160][T14354] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  895.639171][T14354] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  895.639178][T14354] RDX: 0000000000004040 RSI: 0000000000000000 RDI: 0000000000000000
[  895.639184][T14354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  895.639191][T14354] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  895.639197][T14354] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  895.639210][T14354]  </TASK>
[  895.743800][T14356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3138'.
[  896.951725][T14387] syz_tun: entered allmulticast mode
[  896.956429][T14387] FAULT_INJECTION: forcing a failure.
[  896.956429][T14387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  896.960561][T14387] CPU: 2 UID: 0 PID: 14387 Comm: syz.3.3151 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  896.960579][T14387] Tainted: [L]=SOFTLOCKUP
[  896.960583][T14387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  896.960590][T14387] Call Trace:
[  896.960595][T14387]  <TASK>
[  896.960600][T14387]  dump_stack_lvl+0x100/0x190
[  896.960618][T14387]  should_fail_ex.cold+0x5/0xa
[  896.960636][T14387]  _copy_to_user+0x32/0xd0
[  896.960649][T14387]  simple_read_from_buffer+0xcb/0x170
[  896.960661][T14387]  proc_fail_nth_read+0x1af/0x230
[  896.960674][T14387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  896.960687][T14387]  ? rw_verify_area+0xce/0x6d0
[  896.960697][T14387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  896.960709][T14387]  vfs_read+0x1e4/0xb30
[  896.960722][T14387]  ? __pfx_vfs_read+0x10/0x10
[  896.960732][T14387]  ? find_held_lock+0x2b/0x80
[  896.960743][T14387]  ? __fget_files+0x215/0x3d0
[  896.960757][T14387]  ? __fget_files+0x21f/0x3d0
[  896.960772][T14387]  ksys_read+0x12a/0x250
[  896.960783][T14387]  ? __pfx_ksys_read+0x10/0x10
[  896.960798][T14387]  do_int80_emulation+0x101/0x470
[  896.960816][T14387]  asm_int80_emulation+0x1a/0x20
[  896.960826][T14387] RIP: 0023:0xf71e572b
[  896.960835][T14387] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  896.960845][T14387] RSP: 002b:00000000f54a64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  896.960856][T14387] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54a65d0
[  896.960863][T14387] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  896.960869][T14387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  896.960875][T14387] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  896.960882][T14387] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  896.960896][T14387]  </TASK>
[  897.024506][T14386] syz_tun: left allmulticast mode
[  897.061920][T14384] syzkaller0: entered promiscuous mode
[  897.063715][T14384] syzkaller0: entered allmulticast mode
[  897.254063][ T5951] Bluetooth: hci1: command 0x0406 tx timeout
[  897.324040][    T9] usb 8-1: new high-speed USB device number 91 using dummy_hcd
[  897.332380][T14398] bpf: Bad value for 'uid'
[  897.340952][T14398] bond1: left allmulticast mode
[  897.342479][T14398] dummy0: left allmulticast mode
[  897.474442][    T9] usb 8-1: Using ep0 maxpacket: 8
[  897.479671][    T9] usb 8-1: config 0 has no interfaces?
[  897.481976][    T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  897.485714][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  897.489925][    T9] usb 8-1: config 0 descriptor??
[  897.721184][  T829] usb 8-1: USB disconnect, device number 91
[  897.757635][T14427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3168'.
[  897.776034][T14427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3168'.
[  897.813433][T14427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3168'.
[  897.913609][T14435] FAULT_INJECTION: forcing a failure.
[  897.913609][T14435] name failslab, interval 1, probability 0, space 0, times 0
[  897.959690][T14435] CPU: 1 UID: 0 PID: 14435 Comm: syz.1.3165 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  897.959711][T14435] Tainted: [L]=SOFTLOCKUP
[  897.959715][T14435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  897.959722][T14435] Call Trace:
[  897.959728][T14435]  <TASK>
[  897.959734][T14435]  dump_stack_lvl+0x100/0x190
[  897.959752][T14435]  should_fail_ex.cold+0x5/0xa
[  897.959770][T14435]  should_failslab+0xc2/0x120
[  897.959785][T14435]  __kvmalloc_node_noprof+0x101/0xac0
[  897.959799][T14435]  ? io_uring_setup.cold+0x171/0x1a89
[  897.959816][T14435]  ? io_uring_setup.cold+0x171/0x1a89
[  897.959830][T14435]  io_uring_setup.cold+0x171/0x1a89
[  897.959845][T14435]  ? ksys_write+0x190/0x250
[  897.959856][T14435]  ? ksys_write+0x190/0x250
[  897.959867][T14435]  ? __pfx_io_uring_setup+0x10/0x10
[  897.959883][T14435]  ? __mutex_unlock_slowpath+0x15c/0x790
[  897.959901][T14435]  ? __fget_files+0x215/0x3d0
[  897.959918][T14435]  ? fput+0x79/0x100
[  897.959931][T14435]  ? ksys_write+0x1ac/0x250
[  897.959942][T14435]  ? __pfx_ksys_write+0x10/0x10
[  897.959955][T14435]  __ia32_sys_io_uring_setup+0xc2/0x170
[  897.959971][T14435]  __do_fast_syscall_32+0xde/0x660
[  897.959988][T14435]  do_fast_syscall_32+0x32/0x70
[  897.960004][T14435]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  897.960017][T14435] RIP: 0023:0xf742d579
[  897.960026][T14435] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  897.960038][T14435] RSP: 002b:00000000f54144bc EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  897.960049][T14435] RAX: ffffffffffffffda RBX: 000000000000010d RCX: 0000000080000140
[  897.960056][T14435] RDX: 0000000000000000 RSI: 00000000f5414514 RDI: 00000000f5414578
[  897.960062][T14435] RBP: 0000000080000340 R08: 0000000000000000 R09: 0000000000000000
[  897.960068][T14435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  897.960075][T14435] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  897.960088][T14435]  </TASK>
[  898.260645][T14446] syzkaller0: entered promiscuous mode
[  898.262609][T14446] syzkaller0: entered allmulticast mode
[  898.544413][T14456] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  898.547198][T14456] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  898.555175][T14456] vhci_hcd vhci_hcd.0: Device attached
[  898.624443][T14456] random: crng reseeded on system resumption
[  898.684907][  T842] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  898.727010][T14456] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  898.864048][ T3082] usb 44-1: SetAddress Request (2) to port 0
[  898.866570][ T3082] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  899.148038][T14457] vhci_hcd: connection reset by peer
[  899.152165][   T95] vhci_hcd vhci_hcd.3: stop threads
[  899.156390][   T95] vhci_hcd vhci_hcd.3: release socket
[  899.159380][   T95] vhci_hcd vhci_hcd.3: disconnect device
[  899.435357][T14469] syzkaller0: entered promiscuous mode
[  899.437663][T14469] syzkaller0: entered allmulticast mode
[  899.443035][T14469] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  899.447199][T14469] tipc: Resetting bearer <eth:syzkaller0>
[  899.499360][T14469] tipc: Disabling bearer <eth:syzkaller0>
[  899.876011][T14476] syzkaller1: entered promiscuous mode
[  899.878425][T14476] syzkaller1: entered allmulticast mode
[  899.882232][T14476] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  899.885059][T14474] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3180'.
