last executing test programs:

16m35.740778675s ago: executing program 0 (id=902):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8c, 0x870, 0x1, 0x2, 0xd59f82, 0x19f5, 0xacc, 0xb, 0x0, 0x8, 0x27fd, 0x2800, 0x440, 0x3, 0xd, 0x22, {0x45, 0x80}, 0xcd, 0x3}})
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000840)='system.posix_acl_access\x00', 0x0, 0x24, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00))
chdir(0x0)
rmdir(&(0x7f0000000380)='./file0/../file0\x00')
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = open(0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r4, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})

16m33.679813915s ago: executing program 0 (id=914):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x28}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000400)="c274386d178550cb864bd57221bc", 0x0, 0x40, 0xf0ffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

16m33.576986876s ago: executing program 0 (id=916):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}, @in={0x2, 0x4e24, @remote}], 0x2c)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xfe, @loopback, 0x1}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="e6", 0x1}], 0x1, &(0x7f0000000140)=[@dstaddrv4={0x18, 0x84, 0x7, @remote}], 0x18, 0x4855}, 0x24000052) (fail_nth: 17)

16m33.488483528s ago: executing program 0 (id=918):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001700)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000aa700000000000000000000005e1affd501000008000240000000032c000000030add0b7a86762a3259389a2bcfd9c7c93701030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000c79db075244788c56db0f645aae2dfab000b95e9f2ce9f55cd023b5dd3dee2b36ec7fd116deb31aeafe87fea1b16df5ffa0293298a6988c12fe1960f926e9dfd0b5b47f3c92721e221f53315474def49b6324d3ccfe3eb1f51d0da97401537134968eda6467e"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000038000480340001800c0001007061796c6f6164002400028008000440000000000800024000000002080001400000000d0800034005000000140000001100010000000000000000000000000af032de143f054a685ed11213f8b8a435827a483d3527ab222f2a9251d8ccf03dd8ddd417e0e776018bd5539761292a2d471c2d5c098bab35752cc83b066acf341b899197162ba906dc4b041cc661e532f84b6a46a8e21bf3d7feae0d156de85e7b94c735979af72d398c177a9c91ea1eb81ce2b2cc2bea3b1b753642ac3215692b6e77bd06d33f00000000f7e2f30fda9ce74812ea19c15e2c1102fe2773540a9de82c948f0298e0437a1399ea85d03bfc6a0000"], 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1001, 0x1})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000500)='./binderfs2/custom0\x00', 0x0, 0x0)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000001b00)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001840)={0x20, 0x0, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x20}}, 0x44800)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x138a})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x20, 0x0, &(0x7f0000000540)=[@register_looper, @exit_looper, @clear_death, @decrefs], 0x0, 0x0, 0x0})
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r7 = getpid()
dup3(r2, 0xffffffffffffffff, 0x80000)
sched_setaffinity(r7, 0x8, &(0x7f0000000240)=0x2)
r8 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_provisioning(&(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r7, @ANYRES8=0x0], 0x48, r8)
r9 = openat$cgroup_root(0xffffff9c, &(0x7f00000018c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000001900)={0x20002000, &(0x7f00000001c0), &(0x7f00000002c0), &(0x7f0000000300), {0x22}, &(0x7f0000000600)=""/4096, 0x1000, &(0x7f0000001600)=""/252, &(0x7f0000001880)=[r7, 0x0], 0x2, {r9}}, 0x58)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x83d056, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x18f887, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005858, 0x0)

16m33.072707355s ago: executing program 0 (id=921):
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', r2, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r3, 0x2e, 0x0, r3, @void, @value=0x0}, 0x20)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000200)="09c43ddd8e31ab79e0fdbf0b85f423c697cc71b983579d855ed7b0482364f1d0249ef436afa8065b2828c99dc634647a6326f7b07c3da9d0af68140861260e5713472288a6a2196ba00ab68709be17dad7e77a1edc8e178c421917544cda77be8927bbaf8203263d2712be2f877f1109ad921b1713dd376ca1a37943e5a8cd45c9294daaed19f65b0d60", 0x8a)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8004, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000640)={0x11, 0x1, 0x4})
ioctl$KVM_X86_SET_MCE(r6, 0x4040ae9e, &(0x7f00000002c0)={0xed80000000000000, 0x70000, 0x0, 0x8, 0x2})
ioctl$KVM_X86_SET_MCE(r6, 0x4040ae9e, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

16m32.770597965s ago: executing program 0 (id=924):
openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/mdstat\x00', 0x0, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a430fe0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0x3}, 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffa0}, 0x48)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd1, 0xa0, 0x5e, 0x20, 0xccd, 0x102, 0x890e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x54, 0x40, 0x1, "", [{{0x9, 0x4, 0xbc, 0x80, 0x0, 0xc, 0xf1, 0xc7, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402)
ioctl$I2C_SMBUS(r2, 0x720, 0x0)
syz_usb_connect$hid(0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f00000005c0)={&(0x7f0000000580)=[{0x3, 0x8601, 0x0, 0x0}], 0x1})
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

16m32.671758242s ago: executing program 32 (id=924):
openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/mdstat\x00', 0x0, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a430fe0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0x3}, 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffa0}, 0x48)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd1, 0xa0, 0x5e, 0x20, 0xccd, 0x102, 0x890e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x54, 0x40, 0x1, "", [{{0x9, 0x4, 0xbc, 0x80, 0x0, 0xc, 0xf1, 0xc7, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402)
ioctl$I2C_SMBUS(r2, 0x720, 0x0)
syz_usb_connect$hid(0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f00000005c0)={&(0x7f0000000580)=[{0x3, 0x8601, 0x0, 0x0}], 0x1})
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

15m46.522329016s ago: executing program 4 (id=1172):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x2000000000000211, &(0x7f0000000000)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000140)='syzkaller\x00', 0x0, 0xffffffc4, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101701)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r2, &(0x7f00000002c0)={'#! ', '', [{0x20, '\x0f\x10\t'}]}, 0x8)
close(r2)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x1, 0xcc)
ioctl$LOOP_SET_FD(r2, 0x4c00, r3)
ioctl$USBDEVFS_CLEAR_HALT(r1, 0xc0105502, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

15m46.437031222s ago: executing program 4 (id=1173):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="832a0a65bd8c602b0304000e", 0xc)

15m46.432957599s ago: executing program 4 (id=1174):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
read(0xffffffffffffffff, &(0x7f0000000000)=""/202, 0xca)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000280)={0x0, 0x3, 0x0, 0x100})
close(r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r1)
sendmsg$NFC_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000c00)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="01002dbd70eefddbdf251d000000080001", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x2400c000}, 0x200048c0)
r2 = inotify_init1(0x800)
mkdirat(r0, &(0x7f0000000400)='./file0\x00', 0x153)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[])
read$FUSE(r3, &(0x7f0000002140)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000004c0)=ANY=[@ANYRES16=r4], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x0, 0x4000)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = add_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)='9', 0x1, 0xffffffffffffffff)
keyctl$chown(0x4, r8, 0xee00, 0xffffffffffffffff)
close_range(r2, 0xffffffffffffffff, 0x0)
add_key(&(0x7f00000018c0)='big_key\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\f', 0xfffff, 0xfffffffffffffffe)

15m45.510098237s ago: executing program 4 (id=1178):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
connect$pppl2tp(r2, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x0, {0xa, 0x4e23, 0x7, @mcast1, 0x80000000}}}, 0x32)
connect$inet6(r1, &(0x7f0000000480)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x1, 0x4, 0x4, 0x7, {0xa, 0x4e22, 0x6, @dev={0xfe, 0x80, '\x00', 0x26}, 0x7}}}, 0x32)
sendto(r3, 0x0, 0x0, 0x4008044, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="10797fcd6c77041e0500000000000000", 0x10)
r5 = accept4$alg(r4, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x18f887, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
umount2(&(0x7f0000000140)='./file0/../file0\x00', 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x82140, 0xf8)
open_by_handle_at(r6, &(0x7f0000000080)=@xfs_parent={0x18, 0x82, {0x10001, 0x3, 0x513, 0x6}}, 0x4203)
ioctl$SIOCSIFHWADDR(r6, 0x8924, &(0x7f0000000340)={'dvmrp1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x9}})
writev(r5, &(0x7f0000000480)=[{&(0x7f0000000780)="3f2314f73ecb981ae02e6399d91af9282b562ed467da33033f27a274fc", 0x1d}, {&(0x7f0000000880)="7dd87fa211801b02b7180dc4420863a63ec8f2b35b4297924bc3bd3690f29e87ec5d7d0b0b153f8fd32083a74a13b341082cae070742d0bafc1bc755ad0d1ad3d89d8778cd99a11d3a4bc9a3fda8d634992c02ca1204f36dae34c5cf82269f0d3e731a5f7fe2ae9c1668", 0x6a}, {&(0x7f0000000680)="fc7a04ccce679d6495aeeb9c4ebd4736b900209b5ef034a4195bde749eed75834bc1c57e7d4c564272670699de17eb803a10a15b373a1d91323ee006de231c660cfef443d1f658e2562641f6c744b9e99b893f51ac8d0e3b3fc33178247137d2aaf257b4654f925bf0c64d27225993b8c5bfb8efd23c71bc2324166d2037bf4a55b13b1353db03fc070f94d02ecbe10830ccff4094d51fea5990ff6f7f6be2e86a7e9608a30299616de492a46fe16373a28e09e3eeffb469c1ea52c50cff", 0xbe}, {&(0x7f0000000180)="c4453bace64a7f2175f4074b65601dae156c206a985cd33ad4362a7d541a8f19d617b1d00cc1306e96932bc5cbe08cd198fc82e988", 0x35}, {&(0x7f0000000380)="059f15825b1497fc4adf879a24c831abe0df685c5af64c4c87d9340c549b0c9d29beb0febaecde2bc0335ec8bf6e5d2886126ff67702b087f0692d34ae6540c8a4f3319f5f757881f1ceb01553160b391089ea606d760df3bb0b24c11c31e76086dfb0b90cb1d0e07ed57e70891e9c", 0x6f}, {&(0x7f0000000280)="785c410f143aea301fb4a8afd917ac47914eed956aff46d8b948d38624d72e6fc4c719e548882c5e880e97564f86dba5539ac24565e493678f054dbde13c5c1365c74064dd8046e21c7bacc2600f7e043065d1c6f5", 0x55}, {&(0x7f0000000580)="b9b20f4ac21762fdbe0eef2dbc6027d761645512eeaebe4b8bab60939247ecf2d3c96884ed546c51b9e8e90ac16c6d82e8af33020c3894277f5857f125ad5d8233126197a59cb96220d3ba63c97470a9e3d94416f5c7db1eccd35d67f49e31691012df9632e5e495c3529c9e88a289143e46c1b0d1c72c8c6100c574ae6f7af8d15a352afff108287b678b2c1fa6b6aa45a78518692da1c39fe5848354dafa8e3b41d968cbf00b32437063050fca9126d7447992bab080aa6fc9dddff45952130751a9ebb071fec13d78ce7761912b55f6778f9b730e57c2f7ac590a0dd55f", 0xdf}], 0x7)
pipe2(&(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x80800)
r8 = timerfd_create(0x7, 0x80000)
splice(r7, &(0x7f0000000040)=0x5, r8, &(0x7f0000000080)=0x23, 0x6, 0x1)

15m45.343889166s ago: executing program 4 (id=1179):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0xe8c00)
io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000040)={0x100000000, 0xfffffffffffffffe, 0x1000000, 0x80000})
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x0}, {0x18, 0x9, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='dctcp', 0x5)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x1515)

15m45.089130124s ago: executing program 4 (id=1180):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000002b00)=@base={0x9, 0x4, 0x2, 0x5}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x6}, 0x1c, 0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x18}, 0xc044)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000080)={'\x00', 0x7, 0x8001, 0x5, 0xe3, 0x4})
socket$packet(0x11, 0x3, 0x300)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x400c010, &(0x7f0000000080)={0x11, 0x3, 0x0, 0x1, 0xe9, 0x6, @random}, 0x14)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0xfd7f)

15m44.948508441s ago: executing program 33 (id=1180):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000002b00)=@base={0x9, 0x4, 0x2, 0x5}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x6}, 0x1c, 0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x18}, 0xc044)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000080)={'\x00', 0x7, 0x8001, 0x5, 0xe3, 0x4})
socket$packet(0x11, 0x3, 0x300)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x400c010, &(0x7f0000000080)={0x11, 0x3, 0x0, 0x1, 0xe9, 0x6, @random}, 0x14)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0xfd7f)

3m45.899406414s ago: executing program 2 (id=3708):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x3, 0xc, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha384\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0}, 0xc044)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

3m44.190910201s ago: executing program 2 (id=3709):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0xe8c00)
io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x0}, {0x18, 0x9}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000000))
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000001c0)='dctcp', 0x5)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x1515)

3m42.301069919s ago: executing program 2 (id=3716):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha384\x00'}})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0}, 0xc044)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e1600000240012800b00010067656e6576650000140002800500080000000000060005004e20000034f0e6e31a8b7a3ac984f2a313b5ddc966ce8fece9345825d24cfd1cb5fa78f5488855d6fb02504c2e225fc94a33de603924caf8ebb94fef81459cd70a234998d3002579b64401afa0154ff3f70024394a9bd82144b499763ef9512c832f61fa060b3d11c64ac41598d8a13c767fe54ded29dd55bd69253baa4dd19775de0df8dd58643675eb5731dd69d3a77dce871a0be84b"], 0x44}}, 0x2)

3m40.898634599s ago: executing program 2 (id=3719):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x406, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, 0xffffffffffffffff, 0x6a855000)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xdb)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000180)=0xc)
setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000200)={r0, 0xffffffffffffffff, r4}, 0xc)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
r6 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x82002)
ioctl$CEC_S_MODE(r6, 0x40046109, &(0x7f0000000140)=0x12)
close(r6)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f00000000c0)={0xff, 0x6, 0xfe, 0xfd, 0xfe, 0x9, 0x8, 0x1, 0x3, 0x8, 0x20, 0xff, 0x7, 0x6}, 0xe)
syz_clone3(&(0x7f0000000380)={0x201000000, &(0x7f0000000280)=<r7=>0xffffffffffffffff, 0x0, 0x0, {0x400003f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0xc)
process_madvise(r7, 0x0, 0x0, 0x19, 0x0)
shutdown(r5, 0x0)
recvmmsg(r5, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)

3m39.619933794s ago: executing program 2 (id=3730):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x7)
writev(r2, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000040)=0x1)
ppoll(&(0x7f0000000140)=[{r3, 0x104}, {r0, 0x4}, {r1, 0xa0}, {0xffffffffffffffff, 0x10}], 0x4, 0x0, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000a80)={0x0, 0x80000})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

3m38.751422861s ago: executing program 2 (id=3739):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000000000008500000013000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000170000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, 0x0)
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0}, 0xc044)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e1600000240012800b00010067656e6576650000140002800500080000000000060005004e20000034f0e6e31a8b7a3ac984f2a313b5ddc966ce8fece9345825d24cfd1cb5fa78f5488855d6fb02504c2e225fc94a33de603924caf8ebb94fef81459cd70a234998d3002579b64401afa0154ff3f70024394a9bd82144b499763ef9512c832f61fa060b3d11c64ac41598d8a13c767fe54ded29dd55bd69253baa4dd19775de0df8dd58643675eb5731dd69d3a77dce871a0be84b"], 0x44}}, 0x2)

3m38.588528585s ago: executing program 34 (id=3739):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000000000008500000013000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000170000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, 0x0)
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0}, 0xc044)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e1600000240012800b00010067656e6576650000140002800500080000000000060005004e20000034f0e6e31a8b7a3ac984f2a313b5ddc966ce8fece9345825d24cfd1cb5fa78f5488855d6fb02504c2e225fc94a33de603924caf8ebb94fef81459cd70a234998d3002579b64401afa0154ff3f70024394a9bd82144b499763ef9512c832f61fa060b3d11c64ac41598d8a13c767fe54ded29dd55bd69253baa4dd19775de0df8dd58643675eb5731dd69d3a77dce871a0be84b"], 0x44}}, 0x2)

37.580590948s ago: executing program 6 (id=4330):
r0 = getpid()
capget(&(0x7f0000000040)={0x20080522, r0}, &(0x7f0000000080)={0x3, 0x2, 0x3c4, 0x80000000, 0x8, 0x1})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
keyctl$chown(0x4, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
epoll_pwait2(r1, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x3938700}, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x9, 0x3, 0x254, 0x0, 0xffffffff, 0xffffffff, 0xc8, 0xffffffff, 0x18c, 0xffffffff, 0xffffffff, 0x18c, 0xffffffff, 0x3, &(0x7f00000000c0), {[{{@ipv6={@loopback, @remote, [0xff0000ff, 0xffffffff, 0xffffffff, 0xff000000], [0x0, 0xff000000, 0xffffffff, 0xff], 'geneve0\x00', 'dvmrp1\x00', {}, {0xff}, 0x2e, 0x0, 0x1, 0x2d}, 0x0, 0xa4, 0xc8}, @common=@unspec=@NFQUEUE0={0x24, 'NFQUEUE\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa4, 0xc4}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2b0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000001ac0)={r3, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x14a1fd, 0x0, 0x0, 0x1e, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x0, 0x400]}})
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
r6 = openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000040), 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r8, 0x205}, 0x14}}, 0x0)
sendfile(r6, r6, 0x0, 0x1)

37.440224655s ago: executing program 6 (id=4332):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x16)
r0 = syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi0\x00', 0x60800, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000003080), 0x0, 0x2, &(0x7f0000003180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x606824f5, 0x80100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000040)={0x1})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x441c2, 0x0)
ftruncate(r4, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_TDLS_OPER(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendfile(r5, r4, 0x0, 0x578410eb)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$cont(0x18, r8, 0x7, 0x10000002)
mount$afs(0x0, 0x0, &(0x7f0000002880), 0x700, 0x0)
read$FUSE(r0, &(0x7f00000076c0)={0x2020}, 0x2020)
r9 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000000)='4', 0x1}], 0x1)

35.279537845s ago: executing program 6 (id=4335):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$BLKGETNRZONES(0xffffffffffffffff, 0x80041285, &(0x7f00000000c0)=0x7f)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x3, &(0x7f0000002380)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x2f, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa5bc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r5 = getpgrp(0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026bd7000ffdbdf2514000000080001000100000008001c00", @ANYRES32=r5], 0x2c}, 0x1, 0x0, 0x0, 0x20000090}, 0xc004)

34.413344423s ago: executing program 6 (id=4338):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000200, r1, &(0x7f0000000340)='./file0\x00')
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vimc0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_DOWNDELAY={0x8, 0x5, 0x2}]}}}]}, 0x3c}}, 0x0)
ioctl$XFS_IOC_GETBMAPX(r4, 0xc0205838, &(0x7f0000000140)={0x5, 0x1, 0x3, 0x1, 0x6a, 0x8, 0x6})
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000002})
fanotify_init(0xf00, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r7, 0x9)

