last executing test programs:

4m34.362428019s ago: executing program 0 (id=331):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000005c0)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)={0x80, 0x0, 0x2, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x7}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xffffffff}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x4f1}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x224}]}, @NL80211_ATTR_CQM={0x38, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x8}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x8}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x3d3}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x4}, @NL80211_ATTR_CQM_RSSI_THOLD={0x14, 0x1, [0xf, 0x200, 0xffffdfff, 0x9]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4048080}, 0x24004151)
recvmsg(r1, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, 0x0, 0x8dff}, 0x40000000)

4m34.282113169s ago: executing program 0 (id=333):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001a80)=@raw={'raw\x00', 0x8, 0x3, 0xc94, 0x340, 0x25, 0x148, 0x0, 0x60, 0xc00, 0x2a8, 0x2a8, 0xc00, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x1, 0x9, 0x0, 0x0, 0xffffffff, 0x7, 0x0, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0xffffffff, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0x878, 0x8c0, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@u32={{0x7e0}, {[{[{0x6, 0x2}, {0x3b, 0x1}, {0x9, 0x3}, {0x101, 0x2}, {0x9}, {0x2b, 0x1}, {0xc, 0x2}, {0x7, 0x1}, {0x7f, 0x1}, {0x8, 0x1}, {0x8, 0xf6f76831ce7026c7}], [{0x5709, 0xbf8}, {0xfffffff8, 0x4431}, {0x4, 0x2ab0}, {0x5, 0x9}, {0xfffffffd, 0xffffffff}, {0xa972, 0x5b}, {0x1, 0x1}, {0x0, 0x6}, {0x8, 0x5}, {0x2, 0x3}, {0x5, 0x2}], 0x4, 0x9}, {[{0xf, 0x3}, {0xffffffb1, 0x3}, {0x2, 0x1}, {0x3}, {0x2}, {0x4d4a8b87, 0x2}, {0xfff, 0x3}, {0xfffffffa}, {0x1, 0x1}, {0x5}, {0x9, 0x3}], [{0x101, 0x5}, {0x6, 0x5}, {0x6}, {0x3, 0xfff}, {0x3, 0x4db}, {0x2, 0x1}, {0x7, 0x2}, {0x5, 0xfffffffa}, {0xfffffffe, 0x8}, {0x3, 0xfffffffd}, {0xd3000000, 0x9}], 0x3, 0x9}, {[{0xd, 0x1}, {0x5a9, 0x1}, {0x3, 0x3}, {0x5}, {0x9, 0x3}, {0x8328, 0x3}, {0x10001, 0x3}, {0x1, 0x3}, {0x8, 0x1}, {0x7, 0x1}, {0x10001, 0x3}], [{0x2, 0x7}, {0x3, 0x1}, {0x0, 0x7}, {0x400, 0x8001}, {0x200, 0x3}, {0x8d, 0x7}, {0x7, 0x5}, {0x7, 0x9}, {0x7, 0x169}, {0x9, 0x1000}, {0x3, 0xffffffff}], 0x4, 0x3}, {[{0xad, 0x1}, {0x36}, {0x2, 0x2}, {0x7, 0x1}, {0x5}, {0x4}, {0x3}, {0x9}, {0x8, 0x2}, {0x0, 0x1}, {0x6, 0x3}], [{0x879, 0x1cf0}, {0x2, 0x3}, {0x9}, {0xfffffff7, 0x8}, {0x9, 0x5}, {0xfffffbd7, 0x5}, {0xfff, 0x8}, {0x0, 0x9}, {0x0, 0x1ca}, {0x6, 0xfff}, {0x9, 0x80000000}], 0x4, 0x9}, {[{}, {0x7ff, 0x2}, {0x200, 0x1}, {0x9}, {0x10000, 0x2}, {0x2a0d, 0x1}, {0x2, 0x2}, {0x8}, {0xd, 0x57df97361d76d896}, {0x1000000, 0x3}, {0x6, 0x2}], [{0xd1, 0x8}, {0x4, 0x2}, {0x2}, {0x0, 0x7609}, {0x3, 0x5}, {0x3, 0x1}, {0x3, 0x6}, {0x5, 0x6b34a5bc}, {0x6, 0x4}, {0x3, 0x80000001}, {0x9, 