[  899.988084][T14480] syzkaller0: entered promiscuous mode
[  899.989858][T14480] syzkaller0: entered allmulticast mode
[  900.123945][ T6008] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  900.194750][T14490] Bluetooth: MGMT ver 1.23
[  900.274035][ T6008] usb 5-1: Using ep0 maxpacket: 8
[  900.291441][ T6008] usb 5-1: config 0 has no interfaces?
[  900.293296][ T6008] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  900.300926][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  900.305018][ T6008] usb 5-1: config 0 descriptor??
[  900.313303][T14497] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  900.565430][   T53] usb 5-1: USB disconnect, device number 67
[  900.576845][ T6008] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  901.196982][T14512] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.3192'.
[  901.320887][T14512] mkiss: ax0: crc mode is auto.
[  901.334221][T14515] syz.1.3190 (14515): /proc/14506/oom_adj is deprecated, please use /proc/14506/oom_score_adj instead.
[  901.352667][T14515] trusted_key: encrypted_key: insufficient parameters specified
[  901.674054][ T6008] usb 7-1: new high-speed USB device number 86 using dummy_hcd
[  901.824445][ T6008] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  901.827597][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.830353][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.833831][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.837279][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.840132][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.844562][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.848258][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.851953][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.856848][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.860643][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.864611][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.869052][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.872777][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.876816][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.880383][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.884247][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.888353][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.892814][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.896716][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.900443][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.904606][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.908226][ T6008] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  901.912144][ T6008] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  901.917079][ T6008] usb 7-1: config 0 interface 0 has no altsetting 0
[  901.921933][ T6008] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  901.926204][ T6008] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  901.929575][ T6008] usb 7-1: Product: syz
[  901.931340][ T6008] usb 7-1: Manufacturer: syz
[  901.933310][ T6008] usb 7-1: SerialNumber: syz
[  901.937962][ T6008] usb 7-1: config 0 descriptor??
[  901.950951][ T6008] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  902.164467][T14519] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  902.170225][   T53] usb 7-1: USB disconnect, device number 86
[  902.177081][   T53] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  902.364174][ T5951] Bluetooth: hci2: command 0x0406 tx timeout
[  902.864878][  T829] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  903.142328][  T829] usb 5-1: Using ep0 maxpacket: 8
[  903.145370][  T829] usb 5-1: config 0 has no interfaces?
[  903.147640][  T829] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  903.151415][  T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  903.159262][  T829] usb 5-1: config 0 descriptor??
[  903.380089][   T10] usb 5-1: USB disconnect, device number 68
[  903.414122][  T842] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[  903.563930][  T842] usb 6-1: Using ep0 maxpacket: 8
[  903.566843][  T842] usb 6-1: config 0 has no interfaces?
[  903.568612][  T842] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  903.571428][  T842] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  903.588030][  T842] usb 6-1: config 0 descriptor??
[  903.801256][T14557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  903.805230][T14557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  903.837150][   T10] usb 6-1: USB disconnect, device number 85
[  903.964201][ T3082] usb 44-1: device descriptor read/8, error -110
[  904.008262][T14565] netlink: 'syz.0.3210': attribute type 64 has an invalid length.
[  904.011164][T14565] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3210'.
[  904.087051][T14572] netlink: 'syz.0.3210': attribute type 1 has an invalid length.
[  904.279825][T14582] syzkaller0: entered promiscuous mode
[  904.281721][T14582] syzkaller0: entered allmulticast mode
[  904.343939][   T10] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  904.355071][ T3082] usb usb44-port1: attempt power cycle
[  904.407364][T14584] syzkaller0: entered promiscuous mode
[  904.411462][T14584] syzkaller0: entered allmulticast mode
[  904.422319][T14584] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  904.427187][T14584] tipc: Resetting bearer <eth:syzkaller0>
[  904.456384][T14584] tipc: Disabling bearer <eth:syzkaller0>
[  904.474061][   T10] usb 5-1: device descriptor read/64, error -71
[  904.724033][ T6023] usb 7-1: new high-speed USB device number 87 using dummy_hcd
[  904.814283][   T10] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  904.886382][ T6023] usb 7-1: Using ep0 maxpacket: 8
[  904.899104][ T6023] usb 7-1: config 0 has no interfaces?
[  904.902741][ T6023] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  904.910642][ T6023] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  904.935395][ T6023] usb 7-1: config 0 descriptor??
[  904.944102][   T10] usb 5-1: device descriptor read/64, error -71
[  904.959953][ T3082] usb usb44-port1: unable to enumerate USB device
[  905.072547][   T10] usb usb5-port1: attempt power cycle
[  905.143460][T14586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  905.148904][T14586] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  905.186411][  T842] usb 7-1: USB disconnect, device number 87
[  905.444046][   T10] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  905.467027][   T10] usb 5-1: device descriptor read/8, error -71
[  905.520105][T14597] syzkaller0: entered promiscuous mode
[  905.521912][T14597] syzkaller0: entered allmulticast mode
[  905.529121][T14597] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  905.532281][T14597] tipc: Resetting bearer <eth:syzkaller0>
[  905.543118][T14597] tipc: Disabling bearer <eth:syzkaller0>
[  905.666529][T14602] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  905.670271][T14602] tipc: Disabling bearer <eth:syzkaller0>
[  905.703972][   T10] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  905.724706][   T10] usb 5-1: device descriptor read/8, error -71
[  905.844229][   T10] usb usb5-port1: unable to enumerate USB device
[  907.160243][T14627] lo speed is unknown, defaulting to 1000
[  907.391954][T14637] netlink: 'syz.2.3233': attribute type 29 has an invalid length.
[  907.394785][T14637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3233'.
[  907.401580][T14637] comedi comedi0: multiq3: I/O port conflict (0x1,16)
[  907.411230][T14637] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge_slave_0
[  909.006704][T14665] FAULT_INJECTION: forcing a failure.