33.649367434s ago: executing program 6 (id=4341):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000340)={0x2, &(0x7f0000000000)=[{0x80}, {0x6}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000063f9fffe000000800000000033072a35bc00000094fff70080000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000200)="2d944bb0e9d8977143f53e9cee66", 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r1 = socket$key(0xf, 0x3, 0x2)
timer_settime(0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81e8943c, &(0x7f00001156c0)={<r2=>0x0, ""/256, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f00001158c0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}], 0x80, "1b5098e2df7fe0"})
chdir(&(0x7f0000000140)='./file1\x00')
r4 = open(&(0x7f0000000640)='.\x00', 0x0, 0xdd)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4043, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r5)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='=\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
mkdirat(r4, &(0x7f00000002c0)='./file0\x00', 0x1c0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r7)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000b00)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_GET_KEY(r7, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000240)=ANY=[@ANYBLOB="28d02c000020", @ANYRES16=r8, @ANYBLOB="01002bbd7000fddbdf250900000008000300", @ANYRES32=r9, @ANYBLOB="08003700000000000500080005000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000090}, 0x4010)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x40049366, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000012b1881cc102d3c62419744516bb52fec9fe64fb11d0ee039856cd5ff1ba2b35a1b8dfeb3fc5c7a0b61e5f0adfd3c8e40759801c062e26ca20001669e1d2a8803228f97d842b1fe5e4397b39b3ea06f66c0fbcf0d19cca2c4b0f001a4e2325e4e1687e26cc01f46c4394f05691c52efdee9f8c5c8a8d8791b6d760abc55022428fab611b7e735e6fed595776c10aded36fa7c8bc686846b97b256e812cacade05ca922faba3c106c3370c48576b9f3e03f8e9fc30f045d5a7d000000000000000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r10}, 0x4)

32.76000929s ago: executing program 6 (id=4346):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0xc45, 0x5112, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, "", [{{0x9, 0x4, 0x0, 0x7, 0x19, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x200, 0x3, 0x1, {0x22, 0x2d}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0xff, 0x3}}}}}]}}]}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x4e2603, 0x0)
openat$6lowpan_control(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
close_range(r0, 0xffffffffffffffff, 0x0)

17.511486385s ago: executing program 35 (id=4346):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0xc45, 0x5112, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, "", [{{0x9, 0x4, 0x0, 0x7, 0x19, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x200, 0x3, 0x1, {0x22, 0x2d}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0xff, 0x3}}}}}]}}]}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x4e2603, 0x0)
openat$6lowpan_control(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
close_range(r0, 0xffffffffffffffff, 0x0)

10.958665563s ago: executing program 5 (id=4415):
read$FUSE(0xffffffffffffffff, &(0x7f0000000a00)={0x2020, 0x0, <r0=>0x0}, 0x2020)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000002a40)={0x18, 0x6bb9e723bc71b6b1, r0, {0x7a87}}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="180000d01e21a200181100001e2a4a0200303a9f3d93bdb7b9d150cfef0043", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="9e36d448b388dd965f7a3312779a", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

10.958338738s ago: executing program 5 (id=4416):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000130000000000100000a70000000090a010408000000000000000a00000a0900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128028000180090001006c617374000000001800028008000140000000050cf10140ffffffffffffffff08000340000001d6d134"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x20004004) (fail_nth: 1)

10.820352067s ago: executing program 5 (id=4417):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181041, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@bridge_delneigh={0x1c, 0x1c, 0x1, 0x0, 0x25dfdbfc, {0x7, 0x0, 0x0, 0x0, 0x40, 0xf2, 0x4}}, 0x1c}, 0x1, 0x1000000}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000340)={'pcmmio\x00', [0x8005, 0x5, 0x0, 0x102, 0x27, 0xcc7, 0x4, 0x7, 0x2f, 0xff, 0x0, 0x1, 0xa, 0x2, 0x7, 0x2009, 0xfffffffe, 0x40ed, 0x43, 0x40000003, 0x89, 0x6beab93e, 0xf27, 0x6, 0x800b, 0x4, 0x2000002, 0x0, 0x4fa7f95b, 0x5, 0x5149]})
ioctl$COMEDI_INSNLIST(r1, 0x8008640b, &(0x7f000011a9c0)={0x0, 0x0})

10.760417552s ago: executing program 5 (id=4418):
r0 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, &(0x7f00000003c0))
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000900)='V', 0x2, 0x0, 0x6}, 0x50)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@volatile}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

10.360242626s ago: executing program 5 (id=4420):
getpid()
capget(0x0, &(0x7f0000000080)={0x3, 0x2, 0x3c4, 0x80000000, 0x8, 0x1})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r0, 0xee01, 0xee00)
keyctl$chown(0x4, r0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
epoll_pwait2(r1, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x3938700}, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x9, 0x3, 0x254, 0x0, 0xffffffff, 0xffffffff, 0xc8, 0xffffffff, 0x18c, 0xffffffff, 0xffffffff, 0x18c, 0xffffffff, 0x3, &(0x7f00000000c0), {[{{@ipv6={@loopback, @remote, [0xff0000ff, 0xffffffff, 0xffffffff, 0xff000000], [0x0, 0xff000000, 0xffffffff, 0xff], 'geneve0\x00', 'dvmrp1\x00', {}, {0xff}, 0x2e, 0x0, 0x1, 0x2d}, 0x0, 0xa4, 0xc8}, @common=@unspec=@NFQUEUE0={0x24, 'NFQUEUE\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa4, 0xc4}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2b0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000001ac0)={r3, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x14a1fd, 0x0, 0x0, 0x1e, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x0, 0x400]}})
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
r6 = openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000040), 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r8, 0x205}, 0x14}}, 0x0)
sendfile(r6, r6, 0x0, 0x1)

10.244758546s ago: executing program 5 (id=4422):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x7)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000040)=0x1)
ppoll(&(0x7f0000000140)=[{r4, 0x104}, {r0, 0x4}, {r1, 0xa0}, {r2, 0x10}], 0x4, 0x0, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000a80)={0x0, 0x80000})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x21, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r5, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000000c0)=0xf9)

8.261177354s ago: executing program 7 (id=4391):
r0 = fanotify_init(0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000000000)={0x1d, r3, 0x3, {0x0, 0x1}}, 0x18)
sendmmsg$inet(r1, &(0x7f0000002e00)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000080)="d171e4c4c55f7973", 0x8}], 0x1}, 0x500}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="a6d8069c2bbec47b4cb78b08174cc6749376", 0x12}], 0x1}}], 0x2, 0x0)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
close_range(r0, 0xffffffffffffffff, 0x0)

7.920630507s ago: executing program 1 (id=4426):
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='vfat\x00', 0x81, &(0x7f0000000100)='nfs\x00')
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='clear_refs\x00') (async)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='clear_refs\x00')
write$binfmt_format(r0, &(0x7f0000000300)='1\x00', 0x2)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e24, 0x800, @remote, 0x9}, 0x1c) (async)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e24, 0x800, @remote, 0x9}, 0x1c)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0x7d, &(0x7f0000000000)={0x8, 0x7, 0x6, 0x80011, 0x39c1, 0x1, 0x100, 0xc5b0}, &(0x7f0000000840)=0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000007000000080000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000ffff000400000000000080010000020000000000030000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$dlm_control(0xffffff9c, &(0x7f0000000000), 0x40, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000200), &(0x7f0000000240)=0x14) (async)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000200), &(0x7f0000000240)=0x14)
ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f0000000080)={0x4, 0x8000, "104a26", 0x8, 0xf4})
ioctl$KDSKBLED(r0, 0x4b65, 0x9) (async)
ioctl$KDSKBLED(r0, 0x4b65, 0x9)

7.654713988s ago: executing program 1 (id=4427):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x7)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, 0x0)
ppoll(&(0x7f0000000140)=[{r4, 0x104}, {r0, 0x4}, {r1, 0xa0}, {r2, 0x10}], 0x4, 0x0, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000a80)={0x0, 0x80000})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x21, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r5, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000000c0)=0xf9)

6.385623189s ago: executing program 1 (id=4431):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r1, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x400001, 0x14, "3eccd8000000000000000010000000040100"})
set_mempolicy(0x6005, &(0x7f0000000080)=0xffeffffffffffffd, 0x7)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffe)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001a80)={&(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f00000004c0)=[{&(0x7f00000003c0)="af174c535c19a353cd19c9c807d98c3e9f7a743acc4a3d88c8a295dc209a691eed8feaf176c554bbe5c43f041428e9b7af451abfd4cde79d302ea6cad276fdfa95fee36b3db3085fff6b3205a1077db7e51108607a25b73d0bd93ed6d345bd628e467301c46703633b02d4f99c87a2d96302bbcedcd82f371ec9c6d7a8b0ae5b1981350c47de2a35213bc70cf996547295443c788212b4311567bac1fc718764af90e7ef7e6f55b06ddc1abc4fb4", 0xae}, {&(0x7f0000000480)="d20f2969db8d041cf7f3998350b9faff860b55bab873090eaa2593b4b9e2ab1d89f247f6ea841e842532fe71298af79d620e24", 0x33}, {&(0x7f0000000300)="c341bca024d49606c6a4f7057d40ce144bb8c0fd1dac03094aaabd305e96019e07e3bacf974afb2582180ebec819d993ce72b5050b2813bcc4c3851c396080328312e1334a76a1d1babf", 0x4a}, {&(0x7f0000000a00)="946247ca38ad35c729ffb9929704541249b2ad7e0abaf7fdb81bdf34309d032b2e51a9a30cc0601f119a682d15526d939b2e04fcae8d4a698975e72e92e17abbbb1c2ff69fbada459eaa187a37d3405c775f0a59577fd60ee513b2f86d3ee0c75a478fb8d18995e7853cc505d0b5a6593af4d6fff41c8fd171f00b41f5ede11f6e8ecbf1d8225dcd01a5727b70bdeb37e2fd4c73e927d6e725fdcc5cc490f8b4e0b87da9a2b368c8e9f34b9cf420fc9a1b4850cf9dcf7f1ea0c5ea905cd6b2cac4b4a294e23f546a5653f20f6e8247f2cb4f3439cb7af505ba26ae53a1d3d8f9a11827de6b8804baeeb05a6c4e635acac1b4097fa62543c8ea9fa377d20ca39662495d9d66a781a79ac8c5865faacc40cbc9e601343f867c6293eb2f91c24135c07eb7ae868f4798001cdbe0341ad1c8e1cdd45a53230db47c2b3dbbfa2f1b369b75ba439b29028436d4b36ff6347656db56864de42fa5ccbb64fed35ffc1345719f48c2089c9996e2b3fa4f299be5ab9ad1458a4ecf6d0024384424053ce8acfb42718ee40625ef4c97a8484dce2bb8f3b34c2d7f1e965e9268a8d5b67391e5d46aa025d6ece3a4c3fe2d037a8d56d05d9066d8c224e97510c71e81be2fe80893b19dc365e10cf8a1b2791ca5c49073c7363c0743732743e9c5a9a27c4a9c0442808845faa7aec815e49089e1a6f0cfed3a9c789865888ac6446a12df577104f05569c3625242cdbb31968dfcf091c9c860bb87275e45e3b6befc0ec622eb89e1f09e7c08fbe47e82dfd3b943dc7b0132de2abab8d039ef365fb3dd7e3bfd8c987818d07fd53c1c724544174ec8a1d038a69dceff5fec87a07034ade699ed0ab92221befb19f6cecc75f696d7b30e5cf71e1d537d009952b1c2e82bed2dc713fc4475514baeef7f9b8c655a7772cf83db003e201b2e70af6534c53a2ac789e7d523aaece75a643408aae3e0a9f7d00944dfc4f7a4adfac9b775f69a425b55b117ed493762580b6eb2d6cdee37648923fd6ab192e0f4b37ee8acf46e0987e3fe0192271429a04028e95b401a5f68827f028ef3716cd08fd3c5e2405419d95ad0886be33f2b012e717e11e05e33dcf28d4d40240692e270e392a6c2f264aebb567d6bf49ec67cc99b36a8cd6a900e14b7d9162a69f7fd009ea53033758d1cd61c1a5abd9543bc8b289f90cc0141d906be41a1f8bff5c39e27bb16bd1724f25f041a954304768107874f65f79357b3dab9d4a02456fe82965861b7a4875919e9cedaaecda4e2c5989a6f8ca21c45bff6a8e1d19ec97459636baad948608992a96bf89644da491db2a78318a4bb6fa01e653e5b718f1b8c262098067d43dcbc3c41a88da1cc943e43dd7db2c520352707ef835c779807cf5830a6f7fbd32b1f1184656ff8959805e4001590f5413d3540d7b24ebfa733bffed3919231f78df14d56e9a3b3ca5e507552d2f2e6bbe270a9b761ee43a56314763f399c929f8e1ce5863fea048ae89fda12960cc268b7f422828cba723811edc0b261e04b4ab52c125637615b2411a5c5168235ba141b7decc356b6d255fbcb47516c09a3ac59b3ddf614aa655b113890595851a4b908b5bb2864d61d6b63bb64be454b73bdb6433dbba9721c2c51e20018383470e763d41b1cad056985741cb4cffa226a2158434b8e21faa11e9fb175d5b0eef097292b63e1119664443936a55317b7c68a545dabd7885f1a6ca9115af2958e9d55f7eb183360c6e01fcd2e91f49f65deb24dfd3b0334f8adc346f64ff4bd0c527246faa3ec85a38f14c409b44934dacb1f09c61d15fa5c3aa60198f4077d7473daee5dfa9136ad9a587758192dc8c88d28163721c1a4ab26a6fe6e822915068bca03183fe2f0f07ce47e9b1dc3be8a7accf09bf32415b3cf9cd85216a90da1faabb237ac15e52bd3c8f5a0798bf8c38ad3ee754e742e3af5fd562a3cc5634d68d6884b402b3739b1f83e821c23ff1b440868c40b39935974e4e72c569b6613b604cbcbfa16d2d4dc14295281a6496baafd0339f035766a9aac410044535fc723abfa5f028c2f1aba97e13dd830ec6e061489882f7d77559bdac541bdf5b90e4b1e3e2f167f77acb519ee3f6abba93916f66ee0baf3e22d6ac2e465c900814281247143a51dd4d3c1221ca961f9cd056cdc04ef669b82c97dd83177b03862d8963bc0272c5b716bec563327b88d0efbb850972b9fa31ed87a2f96bb3596df8de8c24f1d27a51d1c432e76579f292111d9b6e9159da451e98615ea629b3253b3ccb7023072a572d45b025cd725a83c3f99889d008e95b898f631186af34b7ede7e6c44972db06372e05912cd6a7562f6ecf7f36dd180153bc399971994b22fc283fbfd8a4698f3069185d2a7dfb77bb25e6c31de2232772ef8edb9ef6804db037fc57beffd47ec48bf96778852b15d03737d5ed85516379475cbd07296308290270ec945b0945494c0ff9529ff02412dcb01617beac0f294d807fcef58a2f01a2079ca8afc67f84bb3dfde9834c422ec63da68bdd1c71776f161d3917f12e8bd9c950767d07732e70db70fd7cbc8ef2963eb986bffb4ba8bd795688d1a4d1bab50af3baf5eff69fff7485d27b0d5fbbe3f36c08a215b9dcbe08924c54b5c3573831fb18c022248e0fd4b1f9facd00d1fd3d57e1f456d02ac7b5c9b50dea21daf1a88e69891c44353f06d8a3297bb140b0695a36659d25b8a19dec795f67f7ceec0f00f324fc27092204135b4dc533daa8e7396f0ae5c4cc3a26ad7e851ed59765d11a4ddf3075d4af6ee8e337b61c865d76e3bca632c81e24615c1b44eb6fec6dafbc89f038c4fe88cb44eec96964bc69990d2d57f44edc878a82cecc46616f73197cc5c91bd94cfa802597d95a20e9a1724b3bbc073d193f8f4e023ec948b46975d396a4901e1d20ed39eabc26b81eed1261e37e547cdcec1d2f9cccc84d63b47a21aafeb776070a5c6d5d249c48631a2bf8ff6a3412dd4c1dbad262832177de2b17a66a7f62e5feefc3386be1861a14f880e172884ebc6b92ec3d0d70fa9a45a93fdaa7ab6d8ee02ae8453dded9dd5ffb1b3853bb09cbe828729c0c97749fdce55b3cb0b77ee9eb88f3566be179056a5aa05acd7a1abf7a70ba4d1e730060a6291a309962130a7c5fe41fd918d2cf3fefa113372ac9f537c0f58817ef93f46d21b05687ac79f613b59e32b2ab1aceabdcd699a1f19c8128124cde29ec658cfc2961b196e734a7f4e4a4f0ba4401874646275ee8e09eb8dbd62f1c28271a58e609313b002acbc9129707d32d44a98fec3f6368f818196579ede4535dc45fca9fc9b6ccfcb3adb8dcd57fcf9cf0db1a23ca91d056fde0b3877a1b62e7539dea7ab6c498c5d9b8de0b3a074e2eb4a1e7a584a6e4c2dbf6c20c0c18eb398a7d6fe3757efdf8f5b6cf97ec8068e98c7380d8ff2fefc5f3542b0846a3c9ea1f998ee843a601285a5af9406e0afd995c53588338ee0d526a842cf27dc5480c3f48b1475573607cf1f81a842c6aa51a1f44fd9e0e1b0e97698cdac04614f209fae3c467ce593a3f8b60090c10641ef3d930445dc76825f3bd551b83f03efdaaba69f6ddbcdffb95c90abe954b7d8a935dc71e7425987c975ba36ece92633a1f8feb67685083f68f5eb53e17b4b956c234ad77dfc9b5d77dd838e03a7eb24cce9d21172fa8c953a1bd169230ceccadccb280c9539cf71eb13b8025436f944c160e505e3390805afc204adb43ad11e4cd084d4f6cb5f2809002f2e85d593c360777691b6d892b5b84d0f917bf35e6d511e1a95a825558ed5265c292ecc7894d2126f027fafaaa2ea73bfa6e777593d8562282b3aae14300354b279716fb407d70bac43183aaef488cb550830cc5b6213992595da9c846f5f8cbbe63bd7059781604a98a96ddd8c2ba04e87d05a88b42d0d3d833bf7306ace5494758218eac60b668690d39b90418dd629730947746aaef23cfc4517e079d75a078753f4f988c0d93ce6d378e6621eeba661fceb2a23c42e25f1b571963cb215953fcff1d3cd14666291aa990204d73e7ce4ca5c8a164f7d95bdcf3f6326b553e4e4eb47d9cf69a224f7ce2c54e9df5f5e38519f8504e801785a6a45aef793b8ae926a172c93a0be76123489df0f2ab6bcc058f653c697ab0f7454ad0f213739e4672f59399449961bc392449224590f02eaf685c97164e0c4113e28ccaf11c87ff81d892d88b3be41cfd7a7f8a08e9fe1932d11e397f2222a279b62a8fa22473876c8f25b0efbba6f24cd318c63febbf8b46404dd942f499857289c6cd9eb60e3ff0b3b96275627a52c08765843f07404287c62c8c45bd09b0ec4617c65673619f99be69cf52da27d50729c4ee849f7dcb0ca1a9e4a29b42916c6b529cfd8b7b852665d3b4bc3736a6b6d9a043a3469152601d633c30aa76ba86d201b613fac903424cd4b64c1f61d03989c3f1c8345ffcd39a220830545130b3a27b41e5e9a954b2177d326fde6b7efe0738517ed7f0c900db6ac99b7ea95f30fd0e757ecae45bf67431b1faf6abc816fe043493d08a208741c24165f72a3b1fc62b57d3812125720f0c98ad14ae5a74b472d7c7216753333efa779583793379b36cf02a0bdce6768c1d5440e68b3e0ff2e18604732d9b36a275fac2d1550184923c0628a5be42681dc99b0a69e4b1807d23e564cab06cb7665791b8a7e52e0da1ca75c97a2ed7598306a9fd00813b44972560430bd3e4ac5f649b08e523857ecf70bae7404dd1787d0b120aa744dd284a342546f273e89adee12685800f7a6639e05d28ec9de983feb9c3e2a90373e44fe61a9386920997c9937f956fdf2621b791616778bcd52c1322ae05d412ce784208ad30905fc91364c9b985522d86d6077af372d82bedb81e183c0ff1a7c3f8c11d5be9569930f1cf25a6a9d45288cc1d207f89d21ed8e504deb8eb8836971dd514b95dd964a63f6a6f4b28b4aa44fedfa3ec13420a8e04a5f834837cf49c8c07b46fab85d7e265dbb876df01edd088d0e4f50992c99090ca4bba94349d9e25cdb481a718d46dbac4a4efd906bb08a40d482501ecba32454a4ee2cdacb4e2988d2bc35fb78351a877cc75cc2fa2faf16f16c794c6833073d2005456afe770589795b0a696db8421c6564e06943cc766ff07c2db553264ac54415688ffe2cff1cbbe1f54692f25bfb07b0f80ec69ffba0c063c9df5262bb7f188e659cd34e65fe6a615f0e533b986c5f7c54958658f29cadef628ac25762ef72975e0bbf8e450764b1e3a142a9bfb2b4a58d686ac2e95fa873146b259db7dd68561c60ba49c12801ef8a3e9cee263070d1f0d3cb8fa399926fa92f72e16cdbcacdf298423984c272122c4040b1b696f7f83a33cdc25999a8d233a8fe1de66a78db37d8ada04ce8d0588d583c340d2631ba1b1be7fad5441159802c84e466cb76d420477613fcd16e50f46794ffd713fc1e47636e02e96058d45df3c9df9edb5dc1d6c475da2fde2f51b4ab261b9e2f9ccd335bbb16c02849dbe6654e933a1fb5150b7fb45bd348ae47c9d9bb1e9db03e609fe6e2de071bc318789734088a8b65a78000227ae86ef7c594861e9c28b2c9c91db7d42b3a5d0a19d663eb6bc3681e8026c9e359dc95de025f89c94c055001dbef5f0266f1e40c373fac80dbe8ab4ff2cf1ea0a807e8c152ab7e8bbf1a501462ad1a531c643b3e1866150beeb0585b512f32ffb314c3236578af2b0418b87762221470b099fb71aa3faefe1c329819b8f754af0d4f6a6e66689c3b0e39d8c4e378", 0xff5}], 0x4, &(0x7f0000001a40)}, 0x81)
ioctl$KVM_NMI(r3, 0xae9a)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x80202, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], 0x0, 0x2, 0xb8, &(0x7f0000000140)=""/184, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=ANY=[@ANYRES64, @ANYRES32=r8, @ANYRES16=r4], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000000040))
fsopen(&(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffa000/0x1000)=nil)