0x2}], 0x9, 0x3}, {[{0x9, 0x1}, {0x5}, {0x4}, {0x2}, {0xe1, 0x2}, {0x5, 0x1}, {0x7d2}, {0xfffffffe, 0x2}, {0x100}, {0x80, 0x2}, {0x6}], [{0x6, 0x5}, {0x2, 0x6}, {0x8, 0x31d}, {0x49, 0x3}, {0x6, 0x2}, {0x5, 0x3}, {0x7f, 0x1}, {0x3, 0x4}, {0x8000, 0x5}, {0x6, 0x7}, {0xe3, 0x5}], 0x6}, {[{0x3, 0x2}, {0x8}, {0x10001, 0x2}, {0x3, 0x1}, {0x1, 0x2}, {0x8001, 0x1}, {0x5, 0x3}, {0xe0}, {0x7, 0x2}, {0x0, 0x1}, {0x400, 0x2}], [{0x7f, 0x9}, {0x9, 0xa2f}, {0x0, 0x10}, {0x200, 0x6}, {0x8, 0x800}, {0x8, 0x6c7}, {0x7, 0x2}, {0x8, 0x9}, {0x6, 0x4}, {0x10, 0x800}, {0x3, 0x2800}], 0x9, 0x6}, {[{0xb45, 0x1}, {0x6, 0x1}, {0x1, 0x1}, {0x7ff, 0x2}, {0x28}, {0x1, 0x2}, {0xe8, 0x3}, {0x0, 0x3}, {0x2, 0x2}, {0x9, 0x1}, {0x7f, 0x2}], [{0xd9, 0x98}, {0x6, 0x8}, {0x1, 0x9}, {0xa, 0xb1d0}, {0x9, 0x7}, {0x1, 0xe3}, {0x6, 0x3}, {0xffffff80, 0x9}, {0xc, 0x4}, {0x401, 0xfdc}, {0x0, 0x8}], 0x7, 0x8}, {[{0x1, 0x2}, {0x9}, {0x1, 0x1}, {0x9, 0x1}, {0x668, 0x2}, {0x0, 0x3}, {0x9}, {0x2, 0x3}, {0x80000000, 0x2}, {0x8, 0x3}, {0x9}], [{0x0, 0x8}, {0x8000, 0x3}, {0x400, 0x1}, {0x9, 0x3}, {0x5, 0xffff7ac4}, {0x4, 0x81}, {0xfffffc00, 0xff}, {0x2, 0xa}, {0xc, 0x3}, {0x7, 0x3}, {0x1}], 0x8, 0x8}, {[{0xcc000, 0x2}, {0x4}, {0x8}, {0x2, 0x2}, {0x5, 0x3}, {0x6}, {0xbed0}, {0x8}, {0x7, 0x2}, {0x6}, {0x10, 0x1}], [{0x7, 0x7}, {0x4, 0x6}, {0x2, 0x5}, {0x9, 0x3}, {0x50558d41, 0x2}, {0x8, 0x1}, {0x5, 0x80000000}, {0x1000, 0xffffffff}, {0x6, 0x8}, {0x3, 0x9}, {0xdb9f, 0x40000000}], 0x9, 0x4}, {[{0x2, 0x1}, {0x7, 0x3}, {0xd93, 0x1}, {0x8000, 0x2}, {}, {0x6}, {0x7f}, {0x9, 0x3}, {0xfffffff8, 0x1}, {0x7, 0x2}, {0x10000, 0x3}], [{0x3}, {0x9, 0x2}, {0x800, 0x9}, {0x4, 0xfbe9}, {0x8, 0x2}, {0x10000, 0x5}, {0x4, 0x2}, {0x46d, 0x10}, {0xd6, 0x20}, {0x1}, {0x80, 0x5}], 0x7, 0x4}], 0xa}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0xcf0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_mptcp(0xa, 0x1, 0x106)
userfaultfd(0x80001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}}, 0xc000)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="34000000070a010800000000000000000500000508000b40000000010c00064000000000000000020c00064000000000000000020b6ee4942c572e3f64b2eee8445bfaf8eadee3729ebab86357d07417ec304a9db01acc2a942aad74ff11d886c22cee5fc01e0fffc8ca2aeec51ade00124e847e7d8391aabc61c4e99ed1533d7b0695966231511ed82ecde73f13ccf701f79e0affbdfb66dd8d4bf3ae40825acbb9e524dcca21007e19a21a25416cd5dc1186"], 0x34}, 0x1, 0x0, 0x0, 0x20040050}, 0x8001)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_START_POLL(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="3bef40de", @ANYRES32=r4, @ANYRESHEX, @ANYRES32=r5, @ANYRES16=r1, @ANYRES16=r3], 0x2c}}, 0x40045)
r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x82090}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000))
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000001c0)={[0x205, 0x6, 0x0, 0x0, 0x10003, 0x41, 0x400200cc4, 0xffd, 0x20000001, 0x25, 0x8001, 0x0, 0x2, 0x0, 0x6a, 0x8d], 0xeeee8000, 0x2011c0})