[  909.006704][T14665] name failslab, interval 1, probability 0, space 0, times 0
[  909.012156][T14665] CPU: 0 UID: 0 PID: 14665 Comm: syz.3.3240 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  909.012185][T14665] Tainted: [L]=SOFTLOCKUP
[  909.012190][T14665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  909.012199][T14665] Call Trace:
[  909.012206][T14665]  <TASK>
[  909.012212][T14665]  dump_stack_lvl+0x100/0x190
[  909.012239][T14665]  should_fail_ex.cold+0x5/0xa
[  909.012268][T14665]  should_failslab+0xc2/0x120
[  909.012293][T14665]  kmem_cache_alloc_noprof+0x83/0x780
[  909.012315][T14665]  ? getname_flags.part.0+0x4c/0x540
[  909.012343][T14665]  ? getname_flags.part.0+0x4c/0x540
[  909.012363][T14665]  getname_flags.part.0+0x4c/0x540
[  909.012401][T14665]  __ia32_sys_renameat2+0x1d3/0x2a0
[  909.012425][T14665]  __do_fast_syscall_32+0xde/0x660
[  909.012451][T14665]  do_fast_syscall_32+0x32/0x70
[  909.012476][T14665]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  909.012495][T14665] RIP: 0023:0xf7fe7579
[  909.012508][T14665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  909.012522][T14665] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000161
[  909.012542][T14665] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000600
[  909.012551][T14665] RDX: 00000000ffffff9c RSI: 0000000080000640 RDI: 0000000000000002
[  909.012559][T14665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  909.012570][T14665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  909.012582][T14665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  909.012605][T14665]  </TASK>
[  910.725868][T14695] syzkaller0: entered promiscuous mode
[  910.727794][T14695] syzkaller0: entered allmulticast mode
[  910.731630][T14695] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  910.743165][T14695] tipc: Resetting bearer <eth:syzkaller0>
[  910.850415][T14698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3252'.
[  910.862957][T14695] tipc: Disabling bearer <eth:syzkaller0>
[  912.122685][T14716] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  912.287450][T14716] tipc: Disabling bearer <eth:syzkaller0>
[  912.519564][T14721] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3260'.
[  912.555793][T14723] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  912.566681][T14723] tipc: Disabling bearer <eth:syzkaller0>
[  912.789074][T14727] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  912.791303][T14727] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  912.794719][T14727] vhci_hcd vhci_hcd.0: Device attached
[  912.957782][T14738] vhci_hcd: connection closed
[  912.958002][ T1147] vhci_hcd vhci_hcd.3: stop threads
[  912.961222][ T1147] vhci_hcd vhci_hcd.3: release socket
[  912.963122][ T1147] vhci_hcd vhci_hcd.3: disconnect device
[  912.964006][ T3082] usb 7-1: new high-speed USB device number 88 using dummy_hcd
[  913.113977][ T3082] usb 7-1: Using ep0 maxpacket: 8
[  913.117030][ T3082] usb 7-1: config 0 has no interfaces?
[  913.118944][ T3082] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  913.122858][ T3082] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  913.128415][ T3082] usb 7-1: config 0 descriptor??
[  913.130945][T14745] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3266'.
[  913.196250][T14747] FAULT_INJECTION: forcing a failure.
[  913.196250][T14747] name failslab, interval 1, probability 0, space 0, times 0
[  913.200577][T14747] CPU: 0 UID: 0 PID: 14747 Comm: syz.0.3268 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  913.200596][T14747] Tainted: [L]=SOFTLOCKUP
[  913.200601][T14747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  913.200607][T14747] Call Trace:
[  913.200613][T14747]  <TASK>
[  913.200618][T14747]  dump_stack_lvl+0x100/0x190
[  913.200638][T14747]  should_fail_ex.cold+0x5/0xa
[  913.200656][T14747]  should_failslab+0xc2/0x120
[  913.200670][T14747]  ? io_cache_alloc_new+0x45/0xe0
[  913.200686][T14747]  __kmalloc_noprof+0xf6/0x9c0
[  913.200696][T14747]  ? __io_alloc_req_refill+0x2dc/0x330
[  913.200713][T14747]  ? io_cache_alloc_new+0x45/0xe0
[  913.200728][T14747]  io_cache_alloc_new+0x45/0xe0
[  913.200744][T14747]  io_msg_alloc_async+0x1c3/0x3a0
[  913.200760][T14747]  io_connect_prep+0x228/0x350
[  913.200777][T14747]  io_submit_sqes+0xa4b/0x21c0
[  913.200799][T14747]  __do_sys_io_uring_enter+0x6b4/0x15b0
[  913.200817][T14747]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  913.200835][T14747]  ? fput+0x79/0x100
[  913.200848][T14747]  ? ksys_write+0x1ac/0x250
[  913.200859][T14747]  ? __pfx_ksys_write+0x10/0x10
[  913.200873][T14747]  __do_fast_syscall_32+0xde/0x660
[  913.200891][T14747]  do_fast_syscall_32+0x32/0x70
[  913.200906][T14747]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  913.200919][T14747] RIP: 0023:0xf73fd579
[  913.200929][T14747] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  913.200939][T14747] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[  913.200951][T14747] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000003516
[  913.200957][T14747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  913.200963][T14747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  913.200970][T14747] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  913.200976][T14747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  913.200989][T14747]  </TASK>
[  913.333485][T14733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  913.337198][T14733] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  913.346535][ T5991] usb 7-1: USB disconnect, device number 88
[  913.443036][T14753] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  913.874889][ T6008] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  914.014101][ T6008] usb 5-1: device descriptor read/64, error -71
[  914.264018][ T6008] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  914.394016][ T6008] usb 5-1: device descriptor read/64, error -71
[  914.504214][ T6008] usb usb5-port1: attempt power cycle
[  914.854059][ T6008] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  914.874634][ T6008] usb 5-1: device descriptor read/8, error -71
[  914.968065][T14779] netlink: 88 bytes leftover after parsing attributes in process `syz.2.3280'.
[  915.118327][ T6008] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  915.137637][T14785] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  915.141991][T14785] tipc: Disabling bearer <eth:syzkaller0>
[  915.154633][ T6008] usb 5-1: device descriptor read/8, error -71
[  915.264378][ T6008] usb usb5-port1: unable to enumerate USB device
[  915.499454][T14790] syzkaller1: entered promiscuous mode
[  915.501670][T14790] syzkaller1: entered allmulticast mode
[  915.910060][T14810] FAULT_INJECTION: forcing a failure.
[  915.910060][T14810] name failslab, interval 1, probability 0, space 0, times 0
[  915.915550][T14810] CPU: 3 UID: 0 PID: 14810 Comm: syz.3.3287 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  915.915580][T14810] Tainted: [L]=SOFTLOCKUP
[  915.915586][T14810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  915.915595][T14810] Call Trace:
[  915.915601][T14810]  <TASK>
[  915.915609][T14810]  dump_stack_lvl+0x100/0x190
[  915.915636][T14810]  should_fail_ex.cold+0x5/0xa
[  915.915665][T14810]  should_failslab+0xc2/0x120
[  915.915689][T14810]  __kmalloc_cache_noprof+0x80/0x810
[  915.915707][T14810]  ? io_eventfd_register+0x129/0x480
[  915.915734][T14810]  ? io_eventfd_register+0x129/0x480
[  915.915758][T14810]  io_eventfd_register+0x129/0x480
[  915.915782][T14810]  ? __pfx_io_eventfd_register+0x10/0x10
[  915.915813][T14810]  __do_sys_io_uring_register+0xdb7/0x1650
[  915.915838][T14810]  ? __fget_files+0x215/0x3d0
[  915.915857][T14810]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  915.915883][T14810]  ? __pfx___do_sys_io_uring_register+0x10/0x10
[  915.915909][T14810]  ? __fget_files+0x21f/0x3d0
[  915.915931][T14810]  ? fput+0x79/0x100
[  915.915951][T14810]  ? ksys_write+0x1ac/0x250
[  915.915969][T14810]  ? __pfx_ksys_write+0x10/0x10
[  915.915994][T14810]  __do_fast_syscall_32+0xde/0x660
[  915.916021][T14810]  do_fast_syscall_32+0x32/0x70
[  915.916045][T14810]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  915.916062][T14810] RIP: 0023:0xf7fe7579
[  915.916077][T14810] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  915.916093][T14810] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 00000000000001ab
[  915.916110][T14810] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000007
[  915.916122][T14810] RDX: 0000000080000100 RSI: 0000000000000001 RDI: 0000000000000000
[  915.916132][T14810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  915.916142][T14810] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  915.916153][T14810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  915.916173][T14810]  </TASK>
[  916.124140][T14818] program syz.2.3289 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  916.305179][T14830] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3294'.