5.729609825s ago: executing program 3 (id=4432):
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1d19cb307b3472ab9cdb042d2", "643fcbb2c5a57df67d074af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x60ff78ce1cb3c070}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd9a1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

5.729131786s ago: executing program 3 (id=4433):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha384\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0}, 0xc044)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e1600000240012800b00010067656e6576650000140002800500080000000000060005004e20000034f0e6e31a8b7a3ac984f2a313b5ddc966ce8fece9345825d24cfd1cb5fa78f5488855d6fb02504c2e225fc94a33de603924caf8ebb94fef81459cd70a234998d3002579b64401afa0154ff3f70024394a9bd82144b499763ef9512c832f61fa060b3d11c64ac41598d8a13c767fe54ded29dd55bd69253baa4dd19775de0df8dd58643675eb5731dd69d3a77dce871a0be84b"], 0x44}}, 0x2)

5.326537435s ago: executing program 7 (id=4434):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha384\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e1600000240012800b00010067656e6576650000140002800500080000000000060005004e20000034f0e6e31a8b7a3ac984f2a313b5ddc966ce8fece9345825d24cfd1cb5fa78f5488855d6fb02504c2e225fc94a33de603924caf8ebb94fef81459cd70a234998d3002579b64401afa0154ff3f70024394a9bd82144b499763ef9512c832f61fa060b3d11c64ac41598d8a13c767fe54ded29dd55bd69253baa4dd19775de0df8dd58643675eb5731dd69d3a77dce871a0be84b"], 0x44}}, 0x2)

3.577128863s ago: executing program 3 (id=4435):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
io_setup(0x239f, &(0x7f0000000380)=<r1=>0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/zoneinfo\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000080)={0x200000000000000, 0x0, 0x0, 0x7, 0x8, r0, 0x0}])
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

3.514336139s ago: executing program 7 (id=4436):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x437, 0xfffe, 0x0, {0x0, 0x0, 0x0, 0x0, 0x50093}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)

3.384352049s ago: executing program 3 (id=4437):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x51)

3.310507089s ago: executing program 3 (id=4438):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$midi(&(0x7f00000012c0), 0x2, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040))
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x40}}, 0x90)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x9)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
prlimit64(r1, 0xe, &(0x7f0000000380)={0x8, 0x104008d}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r2 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
prlimit64(r1, 0x3, &(0x7f0000000000)={0x8, 0x80000000}, &(0x7f0000000040))
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0)
ioctl$EVIOCGBITSND(r4, 0x80404532, &(0x7f00000002c0)=""/202)
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x91)
close(0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)

2.897799355s ago: executing program 7 (id=4439):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha384\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0}, 0xc044)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e1600000240012800b00010067656e6576650000140002800500080000000000060005004e20000034f0e6e31a8b7a3ac984f2a313b5ddc966ce8fece9345825d24cfd1cb5fa78f5488855d6fb02504c2e225fc94a33de603924caf8ebb94fef81459cd70a234998d3002579b64401afa0154ff3f70024394a9bd82144b499763ef9512c832f61fa060b3d11c64ac41598d8a13c767fe54ded29dd55bd69253baa4dd19775de0df8dd58643675eb5731dd69d3a77dce871a0be84b"], 0x44}}, 0x2)

2.740313322s ago: executing program 1 (id=4440):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x7)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000040)=0x1)
ppoll(&(0x7f0000000140)=[{r0, 0x4}, {r1, 0xa0}, {r2, 0x10}], 0x3, 0x0, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000a80)={0x0, 0x80000})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x21, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)

1.647909411s ago: executing program 7 (id=4441):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000200, r1, &(0x7f0000000340)='./file0\x00')
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vimc0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_DOWNDELAY={0x8, 0x5, 0x2}]}}}]}, 0x3c}}, 0x0)
ioctl$XFS_IOC_GETBMAPX(r4, 0xc0205838, &(0x7f0000000140)={0x5, 0x1, 0x3, 0x1, 0x6a, 0x8, 0x6})
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x20000002})
r6 = fanotify_init(0xf00, 0x0)
read$FUSE(r6, 0x0, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r7, 0x9)

1.268485202s ago: executing program 1 (id=4442):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]})
rt_sigqueueinfo(0x0, 0x39, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r3, 0x4018aee1, &(0x7f0000000080)=@attr_pmu_init)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f00000000c0))
r4 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f00000000c0)=0x17)
ioctl$SNDCTL_DSP_GETISPACE(r4, 0x8010500d, &(0x7f00000001c0))
syz_clone(0x6a000000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x41000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c000000190001000c000000000000000a14000000040007002e000008001e0001000000080017"], 0x2c}, 0x1, 0x0, 0x0, 0x4000090}, 0x4000050)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0)

682.787494ms ago: executing program 3 (id=4443):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0xffffffffffffff82, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x3, 0x0, {0x0, 0x0, 0x0, r5, {0x1, 0xf}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

598.806489ms ago: executing program 7 (id=4444):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}], 0x6, 0x7)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000040)=0x1)
ppoll(&(0x7f0000000140)=[{r4, 0x104}, {r0, 0x4}, {r1, 0xa0}, {r2, 0x10}], 0x4, 0x0, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x21, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r5, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000000c0)=0xf9)

0s ago: executing program 1 (id=4445):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="188cad00ef000000000095000000000300"/32], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0xb6)

kernel console output (not intermixed with test programs):