4m33.780249902s ago: executing program 0 (id=336):
socket$inet6_tcp(0xa, 0x1, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="120110010928fc10ac059102254301020301090212000100004000090484000003e102"], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x8000)
lseek(0xffffffffffffffff, 0x0, 0x1)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc01c5868, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x881, 0x0, 0x200, 0x0, &(0x7f00000004c0)=0xf28d})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x810}, 0x4084)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r2, 0xd)
preadv(r1, &(0x7f0000000340)=[{&(0x7f0000000000)=""/30, 0x1e}], 0x1, 0x8, 0x2)
mremap(&(0x7f0000854000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e7a000/0x1000)=nil)

4m29.891924981s ago: executing program 0 (id=352):
r0 = socket$inet6(0xa, 0x3, 0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@alu={0x4, 0x1, 0x5, 0x4}]}, &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x40}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r1, 0x0, 0xee01)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
io_setup(0xc, &(0x7f0000000180)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f00000010c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x2}])
read$FUSE(r2, &(0x7f0000001100)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_GETXATTR(r2, &(0x7f0000003140)={0x18, 0xfffffffffffffff5, r4}, 0x18)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f0000000140)={0x1, 0x7})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/14], 0x1c}, 0x1, 0x0, 0x0, 0x20008011}, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001111ff0000000000"], 0x4b)
sendmmsg(r0, &(0x7f0000000480), 0x0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000007c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x21d000, 0x0)
chroot(&(0x7f0000000140)='./file0/../file0\x00')
pivot_root(&(0x7f00000002c0)='./file0/../file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0\x00')
close(r5)

4m29.70149509s ago: executing program 0 (id=353):
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="4db20200305b0100140003006e657464657673696d30000000000000180016801400018010000600030000000300000005000000"], 0x4c}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
memfd_create(0x0, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x40, 0x9, 0x7ffc1fff}]})
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x1000009)
socket$nl_route(0x10, 0x3, 0x0)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x2, 0xc9, 0x0, 0x7197}}}, 0x9)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x7fff, 0x204200)
r3 = syz_clone(0x60000, &(0x7f0000000500)="d354fb1b52ddf44181ed74badc7811354514e617c3bdc6e212825b5fd7b5e52a6f1bff47660a317f81981480086173bdeadf89a053261e912f13cc7c2f8e9cd10d2d8a46e204e56399b21e548212e4f1fcb077a63c3123c94deabbafe7826d9c12ff9d4c352424cc9789071b29d24934dfb3db886394e62b549c982b95e512db5e4e69ecc4f18b0fc1cabb141f292039d130e8a8e1e253a049338869b666f8aaf36bc4d3313edfe96919a68a7b91233c76518e03e763b693fe2eb00d2cc6fde84f154bf5913b3e0a44dc223c0e4b3bcd1386785462e2bd6743fcee219b37769133d61dbf3b4d163c6e93d8ffa2", 0xed, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)="0772ebf45cc889d4c1a0620736fbc14217b5262a1642ca4b07a59a88bb3c9e41a0a948f46ec1a5fd067b7deca6506c2262161af7ea8d3ecb2b84d5696a6c38d51b2cc99064594e88d53c8df35634")
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000880)={{0x9, 0x3, 0xffffff81, 0xc9, 'syz1\x00', 0x33}, 0x2, 0x400, 0xea5, r3, 0x2, 0x0, 'syz1\x00', &(0x7f0000000700)=['/dev/udmabuf\x00', ',\',.:\x00'], 0x13})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devtmpfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, 0x0, 0x46)