[  916.566040][T14832] binder: 14829:14832 ioctl 0 80000040 returned -22
[  917.354013][ T5950] Bluetooth: hci2: Invalid connection link type handle 0x00c9
[  917.376086][T14841] lo speed is unknown, defaulting to 1000
[  917.718724][T14849] lo speed is unknown, defaulting to 1000
[  918.054104][T14866] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3304'.
[  918.079467][T14869] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3306'.
[  918.648644][T14879] 9p: Bad value for 'rfdno'
[  918.737041][T14881] FAULT_INJECTION: forcing a failure.
[  918.737041][T14881] name failslab, interval 1, probability 0, space 0, times 0
[  918.742538][T14881] CPU: 3 UID: 0 PID: 14881 Comm: syz.1.3310 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  918.742582][T14881] Tainted: [L]=SOFTLOCKUP
[  918.742588][T14881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  918.742600][T14881] Call Trace:
[  918.742606][T14881]  <TASK>
[  918.742613][T14881]  dump_stack_lvl+0x100/0x190
[  918.742641][T14881]  should_fail_ex.cold+0x5/0xa
[  918.742671][T14881]  should_failslab+0xc2/0x120
[  918.742694][T14881]  ? lsm_blob_alloc+0x68/0x90
[  918.742716][T14881]  __kmalloc_noprof+0xf6/0x9c0
[  918.742732][T14881]  ? sk_prot_alloc+0x10b/0x2a0
[  918.742755][T14881]  ? rcu_is_watching+0x12/0xc0
[  918.742770][T14881]  ? sk_prot_alloc+0x10b/0x2a0
[  918.742795][T14881]  ? lsm_blob_alloc+0x68/0x90
[  918.742817][T14881]  lsm_blob_alloc+0x68/0x90
[  918.742856][T14881]  security_sk_alloc+0x2d/0x290
[  918.742873][T14881]  sk_prot_alloc+0x12a/0x2a0
[  918.742897][T14881]  sk_alloc+0x36/0xe80
[  918.742924][T14881]  bpf_prog_test_run_skb+0x4cd/0x3140
[  918.742949][T14881]  ? find_held_lock+0x2b/0x80
[  918.742968][T14881]  ? __fget_files+0x215/0x3d0
[  918.742995][T14881]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  918.743017][T14881]  ? fput+0x79/0x100
[  918.743041][T14881]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  918.743059][T14881]  __sys_bpf+0x1e56/0x5050
[  918.743078][T14881]  ? __pfx___schedule+0x10/0x10
[  918.743102][T14881]  ? __pfx___sys_bpf+0x10/0x10
[  918.743120][T14881]  ? preempt_schedule_thunk+0x16/0x30
[  918.743139][T14881]  ? preempt_schedule_common+0x42/0xc0
[  918.743184][T14881]  ? preempt_schedule_thunk+0x16/0x30
[  918.743210][T14881]  ? vfs_write+0x464/0x1070
[  918.743228][T14881]  ? find_held_lock+0x2b/0x80
[  918.743247][T14881]  ? ksys_write+0x190/0x250
[  918.743270][T14881]  ? __mutex_unlock_slowpath+0x15c/0x790
[  918.743309][T14881]  ? fput+0x79/0x100
[  918.743331][T14881]  ? ksys_write+0x1ac/0x250
[  918.743355][T14881]  __ia32_sys_bpf+0x79/0xf0
[  918.743374][T14881]  ? lockdep_hardirqs_on+0x78/0x100
[  918.743397][T14881]  __do_fast_syscall_32+0xde/0x660
[  918.743425][T14881]  do_fast_syscall_32+0x32/0x70
[  918.743450][T14881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  918.743472][T14881] RIP: 0023:0xf742d579
[  918.743485][T14881] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  918.743502][T14881] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  918.743520][T14881] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000000
[  918.743531][T14881] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000000
[  918.743540][T14881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  918.743550][T14881] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  918.743561][T14881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  918.743584][T14881]  </TASK>
[  919.009346][T14887] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3313'.
[  919.012756][T14887] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3313'.
[  919.302424][T14897] FAULT_INJECTION: forcing a failure.
[  919.302424][T14897] name failslab, interval 1, probability 0, space 0, times 0
[  919.307179][T14897] CPU: 2 UID: 0 PID: 14897 Comm: syz.2.3315 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  919.307199][T14897] Tainted: [L]=SOFTLOCKUP
[  919.307204][T14897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  919.307211][T14897] Call Trace:
[  919.307216][T14897]  <TASK>
[  919.307221][T14897]  dump_stack_lvl+0x100/0x190
[  919.307243][T14897]  should_fail_ex.cold+0x5/0xa
[  919.307261][T14897]  should_failslab+0xc2/0x120
[  919.307276][T14897]  ? alloc_pipe_info+0x1ec/0x590
[  919.307288][T14897]  __kmalloc_noprof+0xf6/0x9c0
[  919.307302][T14897]  ? alloc_pipe_info+0x1ec/0x590
[  919.307314][T14897]  alloc_pipe_info+0x1ec/0x590
[  919.307327][T14897]  splice_direct_to_actor+0x78f/0xa30
[  919.307340][T14897]  ? __pfx_direct_splice_actor+0x10/0x10
[  919.307352][T14897]  ? __pfx_aa_file_perm+0x10/0x10
[  919.307368][T14897]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  919.307379][T14897]  ? find_held_lock+0x2b/0x80
[  919.307394][T14897]  do_splice_direct+0x174/0x240
[  919.307406][T14897]  ? __pfx_do_splice_direct+0x10/0x10
[  919.307416][T14897]  ? common_file_perm+0x1ab/0x4f0
[  919.307428][T14897]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  919.307441][T14897]  ? rw_verify_area+0xce/0x6d0
[  919.307452][T14897]  do_sendfile+0xadc/0xe20
[  919.307466][T14897]  ? __pfx_do_sendfile+0x10/0x10
[  919.307477][T14897]  ? __fget_files+0x21f/0x3d0
[  919.307491][T14897]  __ia32_compat_sys_sendfile+0x1e5/0x220
[  919.307506][T14897]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  919.307520][T14897]  ? __pfx_ksys_write+0x10/0x10
[  919.307535][T14897]  __do_fast_syscall_32+0xde/0x660
[  919.307551][T14897]  do_fast_syscall_32+0x32/0x70
[  919.307567][T14897]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  919.307580][T14897] RIP: 0023:0xf7fb1579
[  919.307588][T14897] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  919.307599][T14897] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 00000000000000bb
[  919.307610][T14897] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000004
[  919.307617][T14897] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000000000
[  919.307623][T14897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  919.307629][T14897] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  919.307635][T14897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  919.307648][T14897]  </TASK>
[  919.393350][T14899] netlink: 'syz.3.3316': attribute type 64 has an invalid length.