T22044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.436628][T22044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.449750][T22044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.454227][T22044] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.464506][T12728] team0 (unregistering): Port device team_slave_1 removed
[ 1105.535341][T22050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.539560][T22050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.543772][T22050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.547587][T22050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.552101][T22050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1105.569773][T12728] team0 (unregistering): Port device team_slave_0 removed
[ 1105.645143][T12728] team0 (unregistering): Port device dummy0 removed
[ 1105.661386][T19296] usb 40-1: device descriptor read/8, error -110
[ 1105.669137][T21989] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1105.673773][T21989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1105.687926][T21989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1105.695837][ T5653] 8021q: adding VLAN 0 to HW filter on device eth12
[ 1105.782360][T21989] hsr_slave_0: entered promiscuous mode
[ 1105.784887][T21989] hsr_slave_1: entered promiscuous mode
[ 1105.787447][T21989] debugfs: 'hsr0' already exists in 'hsr'
[ 1105.789672][T21989] Cannot create hsr debugfs directory
[ 1105.996705][T21989] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1106.003510][T21989] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1106.006563][T21989] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1106.019661][T21989] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1106.023018][T21989] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1106.029705][T21989] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1106.033804][T21989] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1106.039606][T21989] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1106.123120][T21989] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1106.185828][T19296] usb usb40-port1: attempt power cycle
[ 1106.195083][T21989] 8021q: adding VLAN 0 to HW filter on device team0
[ 1106.200866][  T739] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1106.203434][  T739] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1106.226181][  T739] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1106.229318][  T739] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1106.280893][ T5653] 8021q: adding VLAN 0 to HW filter on device eth13
[ 1106.629011][T22076] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1106.828857][T19296] usb usb40-port1: unable to enumerate USB device
[ 1106.884007][T21989] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1107.173533][ T5950] Bluetooth: hci0: command tx timeout
[ 1107.193634][T21989] veth0_vlan: entered promiscuous mode
[ 1107.229610][T21989] veth1_vlan: entered promiscuous mode
[ 1107.249585][T22089] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1107.290444][T21989] veth0_macvtap: entered promiscuous mode
[ 1107.306466][T21989] veth1_macvtap: entered promiscuous mode
[ 1107.336095][T21989] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1107.353861][T21989] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1107.365858][   T41] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.371019][   T41] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.389417][   T41] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.395914][   T41] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.539286][T22098] syz.1.3756 (22098): drop_caches: 2
[ 1107.593047][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1107.595926][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1107.733089][ T1184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1107.736519][ T1184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1107.982191][T22110] comedi comedi3: comedi_config --init_data is deprecated
[ 1108.000724][T22110] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3758'.
[ 1109.181505][ T6001] usb 48-1: device descriptor read/8, error -110
[ 1109.251395][ T5950] Bluetooth: hci0: command tx timeout
[ 1109.534986][T22145] ubi: mtd0 is already attached to ubi16
[ 1109.582792][T22145] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[ 1109.585647][T22145] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1109.601006][T22145] vhci_hcd vhci_hcd.0: Device attached
[ 1109.617100][T22150] FAULT_INJECTION: forcing a failure.
[ 1109.617100][T22150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1109.634457][T22150] CPU: 3 UID: 0 PID: 22150 Comm: syz.5.3768 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1109.634482][T22150] Tainted: [L]=SOFTLOCKUP
[ 1109.634487][T22150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1109.634495][T22150] Call Trace:
[ 1109.634501][T22150]  <TASK>
[ 1109.634506][T22150]  dump_stack_lvl+0x100/0x190
[ 1109.634538][T22150]  should_fail_ex.cold+0x5/0xa
[ 1109.634555][T22150]  _copy_from_user+0x2e/0xd0
[ 1109.634571][T22150]  get_compat_msghdr+0xb3/0x4b0
[ 1109.634594][T22150]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1109.634619][T22150]  ___sys_sendmsg+0x1b6/0x1e0
[ 1109.634635][T22150]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1109.634656][T22150]  ? find_held_lock+0x2b/0x80
[ 1109.634682][T22150]  __sys_sendmsg+0x170/0x220
[ 1109.634701][T22150]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1109.634717][T22150]  ? __fget_files+0x21f/0x3d0
[ 1109.634743][T22150]  ? ksys_write+0x1ac/0x250
[ 1109.634764][T22150]  ? rcu_is_watching+0x12/0xc0
[ 1109.634780][T22150]  __do_fast_syscall_32+0xe7/0x950
[ 1109.634800][T22150]  ? lockdep_hardirqs_on+0x78/0x100
[ 1109.634818][T22150]  do_fast_syscall_32+0x32/0x70
[ 1109.634834][T22150]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1109.634851][T22150] RIP: 0023:0xf7f16fcc
[ 1109.634862][T22150] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1109.634875][T22150] RSP: 002b:00000000f53d650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1109.634888][T22150] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000280
[ 1109.634896][T22150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1109.634903][T22150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1109.634910][T22150] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1109.634917][T22150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1109.634932][T22150]  </TASK>
[ 1109.891611][T15111] net_ratelimit: 157 callbacks suppressed
[ 1109.891630][T15111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1109.897471][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1109.961446][   T39] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[ 1109.978844][T22156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1110.052029][ T6692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1110.055111][ T6692] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1110.752563][ T6001] usb usb48-port1: attempt power cycle
[ 1111.102181][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1111.332364][ T5950] Bluetooth: hci0: command tx timeout
[ 1111.362245][ T6001] usb usb48-port1: unable to enumerate USB device
[ 1111.958631][   T40] audit: type=1326 audit(1777000656.147:5386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1111.967566][   T40] audit: type=1326 audit(1777000656.147:5387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1111.977030][   T40] audit: type=1326 audit(1777000656.167:5388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1111.985349][   T40] audit: type=1326 audit(1777000656.167:5389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1111.993522][   T40] audit: type=1326 audit(1777000656.167:5390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1112.002508][   T40] audit: type=1326 audit(1777000656.177:5391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1112.010322][   T40] audit: type=1326 audit(1777000656.177:5392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1112.018852][   T40] audit: type=1326 audit(1777000656.177:5393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1112.026175][   T40] audit: type=1326 audit(1777000656.187:5394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1112.036792][   T40] audit: type=1326 audit(1777000656.187:5395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22165 comm="syz.6.3772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x7ffc0000
[ 1112.045770][T22166] tipc: Started in network mode
[ 1112.048008][T22166] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[ 1112.050908][T22166] tipc: Enabled bearer <eth:vlan0>, priority 10
[ 1112.067102][T22166] Cannot find set identified by id 0 to match
[ 1112.131588][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1112.375190][T22146] vhci_hcd: connection reset by peer
[ 1112.377817][   T13] vhci_hcd vhci_hcd.3: stop threads
[ 1112.380009][   T13] vhci_hcd vhci_hcd.3: release socket
[ 1112.382293][   T13] vhci_hcd vhci_hcd.3: disconnect device
[ 1113.182630][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1113.744087][T22191] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1113.792935][ T6692] tipc: Node number set to 10005162
[ 1114.241411][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1114.919495][T22213] netlink: 260 bytes leftover after parsing attributes in process `syz.6.3783'.
[ 1115.131656][   T39] vhci_hcd vhci_hcd.3: vhci_device speed not set
[ 1115.262588][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1115.573521][T22220] xt_CT: No such helper "syz1"
[ 1115.596395][T22219] netlink: 830 bytes leftover after parsing attributes in process `syz.6.3784'.
[ 1115.600673][T22219] bond_slave_0: entered promiscuous mode
[ 1115.605890][T22219] bond_slave_1: entered promiscuous mode
[ 1116.041653][T22227] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1116.045066][T22227] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1116.048235][T22227] netdevsim netdevsim5 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1116.153278][T22227] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1116.156689][T22227] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1116.159823][T22227] netdevsim netdevsim5 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1116.286100][T22227] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1116.289706][T22227] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1116.293051][T22227] netdevsim netdevsim5 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1116.471827][T22227] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1116.475077][T22227] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1116.478250][T22227] netdevsim netdevsim5 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1116.732780][   T13] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1116.735666][   T13] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[ 1116.738694][   T13] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[ 1116.767853][   T13] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1116.777171][   T13] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[ 1116.780656][   T13] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[ 1116.811750][   T13] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1116.815415][   T13] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[ 1116.818653][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1116.819543][   T13] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[ 1116.848782][   T13] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1116.851968][   T13] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[ 1116.855108][   T13] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[ 1117.211301][T19296] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[ 1117.385207][T19296] usb 10-1: config index 0 descriptor too short (expected 45, got 36)
[ 1117.389433][T19296] usb 10-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1117.402223][T19296] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1117.409894][T19296] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1117.418798][T19296] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1117.447903][T19296] usb 10-1: config 0 descriptor??
[ 1117.478327][T19296] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[ 1118.344923][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1118.750817][T22253] FAULT_INJECTION: forcing a failure.
[ 1118.750817][T22253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1118.757529][T22253] CPU: 1 UID: 0 PID: 22253 Comm: syz.1.3788 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1118.757554][T22253] Tainted: [L]=SOFTLOCKUP
[ 1118.757558][T22253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1118.757567][T22253] Call Trace:
[ 1118.757572][T22253]  <TASK>
[ 1118.757578][T22253]  dump_stack_lvl+0x100/0x190
[ 1118.757609][T22253]  should_fail_ex.cold+0x5/0xa
[ 1118.757630][T22253]  _copy_from_iter+0x1f4/0x1690
[ 1118.757651][T22253]  ? kmalloc_reserve+0xf9/0x350
[ 1118.757668][T22253]  ? __pfx__copy_from_iter+0x10/0x10
[ 1118.757683][T22253]  ? __alloc_skb+0x4e9/0x710
[ 1118.757700][T22253]  ? __alloc_skb+0x5b7/0x710
[ 1118.757716][T22253]  ? __pfx___alloc_skb+0x10/0x10
[ 1118.757737][T22253]  pfkey_sendmsg+0x1ce/0x840
[ 1118.757759][T22253]  ____sys_sendmsg+0x9e1/0xb70
[ 1118.757772][T22253]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1118.757789][T22253]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1118.757810][T22253]  ___sys_sendmsg+0x190/0x1e0
[ 1118.757825][T22253]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1118.757847][T22253]  ? find_held_lock+0x2b/0x80
[ 1118.757873][T22253]  __sys_sendmsg+0x170/0x220
[ 1118.757892][T22253]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1118.757909][T22253]  ? __fget_files+0x21f/0x3d0
[ 1118.757934][T22253]  ? ksys_write+0x1ac/0x250
[ 1118.757954][T22253]  ? rcu_is_watching+0x12/0xc0
[ 1118.757970][T22253]  __do_fast_syscall_32+0xe7/0x950
[ 1118.757990][T22253]  ? lockdep_hardirqs_on+0x78/0x100
[ 1118.758006][T22253]  do_fast_syscall_32+0x32/0x70
[ 1118.758023][T22253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1118.758040][T22253] RIP: 0023:0xf707efcc
[ 1118.758053][T22253] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1118.758065][T22253] RSP: 002b:00000000f542b50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1118.758078][T22253] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000040
[ 1118.758086][T22253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1118.758093][T22253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1118.758101][T22253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1118.758108][T22253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1118.758124][T22253]  </TASK>
[ 1118.837812][T22253] random: crng reseeded on system resumption
[ 1119.412891][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1119.528801][T19296] usb 10-1: USB disconnect, device number 25
[ 1120.145183][ T6032] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1120.170765][   T13] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1120.176090][   T13] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1120.186708][   T13] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1120.191007][   T13] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1120.236802][T22276] netlink: 288 bytes leftover after parsing attributes in process `syz.1.3792'.
[ 1120.251766][T22276] netlink: 288 bytes leftover after parsing attributes in process `syz.1.3792'.
[ 1120.295810][T22276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3792'.
[ 1120.300141][ T5950] Bluetooth: hci4: Malformed Event: 0x02
[ 1120.461547][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1120.508747][T22285] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3795'.
[ 1120.786338][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 1121.492268][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1122.374733][T22310] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[ 1122.376937][T22310] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1122.379650][T22310] vhci_hcd vhci_hcd.0: Device attached
[ 1122.531508][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1122.622384][ T6032] usb 49-1: new low-speed USB device number 2 using vhci_hcd
[ 1122.625738][   T39] usb 11-1: new low-speed USB device number 2 using dummy_hcd
[ 1122.712287][T19382] libceph: connect (1)[c::]:6789 error -22
[ 1122.715189][T19382] libceph: mon0 (1)[c::]:6789 connect error
[ 1122.740807][T22327] syzkaller0: entered promiscuous mode
[ 1122.743351][T22327] syzkaller0: entered allmulticast mode
[ 1122.745713][T22323] ceph: No mds server is up or the cluster is laggy
[ 1122.817850][   T39] usb 11-1: config 0 has no interfaces?
[ 1122.820111][   T39] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1122.828838][   T39] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.837300][   T39] usb 11-1: config 0 descriptor??
[ 1123.046081][T22333] loop6: detected capacity change from 0 to 2640
[ 1123.055234][T22333] buffer_io_error: 23 callbacks suppressed
[ 1123.055255][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.064728][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.068345][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.072299][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.076244][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.079933][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.085136][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.089358][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.095717][T22333] ldm_validate_partition_table(): Disk read failed.
[ 1123.099187][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.105471][T22333] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1123.116910][T22333] Dev loop6: unable to read RDB block 0
[ 1123.120480][T22333]  loop6: unable to read partition table
[ 1123.127383][T22333] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1123.191848][ T6032] usb 49-1: device descriptor read/64, error -71
[ 1123.325763][T22334] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3806'.
[ 1123.441814][ T6032] usb 49-1: new low-speed USB device number 3 using vhci_hcd
[ 1123.732239][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1125.224376][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1125.296010][T19382] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[ 1125.362728][T19382] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1125.467352][T22099] usb 11-1: USB disconnect, device number 2
[ 1125.501410][T22311] vhci_hcd: connection closed
[ 1125.501702][  T739] vhci_hcd vhci_hcd.6: stop threads
[ 1125.571067][  T739] vhci_hcd vhci_hcd.6: release socket
[ 1125.598114][  T739] vhci_hcd vhci_hcd.6: disconnect device
[ 1125.836727][T22361] syzkaller0: entered promiscuous mode
[ 1125.838799][T22361] syzkaller0: entered allmulticast mode
[ 1125.955325][T22366] SET target dimension over the limit!
[ 1126.345657][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1127.168027][T22382] overlayfs: missing 'lowerdir'
[ 1128.059260][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1128.612561][ T6032] vhci_hcd vhci_hcd.6: vhci_device speed not set
[ 1128.981315][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 1129.219375][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1129.757772][T22411] overlayfs: missing 'lowerdir'
[ 1130.648972][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1130.944453][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1131.501604][T22426] syzkaller0: entered promiscuous mode
[ 1131.504181][T22426] syzkaller0: entered allmulticast mode
[ 1131.779766][T22433] overlayfs: missing 'lowerdir'
[ 1132.673975][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1132.832399][T22437] FAULT_INJECTION: forcing a failure.
[ 1132.832399][T22437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1132.840143][T22437] CPU: 3 UID: 0 PID: 22437 Comm: syz.6.3832 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1132.840185][T22437] Tainted: [L]=SOFTLOCKUP
[ 1132.840193][T22437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1132.840207][T22437] Call Trace:
[ 1132.840218][T22437]  <TASK>
[ 1132.840228][T22437]  dump_stack_lvl+0x100/0x190
[ 1132.840276][T22437]  should_fail_ex.cold+0x5/0xa
[ 1132.840306][T22437]  _copy_from_iter+0x1f4/0x1690
[ 1132.840349][T22437]  ? __pfx__copy_from_iter+0x10/0x10
[ 1132.840375][T22437]  ? trace_kmalloc+0xe3/0x110
[ 1132.840399][T22437]  ? __kasan_kmalloc+0xaa/0xb0
[ 1132.840434][T22437]  ? file_tty_write.isra.0+0x694/0x890
[ 1132.840463][T22437]  ? rcu_is_watching+0x12/0xc0
[ 1132.840495][T22437]  ? file_tty_write.isra.0+0x694/0x890
[ 1132.840517][T22437]  ? kfree+0x1dd/0x6c0
[ 1132.840556][T22437]  file_tty_write.isra.0+0x45b/0x890
[ 1132.840589][T22437]  vfs_write+0x6ac/0x1070
[ 1132.840625][T22437]  ? __pfx_tty_write+0x10/0x10
[ 1132.840650][T22437]  ? __pfx_vfs_write+0x10/0x10
[ 1132.840679][T22437]  ? find_held_lock+0x2b/0x80
[ 1132.840727][T22437]  ksys_write+0x12a/0x250
[ 1132.840763][T22437]  ? __pfx_ksys_write+0x10/0x10
[ 1132.840797][T22437]  ? ksys_write+0x1ac/0x250
[ 1132.840833][T22437]  ? rcu_is_watching+0x12/0xc0
[ 1132.840863][T22437]  __do_fast_syscall_32+0xe7/0x950
[ 1132.840896][T22437]  ? lockdep_hardirqs_on+0x78/0x100
[ 1132.840929][T22437]  do_fast_syscall_32+0x32/0x70
[ 1132.840960][T22437]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1132.840990][T22437] RIP: 0023:0xf7f86fcc
[ 1132.841011][T22437] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1132.841033][T22437] RSP: 002b:00000000f544650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[ 1132.841057][T22437] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001040
[ 1132.841072][T22437] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[ 1132.841085][T22437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1132.841098][T22437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1132.841110][T22437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1132.841140][T22437]  </TASK>
[ 1132.911571][T19296] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 1133.101408][T19296] usb 10-1: Using ep0 maxpacket: 16
[ 1133.109230][T19296] usb 10-1: config 0 has no interfaces?
[ 1133.114485][T19296] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1133.123027][T19296] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1133.128402][T19296] usb 10-1: Manufacturer: syz
[ 1133.163371][T19296] usb 10-1: config 0 descriptor??
[ 1133.342826][T22443] loop1: detected capacity change from 0 to 7
[ 1133.493495][T22440] FAULT_INJECTION: forcing a failure.
[ 1133.493495][T22440] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.500592][T22440] CPU: 0 UID: 0 PID: 22440 Comm: syz.5.3834 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1133.500618][T22440] Tainted: [L]=SOFTLOCKUP
[ 1133.500623][T22440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1133.500632][T22440] Call Trace:
[ 1133.500639][T22440]  <TASK>
[ 1133.500646][T22440]  dump_stack_lvl+0x100/0x190
[ 1133.500678][T22440]  should_fail_ex.cold+0x5/0xa
[ 1133.500697][T22440]  ? hash_net4_add+0x121f/0x2e40
[ 1133.500791][T22440]  should_failslab+0xc2/0x120
[ 1133.500805][T22440]  __kmalloc_noprof+0xe0/0x850
[ 1133.500829][T22440]  hash_net4_add+0x121f/0x2e40
[ 1133.500852][T22440]  ? __pfx_hash_net4_add+0x10/0x10
[ 1133.500866][T22440]  ? kasan_save_track+0x14/0x30
[ 1133.500886][T22440]  ? __kasan_kmalloc+0xaa/0xb0
[ 1133.500906][T22440]  ? ip_set_range_to_cidr+0xaf/0x110
[ 1133.500929][T22440]  hash_net4_uadt+0x65d/0xa90
[ 1133.500950][T22440]  ? __pfx_crng_fast_key_erasure+0x10/0x10
[ 1133.500969][T22440]  ? __pfx_hash_net4_add+0x10/0x10
[ 1133.500984][T22440]  ? __pfx_hash_net4_uadt+0x10/0x10
[ 1133.501010][T22440]  ? __lock_acquire+0x4a5/0x2630
[ 1133.501035][T22440]  call_ad.isra.0+0x16e/0x940
[ 1133.501055][T22440]  ? __pfx_call_ad.isra.0+0x10/0x10
[ 1133.501071][T22440]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1133.501103][T22440]  ? __nla_parse+0x40/0x60
[ 1133.501126][T22440]  ip_set_ad.isra.0+0x3eb/0x8a0
[ 1133.501147][T22440]  ? __pfx_ip_set_ad.isra.0+0x10/0x10
[ 1133.501180][T22440]  ? trace_contention_end+0x122/0x170
[ 1133.501234][T22440]  ? find_held_lock+0x2b/0x80
[ 1133.501265][T22440]  nfnetlink_rcv_msg+0x9d5/0x11e0
[ 1133.501380][T22440]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1133.501439][T22440]  ? __lock_acquire+0x4a5/0x2630
[ 1133.501473][T22440]  netlink_rcv_skb+0x159/0x420
[ 1133.501497][T22440]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1133.501527][T22440]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1133.501561][T22440]  ? ns_capable+0xd2/0xf0
[ 1133.501590][T22440]  nfnetlink_rcv+0x1b3/0x440
[ 1133.501618][T22440]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1133.501645][T22440]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1133.501684][T22440]  netlink_unicast+0x585/0x850
[ 1133.501709][T22440]  ? __pfx_netlink_unicast+0x10/0x10
[ 1133.501739][T22440]  netlink_sendmsg+0x8b0/0xda0
[ 1133.501764][T22440]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1133.501788][T22440]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1133.501831][T22440]  ____sys_sendmsg+0x9e1/0xb70
[ 1133.501853][T22440]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1133.501876][T22440]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1133.501911][T22440]  ___sys_sendmsg+0x190/0x1e0