4m29.342592984s ago: executing program 0 (id=356):
socket$qrtr(0x2a, 0x2, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x1})
ioctl$VIDIOC_DQEVENT(r0, 0x80805659, &(0x7f0000000540)={0x0, @src_change})
socket$kcm(0x10, 0x2, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d200100000000009500000000000000bc26080000000000bf67000000000000070300000fff070067020000030000001606000080ffffffbf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

4m29.335756325s ago: executing program 32 (id=356):
socket$qrtr(0x2a, 0x2, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x1})
ioctl$VIDIOC_DQEVENT(r0, 0x80805659, &(0x7f0000000540)={0x0, @src_change})
socket$kcm(0x10, 0x2, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d200100000000009500000000000000bc26080000000000bf67000000000000070300000fff070067020000030000001606000080ffffffbf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

7.620658908s ago: executing program 1 (id=1402):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000b80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x40000)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x21, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r4, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r4, 0x5412, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r6 = openat$vicodec1(0xffffff9c, &(0x7f0000001280), 0x2, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f00000012c0)={0x800, 0x2, 0x5})
syz_usb_connect$cdc_ecm(0x1, 0x242, &(0x7f0000000400)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x230, 0x1, 0x1, 0x0, 0x0, 0x34, "", [{{0x9, 0x4, 0x0, 0x56, 0x2, 0x2, 0x6, 0x0, 0x6, {{0xb, 0x24, 0x6, 0x0, 0x0, '~p1D+K'}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x4, 0x2, 0xc}, [@mdlm_detail={0x68, 0x24, 0x13, 0x8, "4c154e973a09c1d001d3987da66a245d4ba0125c8901c5675f153e4604ea6b62d72ff11912c91b7042fa245e498cd96b9938f4d3396b9fe256c46a292f5fca0b1b13bb5855685614b9db0fc60d2b327ef2b40e4024dd9f552308d0b7568d3875622a2b9f"}, @mdlm_detail={0x46, 0x24, 0x13, 0xfb, "1bc0517e5ff009a1554918fb46e558cd57b8db65423a742a7d2015ad85d0b7d21f46180cceb1421aff929d82a07d94e51c8c94b1c4f7f576e28c932a497caebf8a69"}, @mdlm_detail={0x7f, 0x24, 0x13, 0x3, "ed730211aaf4e7d99e7b4af5d419e11e7643f2addcf68d34a3fce289b2b0c6b6113ca8f518049b43ab31cd41a90b8de7889c9715d42d0ee26460e2391090c02eaf6cf4a6b327ad69a8a1760b0e2ce98b800ca94a67956f9fab47ce95e1235de965c0f42daf4e45f1b29065d9b946ea9d64ace602a99d7f7907e876"}, @mdlm_detail={0xb3, 0x24, 0x13, 0x3, "1b4dfea4fb8302568d9fb08c1ca5fff7d1c1cb54346357caf4586621b6db119f06ca6c9360ca400cac3ed976a1a00b05ed3e2ba9ef31e748126f30d0792cc1d78c31935f9529c66461db536a81c850f0dccaa1992a1f5276e4201a1809032a2d63fab22b8036a4c3f2a3af5b600fa507db17729aa47a523efb5ca33a90fcf44c011b03acf583ccbffc95d52bea8cc7ca2fa5a8515561e44af5aa76de168cad9f028053a0c0d00d86e14acba3a7707a"}, @ncm={0x6, 0x24, 0x1a, 0x6, 0x1c}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0xf6, 0x5, 0x85}}], {{0x9, 0x5, 0x82, 0x2, 0x10, 0x8, 0x0, 0x81}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x7, 0x2}}}}}]}}]}}, &(0x7f0000000a80)={0xa, &(0x7f0000000680)={0xa, 0x6, 0x200, 0x2, 0x46, 0x5, 0xd7, 0x1}, 0x37, &(0x7f00000006c0)={0x5, 0xf, 0x37, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x0, 0xf, 0x7, 0xf800}, @ssp_cap={0x20, 0x10, 0xa, 0x2, 0x5, 0x4, 0xf, 0x0, [0x0, 0x0, 0xc00f, 0xc030, 0xff0000]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0x13, 0x4, 0x101, 0x20}]}, 0xa, [{0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x406}}, {0xd8, &(0x7f0000000740)=@string={0xd8, 0x3, "1ebf1f2897f4c4117e56d5a099b9cd9fbfc8fb495e402a10f7b7ae83f35d6bf786a1271c0205333a20ddfb72233154932e922cbbfff274161cbd6cf8bcbcdc360ada056e747d4d6211a4bfcbdb75b2beed42770fea34a5aa12880f61897195292102391aeeb706a5abc43f5c342f8bae58dd8b6c629298d85998442db0cfffb26650b08807a8971abdfca37e61c2b1509073f71311cdb44386685970196ac4d8ff83545c439d38c6e9b88dd91a0bc1572b0aa67178b209aaa658620a99b09ae08a9f808cdb4f2de3c2421afb0a1f04b16c00455cebaf"}}, {0x30, &(0x7f0000000840)=@string={0x30, 0x3, "29d96f209c23077b089a736f36b53ac1bd7c05ac182bee6008eef811b581dbc5bbccedc4d844981d086be795d6af"}}, {0x4, &(0x7f0000000880)=@lang_id={0x4, 0x3, 0x458}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0x1801}}, {0x28, &(0x7f0000000900)=@string={0x28, 0x3, "090120d05e9092627857aa6ee631eb0f2949286eb0a9f3e24561adfff97f3c3be1a868a7fd14"}}, {0x49, &(0x7f0000000940)=@string={0x49, 0x3, "8bba3e46c266be4e1da1262bb450e484002aec6591f7608bac8338a0380d1ab65baec87479f0d81bbd0040d95b78ab23df5b35e1937ecc5510715bb66f15916c769eac506a7b62"}}, {0x2a, &(0x7f00000009c0)=@string={0x2a, 0x3, "f2a6b792760d5ee2fba475343d274117d8a71a7c14ea244e4cae1fd3754a1d068d8a83c6513328d8"}}, {0x4, &(0x7f0000000a00)=@lang_id={0x4, 0x3, 0x4001}}, {0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x436}}]})
write$char_usb(r5, &(0x7f00000003c0)="55c4806811d74b8d", 0x8)