[  919.396155][T14899] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3316'.
[  919.415224][T14901] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  919.672872][T14899] netlink: 'syz.3.3316': attribute type 1 has an invalid length.
[  919.846891][T14909] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  919.850668][T14909] overlayfs: missing 'lowerdir'
[  919.934134][  T842] usb 8-1: new high-speed USB device number 92 using dummy_hcd
[  919.954470][T14913] FAULT_INJECTION: forcing a failure.
[  919.954470][T14913] name failslab, interval 1, probability 0, space 0, times 0
[  919.958570][T14913] CPU: 3 UID: 0 PID: 14913 Comm: syz.1.3321 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  919.958588][T14913] Tainted: [L]=SOFTLOCKUP
[  919.958592][T14913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  919.958599][T14913] Call Trace:
[  919.958604][T14913]  <TASK>
[  919.958609][T14913]  dump_stack_lvl+0x100/0x190
[  919.958626][T14913]  should_fail_ex.cold+0x5/0xa
[  919.958644][T14913]  should_failslab+0xc2/0x120
[  919.958659][T14913]  __kvmalloc_node_noprof+0x101/0xac0
[  919.958673][T14913]  ? bpf_test_run_xdp_live+0x16f/0x760
[  919.958690][T14913]  ? trace_sched_exit_tp+0xcd/0x100
[  919.958706][T14913]  ? bpf_test_run_xdp_live+0x16f/0x760
[  919.958726][T14913]  bpf_test_run_xdp_live+0x16f/0x760
[  919.958752][T14913]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  919.958779][T14913]  ? __mutex_unlock_slowpath+0x15c/0x790
[  919.958807][T14913]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  919.958835][T14913]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  919.958852][T14913]  ? bpf_dispatcher_change_prog+0x2d7/0xa60
[  919.958871][T14913]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  919.958887][T14913]  ? 0xffffffffa0206200
[  919.958897][T14913]  ? 0xffffffffa0206200
[  919.958905][T14913]  ? 0xffffffffa0206200
[  919.958912][T14913]  ? bpf_dispatcher_change_prog+0x2dc/0xa60
[  919.958926][T14913]  bpf_prog_test_run_xdp+0xd7d/0x1670
[  919.958941][T14913]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  919.958956][T14913]  ? fput+0x79/0x100
[  919.958970][T14913]  ? __bpf_prog_get+0x97/0x2a0
[  919.958985][T14913]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  919.958996][T14913]  __sys_bpf+0x1e56/0x5050
[  919.959010][T14913]  ? __pfx___sys_bpf+0x10/0x10
[  919.959021][T14913]  ? proc_fail_nth_write+0x9f/0x220
[  919.959034][T14913]  ? find_held_lock+0x2b/0x80
[  919.959048][T14913]  ? find_held_lock+0x2b/0x80
[  919.959059][T14913]  ? ksys_write+0x190/0x250
[  919.959072][T14913]  ? __mutex_unlock_slowpath+0x15c/0x790
[  919.959095][T14913]  ? fput+0x79/0x100
[  919.959108][T14913]  ? ksys_write+0x1ac/0x250
[  919.959121][T14913]  __ia32_sys_bpf+0x79/0xf0
[  919.959159][T14913]  ? lockdep_hardirqs_on+0x78/0x100
[  919.959177][T14913]  __do_fast_syscall_32+0xde/0x660
[  919.959194][T14913]  do_fast_syscall_32+0x32/0x70
[  919.959210][T14913]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  919.959223][T14913] RIP: 0023:0xf742d579
[  919.959232][T14913] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  919.959242][T14913] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  919.959253][T14913] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  919.959260][T14913] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  919.959266][T14913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  919.959272][T14913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  919.959278][T14913] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  919.959292][T14913]  </TASK>
[  920.124064][  T842] usb 8-1: device descriptor read/64, error -71
[  920.363994][  T842] usb 8-1: new high-speed USB device number 93 using dummy_hcd
[  920.494027][  T842] usb 8-1: device descriptor read/64, error -71
[  920.599053][T14922] lo speed is unknown, defaulting to 1000
[  920.604438][  T842] usb usb8-port1: attempt power cycle
[  920.729309][T14922] 9p: Bad value for 'rfdno'
[  920.899050][T14930] FAULT_INJECTION: forcing a failure.
[  920.899050][T14930] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  920.903230][T14930] CPU: 1 UID: 0 PID: 14930 Comm: syz.1.3327 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  920.903249][T14930] Tainted: [L]=SOFTLOCKUP
[  920.903253][T14930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  920.903259][T14930] Call Trace:
[  920.903264][T14930]  <TASK>
[  920.903269][T14930]  dump_stack_lvl+0x100/0x190
[  920.903287][T14930]  should_fail_ex.cold+0x5/0xa
[  920.903305][T14930]  _copy_to_user+0x32/0xd0
[  920.903317][T14930]  simple_read_from_buffer+0xcb/0x170
[  920.903329][T14930]  proc_fail_nth_read+0x1af/0x230
[  920.903343][T14930]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  920.903356][T14930]  ? rw_verify_area+0xce/0x6d0
[  920.903366][T14930]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  920.903378][T14930]  vfs_read+0x1e4/0xb30
[  920.903391][T14930]  ? __pfx_vfs_read+0x10/0x10
[  920.903401][T14930]  ? find_held_lock+0x2b/0x80
[  920.903413][T14930]  ? __fget_files+0x215/0x3d0
[  920.903427][T14930]  ? __fget_files+0x21f/0x3d0
[  920.903442][T14930]  ksys_read+0x12a/0x250
[  920.903453][T14930]  ? __pfx_ksys_read+0x10/0x10
[  920.903463][T14930]  ? fput+0x79/0x100
[  920.903480][T14930]  do_int80_emulation+0x101/0x470
[  920.903498][T14930]  asm_int80_emulation+0x1a/0x20
[  920.903508][T14930] RIP: 0023:0xf719572b
[  920.903517][T14930] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  920.903528][T14930] RSP: 002b:00000000f54564bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  920.903539][T14930] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54565d0
[  920.903545][T14930] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  920.903552][T14930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  920.903558][T14930] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  920.903564][T14930] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  920.903577][T14930]  </TASK>
[  920.934149][T14931] netlink: 'syz.2.3326': attribute type 4 has an invalid length.