[ 1133.501935][T22440]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1133.501972][T22440]  ? find_held_lock+0x2b/0x80
[ 1133.502013][T22440]  __sys_sendmsg+0x170/0x220
[ 1133.502043][T22440]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1133.502069][T22440]  ? __fget_files+0x21f/0x3d0
[ 1133.502108][T22440]  ? ksys_write+0x1ac/0x250
[ 1133.502140][T22440]  ? rcu_is_watching+0x12/0xc0
[ 1133.502166][T22440]  __do_fast_syscall_32+0xe7/0x950
[ 1133.502195][T22440]  ? lockdep_hardirqs_on+0x78/0x100
[ 1133.502222][T22440]  do_fast_syscall_32+0x32/0x70
[ 1133.502249][T22440]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1133.502275][T22440] RIP: 0023:0xf7f16fcc
[ 1133.502297][T22440] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1133.502322][T22440] RSP: 002b:00000000f53d650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1133.502344][T22440] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000000
[ 1133.502358][T22440] RDX: 0000000004000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1133.502370][T22440] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1133.502381][T22440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1133.502393][T22440] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1133.502421][T22440]  </TASK>
[ 1133.546767][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.671093][    C1] buffer_io_error: 11 callbacks suppressed
[ 1133.671107][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.685060][ T6692] usb 10-1: USB disconnect, device number 26
[ 1133.694664][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.698868][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.702584][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.706493][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.715279][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.719170][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.726368][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.731416][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.735753][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.739277][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.741478][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1133.743372][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.748602][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.753454][T22443] ldm_validate_partition_table(): Disk read failed.
[ 1133.757038][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.761060][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.781285][    C2] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.784009][T22447] random: crng reseeded on system resumption
[ 1133.785421][    C2] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.797579][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1133.801148][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[ 1133.809121][T22443] Dev loop1: unable to read RDB block 0
[ 1133.829066][T22443]  loop1: unable to read partition table
[ 1133.833987][T22443] loop1: partition table beyond EOD, truncated
[ 1133.838253][T22443] loop_reread_partitions: partition scan of loop1 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õÖ�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[ 1134.029039][T22454] block nbd6: NBD_DISCONNECT
[ 1134.101875][T22456] overlayfs: missing 'lowerdir'
[ 1134.169875][T22454] netlink: 76 bytes leftover after parsing attributes in process `syz.6.3838'.
[ 1134.182840][T22454] syzkaller0: entered promiscuous mode
[ 1134.184859][T22454] syzkaller0: entered allmulticast mode
[ 1134.987101][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1136.064707][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1136.639024][   T40] kauditd_printk_skb: 59 callbacks suppressed
[ 1136.639038][   T40] audit: type=1326 audit(1777000680.827:5455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22467 comm="syz.1.3841" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707efcc code=0x0
[ 1137.091675][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1138.166926][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1139.181501][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1139.945041][T22510] input: syz0 as /devices/virtual/input/input19
[ 1139.974967][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1140.105485][T22521] block nbd3: NBD_DISCONNECT
[ 1140.221634][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1140.491300][T18418] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[ 1140.631369][T18418] usb 11-1: device descriptor read/64, error -71
[ 1140.894896][T18418] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[ 1140.907494][T22541] FAULT_INJECTION: forcing a failure.
[ 1140.907494][T22541] name failslab, interval 1, probability 0, space 0, times 0
[ 1140.939865][T22541] CPU: 1 UID: 0 PID: 22541 Comm: syz.1.3866 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1140.939898][T22541] Tainted: [L]=SOFTLOCKUP
[ 1140.939938][T22541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1140.939948][T22541] Call Trace:
[ 1140.939956][T22541]  <TASK>
[ 1140.939964][T22541]  dump_stack_lvl+0x100/0x190
[ 1140.939991][T22541]  should_fail_ex.cold+0x5/0xa
[ 1140.940007][T22541]  should_failslab+0xc2/0x120
[ 1140.940019][T22541]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1140.940035][T22541]  ? copy_process+0x2c51/0x7fa0
[ 1140.940050][T22541]  ? rcu_is_watching+0x12/0xc0
[ 1140.940086][T22541]  copy_process+0x2c51/0x7fa0
[ 1140.940108][T22541]  ? __pfx_copy_process+0x10/0x10
[ 1140.940125][T22541]  ? get_pid_task+0xfc/0x250
[ 1140.940140][T22541]  ? get_pid_task+0xfc/0x250
[ 1140.940158][T22541]  kernel_clone+0x12e/0x9c0
[ 1140.940172][T22541]  ? proc_fail_nth_write+0x9f/0x220
[ 1140.940189][T22541]  ? __pfx_kernel_clone+0x10/0x10
[ 1140.940207][T22541]  ? ksys_write+0x190/0x250
[ 1140.940228][T22541]  __do_compat_sys_ia32_clone+0xd4/0x120
[ 1140.940249][T22541]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[ 1140.940268][T22541]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1140.940290][T22541]  ? fput+0x79/0x100
[ 1140.940302][T22541]  ? ksys_write+0x1ac/0x250
[ 1140.940319][T22541]  ? rcu_is_watching+0x12/0xc0
[ 1140.940333][T22541]  __do_fast_syscall_32+0xe7/0x950
[ 1140.940348][T22541]  ? lockdep_hardirqs_on+0x78/0x100
[ 1140.940363][T22541]  do_fast_syscall_32+0x32/0x70
[ 1140.940378][T22541]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1140.940394][T22541] RIP: 0023:0xf707efcc
[ 1140.940404][T22541] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1140.940415][T22541] RSP: 002b:00000000f546d4bc EFLAGS: 00000202 ORIG_RAX: 0000000000000078
[ 1140.940427][T22541] RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 0000000000000000
[ 1140.940434][T22541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1140.940440][T22541] RBP: 00000000f7474f80 R08: 0000000000000000 R09: 0000000000000000
[ 1140.940447][T22541] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1140.940453][T22541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1140.940467][T22541]  </TASK>
[ 1141.171426][T18418] usb 11-1: device descriptor read/64, error -71
[ 1141.281669][T18418] usb usb11-port1: attempt power cycle
[ 1141.292104][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1141.630668][T22545] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3867'.
[ 1141.631287][T18418] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[ 1141.664262][T18418] usb 11-1: device descriptor read/8, error -71
[ 1141.901400][T18418] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[ 1141.931991][T18418] usb 11-1: device descriptor read/8, error -71
[ 1142.042244][T18418] usb usb11-port1: unable to enumerate USB device
[ 1142.224879][ T5950] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1142.385602][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1142.968242][T22575] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1142.972009][T22575] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1142.975617][T22575] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1142.985015][T22575] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.190897][T22576] net_ratelimit: 116 callbacks suppressed
[ 1143.190916][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.196329][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.199273][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.202684][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.205660][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.208435][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.211444][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.214676][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.218532][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1143.221446][T22576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1145.640688][T22609] kAFS: No cell specified
[ 1146.006735][T22617] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1146.052830][T22617] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1146.074942][T22617] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1146.094702][T22617] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1146.142698][T22623] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[ 1146.307251][T22627] kAFS: No cell specified
[ 1146.981543][T22643] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[ 1147.426674][T22664] overlayfs: missing 'lowerdir'
[ 1147.771404][T22669] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[ 1148.226003][T22674] overlayfs: missing 'lowerdir'
[ 1149.107692][T21834] net_ratelimit: 130 callbacks suppressed
[ 1149.107708][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1149.575088][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1150.110442][T22692] kAFS: No cell specified
[ 1150.117785][   T39] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[ 1150.131658][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1150.291772][   T39] usb 11-1: Using ep0 maxpacket: 16
[ 1150.303715][   T39] usb 11-1: config 0 has no interfaces?
[ 1150.310818][   T39] usb 11-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1150.318715][   T39] usb 11-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1150.326680][   T39] usb 11-1: Manufacturer: syz
[ 1150.334756][   T39] usb 11-1: config 0 descriptor??
[ 1150.742025][T22686] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1150.776449][T22686] block device autoloading is deprecated and will be removed.
[ 1150.955201][T22683] Set syz1 is full, maxelem 6117 reached
[ 1150.982666][T21834] usb 11-1: USB disconnect, device number 7
[ 1151.171762][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1151.448425][T22713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3918'.
[ 1151.542962][T22714] overlayfs: missing 'lowerdir'
[ 1152.313904][T22725] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1152.316733][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1153.744614][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1153.916089][T22736] netlink: 'syz.5.3926': attribute type 1 has an invalid length.
[ 1154.062573][T22736] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1154.542785][T22754] evm: overlay not supported
[ 1154.771622][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1155.474796][T22765] netlink: 212348 bytes leftover after parsing attributes in process `syz.6.3935'.
[ 1155.479573][T22765] openvswitch: netlink: Message has 5 unknown bytes.
[ 1155.566122][T22767] block nbd6: NBD_DISCONNECT
[ 1155.826654][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1156.716627][T22770] Cannot find add_set index 46338 as target
[ 1156.851581][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1157.221656][T22784] binder: 22783:22784 ioctl c004500a 80000040 returned -22
[ 1157.902264][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1158.847966][T22823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1158.855670][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1158.929235][T22824] overlayfs: missing 'lowerdir'
[ 1158.959354][T22826] netlink: zone id is out of range
[ 1158.961319][T22826] netlink: zone id is out of range
[ 1158.963049][T22826] netlink: zone id is out of range
[ 1159.195177][T22829] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3959'.
[ 1159.807696][T15276] net_ratelimit: 5 callbacks suppressed
[ 1159.807719][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1159.818157][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1160.096404][T22838] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3961'.
[ 1160.111692][T22838] netlink: 260 bytes leftover after parsing attributes in process `syz.5.3961'.
[ 1160.153104][T22837] overlay: Unknown parameter 'euid>00000000000000000000'
[ 1160.215929][T22837] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1160.401448][T22837] overlayfs: missing 'lowerdir'
[ 1160.407774][T22835] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[ 1160.410496][T22835] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1160.440861][T22835] vhci_hcd vhci_hcd.0: Device attached
[ 1160.566699][T22850] netlink: 'syz.6.3964': attribute type 39 has an invalid length.
[ 1160.710147][T18418] usb 44-1: SetAddress Request (47) to port 0
[ 1160.716597][T18418] usb 44-1: new SuperSpeed USB device number 47 using vhci_hcd
[ 1161.145214][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1161.161771][T22860] dlm: plock device version mismatch: kernel (1.2.0), user (1.33554432.4194304)
[ 1161.641980][T22869] overlayfs: missing 'lowerdir'
[ 1162.274917][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1162.950883][T22876] netlink: 211856 bytes leftover after parsing attributes in process `syz.6.3972'.
[ 1163.343862][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1163.366885][T22840] vhci_hcd: connection reset by peer
[ 1163.374745][   T59] vhci_hcd vhci_hcd.3: stop threads
[ 1163.376937][   T59] vhci_hcd vhci_hcd.3: release socket
[ 1163.379184][   T59] vhci_hcd vhci_hcd.3: disconnect device
[ 1163.621607][T22884] overlayfs: missing 'lowerdir'
[ 1163.704101][T22885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1163.707371][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1164.279480][T22893] binder: BINDER_SET_CONTEXT_MGR already set
[ 1164.287923][T22893] binder: 22892:22893 ioctl 4018620d 80000100 returned -16
[ 1164.371584][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1165.205430][T22909] block nbd1: NBD_DISCONNECT
[ 1165.414195][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1165.532506][T22917] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1165.822495][T18418] usb 44-1: device descriptor read/8, error -110
[ 1166.451465][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1166.672367][T18418] usb usb44-port1: attempt power cycle
[ 1166.851860][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1167.332069][T22939] kAFS: No cell specified
[ 1167.530028][T18418] usb usb44-port1: unable to enumerate USB device
[ 1167.537013][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1168.332101][T22963] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[ 1168.335026][T22963] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1168.352623][T22963] vhci_hcd vhci_hcd.0: Device attached
[ 1168.611327][T15276] usb 49-1: new low-speed USB device number 4 using vhci_hcd
[ 1168.633333][ T7591] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[ 1168.707304][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1168.841286][ T7591] usb 11-1: Using ep0 maxpacket: 8
[ 1168.903527][ T7591] usb 11-1: config 0 has no interfaces?
[ 1168.905495][ T7591] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1168.941516][ T7591] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1169.136922][ T7591] usb 11-1: config 0 descriptor??
[ 1169.354482][T22966] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 3
[ 1169.357018][   T12] vhci_hcd vhci_hcd.6: stop threads
[ 1169.358755][   T12] vhci_hcd vhci_hcd.6: release socket
[ 1169.360806][   T12] vhci_hcd vhci_hcd.6: disconnect device
[ 1169.411984][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1169.732720][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1170.781803][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1171.299126][T18418] usb 11-1: USB disconnect, device number 8
[ 1171.662122][T22990] loop5: detected capacity change from 0 to 7
[ 1171.673011][T22989] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4003'.
[ 1171.691303][T22990] Dev loop5: unable to read RDB block 7
[ 1171.705706][T22990]  loop5: unable to read partition table
[ 1171.717404][T22990] loop5: partition table beyond EOD, truncated
[ 1171.733438][T22990] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1171.817629][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1172.057953][T22995] bond3: Unable to set down delay as MII monitoring is disabled
[ 1172.066589][T22995] bond3 (unregistering): Released all slaves
[ 1172.449390][ T5350] Dev loop5: unable to read RDB block 7
[ 1172.452138][ T5350]  loop5: unable to read partition table
[ 1172.454692][ T5350] loop5: partition table beyond EOD, truncated
[ 1172.955385][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1173.352188][T23016] binder_alloc: 23015: binder_alloc_buf, no vma
[ 1173.580100][ T5350] Dev loop5: unable to read RDB block 7
[ 1173.585605][ T5350]  loop5: unable to read partition table
[ 1173.588509][ T5350] loop5: partition table beyond EOD, truncated
[ 1173.731833][T15276] vhci_hcd vhci_hcd.6: vhci_device speed not set
[ 1173.981621][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1174.396019][ T5350] Dev loop5: unable to read RDB block 7
[ 1174.400867][ T5350]  loop5: unable to read partition table
[ 1174.406545][ T5350] loop5: partition table beyond EOD, truncated
[ 1174.530278][ T7591] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1174.594679][T23034] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4019'.
[ 1174.704050][ T7591] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1174.716445][ T7591] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 1174.720003][ T7591] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 1174.731381][ T7591] usb 10-1: Product: syz
[ 1174.733345][ T7591] usb 10-1: Manufacturer: syz
[ 1174.735278][ T7591] usb 10-1: SerialNumber: syz
[ 1174.973661][ T7591] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 27 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1175.024720][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1175.482281][T23042] qnx6: unable to read the first superblock
[ 1175.501829][T23042] qnx6: unable to read the first superblock
[ 1175.506700][T23042] qnx6: unable to read the first superblock
[ 1175.537748][T18418] usb 10-1: USB disconnect, device number 27
[ 1175.541641][T18418] usblp0: removed
[ 1175.613688][T23029] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1175.897322][T23056] overlayfs: missing 'lowerdir'
[ 1176.781425][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1176.894509][T23065] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4029'.
[ 1176.922832][T21834] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 1177.102548][T21834] usb 10-1: Using ep0 maxpacket: 16
[ 1177.114153][T21834] usb 10-1: config 0 has no interfaces?
[ 1177.122033][T21834] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1177.125330][T21834] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1177.349326][T21834] usb 10-1: Manufacturer: syz
[ 1177.385250][T21834] usb 10-1: config 0 descriptor??
[ 1177.610878][T18418] usb 10-1: USB disconnect, device number 28
[ 1177.655271][T23082] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 1177.812810][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1178.060771][T23086] kAFS: No cell specified
[ 1178.263518][T23099] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4038'.
[ 1178.851768][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1179.439717][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1179.823622][T23118] overlayfs: missing 'lowerdir'
[ 1179.891462][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1180.798335][T23128] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1180.932203][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1182.217134][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 1182.768786][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1183.812469][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.851517][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1186.021923][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1186.777064][T23190] binder: BINDER_SET_CONTEXT_MGR already set
[ 1186.782823][T23190] binder: 23189:23190 ioctl 4018620d 800002c0 returned -16
[ 1187.105144][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1188.065488][T23208] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4067'.
[ 1188.068860][T23208] FAULT_INJECTION: forcing a failure.
[ 1188.068860][T23208] name failslab, interval 1, probability 0, space 0, times 0
[ 1188.073127][T23208] CPU: 0 UID: 0 PID: 23208 Comm: syz.6.4067 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1188.073148][T23208] Tainted: [L]=SOFTLOCKUP
[ 1188.073152][T23208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1188.073172][T23208] Call Trace:
[ 1188.073176][T23208]  <TASK>
[ 1188.073181][T23208]  dump_stack_lvl+0x100/0x190
[ 1188.073207][T23208]  should_fail_ex.cold+0x5/0xa
[ 1188.073223][T23208]  should_failslab+0xc2/0x120
[ 1188.073235][T23208]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1188.073252][T23208]  ? fib_trie_unmerge+0x220/0xbd0
[ 1188.073339][T23208]  ? leaf_walk_rcu+0x725/0x850
[ 1188.073356][T23208]  fib_trie_unmerge+0x220/0xbd0
[ 1188.073376][T23208]  ? __pfx_fib_trie_unmerge+0x10/0x10
[ 1188.073393][T23208]  ? __pfx___mutex_lock+0x10/0x10
[ 1188.073417][T23208]  fib_unmerge+0xee/0x510
[ 1188.073426][T23208]  ? __pfx_fib_nl2rule.constprop.0+0x10/0x10
[ 1188.073449][T23208]  fib4_rule_configure+0x383/0x10c0
[ 1188.073467][T23208]  fib_newrule+0x356/0x1ed0
[ 1188.073483][T23208]  ? __pfx_fib_newrule+0x10/0x10
[ 1188.073503][T23208]  ? __pfx___schedule+0x10/0x10
[ 1188.073526][T23208]  ? find_held_lock+0x2b/0x80
[ 1188.073540][T23208]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1188.073559][T23208]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1188.073576][T23208]  ? __pfx_fib_nl_newrule+0x10/0x10
[ 1188.073588][T23208]  rtnetlink_rcv_msg+0x95e/0xe90
[ 1188.073606][T23208]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1188.073630][T23208]  netlink_rcv_skb+0x159/0x420
[ 1188.073643][T23208]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1188.073661][T23208]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1188.073682][T23208]  netlink_unicast+0x585/0x850
[ 1188.073696][T23208]  ? __pfx_netlink_unicast+0x10/0x10
[ 1188.073711][T23208]  netlink_sendmsg+0x8b0/0xda0
[ 1188.073726][T23208]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1188.073739][T23208]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1188.073762][T23208]  ____sys_sendmsg+0x9e1/0xb70
[ 1188.073779][T23208]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1188.073796][T23208]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1188.073821][T23208]  ___sys_sendmsg+0x190/0x1e0
[ 1188.073842][T23208]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1188.073868][T23208]  ? find_held_lock+0x2b/0x80
[ 1188.073904][T23208]  __sys_sendmsg+0x170/0x220
[ 1188.073931][T23208]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1188.073952][T23208]  ? __fget_files+0x21f/0x3d0
[ 1188.073988][T23208]  ? ksys_write+0x1ac/0x250
[ 1188.074017][T23208]  ? rcu_is_watching+0x12/0xc0
[ 1188.074049][T23208]  __do_fast_syscall_32+0xe7/0x950
[ 1188.074075][T23208]  ? lockdep_hardirqs_on+0x78/0x100
[ 1188.074098][T23208]  do_fast_syscall_32+0x32/0x70
[ 1188.074123][T23208]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1188.074147][T23208] RIP: 0023:0xf7f86fcc
[ 1188.074162][T23208] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1188.074180][T23208] RSP: 002b:00000000f542550c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1188.074199][T23208] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000140
[ 1188.074211][T23208] RDX: 0000000000004040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1188.074223][T23208] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1188.074232][T23208] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1188.074242][T23208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1188.074267][T23208]  </TASK>
[ 1188.491914][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1188.852459][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1189.059275][T23218] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1189.064545][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1189.211273][ T6033] usb 11-1: new full-speed USB device number 9 using dummy_hcd
[ 1189.386015][ T6033] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1189.391042][ T6033] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1189.397496][ T6033] usb 11-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[ 1189.402602][ T6033] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1189.416376][ T6033] usb 11-1: config 0 descriptor??
[ 1189.492653][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1189.628360][T23224] binder: BINDER_SET_CONTEXT_MGR already set
[ 1189.637579][T23224] binder: 23223:23224 ioctl 4018620d 80000100 returned -16