6.380888757s ago: executing program 2 (id=1408):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000), 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x3, 0x4002004be, 0x7ff, 0x10009, 0x6, 0x400, 0x80, 0x89, 0x0, 0x3, 0x8d], 0x100000, 0x2c08c6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f000000d640)={0x0, 0x0, &(0x7f000000d600)={&(0x7f0000000440)=@newqdisc={0x1fc, 0x24, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffff}, {0x4, 0x3}, {0x8, 0x7}}, [@q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x50}]}}, @q_dsmark={{0xb}, {0x10, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x6}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}]}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1a}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}]}}, @q_dsmark={{0xb}, {0x20, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x18}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}]}}, @q_dsmark={{0xb}, {0x4c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x13}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xb8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xffff}]}}, @q_dsmark={{0xb}, {0x24, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xa}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x8004}, 0x880)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x9, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x2, 0x6, 0xfffffffffffffffe, 0x8000000000000000, 0xf4a, 0x100000000, 0xbdb], 0xffff1001, 0x4000})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x300f, 0x2, 0x0, 0x0, 0x0, 0x1})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4.352299194s ago: executing program 2 (id=1411):
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="4db20200305b0100140003006e657464657673696d30000000000000180016801400018010000600030000000300000005000000"], 0x4c}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
memfd_create(0x0, 0x2)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x1000009)
socket$nl_route(0x10, 0x3, 0x0)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x2, 0xc9, 0x0, 0x7197}}}, 0x9)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000880)={{0x9, 0x3, 0xffffff81, 0xc9, 'syz1\x00', 0x33}, 0x2, 0x400, 0xea5, 0x0, 0x2, 0x0, 'syz1\x00', &(0x7f0000000700)=['/dev/udmabuf\x00', ',\',.:\x00'], 0x13})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x4)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devtmpfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r2, 0x0, 0x46)

4.0496542s ago: executing program 3 (id=1413):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r0, 0x800000000000)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5885}, 0x0, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
io_uring_setup(0xf08, 0x0)
ioctl$PIO_UNIMAP(r2, 0x4b67, 0x0)