[  920.944372][  T842] usb 8-1: new high-speed USB device number 94 using dummy_hcd
[  920.994466][  T842] usb 8-1: device descriptor read/8, error -71
[  921.078994][T14935] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  921.093522][T14935] tipc: Disabling bearer <eth:syzkaller0>
[  921.204024][  T851] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[  921.234061][  T842] usb 8-1: new high-speed USB device number 95 using dummy_hcd
[  921.254758][  T842] usb 8-1: device descriptor read/8, error -71
[  921.355718][  T851] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  921.358491][  T851] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  921.361677][  T851] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  921.364291][  T842] usb usb8-port1: unable to enumerate USB device
[  921.364656][  T851] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64
[  921.373414][  T851] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  921.378257][  T851] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  921.381630][  T851] usb 6-1: Product: syz
[  921.383443][  T851] usb 6-1: Manufacturer: syz
[  921.398023][  T851] cdc_wdm 6-1:1.0: skipping garbage
[  921.400293][  T851] cdc_wdm 6-1:1.0: skipping garbage
[  921.402552][  T851] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  921.599460][    T9] usb 6-1: USB disconnect, device number 86
[  921.954009][ T5991] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  922.084091][ T5991] usb 5-1: device descriptor read/64, error -71
[  922.354096][ T5991] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  922.472885][T14961] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  922.483965][ T5991] usb 5-1: device descriptor read/64, error -71
[  922.487812][T14961] tipc: Disabling bearer <eth:syzkaller0>
[  922.594184][ T5991] usb usb5-port1: attempt power cycle
[  922.744493][  T842] usb 8-1: new high-speed USB device number 96 using dummy_hcd
[  922.893990][  T842] usb 8-1: Using ep0 maxpacket: 8
[  922.914040][  T842] usb 8-1: config 0 has no interfaces?
[  922.916055][  T842] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  922.919331][  T842] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.924700][  T842] usb 8-1: config 0 descriptor??
[  922.964036][ T5991] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  922.984771][ T5991] usb 5-1: device descriptor read/8, error -71
[  923.131451][T14963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  923.135433][T14963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  923.142874][  T842] usb 8-1: USB disconnect, device number 96
[  923.231965][ T5991] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  923.254723][ T5991] usb 5-1: device descriptor read/8, error -71
[  923.374294][ T5991] usb usb5-port1: unable to enumerate USB device
[  923.581525][T14981] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3344'.
[  923.689256][T14984] netlink: 'syz.3.3345': attribute type 64 has an invalid length.
[  923.692576][T14984] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3345'.
[  923.753821][T14985] netlink: 'syz.3.3345': attribute type 1 has an invalid length.
[  924.014023][  T829] usb 8-1: new high-speed USB device number 97 using dummy_hcd
[  924.143996][  T829] usb 8-1: device descriptor read/64, error -71
[  924.394067][  T829] usb 8-1: new high-speed USB device number 98 using dummy_hcd
[  924.460650][T14991] fuse: Unknown parameter '̶_�ˣ��\�՞9��<h�Xv�a�m6�M������(v�א H#�U�t�d�#w D����r�:lθ�Z��"�G�YI�.`��E�e�%
[  924.460650][T14991] UR��zW"N��&X��ZXEN)|�Z��m�
[  924.460650][T14991] �W'
[  924.519118][T14993] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  924.532503][  T829] usb 8-1: device descriptor read/64, error -71
[  924.538007][T14993] tipc: Disabling bearer <eth:syzkaller0>
[  924.644291][  T829] usb usb8-port1: attempt power cycle
[  924.994046][  T829] usb 8-1: new high-speed USB device number 99 using dummy_hcd
[  925.014477][  T829] usb 8-1: device descriptor read/8, error -71
[  925.274145][  T829] usb 8-1: new high-speed USB device number 100 using dummy_hcd
[  925.306027][  T829] usb 8-1: device descriptor read/8, error -71
[  925.415324][  T829] usb usb8-port1: unable to enumerate USB device
[  926.196598][T15015] lo speed is unknown, defaulting to 1000
[  926.274141][   T10] usb 7-1: new high-speed USB device number 89 using dummy_hcd
[  926.344575][T15021] netlink: 'syz.1.3356': attribute type 8 has an invalid length.
[  926.347730][T15021] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3356'.
[  926.379964][T15021] netlink: 'syz.1.3356': attribute type 8 has an invalid length.
[  926.383154][T15021] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3356'.
[  926.434004][   T10] usb 7-1: Using ep0 maxpacket: 8
[  926.445510][   T10] usb 7-1: config 0 has no interfaces?
[  926.447891][   T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  926.451218][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.462245][   T10] usb 7-1: config 0 descriptor??
[  926.672182][T15013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  926.675908][T15013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  926.682682][   T10] usb 7-1: USB disconnect, device number 89
[  926.687681][T15033] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3361'.
[  926.736228][ T5991] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[  926.884041][ T5991] usb 6-1: device descriptor read/64, error -71
[  927.044979][T15043] fuse: Bad value for 'fd'
[  927.054899][T15043] ipip0: entered promiscuous mode
[  927.057913][T15043] ipip0: entered allmulticast mode
[  927.144042][ T5991] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[  927.284014][ T5991] usb 6-1: device descriptor read/64, error -71
[  927.373177][  T842] lo speed is unknown, defaulting to 1000
[  927.404339][ T5991] usb usb6-port1: attempt power cycle
[  927.518235][T15059] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3370'.
[  927.753967][ T5991] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[  927.784851][ T5991] usb 6-1: device descriptor read/8, error -71
[  927.895630][T15067] blktrace: Concurrent blktraces are not allowed on sg0
[  928.033964][ T5991] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[  928.064640][ T5991] usb 6-1: device descriptor read/8, error -71
[  928.174182][ T5991] usb usb6-port1: unable to enumerate USB device
[  928.676450][T15074] 9p: Bad value for 'wfdno'
[  929.620114][   T40] kauditd_printk_skb: 603 callbacks suppressed
[  929.620167][   T40] audit: type=1326 audit(1770717719.705:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.630344][   T40] audit: type=1326 audit(1770717719.705:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.641054][   T40] audit: type=1326 audit(1770717719.705:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.649734][   T40] audit: type=1326 audit(1770717719.705:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.657558][   T40] audit: type=1326 audit(1770717719.705:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.665435][   T40] audit: type=1326 audit(1770717719.705:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.675234][   T40] audit: type=1326 audit(1770717719.705:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.685359][   T40] audit: type=1326 audit(1770717719.705:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.695248][   T40] audit: type=1326 audit(1770717719.705:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  929.704798][   T40] audit: type=1326 audit(1770717719.705:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  930.694071][   T10] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[  930.854071][   T10] usb 6-1: Using ep0 maxpacket: 8
[  930.857201][   T10] usb 6-1: config 0 has no interfaces?
[  930.859220][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  930.862195][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  930.866224][   T10] usb 6-1: config 0 descriptor??