[ 1189.644660][T23224] binder: BINDER_SET_CONTEXT_MGR already set
[ 1189.649375][T23224] binder: 23223:23224 ioctl 4018620d 800002c0 returned -16
[ 1189.958104][T23228] overlayfs: missing 'lowerdir'
[ 1189.963820][ T6033] kye 0003:0458:5016.0008: control desc unexpectedly large
[ 1190.109856][ T6033] input: HID 0458:5016 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0458:5016.0008/input/input20
[ 1190.303510][ T6033] input: HID 0458:5016 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0458:5016.0008/input/input21
[ 1190.437962][ T6033] kye 0003:0458:5016.0008: input,hiddev0,hidraw1: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.6-1/input0
[ 1190.462124][ T6033] usb 11-1: USB disconnect, device number 9
[ 1190.806394][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1191.020986][T23229] fido_id[23229]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb11/report_descriptor': No such file or directory
[ 1191.026107][T23233] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[ 1191.650454][T23246] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4078'.
[ 1191.777547][T23248] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4080'.
[ 1191.972929][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1193.105837][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1193.644604][T23270] overlayfs: missing 'lowerdir'
[ 1194.527640][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1195.573927][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1196.823548][T23303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4096'.
[ 1197.071989][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1197.221875][T23306] overlayfs: missing 'lowerdir'
[ 1197.671833][T23312] overlayfs: missing 'lowerdir'
[ 1197.745109][T23313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1197.748299][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1198.156447][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1198.213990][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1198.217129][T23315] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4098'.
[ 1198.359395][T23297] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1199.206722][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1200.215838][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1201.258604][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1201.532833][T23371] overlayfs: missing 'lowerdir'
[ 1202.230867][T23376] binder: BINDER_SET_CONTEXT_MGR already set
[ 1202.234230][T23376] binder: 23375:23376 ioctl 4018620d 800002c0 returned -16
[ 1202.292159][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1203.514038][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1203.659027][T23395] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4121'.
[ 1203.744280][T23395] netlink: 260 bytes leftover after parsing attributes in process `syz.3.4121'.
[ 1204.541695][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1204.546480][T23407] netlink: 'syz.3.4122': attribute type 11 has an invalid length.
[ 1204.698581][T23409] binder: BINDER_SET_CONTEXT_MGR already set
[ 1204.707155][T23409] binder: 23408:23409 ioctl 4018620d 800002c0 returned -16
[ 1205.585288][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1205.649454][T23419] comedi comedi2: dt2814: I/O port conflict (0xfffffffffffffff9,2)
[ 1205.899377][T23423] fuse: Bad value for 'fd'
[ 1206.081105][T23425] syzkaller0: entered promiscuous mode
[ 1206.086078][T23425] syzkaller0: entered allmulticast mode
[ 1206.566325][T23438] Invalid source name
[ 1206.568213][T23438] UBIFS error (pid: 23438): cannot open "./file0", error -22
[ 1206.597242][T23438] overlay: ./file0 is not a directory
[ 1206.622610][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1206.831000][T23443] binder: BINDER_SET_CONTEXT_MGR already set
[ 1206.833992][T23443] binder: 23442:23443 ioctl 4018620d 800002c0 returned -16
[ 1207.671516][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1207.812000][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1208.696345][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1209.738745][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1210.140709][T23445] macvlan2: entered promiscuous mode
[ 1210.142638][T23445] bridge0: entered promiscuous mode
[ 1210.196474][T23458] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1210.322544][T23465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1210.551540][T15276] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[ 1210.723131][T15276] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1210.729977][T15276] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1210.741960][T15276] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1210.745795][T15276] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1210.748841][T15276] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1210.770999][T15276] usb 6-1: config 0 descriptor??
[ 1210.773980][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1210.866682][T23472] binder: BINDER_SET_CONTEXT_MGR already set
[ 1210.869518][T23472] binder: 23471:23472 ioctl 4018620d 800002c0 returned -16
[ 1211.039245][T23477] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4145'.
[ 1211.200820][T15276] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1211.410911][T23485] overlayfs: missing 'lowerdir'
[ 1211.528814][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1211.534034][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1211.538530][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1211.559037][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1211.563035][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1211.821499][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1212.339860][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1212.346170][T23486] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1212.511969][    C3] plantronics 0003:047F:FFFF.0009: usb_submit_urb(ctrl) failed: -1
[ 1212.861507][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1212.931346][T15276] usb 6-1: reset high-speed USB device number 42 using dummy_hcd
[ 1213.091252][T15276] usb 6-1: device descriptor read/64, error -32
[ 1213.332246][T23502] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4151'.
[ 1214.008660][ T7591] usb 6-1: USB disconnect, device number 42
[ 1214.139186][T23521] kAFS: No cell specified
[ 1215.607810][T23540] overlayfs: missing 'lowerdir'
[ 1215.972196][T15276] net_ratelimit: 4 callbacks suppressed
[ 1215.972218][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1216.749667][T23544] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4161'.
[ 1217.121249][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1217.260536][T23550] 9p: Bad value for 'rfdno'
[ 1217.288879][T23556] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1217.291055][T23556] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1217.300394][T23556] vhci_hcd vhci_hcd.0: Device attached
[ 1217.434104][T23556] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4165'.
[ 1217.444399][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1217.570332][T23567] overlayfs: missing 'lowerdir'
[ 1217.657664][T23568] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1217.660730][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1217.675654][ T6001] usb 40-1: SetAddress Request (86) to port 0
[ 1217.695861][ T6001] usb 40-1: new SuperSpeed USB device number 86 using vhci_hcd
[ 1218.054314][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[ 1219.803761][T23573] overlayfs: missing 'lowerdir'
[ 1220.315108][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1220.320892][T23558] vhci_hcd: connection reset by peer
[ 1220.344817][   T59] vhci_hcd vhci_hcd.1: stop threads
[ 1220.438156][   T59] vhci_hcd vhci_hcd.1: release socket
[ 1220.441783][   T59] vhci_hcd vhci_hcd.1: disconnect device
[ 1220.846950][T23586] binder: BINDER_SET_CONTEXT_MGR already set
[ 1220.849765][T23586] binder: 23585:23586 ioctl 4018620d 800002c0 returned -16
[ 1221.342749][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.383636][   T40] audit: type=1804 audit(1777000765.577:5456): pid=23591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4175" name="/newroot/277/file0" dev="tmpfs" ino=1503 res=1 errno=0
[ 1221.509511][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.515728][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.521418][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.528478][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.531506][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.538015][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.541679][T23601] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.591385][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1221.834104][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1222.052233][T23604] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[ 1222.055367][T23604] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1222.066526][T23604] vhci_hcd vhci_hcd.0: Device attached
[ 1222.351547][ T6033] usb 48-1: SetAddress Request (42) to port 0
[ 1222.353539][ T6033] usb 48-1: new SuperSpeed USB device number 42 using vhci_hcd
[ 1222.380195][T23608] vhci_hcd: connection reset by peer
[ 1222.384703][   T59] vhci_hcd vhci_hcd.5: stop threads
[ 1222.386574][   T59] vhci_hcd vhci_hcd.5: release socket
[ 1222.389522][   T59] vhci_hcd vhci_hcd.5: disconnect device
[ 1222.870839][ T6001] usb 40-1: device descriptor read/8, error -110
[ 1223.268844][T23629] FAULT_INJECTION: forcing a failure.
[ 1223.268844][T23629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1223.273615][T23629] CPU: 3 UID: 0 PID: 23629 Comm: syz.6.4184 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1223.273636][T23629] Tainted: [L]=SOFTLOCKUP
[ 1223.273640][T23629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1223.273648][T23629] Call Trace:
[ 1223.273652][T23629]  <TASK>
[ 1223.273657][T23629]  dump_stack_lvl+0x100/0x190
[ 1223.273683][T23629]  should_fail_ex.cold+0x5/0xa
[ 1223.273700][T23629]  _copy_to_user+0x32/0xd0
[ 1223.273715][T23629]  simple_read_from_buffer+0xcb/0x170
[ 1223.273734][T23629]  proc_fail_nth_read+0x1af/0x230
[ 1223.273750][T23629]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1223.273766][T23629]  ? rw_verify_area+0xce/0x6d0
[ 1223.273781][T23629]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1223.273795][T23629]  vfs_read+0x1e4/0xb30
[ 1223.273814][T23629]  ? __pfx_vfs_read+0x10/0x10
[ 1223.273835][T23629]  ? find_held_lock+0x2b/0x80
[ 1223.273852][T23629]  ? __fget_files+0x215/0x3d0
[ 1223.273872][T23629]  ? __fget_files+0x21f/0x3d0
[ 1223.273893][T23629]  ksys_read+0x12a/0x250
[ 1223.273909][T23629]  ? __pfx_ksys_read+0x10/0x10
[ 1223.273926][T23629]  ? rcu_is_watching+0x12/0xc0
[ 1223.273939][T23629]  ? rcu_is_watching+0x12/0xc0
[ 1223.273953][T23629]  do_int80_emulation+0x141/0x700
[ 1223.273973][T23629]  asm_int80_emulation+0x1a/0x20
[ 1223.273985][T23629] RIP: 0023:0xf7185cab
[ 1223.273997][T23629] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1223.274008][T23629] RSP: 002b:00000000f54464bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1223.274020][T23629] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54465d0
[ 1223.274027][T23629] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1223.274034][T23629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1223.274040][T23629] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1223.274046][T23629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1223.274061][T23629]  </TASK>
[ 1223.281874][ T6001] usb usb40-port1: attempt power cycle
[ 1223.606067][T23644] netlink: 'syz.6.4190': attribute type 13 has an invalid length.
[ 1223.608707][T23640] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1223.609915][T23644] netlink: 152 bytes leftover after parsing attributes in process `syz.6.4190'.
[ 1223.621422][T23640] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1223.705381][T23651] overlayfs: missing 'lowerdir'
[ 1224.668174][ T6001] usb usb40-port1: unable to enumerate USB device
[ 1225.051358][ T6001] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[ 1225.201421][ T6001] usb 11-1: Using ep0 maxpacket: 8
[ 1225.208912][ T6001] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[ 1225.213038][ T6001] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1225.216316][ T6001] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1225.219835][ T6001] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1225.386971][ T6001] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1225.420751][ T6001] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1225.451052][ T6001] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1226.774455][ T7591] net_ratelimit: 9 callbacks suppressed
[ 1226.774470][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1226.790341][ T6001] usb 11-1: usb_control_msg returned -32
[ 1226.793033][ T6001] usbtmc 11-1:16.0: can't read capabilities
[ 1227.011687][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1227.127761][T23676] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[ 1227.131481][T23676] qnx6: wrong signature (magic) in superblock #1.
[ 1227.133666][T23676] qnx6: unable to read the first superblock
[ 1227.261888][   T39] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1227.421745][ T6033] usb 48-1: device descriptor read/8, error -110
[ 1227.576266][T23682] FAULT_INJECTION: forcing a failure.
[ 1227.576266][T23682] name failslab, interval 1, probability 0, space 0, times 0
[ 1227.592170][T23682] CPU: 1 UID: 0 PID: 23682 Comm: syz.3.4200 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1227.592193][T23682] Tainted: [L]=SOFTLOCKUP
[ 1227.592197][T23682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1227.592205][T23682] Call Trace:
[ 1227.592210][T23682]  <TASK>
[ 1227.592215][T23682]  dump_stack_lvl+0x100/0x190
[ 1227.592243][T23682]  should_fail_ex.cold+0x5/0xa
[ 1227.592260][T23682]  should_failslab+0xc2/0x120
[ 1227.592275][T23682]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1227.592290][T23682]  ? tcf_action_init_1+0x27e/0x6c0
[ 1227.592308][T23682]  ? __nla_parse+0x40/0x60
[ 1227.592331][T23682]  tcf_action_init_1+0x27e/0x6c0
[ 1227.592347][T23682]  ? __pfx_tcf_action_init_1+0x10/0x10
[ 1227.592361][T23682]  ? tc_action_load_ops+0x1f5/0x3e0
[ 1227.592376][T23682]  ? __pfx_tc_action_load_ops+0x10/0x10
[ 1227.592410][T23682]  ? __nla_parse+0x40/0x60
[ 1227.592430][T23682]  tcf_action_init+0x43f/0xa60
[ 1227.592450][T23682]  ? __pfx_tcf_action_init+0x10/0x10
[ 1227.592476][T23682]  ? __kernel_text_address+0xd/0x30
[ 1227.592497][T23682]  ? unwind_get_return_address+0x59/0xa0
[ 1227.592513][T23682]  ? arch_stack_walk+0xa6/0xf0
[ 1227.592541][T23682]  ? kasan_save_stack+0x3f/0x50
[ 1227.592558][T23682]  ? kasan_save_stack+0x30/0x50
[ 1227.592574][T23682]  ? kasan_save_track+0x14/0x30
[ 1227.592591][T23682]  ? kasan_save_free_info+0x3b/0x70
[ 1227.592604][T23682]  ? __kasan_slab_free+0x5f/0x80
[ 1227.592621][T23682]  ? kmem_cache_free+0x127/0x6c0
[ 1227.592635][T23682]  ? kfree_skbmem+0x19a/0x210
[ 1227.592648][T23682]  ? consume_skb+0xd1/0x110
[ 1227.592665][T23682]  ? nlmon_xmit+0xa5/0xe0
[ 1227.592759][T23682]  ? dev_hard_start_xmit+0x128/0x7a0
[ 1227.592776][T23682]  tcf_action_add+0xed/0x5c0
[ 1227.592793][T23682]  ? __pfx_tcf_action_add+0x10/0x10
[ 1227.592830][T23682]  ? __nla_parse+0x40/0x60
[ 1227.592854][T23682]  tc_ctl_action+0x2e3/0x470
[ 1227.592870][T23682]  ? __pfx_tc_ctl_action+0x10/0x10
[ 1227.592891][T23682]  ? __pfx_tc_ctl_action+0x10/0x10
[ 1227.592908][T23682]  rtnetlink_rcv_msg+0x3c9/0xe90
[ 1227.592930][T23682]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1227.592954][T23682]  ? ref_tracker_free+0x37e/0x6c0
[ 1227.592973][T23682]  netlink_rcv_skb+0x159/0x420
[ 1227.592988][T23682]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1227.593008][T23682]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1227.593027][T23682]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1227.593051][T23682]  netlink_unicast+0x585/0x850
[ 1227.593067][T23682]  ? __pfx_netlink_unicast+0x10/0x10
[ 1227.593084][T23682]  netlink_sendmsg+0x8b0/0xda0
[ 1227.593100][T23682]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1227.593115][T23682]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1227.593142][T23682]  ____sys_sendmsg+0x9e1/0xb70
[ 1227.593155][T23682]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1227.593169][T23682]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1227.593190][T23682]  ___sys_sendmsg+0x190/0x1e0
[ 1227.593206][T23682]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1227.593228][T23682]  ? find_held_lock+0x2b/0x80
[ 1227.593254][T23682]  __sys_sendmsg+0x170/0x220
[ 1227.593274][T23682]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1227.593291][T23682]  ? __fget_files+0x21f/0x3d0
[ 1227.593317][T23682]  ? ksys_write+0x1ac/0x250
[ 1227.593339][T23682]  ? rcu_is_watching+0x12/0xc0
[ 1227.593355][T23682]  __do_fast_syscall_32+0xe7/0x950
[ 1227.593374][T23682]  ? lockdep_hardirqs_on+0x78/0x100
[ 1227.593391][T23682]  do_fast_syscall_32+0x32/0x70
[ 1227.593408][T23682]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1227.593429][T23682] RIP: 0023:0xf705efcc
[ 1227.593445][T23682] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1227.593461][T23682] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1227.593483][T23682] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1227.593497][T23682] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1227.593510][T23682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1227.593520][T23682] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1227.593532][T23682] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1227.593559][T23682]  </TASK>
[ 1227.832315][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1227.965464][ T6001] usb 11-1: USB disconnect, device number 10
[ 1228.321035][ T6033] usb usb48-port1: attempt power cycle
[ 1228.851668][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.163072][T23701] kAFS: No cell specified
[ 1230.683148][ T6033] usb usb48-port1: unable to enumerate USB device
[ 1230.697398][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1231.131704][T23728] kAFS: No cell specified
[ 1231.731917][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1232.771740][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1233.811946][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1234.851890][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1235.891553][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1236.611872][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1236.942286][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1237.611778][T23750] 9p: Bad value for 'wfdno'
[ 1237.973196][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1239.021667][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1239.602081][T23785] overlayfs: missing 'lowerdir'
[ 1240.496858][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1240.813730][T23798] udf: Unknown parameter 'acl'
[ 1241.571777][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1242.611737][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1244.187178][T23841] overlayfs: missing 'lowerdir'
[ 1244.234575][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 1244.248183][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1245.253074][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1246.235393][T23865] FAULT_INJECTION: forcing a failure.
[ 1246.235393][T23865] name failslab, interval 1, probability 0, space 0, times 0
[ 1246.240870][T23865] CPU: 1 UID: 0 PID: 23865 Comm: syz.3.4234 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1246.240919][T23865] Tainted: [L]=SOFTLOCKUP
[ 1246.240925][T23865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1246.240936][T23865] Call Trace:
[ 1246.240945][T23865]  <TASK>
[ 1246.240955][T23865]  dump_stack_lvl+0x100/0x190
[ 1246.240999][T23865]  should_fail_ex.cold+0x5/0xa
[ 1246.241022][T23865]  ? tomoyo_encode2+0xfb/0x3c0
[ 1246.241052][T23865]  should_failslab+0xc2/0x120
[ 1246.241069][T23865]  __kmalloc_noprof+0xe0/0x850
[ 1246.241092][T23865]  ? finish_task_switch.isra.0+0x2cb/0x1010
[ 1246.241119][T23865]  tomoyo_encode2+0xfb/0x3c0
[ 1246.241141][T23865]  ? __schedule+0x10fb/0x6820
[ 1246.241181][T23865]  tomoyo_encode+0x29/0x50
[ 1246.241203][T23865]  tomoyo_mount_acl+0x14c/0x8b0
[ 1246.241229][T23865]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[ 1246.241253][T23865]  ? preempt_schedule_irq+0x7b/0x90
[ 1246.241288][T23865]  ? tomoyo_profile+0x2d/0x60
[ 1246.241314][T23865]  ? tomoyo_profile+0x47/0x60
[ 1246.241339][T23865]  tomoyo_mount_permission+0x214/0x460
[ 1246.241359][T23865]  ? tomoyo_mount_permission+0x1f6/0x460
[ 1246.241381][T23865]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 1246.241414][T23865]  security_sb_mount+0xdd/0x270
[ 1246.241433][T23865]  path_mount+0x158/0x23d0
[ 1246.241456][T23865]  ? __pfx_path_mount+0x10/0x10
[ 1246.241473][T23865]  ? lockdep_hardirqs_on+0x78/0x100
[ 1246.241495][T23865]  ? putname+0xb1/0x110
[ 1246.241510][T23865]  ? kmem_cache_free+0x127/0x6c0
[ 1246.241530][T23865]  ? putname+0x6d/0x110
[ 1246.241552][T23865]  ? __ia32_sys_mount+0x292/0x310
[ 1246.241570][T23865]  __ia32_sys_mount+0x292/0x310
[ 1246.241588][T23865]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1246.241608][T23865]  ? rcu_is_watching+0x12/0xc0
[ 1246.241629][T23865]  __do_fast_syscall_32+0xe7/0x950
[ 1246.241650][T23865]  ? lockdep_hardirqs_on+0x78/0x100
[ 1246.241671][T23865]  do_fast_syscall_32+0x32/0x70
[ 1246.241692][T23865]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1246.241714][T23865] RIP: 0023:0xf705efcc
[ 1246.241730][T23865] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1246.241746][T23865] RSP: 002b:00000000f540b50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[ 1246.241765][T23865] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000080000100
[ 1246.241775][T23865] RDX: 0000000080002280 RSI: 0000000001000080 RDI: 0000000000000000
[ 1246.241785][T23865] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1246.241795][T23865] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1246.241805][T23865] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1246.241825][T23865]  </TASK>
[ 1246.291818][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1246.299936][T23865] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4234'.
[ 1246.625159][  T739] wlan0: Trigger new scan to find an IBSS to join
[ 1247.118051][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1247.122187][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1247.128298][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1247.233540][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1248.231300][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1249.289528][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1249.418224][T23896] overlayfs: missing 'lowerdir'
[ 1250.781817][   T12] wlan0: Trigger new scan to find an IBSS to join
[ 1251.085480][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1251.799550][T23910] block nbd1: NBD_DISCONNECT
[ 1251.978306][T23899] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1252.141473][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1252.184005][   T40] audit: type=1326 audit(1777000796.207:5457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23890 comm="syz.5.4239" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f16fcc code=0x0
[ 1252.275412][T23911] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4244'.
[ 1252.299099][T23911] syzkaller0: entered promiscuous mode
[ 1252.302583][T23911] syzkaller0: entered allmulticast mode
[ 1253.612269][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1254.764902][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1255.821606][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1255.882743][T23937] kAFS: No cell specified
[ 1256.462702][T15111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1256.654336][T23930] siw: device registration error -23
[ 1256.851651][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1257.838846][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1257.891769][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1258.071334][T23957] kAFS: No cell specified
[ 1258.191901][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1258.508481][T23959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1258.931559][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1259.420963][T23974] vxfs: WRONG superblock magic 00000000 at 1
[ 1259.426258][T23974] vxfs: WRONG superblock magic 00000000 at 8
[ 1259.428748][T23974] vxfs: can't find superblock.
[ 1259.440331][T23974] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4258'.
[ 1260.279314][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1260.498321][T23981] syzkaller0: entered promiscuous mode
[ 1260.500679][T23981] syzkaller0: entered allmulticast mode
[ 1260.558366][T23984] usb usb1: usbfs: process 23984 (syz.3.4261) did not claim interface 7 before use
[ 1260.636395][T23981] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4261'.
[ 1261.331576][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1262.317169][T24009] kAFS: No cell specified
[ 1262.372321][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1263.015908][T24014] input: syz1 as /devices/virtual/input/input22