[  931.077257][T15118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  931.084372][T15118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  931.102671][   T10] usb 6-1: USB disconnect, device number 91
[  931.612375][T15123] binder: 15122:15123 ioctl 4018620d 0 returned -22
[  932.496953][T15142] FAULT_INJECTION: forcing a failure.
[  932.496953][T15142] name failslab, interval 1, probability 0, space 0, times 0
[  932.501724][T15142] CPU: 3 UID: 0 PID: 15142 Comm: syz.2.3400 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  932.501744][T15142] Tainted: [L]=SOFTLOCKUP
[  932.501748][T15142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  932.501754][T15142] Call Trace:
[  932.501760][T15142]  <TASK>
[  932.501765][T15142]  dump_stack_lvl+0x100/0x190
[  932.501781][T15142]  should_fail_ex.cold+0x5/0xa
[  932.501799][T15142]  should_failslab+0xc2/0x120
[  932.501814][T15142]  __kmalloc_cache_noprof+0x80/0x810
[  932.501833][T15142]  ? kvm_create_lapic+0xa9/0x440
[  932.501849][T15142]  ? lockdep_init_map_type+0x5c/0x250
[  932.501866][T15142]  ? kvm_create_lapic+0xa9/0x440
[  932.501882][T15142]  kvm_create_lapic+0xa9/0x440
[  932.501899][T15142]  kvm_arch_vcpu_create+0x286/0xac0
[  932.501915][T15142]  kvm_vm_ioctl+0x756/0x4020
[  932.501934][T15142]  ? stack_depot_save_flags+0x27/0x9c0
[  932.501946][T15142]  ? __lock_acquire+0x4a5/0x2630
[  932.501960][T15142]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  932.501975][T15142]  ? kasan_save_stack+0x3f/0x50
[  932.501987][T15142]  ? kasan_save_stack+0x30/0x50
[  932.501998][T15142]  ? kasan_save_track+0x14/0x30
[  932.502009][T15142]  ? kasan_save_free_info+0x3b/0x70
[  932.502018][T15142]  ? __kasan_slab_free+0x5f/0x80
[  932.502030][T15142]  ? kfree+0x1c7/0x690
[  932.502038][T15142]  ? tomoyo_path_number_perm+0x46d/0x580
[  932.502050][T15142]  ? security_file_ioctl_compat+0xd3/0x230
[  932.502061][T15142]  ? __ia32_compat_sys_ioctl+0xc2/0x360
[  932.502077][T15142]  ? __do_fast_syscall_32+0xde/0x660
[  932.502092][T15142]  ? do_fast_syscall_32+0x32/0x70
[  932.502108][T15142]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  932.502122][T15142]  ? kvm_arch_vm_compat_ioctl+0x2d0/0x470
[  932.502140][T15142]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[  932.502167][T15142]  ? kasan_quarantine_put+0x104/0x240
[  932.502179][T15142]  ? lockdep_hardirqs_on+0x78/0x100
[  932.502195][T15142]  ? find_held_lock+0x2b/0x80
[  932.502206][T15142]  ? tomoyo_path_number_perm+0x28f/0x580
[  932.502216][T15142]  ? tomoyo_path_number_perm+0x28f/0x580
[  932.502230][T15142]  ? tomoyo_path_number_perm+0x188/0x580
[  932.502242][T15142]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  932.502258][T15142]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  932.502270][T15142]  ? do_vfs_ioctl+0x226/0x13e0
[  932.502286][T15142]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  932.502303][T15142]  kvm_vm_compat_ioctl+0x2f7/0x3f0
[  932.502322][T15142]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  932.502338][T15142]  ? find_held_lock+0x2b/0x80
[  932.502352][T15142]  ? hook_file_ioctl_common+0x146/0x410
[  932.502367][T15142]  ? __fget_files+0x21f/0x3d0
[  932.502381][T15142]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  932.502396][T15142]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  932.502414][T15142]  __do_fast_syscall_32+0xde/0x660
[  932.502431][T15142]  do_fast_syscall_32+0x32/0x70
[  932.502446][T15142]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  932.502459][T15142] RIP: 0023:0xf7fb1579
[  932.502468][T15142] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  932.502478][T15142] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  932.502489][T15142] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000ae41
[  932.502496][T15142] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  932.502502][T15142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  932.502508][T15142] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  932.502515][T15142] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  932.502528][T15142]  </TASK>
[  932.603992][  T604] ------------[ cut here ]------------
[  932.621967][  T604] [CRTC:35:crtc-0] vblank wait timed out
[  932.623754][  T604] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1920 at drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0, CPU#2: kworker/2:5/604
[  932.628072][  T604] Modules linked in:
[  932.630549][  T604] CPU: 2 UID: 0 PID: 604 Comm: kworker/2:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  932.634050][  T604] Tainted: [L]=SOFTLOCKUP
[  932.635439][  T604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  932.638604][  T604] Workqueue: events drm_fb_helper_damage_work
[  932.640575][  T604] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  932.643008][  T604] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d 58 62 2f 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 13 68 72 fc e9 7c fe ff ff e8 19
[  932.649057][  T604] RSP: 0000:ffffc90002f37688 EFLAGS: 00010246
[  932.651043][  T604] RAX: 0000000000000000 RBX: ffff888042365318 RCX: 1ffff1100846ca7e
[  932.653656][  T604] RDX: ffff888041ff9160 RSI: 0000000000000023 RDI: ffffffff90c34a90
[  932.656219][  T604] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  932.658635][  T604] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  932.661617][  T604] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888000a7da00
[  932.664425][  T604] FS:  0000000000000000(0000) GS:ffff8880975c4000(0000) knlGS:0000000000000000
[  932.667214][  T604] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  932.669741][  T604] CR2: 0000000080002a80 CR3: 000000004ab8c000 CR4: 0000000000352ef0
[  932.672954][  T604] Call Trace:
[  932.674102][  T604]  <TASK>
[  932.675055][  T604]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  932.677564][  T604]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  932.679541][  T604]  ? lockdep_hardirqs_on+0x78/0x100
[  932.681399][  T604]  ? __pfx_autoremove_wake_function+0x10/0x10
[  932.683278][  T604]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  932.685388][  T604]  drm_atomic_helper_commit_tail+0xff/0x130
[  932.687284][  T604]  commit_tail+0x338/0x430
[  932.688669][  T604]  drm_atomic_helper_commit+0x303/0x380
[  932.690551][  T604]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  932.692619][  T604]  drm_atomic_commit+0x230/0x300