[ 1263.082740][T24014] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1263.191054][T23846] udevd[23846]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[ 1263.425640][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1264.416440][T24046] ptrace attach of "/syz-executor exec"[21989] was attempted by "/syz-executor exec"[24046]
[ 1264.537355][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1264.961675][T24043] kAFS: No cell specified
[ 1265.571566][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1266.053788][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1266.546492][T24064] kAFS: No cell specified
[ 1266.611788][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1267.652629][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1267.684275][T24068] loop6: detected capacity change from 0 to 2640
[ 1267.690518][T24068] buffer_io_error: 10 callbacks suppressed
[ 1267.690532][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.697157][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.700574][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.704796][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.707902][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.710773][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.715038][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.718147][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.720908][T24068] ldm_validate_partition_table(): Disk read failed.
[ 1267.724099][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.726698][T24068] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1267.729296][T24068] Dev loop6: unable to read RDB block 0
[ 1267.732746][T24068]  loop6: unable to read partition table
[ 1267.745707][T24068] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1268.851606][T24072] overlayfs: missing 'lowerdir'
[ 1268.859966][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1269.901448][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.050562][T24106] overlayfs: missing 'lowerdir'
[ 1271.331392][ T5950] Bluetooth: hci0: command 0x0406 tx timeout
[ 1271.390343][T24112] kAFS: No cell specified
[ 1271.889660][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1272.328561][T24125] overlayfs: missing 'lowerdir'
[ 1272.336242][T24125] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1272.340262][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1272.937047][T24127] binder: BINDER_SET_CONTEXT_MGR already set
[ 1272.938999][T24127] binder: 24126:24127 ioctl 4018620d 800002c0 returned -16
[ 1273.223051][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1273.735112][T24133] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4296'.
[ 1274.280931][T24134] bond3: Unable to set down delay as MII monitoring is disabled
[ 1274.297611][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1274.347602][T24134] bond3 (unregistering): Released all slaves
[ 1275.143106][T21393] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[ 1275.311353][T21393] usb 10-1: Using ep0 maxpacket: 32
[ 1275.331832][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1275.345269][T21393] usb 10-1: config 0 has no interfaces?
[ 1275.349984][T21393] usb 10-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[ 1275.358489][T21393] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1275.370051][T21393] usb 10-1: config 0 descriptor??
[ 1275.642514][T22099] usb 10-1: USB disconnect, device number 29
[ 1276.333760][T15111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.372363][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.629325][T24164] kAFS: No cell specified
[ 1276.727939][T24169] overlayfs: missing 'lowerdir'
[ 1276.785307][T24170] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.789424][T24170] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.898835][T24171] net_ratelimit: 119 callbacks suppressed
[ 1276.898864][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.906226][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.909839][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.913546][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.917416][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.921500][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.925151][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.928631][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.932411][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1276.936264][T24171] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1278.915671][T24191] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4308'.
[ 1279.251608][T24192] bond3: Unable to set down delay as MII monitoring is disabled
[ 1279.285816][T24192] bond3 (unregistering): Released all slaves
[ 1281.064908][T24221] Cannot find add_set index 2 as target
[ 1281.132291][T24211] netlink: 'syz.1.4314': attribute type 1 has an invalid length.
[ 1281.184768][T24211] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1281.196444][T24224] bond4: (slave geneve3): making interface the new active one
[ 1281.200548][T24224] bond4: (slave geneve3): Enslaving as an active interface with an up link
[ 1281.208466][T23899] netdevsim netdevsim1 netdevsim0: set [1, 2] type 2 family 0 port 20004 - 0
[ 1281.253953][T23899] netdevsim netdevsim1 netdevsim1: set [1, 2] type 2 family 0 port 20004 - 0
[ 1281.264201][T23899] netdevsim netdevsim1 netdevsim2: set [1, 2] type 2 family 0 port 20004 - 0
[ 1281.282326][T24224] sp0: Synchronizing with TNC
[ 1281.286207][T24224] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4314'.
[ 1281.299911][T23899] netdevsim netdevsim1 netdevsim3: set [1, 2] type 2 family 0 port 20004 - 0
[ 1281.751408][T24238] kAFS: No cell specified
[ 1282.211598][T15276] net_ratelimit: 83 callbacks suppressed
[ 1282.211622][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1282.775651][T24255] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4324'.
[ 1282.881579][T24259] binder: BINDER_SET_CONTEXT_MGR already set
[ 1282.885772][T24259] binder: 24256:24259 ioctl 4018620d 800002c0 returned -16
[ 1282.891396][T24257] bond1: Unable to set down delay as MII monitoring is disabled
[ 1282.989122][T24257] bond1 (unregistering): Released all slaves
[ 1283.460585][T24266] gfs2: gfs2 mount does not exist
[ 1283.565447][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1283.659993][T24271] could not open pipe file descriptor
[ 1284.611517][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1284.638728][T23899] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1285.651516][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1285.901590][T15111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1286.050042][T21393] kernel write not supported for file /sequencer (pid: 21393 comm: kworker/2:5)
[ 1286.079885][T24299] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4335'.
[ 1286.691949][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1286.794966][T24307] syzkaller0: entered promiscuous mode
[ 1286.821331][T24307] syzkaller0: entered allmulticast mode
[ 1287.035490][T24318] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4338'.
[ 1287.266873][T24318] bond1: Unable to set down delay as MII monitoring is disabled
[ 1287.347001][T24318] bond1 (unregistering): Released all slaves
[ 1287.402679][T15111] kernel read not supported for file /2157/net/snmp6 (pid: 15111 comm: kworker/2:2)
[ 1287.464887][T24326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1287.543559][T24320] team_slave_0: entered promiscuous mode
[ 1287.548024][T24320] team_slave_1: entered promiscuous mode
[ 1287.564979][T24320] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1287.590611][   T40] audit: type=1326 audit(1777000831.777:5458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24329 comm="syz.6.4341" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f86fcc code=0x0
[ 1287.732821][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1287.787763][T24320] 8021q: adding VLAN 0 to HW filter on device macvlan3
[ 1288.491753][T15276] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[ 1288.641253][T15276] usb 10-1: Using ep0 maxpacket: 16
[ 1288.644312][T15276] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1288.647837][T15276] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1288.653149][T15276] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1288.657359][T15276] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1288.664077][T15276] usb 10-1: config 0 descriptor??
[ 1288.771948][   T54] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1289.791143][T24357] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4350'.
[ 1289.824685][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1289.889187][T24357] bond5: Unable to set down delay as MII monitoring is disabled
[ 1290.005655][T24357] bond5 (unregistering): Released all slaves
[ 1290.241134][   T40] audit: type=1326 audit(1777000834.427:5459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.250221][   T40] audit: type=1326 audit(1777000834.427:5460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.261263][   T40] audit: type=1326 audit(1777000834.437:5461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.273795][   T40] audit: type=1326 audit(1777000834.437:5462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.283627][   T40] audit: type=1326 audit(1777000834.437:5463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.294010][   T40] audit: type=1326 audit(1777000834.437:5464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=49 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.303337][   T40] audit: type=1326 audit(1777000834.437:5465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.312703][   T40] audit: type=1326 audit(1777000834.437:5466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.322383][   T40] audit: type=1326 audit(1777000834.437:5467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24365 comm="syz.1.4353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707efcc code=0x7ffc0000
[ 1290.851773][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1291.517660][T15276] usbhid 10-1:0.0: can't add hid device: -71
[ 1291.521286][T15276] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1291.525309][T15276] usb 10-1: USB disconnect, device number 30
[ 1291.948228][T24380] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1291.968330][T24379] ceph: No mds server is up or the cluster is laggy
[ 1292.017536][T19296] libceph: connect (1)[c::]:6789 error -22
[ 1292.022022][T19296] libceph: mon0 (1)[c::]:6789 connect error
[ 1292.148481][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1293.181595][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1293.412000][T24391] overlayfs: missing 'lowerdir'
[ 1294.292554][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1295.249682][T24406] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4361'.
[ 1295.334419][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1295.491459][T15111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1295.544306][T24407] bond3: Unable to set down delay as MII monitoring is disabled
[ 1295.561338][T24407] bond3 (unregistering): Released all slaves
[ 1296.381593][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1297.411525][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1297.644428][T24448] overlayfs: missing 'lowerdir'
[ 1297.777244][T24450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4373'.
[ 1298.363766][T24451] bond5: Unable to set down delay as MII monitoring is disabled
[ 1298.392585][T24451] bond5 (unregistering): Released all slaves
[ 1298.453820][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1299.263916][T24467] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4377'.
[ 1299.925949][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1299.985556][T24460] overlayfs: missing 'lowerdir'
[ 1300.050885][T24460] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1300.053851][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1300.941906][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1301.216804][T24486] ceph: No mds server is up or the cluster is laggy
[ 1301.237495][T19296] libceph: connect (1)[c::]:6789 error -22
[ 1301.251296][T19296] libceph: mon0 (1)[c::]:6789 connect error
[ 1301.545016][T19296] libceph: connect (1)[c::]:6789 error -22
[ 1301.586241][T19296] libceph: mon0 (1)[c::]:6789 connect error
[ 1301.863233][T24492] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4382'.
[ 1301.971518][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1301.995786][T24495] bond3: Unable to set down delay as MII monitoring is disabled
[ 1302.003668][T24495] bond3 (unregistering): Released all slaves
[ 1303.076829][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1304.074271][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1304.088448][T24521] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4390'.
[ 1304.090529][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1304.103210][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1304.107550][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1304.111706][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1304.416581][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1304.987292][T24528] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4392'.
[ 1305.152439][T21393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1305.299739][T24529] bond3: Unable to set down delay as MII monitoring is disabled
[ 1305.307140][T24529] bond3 (unregistering): Released all slaves
[ 1305.382351][T23899] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1305.389327][T23899] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1305.506299][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1305.520831][T24543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4394'.
[ 1305.580857][T24545] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1305.584667][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1305.816078][T24537] bridge0: left promiscuous mode
[ 1305.835030][T24540] bridge2: entered promiscuous mode
[ 1305.837513][T24540] bridge2: entered allmulticast mode
[ 1305.842403][T24540] team0: Port device bridge2 added
[ 1305.844996][T24543] dummy0: left allmulticast mode
[ 1305.847279][T24543] bridge0: port 3(dummy0) entered disabled state
[ 1305.852971][T24543] bridge_slave_1: left allmulticast mode
[ 1305.855723][T24543] bridge_slave_1: left promiscuous mode
[ 1305.858452][T24543] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1305.864222][T24543] bridge_slave_0: left allmulticast mode
[ 1305.867394][T24543] bridge_slave_0: left promiscuous mode
[ 1305.870285][T24543] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1305.948634][T18418] syz0: Port: 1 Link DOWN
[ 1305.948703][   T71] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1305.953953][   T71] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[ 1305.957241][   T71] netdevsim netdevsim1 netdevsim0: unset [1, 2] type 2 family 0 port 20004 - 0
[ 1305.960465][   T71] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1305.965205][   T71] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[ 1305.968247][   T71] netdevsim netdevsim1 netdevsim1: unset [1, 2] type 2 family 0 port 20004 - 0
[ 1305.977886][T24522] chnl_net:caif_netlink_parms(): no params data found
[ 1306.036030][T23899] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1306.044227][T23899] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1306.063390][   T71] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1306.068216][   T71] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[ 1306.072695][   T71] netdevsim netdevsim1 netdevsim2: unset [1, 2] type 2 family 0 port 20004 - 0
[ 1306.075678][   T71] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1306.078650][   T71] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[ 1306.082394][   T71] netdevsim netdevsim1 netdevsim3: unset [1, 2] type 2 family 0 port 20004 - 0
[ 1306.199674][T23899] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1306.205536][T23899] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1306.212732][ T5957] Bluetooth: hci0: command tx timeout
[ 1306.267900][T24522] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1306.270525][T24522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1306.273364][T24522] bridge_slave_0: entered allmulticast mode
[ 1306.276471][T24522] bridge_slave_0: entered promiscuous mode
[ 1306.282436][T24522] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1306.284925][T24522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1306.287395][T24522] bridge_slave_1: entered allmulticast mode
[ 1306.290573][T24522] bridge_slave_1: entered promiscuous mode
[ 1306.308331][T24562] overlayfs: missing 'lowerdir'
[ 1306.319032][T24522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1306.350084][T23899] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1306.353921][T23899] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1306.368372][T24522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1306.395779][T24522] team0: Port device team_slave_0 added
[ 1306.399918][T24522] team0: Port device team_slave_1 added
[ 1306.432845][T24522] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1306.438426][T24522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1306.447628][T24522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1306.457092][T24522] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1306.462662][T24522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1306.482145][T24522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1306.555528][  T739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1306.569124][T24550] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1306.574633][T22099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1306.576141][T24550] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1306.596239][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1306.702269][T24522] hsr_slave_0: entered promiscuous mode
[ 1306.732047][T24522] hsr_slave_1: entered promiscuous mode
[ 1306.734101][T24550] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1306.738296][T24522] debugfs: 'hsr0' already exists in 'hsr'
[ 1306.738604][T24550] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1306.742611][T24550] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1306.747809][T24522] Cannot create hsr debugfs directory
[ 1306.800055][T24550] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1306.817269][T24550] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1306.863754][T24550] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1307.000909][T23899] bridge_slave_1: left allmulticast mode
[ 1307.005263][T23899] bridge_slave_1: left promiscuous mode
[ 1307.009543][T23899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1307.063235][T23899] bridge_slave_0: left allmulticast mode
[ 1307.066081][T23899] bridge_slave_0: left promiscuous mode
[ 1307.068024][T23899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.099762][T23899] bond_slave_0: left promiscuous mode
[ 1307.107081][T23899] bond_slave_1: left promiscuous mode
[ 1307.112769][T24568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4402'.
[ 1307.652218][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1307.749229][T23899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1307.757395][T23899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1307.764542][T23899] bond0 (unregistering): Released all slaves
[ 1307.816859][T24569] bond1: Unable to set down delay as MII monitoring is disabled
[ 1307.874408][T24569] bond1 (unregistering): Released all slaves
[ 1307.971833][T23899] tipc: Disabling bearer <eth:vlan0>
[ 1307.978710][T23899] tipc: Left network mode
[ 1308.051427][ T5950] Bluetooth: hci3: command 0x0406 tx timeout
[ 1308.424770][T24522] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1308.432489][T24522] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1308.436576][T24522] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1308.453720][T24522] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1308.458146][T24522] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1308.486671][T24522] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1308.495698][T24522] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1308.515495][T24522] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1308.770160][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1308.774070][ T5950] Bluetooth: hci2: command 0x0406 tx timeout
[ 1308.776782][ T5950] Bluetooth: hci4: command 0x0406 tx timeout
[ 1308.810181][ T5653] 8021q: adding VLAN 0 to HW filter on device eth14
[ 1308.827098][T23899] hsr_slave_0: left promiscuous mode
[ 1308.838410][T23899] hsr_slave_1: left promiscuous mode
[ 1308.842036][T23899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1308.849658][T23899] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1308.851392][T17174] Bluetooth: hci0: command 0x040f tx timeout
[ 1308.859474][T23899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1308.873504][T23899] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1308.897857][T24602] FAULT_INJECTION: forcing a failure.
[ 1308.897857][T24602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1308.902771][T24602] CPU: 1 UID: 0 PID: 24602 Comm: syz.3.4407 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1308.902792][T24602] Tainted: [L]=SOFTLOCKUP
[ 1308.902796][T24602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1308.902803][T24602] Call Trace:
[ 1308.902807][T24602]  <TASK>
[ 1308.902812][T24602]  dump_stack_lvl+0x100/0x190
[ 1308.902839][T24602]  should_fail_ex.cold+0x5/0xa
[ 1308.902855][T24602]  _copy_to_user+0x32/0xd0
[ 1308.902873][T24602]  simple_read_from_buffer+0xcb/0x170
[ 1308.902892][T24602]  proc_fail_nth_read+0x1af/0x230
[ 1308.902909][T24602]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1308.902924][T24602]  ? rw_verify_area+0xce/0x6d0
[ 1308.902940][T24602]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1308.902955][T24602]  vfs_read+0x1e4/0xb30
[ 1308.902974][T24602]  ? __pfx_vfs_read+0x10/0x10
[ 1308.902989][T24602]  ? find_held_lock+0x2b/0x80
[ 1308.903004][T24602]  ? __fget_files+0x215/0x3d0
[ 1308.903025][T24602]  ? __fget_files+0x21f/0x3d0
[ 1308.903046][T24602]  ksys_read+0x12a/0x250
[ 1308.903062][T24602]  ? __pfx_ksys_read+0x10/0x10
[ 1308.903079][T24602]  ? rcu_is_watching+0x12/0xc0
[ 1308.903093][T24602]  ? rcu_is_watching+0x12/0xc0
[ 1308.903107][T24602]  do_int80_emulation+0x141/0x700
[ 1308.903125][T24602]  asm_int80_emulation+0x1a/0x20
[ 1308.903161][T24602] RIP: 0023:0xf7195cab
[ 1308.903171][T24602] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1308.903183][T24602] RSP: 002b:00000000f540b4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1308.903194][T24602] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f540b5d0
[ 1308.903201][T24602] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1308.903208][T24602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1308.903214][T24602] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1308.903221][T24602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1308.903236][T24602]  </TASK>
[ 1308.909820][T23899] veth1_macvtap: left promiscuous mode
[ 1309.005468][T23899] veth0_macvtap: left promiscuous mode
[ 1309.008965][T23899] veth1_vlan: left promiscuous mode
[ 1309.011481][T23899] veth0_vlan: left promiscuous mode
[ 1309.285987][T23899] team0 (unregistering): Port device team_slave_1 removed
[ 1309.297066][T23899] team0 (unregistering): Port device team_slave_0 removed
[ 1309.447977][T24522] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1309.468551][T24522] 8021q: adding VLAN 0 to HW filter on device team0
[ 1309.477745][  T739] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1309.480899][  T739] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1309.491821][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1309.494159][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1309.709261][T24522] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1309.729787][ T5653] 8021q: adding VLAN 0 to HW filter on device eth15
[ 1309.813395][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1309.901372][T24609] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1310.141421][ T5957] Bluetooth: hci3: command 0x0406 tx timeout
[ 1310.284195][T24522] veth0_vlan: entered promiscuous mode
[ 1310.286925][T24645] FAULT_INJECTION: forcing a failure.
[ 1310.286925][T24645] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1310.294332][T24645] CPU: 1 UID: 0 PID: 24645 Comm: syz.5.4416 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1310.294353][T24645] Tainted: [L]=SOFTLOCKUP
[ 1310.294357][T24645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1310.294364][T24645] Call Trace:
[ 1310.294369][T24645]  <TASK>
[ 1310.294374][T24645]  dump_stack_lvl+0x100/0x190
[ 1310.294400][T24645]  should_fail_ex.cold+0x5/0xa
[ 1310.294416][T24645]  _copy_from_user+0x2e/0xd0
[ 1310.294431][T24645]  get_compat_msghdr+0xb3/0x4b0
[ 1310.294451][T24645]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1310.294473][T24645]  ___sys_sendmsg+0x1b6/0x1e0
[ 1310.294489][T24645]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1310.294508][T24645]  ? find_held_lock+0x2b/0x80
[ 1310.294532][T24645]  __sys_sendmsg+0x170/0x220
[ 1310.294548][T24645]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1310.294564][T24645]  ? __fget_files+0x21f/0x3d0