[  932.694351][  T604]  ? __pfx_drm_atomic_commit+0x10/0x10
[  932.696041][  T604]  ? __pfx___drm_printfn_info+0x10/0x10
[  932.697802][  T604]  ? drm_mode_object_get+0x108/0x170
[  932.699425][  T604]  drm_atomic_helper_dirtyfb+0x603/0x790
[  932.701179][  T604]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  932.703058][  T604]  ? do_raw_spin_lock+0x128/0x260
[  932.704668][  T604]  ? find_held_lock+0x2b/0x80
[  932.706114][  T604]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  932.708071][  T604]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  932.710062][  T604]  drm_fb_helper_damage_work+0x348/0x640
[  932.712451][  T604]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  932.715123][  T604]  ? process_one_work+0x80b/0x1840
[  932.717137][  T604]  ? rcu_is_watching+0x12/0xc0
[  932.719168][  T604]  process_one_work+0x9c2/0x1840
[  932.721310][  T604]  ? __pfx_process_one_work+0x10/0x10
[  932.723498][  T604]  ? assign_work+0x19c/0x250
[  932.725155][  T604]  worker_thread+0x5da/0xe40
[  932.726688][  T604]  ? __pfx_worker_thread+0x10/0x10
[  932.728420][  T604]  ? kthread+0x17d/0x730
[  932.729802][  T604]  ? __pfx_worker_thread+0x10/0x10
[  932.731546][  T604]  kthread+0x3b3/0x730
[  932.733242][  T604]  ? __pfx_kthread+0x10/0x10
[  932.735165][  T604]  ? ret_from_fork+0x79/0xaf0
[  932.737070][  T604]  ? ret_from_fork+0x79/0xaf0
[  932.738959][  T604]  ? rcu_is_watching+0x12/0xc0
[  932.740943][  T604]  ? __pfx_kthread+0x10/0x10
[  932.742913][  T604]  ret_from_fork+0x754/0xaf0
[  932.744954][  T604]  ? __pfx_ret_from_fork+0x10/0x10
[  932.747058][  T604]  ? __switch_to+0x7b9/0x10c0
[  932.748722][  T604]  ? __pfx_kthread+0x10/0x10
[  932.750270][  T604]  ret_from_fork_asm+0x1a/0x30
[  932.751906][  T604]  </TASK>
[  932.752929][  T604] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  932.755241][  T604] CPU: 2 UID: 0 PID: 604 Comm: kworker/2:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  932.758833][  T604] Tainted: [L]=SOFTLOCKUP
[  932.760249][  T604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  932.764310][  T604] Workqueue: events drm_fb_helper_damage_work
[  932.766768][  T604] Call Trace:
[  932.768147][  T604]  <TASK>
[  932.769359][  T604]  dump_stack_lvl+0x100/0x190
[  932.771119][  T604]  vpanic+0x20d/0x630
[  932.772444][  T604]  panic+0xd1/0xd1
[  932.773905][  T604]  ? __pfx_panic+0x10/0x10
[  932.775757][  T604]  ? check_panic_on_warn+0x1f/0x90
[  932.777868][  T604]  check_panic_on_warn.cold+0x19/0x34
[  932.780094][  T604]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  932.782999][  T604]  __warn.cold+0x191/0x2f8
[  932.784842][  T604]  __report_bug+0x296/0x3d0
[  932.786759][  T604]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  932.789701][  T604]  ? __pfx___report_bug+0x10/0x10
[  932.791369][  T604]  ? lockdep_hardirqs_on+0x78/0x100
[  932.793025][  T604]  report_bug_entry+0xe1/0x290
[  932.794581][  T604]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  932.796881][  T604]  handle_bug+0x1c9/0x2a0
[  932.798335][  T604]  exc_invalid_op+0x17/0x50
[  932.799850][  T604]  asm_exc_invalid_op+0x1a/0x20
[  932.801725][  T604] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  932.804154][  T604] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d 58 62 2f 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 13 68 72 fc e9 7c fe ff ff e8 19
[  932.811989][  T604] RSP: 0000:ffffc90002f37688 EFLAGS: 00010246
[  932.814528][  T604] RAX: 0000000000000000 RBX: ffff888042365318 RCX: 1ffff1100846ca7e
[  932.817779][  T604] RDX: ffff888041ff9160 RSI: 0000000000000023 RDI: ffffffff90c34a90
[  932.821055][  T604] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  932.823922][  T604] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  932.826395][  T604] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888000a7da00
[  932.828890][  T604]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x6e6/0x8a0
[  932.831162][  T604]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  932.833487][  T604]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  932.835316][  T604]  ? lockdep_hardirqs_on+0x78/0x100
[  932.836925][  T604]  ? __pfx_autoremove_wake_function+0x10/0x10
[  932.838807][  T604]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  932.841160][  T604]  drm_atomic_helper_commit_tail+0xff/0x130
[  932.843573][  T604]  commit_tail+0x338/0x430
[  932.845412][  T604]  drm_atomic_helper_commit+0x303/0x380
[  932.847530][  T604]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  932.849412][  T604]  drm_atomic_commit+0x230/0x300
[  932.851163][  T604]  ? __pfx_drm_atomic_commit+0x10/0x10
[  932.852868][  T604]  ? __pfx___drm_printfn_info+0x10/0x10
[  932.854582][  T604]  ? drm_mode_object_get+0x108/0x170
[  932.856248][  T604]  drm_atomic_helper_dirtyfb+0x603/0x790
[  932.857991][  T604]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  932.859917][  T604]  ? do_raw_spin_lock+0x128/0x260
[  932.861500][  T604]  ? find_held_lock+0x2b/0x80
[  932.862989][  T604]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  932.864912][  T604]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  932.866862][  T604]  drm_fb_helper_damage_work+0x348/0x640
[  932.868591][  T604]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  932.870552][  T604]  ? process_one_work+0x80b/0x1840
[  932.872176][  T604]  ? rcu_is_watching+0x12/0xc0
[  932.873672][  T604]  process_one_work+0x9c2/0x1840
[  932.875645][  T604]  ? __pfx_process_one_work+0x10/0x10
[  932.877553][  T604]  ? assign_work+0x19c/0x250
[  932.879045][  T604]  worker_thread+0x5da/0xe40
[  932.880546][  T604]  ? __pfx_worker_thread+0x10/0x10
[  932.882130][  T604]  ? kthread+0x17d/0x730
[  932.883451][  T604]  ? __pfx_worker_thread+0x10/0x10
[  932.884970][  T604]  kthread+0x3b3/0x730
[  932.886201][  T604]  ? __pfx_kthread+0x10/0x10
[  932.887589][  T604]  ? ret_from_fork+0x79/0xaf0
[  932.889033][  T604]  ? ret_from_fork+0x79/0xaf0
[  932.890702][  T604]  ? rcu_is_watching+0x12/0xc0
[  932.892289][  T604]  ? __pfx_kthread+0x10/0x10
[  932.893686][  T604]  ret_from_fork+0x754/0xaf0
[  932.895109][  T604]  ? __pfx_ret_from_fork+0x10/0x10
[  932.896721][  T604]  ? __switch_to+0x7b9/0x10c0
[  932.898364][  T604]  ? __pfx_kthread+0x10/0x10
[  932.900352][  T604]  ret_from_fork_asm+0x1a/0x30
[  932.901985][  T604]  </TASK>
[  932.903707][  T604] Kernel Offset: disabled
[  932.905058][  T604] Rebooting in 86400 seconds..