[ 1310.294588][T24645]  ? ksys_write+0x1ac/0x250
[ 1310.294607][T24645]  ? rcu_is_watching+0x12/0xc0
[ 1310.294622][T24645]  __do_fast_syscall_32+0xe7/0x950
[ 1310.294638][T24645]  ? lockdep_hardirqs_on+0x78/0x100
[ 1310.294653][T24645]  do_fast_syscall_32+0x32/0x70
[ 1310.294668][T24645]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1310.294684][T24645] RIP: 0023:0xf7f16fcc
[ 1310.294694][T24645] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1310.294705][T24645] RSP: 002b:00000000f53d650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1310.294718][T24645] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[ 1310.294725][T24645] RDX: 0000000020004004 RSI: 0000000000000000 RDI: 0000000000000000
[ 1310.294731][T24645] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1310.294738][T24645] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1310.294745][T24645] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1310.294758][T24645]  </TASK>
[ 1310.397954][T24522] veth1_vlan: entered promiscuous mode
[ 1310.497980][T24649] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1310.503593][T24649] overlayfs: failed to set xattr on upper
[ 1310.505755][T24649] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1310.508707][T24649] overlayfs: ...falling back to index=off.
[ 1310.511047][T24649] overlayfs: ...falling back to uuid=null.
[ 1310.526474][T24649] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[ 1310.614328][T24522] veth0_macvtap: entered promiscuous mode
[ 1310.655727][T24522] veth1_macvtap: entered promiscuous mode
[ 1310.677731][ T5653] 8021q: adding VLAN 0 to HW filter on device eth17
[ 1310.767047][T24522] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1310.787487][T24522] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1310.810621][  T739] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1310.817994][  T739] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1310.851378][ T5957] Bluetooth: hci2: command 0x0406 tx timeout
[ 1310.851595][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1310.901329][  T739] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1310.905623][  T739] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1310.944128][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[ 1311.046777][ T5653] 8021q: adding VLAN 0 to HW filter on device eth16
[ 1311.402647][T23899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1311.460297][T23899] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1311.665096][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1312.440080][T19296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1312.448218][T21834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1312.785717][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1312.789263][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.078537][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[ 1313.387268][T24693] FAT-fs (sr0): bogus number of reserved sectors
[ 1313.391822][T24693] FAT-fs (sr0): Can't find a valid FAT filesystem
[ 1313.557393][ T7591] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1313.565325][T24693] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1314.621686][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1314.692212][  T739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1314.697708][  T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1314.707264][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1315.009738][T17174] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1315.101701][T17174] Bluetooth: hci0: command 0x040f tx timeout
[ 1315.120123][T17174] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1315.130536][T17174] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1315.140591][T17174] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1315.144725][T17174] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1315.490443][T23899] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1315.508677][T23899] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1315.515724][T23899] netdevsim netdevsim5 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1315.661673][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1315.815619][T23899] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1315.822260][T23899] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1315.825784][T23899] netdevsim netdevsim5 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1315.885449][T23899] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1315.899692][T23899] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1315.903775][T23899] netdevsim netdevsim5 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1315.985916][  T739] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1316.006518][T23899] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1316.019758][T23899] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 1316.026465][T23899] netdevsim netdevsim5 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[ 1316.279259][   T13] netdevsim netdevsim7 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1316.289699][   T13] netdevsim netdevsim7 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1316.306620][   T13] netdevsim netdevsim7 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1316.315121][T12728] netdevsim netdevsim7 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1316.692104][T15276] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1317.099008][T24714] chnl_net:caif_netlink_parms(): no params data found
[ 1317.171437][T17174] Bluetooth: hci0: command 0x040f tx timeout
[ 1317.258999][T17174] Bluetooth: hci1: command tx timeout
[ 1317.440622][T23899] bridge_slave_1: left allmulticast mode
[ 1317.442966][T23899] bridge_slave_1: left promiscuous mode
[ 1317.446076][T23899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1317.453003][T23899] bridge_slave_0: left allmulticast mode
[ 1317.457466][T23899] bridge_slave_0: left promiscuous mode
[ 1317.461447][T23899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1317.990054][T23899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1318.002561][T23899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1318.012277][T23899] bond0 (unregistering): Released all slaves
[ 1318.028835][T23899] bond1 (unregistering): Released all slaves
[ 1318.072064][T23899] bond2 (unregistering): Released all slaves
[ 1318.280930][T24714] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1318.283620][T24714] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1318.286316][T24714] bridge_slave_0: entered allmulticast mode
[ 1318.289867][T24714] bridge_slave_0: entered promiscuous mode
[ 1318.297665][T24714] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1318.300902][T24714] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1318.305914][T24714] bridge_slave_1: entered allmulticast mode
[ 1318.315036][T24714] bridge_slave_1: entered promiscuous mode
[ 1318.376441][T24714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1318.406368][T24714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1318.541507][T24714] team0: Port device team_slave_0 added
[ 1318.914583][T24714] team0: Port device team_slave_1 added
[ 1319.158684][T24714] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1319.166272][T24714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1319.222092][T24714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1319.252972][T17174] Bluetooth: hci0: command 0x040f tx timeout
[ 1319.309877][T24714] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1319.331323][T17174] Bluetooth: hci1: command tx timeout
[ 1319.335310][T24714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1319.370509][T24714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1319.634781][T24714] hsr_slave_0: entered promiscuous mode
[ 1319.652178][T24714] hsr_slave_1: entered promiscuous mode
[ 1319.664958][T24714] debugfs: 'hsr0' already exists in 'hsr'
[ 1319.667446][T24714] Cannot create hsr debugfs directory
[ 1319.887165][T24767] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4441'.
[ 1320.069393][T24767] bond1: Unable to set down delay as MII monitoring is disabled
[ 1320.077031][T24767] bond1 (unregistering): Released all slaves
[ 1320.111580][ T5653] 8021q: adding VLAN 0 to HW filter on device eth18
[ 1320.432565][T23899] hsr_slave_0: left promiscuous mode
[ 1320.437806][T23899] hsr_slave_1: left promiscuous mode
[ 1320.440259][T23899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1320.443473][T23899] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1320.449338][T23899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1320.458663][T23899] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1320.482183][T23899] team_slave_0: left promiscuous mode
[ 1320.486047][T23899] team_slave_1: left promiscuous mode
[ 1320.488057][T23899] veth1_vlan: left promiscuous mode
[ 1320.490039][T23899] veth0_vlan: left promiscuous mode
[ 1320.637068][   T13] smc: removing ib device syz2
[ 1320.698548][T24786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4443'.
[ 1320.703202][T24786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4443'.
[ 1321.314210][T23899] team0 (unregistering): Port device team_slave_1 removed
[ 1321.348987][T23899] team0 (unregistering): Port device team_slave_0 removed
[ 1321.411360][T17174] Bluetooth: hci1: command tx timeout
[ 1321.470413][ T5653] 8021q: adding VLAN 0 to HW filter on device eth19
[ 1321.524834][T21393] ==================================================================
[ 1321.528312][T21393] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.531811][T21393] Read of size 8 at addr ffff88804b8fa2f0 by task kworker/2:5/21393
[ 1321.535844][T21393] 
[ 1321.538229][T21393] CPU: 2 UID: 0 PID: 21393 Comm: kworker/2:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1321.538260][T21393] Tainted: [L]=SOFTLOCKUP
[ 1321.538268][T21393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1321.538375][T21393] Workqueue: events smc_ib_port_event_work
[ 1321.538561][T21393] Call Trace:
[ 1321.538569][T21393]  <TASK>
[ 1321.538577][T21393]  dump_stack_lvl+0x100/0x190
[ 1321.538609][T21393]  print_report+0x13d/0x4b0
[ 1321.538633][T21393]  ? __virt_addr_valid+0x239/0x430
[ 1321.538660][T21393]  ? __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.538682][T21393]  kasan_report+0xdf/0x1d0
[ 1321.538703][T21393]  ? __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.538727][T21393]  __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.538749][T21393]  __ethtool_get_link_ksettings+0x144/0x1c0
[ 1321.538770][T21393]  ib_get_eth_speed+0x13a/0xb40
[ 1321.538879][T21393]  ? __pfx_ib_get_eth_speed+0x10/0x10
[ 1321.538904][T21393]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1321.538924][T21393]  rxe_query_port+0x12a/0x330
[ 1321.538995][T21393]  ib_query_port+0x445/0x8b0
[ 1321.539121][T21393]  smc_ib_port_event_work+0x14c/0xbd0
[ 1321.539142][T21393]  ? smc_ib_port_event_work+0x54/0xbd0
[ 1321.539166][T21393]  process_one_work+0xa0e/0x1980
[ 1321.539196][T21393]  ? __pfx_process_one_work+0x10/0x10
[ 1321.539224][T21393]  ? __pfx_smc_ib_port_event_work+0x10/0x10
[ 1321.539259][T21393]  worker_thread+0x5ef/0xe50
[ 1321.539286][T21393]  ? __pfx_worker_thread+0x10/0x10
[ 1321.539310][T21393]  ? kthread+0x13a/0x450
[ 1321.539332][T21393]  ? __pfx_worker_thread+0x10/0x10
[ 1321.539355][T21393]  kthread+0x370/0x450
[ 1321.539376][T21393]  ? __pfx_kthread+0x10/0x10
[ 1321.539399][T21393]  ret_from_fork+0x72b/0xd50
[ 1321.539426][T21393]  ? __pfx_ret_from_fork+0x10/0x10
[ 1321.539444][T21393]  ? __switch_to+0x800/0x1100
[ 1321.539466][T21393]  ? __pfx_kthread+0x10/0x10
[ 1321.539489][T21393]  ret_from_fork_asm+0x1a/0x30
[ 1321.539515][T21393]  </TASK>
[ 1321.539522][T21393] 
[ 1321.616614][T21393] Allocated by task 14022:
[ 1321.618239][T21393]  kasan_save_stack+0x30/0x50
[ 1321.620243][T21393]  kasan_save_track+0x14/0x30
[ 1321.622267][T21393]  __kasan_kmalloc+0xaa/0xb0
[ 1321.624259][T21393]  __kvmalloc_node_noprof+0x360/0xa00
[ 1321.626502][T21393]  alloc_netdev_mqs+0xd7/0x14f0
[ 1321.628640][T21393]  rtnl_create_link+0xc13/0xf80
[ 1321.630712][T21393]  rtnl_newlink+0x13bd/0x2380
[ 1321.632741][T21393]  rtnetlink_rcv_msg+0x95e/0xe90
[ 1321.634748][T21393]  netlink_rcv_skb+0x159/0x420
[ 1321.636399][T21393]  netlink_unicast+0x585/0x850
[ 1321.638314][T21393]  netlink_sendmsg+0x8b0/0xda0
[ 1321.640348][T21393]  __sys_sendto+0x468/0x4b0
[ 1321.642286][T21393]  __ia32_compat_sys_socketcall+0x59a/0x770
[ 1321.644819][T21393]  do_int80_emulation+0x141/0x700
[ 1321.647144][T21393]  asm_int80_emulation+0x1a/0x20
[ 1321.649130][T21393] 
[ 1321.650004][T21393] Freed by task 23899:
[ 1321.651799][T21393]  kasan_save_stack+0x30/0x50
[ 1321.654130][T21393]  kasan_save_track+0x14/0x30
[ 1321.656386][T21393]  kasan_save_free_info+0x3b/0x70
[ 1321.658518][T21393]  __kasan_slab_free+0x5f/0x80
[ 1321.660139][T21393]  kfree+0x223/0x6c0
[ 1321.661794][T21393]  device_release+0xd2/0x270
[ 1321.664017][T21393]  kobject_put+0x1f7/0x640
[ 1321.666055][T21393]  netdev_run_todo+0x817/0x12c0
[ 1321.668173][T21393]  default_device_exit_batch+0x94b/0xc60
[ 1321.670848][T21393]  ops_undo_list+0x363/0xab0
[ 1321.673036][T21393]  cleanup_net+0x499/0x920
[ 1321.674898][T21393]  process_one_work+0xa0e/0x1980
[ 1321.676664][T21393]  worker_thread+0x5ef/0xe50
[ 1321.678288][T21393]  kthread+0x370/0x450
[ 1321.680037][T21393]  ret_from_fork+0x72b/0xd50
[ 1321.681991][T21393]  ret_from_fork_asm+0x1a/0x30
[ 1321.683831][T21393] 
[ 1321.684667][T21393] The buggy address belongs to the object at ffff88804b8fa000
[ 1321.684667][T21393]  which belongs to the cache kmalloc-cg-4k of size 4096
[ 1321.690849][T21393] The buggy address is located 752 bytes inside of
[ 1321.690849][T21393]  freed 4096-byte region [ffff88804b8fa000, ffff88804b8fb000)
[ 1321.696106][T21393] 
[ 1321.697121][T21393] The buggy address belongs to the physical page:
[ 1321.699535][T21393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b8f8
[ 1321.702733][T21393] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1321.706684][T21393] memcg:ffff888050f16881
[ 1321.708592][T21393] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 1321.712019][T21393] page_type: f5(slab)
[ 1321.713740][T21393] raw: 04fff00000000040 ffff88801b880280 dead000000000100 dead000000000122
[ 1321.717038][T21393] raw: 0000000000000000 0000000800040004 00000000f5000000 ffff888050f16881
[ 1321.720333][T21393] head: 04fff00000000040 ffff88801b880280 dead000000000100 dead000000000122
[ 1321.723598][T21393] head: 0000000000000000 0000000800040004 00000000f5000000 ffff888050f16881
[ 1321.726872][T21393] head: 04fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[ 1321.730416][T21393] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1321.734289][T21393] page dumped because: kasan: bad access detected
[ 1321.737172][T21393] page_owner tracks the page as allocated
[ 1321.738994][T21393] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24066833110, free_ts 0
[ 1321.747106][T21393]  post_alloc_hook+0x153/0x170
[ 1321.749172][T21393]  get_page_from_freelist+0x11a6/0x33b0
[ 1321.751511][T21393]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[ 1321.754122][T21393]  new_slab+0xa6/0x6c0
[ 1321.756401][T21393]  refill_objects+0x277/0x420
[ 1321.758595][T21393]  __pcs_replace_empty_main+0x375/0x650
[ 1321.760863][T21393]  __kvmalloc_node_noprof+0x7da/0xa00
[ 1321.762633][T21393]  alloc_netdev_mqs+0xd7/0x14f0
[ 1321.764556][T21393]  __ip_tunnel_create+0x398/0x670
[ 1321.766636][T21393]  ip_tunnel_init_net+0x230/0x780
[ 1321.768646][T21393]  ops_init+0x1e2/0x5f0
[ 1321.770076][T21393]  register_pernet_operations+0x3cb/0x740
[ 1321.772523][T21393]  register_pernet_device+0x29/0x80
[ 1321.775006][T21393]  ipgre_init+0x22/0x1a0
[ 1321.777420][T21393]  do_one_initcall+0x121/0x750
[ 1321.778971][T21393]  kernel_init_freeable+0x6ea/0x7b0
[ 1321.781297][T21393] page_owner free stack trace missing
[ 1321.783535][T21393] 
[ 1321.784723][T21393] Memory state around the buggy address:
[ 1321.787262][T21393]  ffff88804b8fa180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1321.790771][T21393]  ffff88804b8fa200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1321.794177][T21393] >ffff88804b8fa280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1321.796680][T21393]                                                              ^
[ 1321.799173][T21393]  ffff88804b8fa300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1321.801896][T21393]  ffff88804b8fa380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1321.805140][T21393] ==================================================================
[ 1321.842688][T21393] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1321.845405][T21393] CPU: 2 UID: 0 PID: 21393 Comm: kworker/2:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1321.849783][T21393] Tainted: [L]=SOFTLOCKUP
[ 1321.852059][T21393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1321.856151][T21393] Workqueue: events smc_ib_port_event_work
[ 1321.858448][T21393] Call Trace:
[ 1321.859856][T21393]  <TASK>
[ 1321.861044][T21393]  dump_stack_lvl+0x100/0x190
[ 1321.862504][T21393]  vpanic+0x552/0x970
[ 1321.863832][T21393]  ? __pfx_vpanic+0x10/0x10
[ 1321.865655][T21393]  ? __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.868076][T21393]  panic+0xd1/0xe0
[ 1321.869615][T21393]  ? __pfx_panic+0x10/0x10
[ 1321.871297][T21393]  ? __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.873824][T21393]  ? preempt_schedule_common+0x42/0xc0
[ 1321.876199][T21393]  ? check_panic_on_warn+0x1f/0x90
[ 1321.878266][T21393]  check_panic_on_warn.cold+0x19/0x34
[ 1321.880022][T21393]  end_report.part.0+0x3a/0x90
[ 1321.881697][T21393]  kasan_report.cold+0xe/0x18
[ 1321.883585][T21393]  ? __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.886002][T21393]  __ethtool_get_link_ksettings+0x190/0x1c0
[ 1321.888080][T21393]  __ethtool_get_link_ksettings+0x144/0x1c0
[ 1321.890506][T21393]  ib_get_eth_speed+0x13a/0xb40
[ 1321.892956][T21393]  ? __pfx_ib_get_eth_speed+0x10/0x10
[ 1321.894900][T21393]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1321.896537][T21393]  rxe_query_port+0x12a/0x330
[ 1321.898489][T21393]  ib_query_port+0x445/0x8b0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1321.900194][T21393]  smc_ib_port_event_work+0x14c/0xbd0
[ 1321.902261][T21393]  ? smc_ib_port_event_work+0x54/0xbd0
[ 1321.904457][T21393]  process_one_work+0xa0e/0x1980
[ 1321.906484][T21393]  ? __pfx_process_one_work+0x10/0x10
[ 1321.908367][T21393]  ? __pfx_smc_ib_port_event_work+0x10/0x10
[ 1321.911546][T21393]  worker_thread+0x5ef/0xe50
[ 1321.914028][T21393]  ? __pfx_worker_thread+0x10/0x10
[ 1321.916189][T21393]  ? kthread+0x13a/0x450
[ 1321.917669][T21393]  ? __pfx_worker_thread+0x10/0x10
[ 1321.919782][T21393]  kthread+0x370/0x450
[ 1321.921492][T21393]  ? __pfx_kthread+0x10/0x10
[ 1321.923289][T21393]  ret_from_fork+0x72b/0xd50
[ 1321.924762][T21393]  ? __pfx_ret_from_fork+0x10/0x10
[ 1321.926660][T21393]  ? __switch_to+0x800/0x1100
[ 1321.928577][T21393]  ? __pfx_kthread+0x10/0x10
[ 1321.930518][T21393]  ret_from_fork_asm+0x1a/0x30
[ 1321.932708][T21393]  </TASK>
[ 1321.934872][T21393] Kernel Offset: disabled
[ 1321.936845][T21393] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:42:56  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000075 RCX=ffffffff828ade9f RDX=0000000000000075
RSI=000000000000002f RDI=ffff888025644a00 RBP=dffffc0000000000 RSP=ffffc9000376f9e0
R8 =0000000000000001 R9 =000000000000002f R10=0000000000000075 R11=0000000000000000
R12=ffffc9000376fc10 R13=0000000099fcda9c R14=ffff888058cc091d R15=ffffc9000376fc00
RIP=ffffffff828ade9f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8fcfbe8880 ffffffff 00c00000
GS =0000 ffff8880970fb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557390e5a000 CR3=000000007376c000 CR4=00352ef0
DR0=000000006000003f DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fec0ffc0 Opmask01=0000000000000000 Opmask02=00000000013e0037 Opmask03=0000000000000000
Opmask04=00000000fbffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc88889770 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e8871da1b0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e8871c0600
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fcf5f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffff00ff
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ff000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffff00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737352 7373734204120117
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1b5c7373407343 1e161e035c18101c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003d4d4554535953 425553003d485441 505645440073253a 73252b0069256e00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00184d4554535953 4255530018485441 505645440056001f 56000e004c004b00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e617020343d7372 6f6e696d5f796361 67656c5f6d756e5f 6964656d6f632e69
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64656d6f63203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000003caf721 RBX=ffff88801c322500 RCX=ffffffff8b941045 RDX=0000000000000000
RSI=ffffffff8df4bca9 RDI=ffffffff8c1bf100 RBP=0000000000000000 RSP=ffffc9000046fdf0
R8 =0000000000000001 R9 =ffffed10056667ad R10=ffff88802b333d6b R11=0000000000000000
R12=0000000000000001 R13=ffffed10038644a0 R14=0000000000000001 R15=ffffffff90dbea10
RIP=ffffffff8b93f87f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880971fb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fffc9d039d0 CR3=0000000054f1c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8579f065 RDI=ffffffff9b4de460 RBP=ffffffff9b4de420 RSP=ffffc9000317f3b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6234303838386652
R12=0000000000000000 R13=0000000000000033 R14=0000000000000010 R15=ffffffff8579f000
RIP=ffffffff8579f08f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880972fb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055e8871da970 CR3=00000000583d6000 CR4=00352ef0
DR0=000000006000003f DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000015422003 Opmask01=0000000000000001 Opmask02=00000000bfffbfff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000400010015
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100010015 0000000000000048
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000400000050 0000000000000006
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000600010015
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000080000010015 0000000200000048
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000600000048 0000000000000006
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000200010015 0000000100020015
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e3435322e393631 203731687465205d 505241204650425b 203a646370636864
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 31392e3035322e34 35322e3936312037 31687465205d5052 41204650425b203a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 444d560056005600 5600054650420050 5241004b40554a5f 435547051f560000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000e0024
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80410004803e0004 0000000031796870 0038000900000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000e0024 0000000100000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000003e8 0000271000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 200a64625f000a5f 632036205f655f6d 2020372020360a63 616420200a200062
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000003219e962b89 RBX=ffff88802b523f80 RCX=00000000000006e0 RDX=0000000000000321
RSI=ffffffff81f80b05 RDI=ffff88807583a500 RBP=00000133ba445400 RSP=ffffc90003fff0f8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=1ffff920007ffe29 R13=0000000000000001 R14=0000000000000001 R15=ffff88802b523fc0
RIP=ffffffff81f80b18 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880973fb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000f000 CR3=000000004c2a3000 CR4=00352ef0
DR0=000000006000003f DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000104080 Opmask01=0000000008000000 Opmask02=000000000fffffff Opmask03=0000000020400004
Opmask04=00000000fbffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e8871cee40
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e8871e31b0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffff00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737352 7373734204120117
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1b5c7373407343 1e161e035c18101c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 347974746d73672f 7974742f6c617574 7269762f73656369 7665642f7379732f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000034797474 6d73672f7974742f 6c6175747269762f 736563697665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f6d697377685f31 3132303863616d2f 6c6175747269762f 736563697665642f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e8871e8ec0 00007f8fcf5f1fb0 0000000000000691 0000003177617264
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312c3937312c3136 312c3131312c3031 312c32452c34442c 30442c45412c3841
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c34412c42382c30 382c33372c32372c 31376b2c34312c32 2c312c30652d3033
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4442654344464670 3243353176333030 30623a7475706e69 3d5341494c41444f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000