3.051547027s ago: executing program 2 (id=1414):
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc1}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
memfd_create(0x0, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x40, 0x9, 0x7ffc1fff}]})
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x1000009)
socket$nl_route(0x10, 0x3, 0x0)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x2, 0xc9, 0x0, 0x7197}}}, 0x9)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x7fff, 0x204200)
r3 = syz_clone(0x60000, &(0x7f0000000500)="d354fb1b52ddf44181ed74badc7811354514e617c3bdc6e212825b5fd7b5e52a6f1bff47660a317f81981480086173bdeadf89a053261e912f13cc7c2f8e9cd10d2d8a46e204e56399b21e548212e4f1fcb077a63c3123c94deabbafe7826d9c12ff9d4c352424cc9789071b29d24934dfb3db886394e62b549c982b95e512db5e4e69ecc4f18b0fc1cabb141f292039d130e8a8e1e253a049338869b666f8aaf36bc4d3313edfe96919a68a7b91233c76518e03e763b693fe2eb00d2cc6fde84f154bf5913b3e0a44dc223c0e4b3bcd1386785462e2bd6743fcee219b37769133d61dbf3b4d163c6e93d8ffa2", 0xed, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)="0772ebf45cc889d4c1a0620736fbc14217b5262a1642ca4b07a59a88bb3c9e41a0a948f46ec1a5fd067b7deca6506c2262161af7ea8d3ecb2b84d5696a6c38d51b2cc99064594e88d53c8df35634")
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000880)={{0x9, 0x3, 0xffffff81, 0xc9, 'syz1\x00', 0x33}, 0x2, 0x400, 0xea5, r3, 0x2, 0x0, 'syz1\x00', &(0x7f0000000700)=['/dev/udmabuf\x00', ',\',.:\x00'], 0x13})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x4)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devtmpfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, 0x0, 0x46)

2.700020468s ago: executing program 1 (id=1415):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000f0a9c80850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x8, 0x3, 0x32c, 0x0, 0x11, 0x148, 0x154, 0x0, 0x298, 0x2a8, 0x2a8, 0x298, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0xffffffff, 0xff000000, 'macvlan0\x00', 'caif0\x00', {}, {}, 0x73, 0x3, 0x54}, 0x0, 0xf4, 0x154, 0x0, {}, [@common=@unspec=@physdev={{0x64}, {'veth0\x00', {}, 'vlan1\x00', {0xff}, 0x1, 0xa}}, @common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x2, 0x5, 0x3, 0x0, 0x7, 0x1], 0x6, 0x6}, {0xffffffffffffffff, [0x0, 0x5, 0x2, 0x2, 0x7, 0x1], 0x1}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0xff, 'erspan0\x00', 'bond0\x00', {0xff}, {0xff}}, 0x0, 0xe4, 0x144, 0x0, {}, [@common=@ttl={{0x24}, {0x2, 0x80}}, @common=@osf={{0x50}, {'syz0\x00', 0x0, 0x4, 0x1}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x3, 0x4, 0x2, 0x6, 0x3, 0x6], 0x3, 0x1}, {0x4, [0x4, 0x5, 0x7, 0x5, 0x2, 0x5], 0x5}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x388)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc)
ioperm(0x0, 0x3, 0x2)

2.381081158s ago: executing program 3 (id=1416):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000180)='syz0\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f00000001c0), 0x2, 0x0)
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
write$binfmt_script(r1, &(0x7f0000000040)={'#! ', '', [{0x20, '\t\xbb\x9b\x81\xa61\xdd\xd6\xe6\xb3R\xb9\xdb?\xbe\xd3&n\xe2\xb6\xf5%\xb2\xdf\xf5\x83\xba\xeb\x93~\x88\xdc\xec[6=\x01p\xcd\x8ay\x0ez\\U\xae\x9fj@5q\xb2\x89\x00\x17\xe3\x82\x81\xbeS\xd8\x00\x1c\x10\xf8\xf3\xd4\xddI<%\xbb\xa6\xab\x9a\xe5\xec\x19\xfa\xcb\x94\x90u\x9b\x13W\xbd\x9f\xfa\x032-{\x96{\x12\xddy\xb8.%\xabx/\x9cb\xfe\xccO\x00\xf0\xf2\x9dZ\x19_\xc7\xf2\vI'}]}, 0x7d)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0)
shutdown(r2, 0x0)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)

2.32011151s ago: executing program 1 (id=1417):
socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[], 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone3(&(0x7f0000000240)={0x200a40080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00')
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x2c}, 0x94)
readv(r2, &(0x7f0000001700)=[{&(0x7f0000000080)=""/86, 0x56}], 0x1)
syz_open_procfs(0x0, &(0x7f0000000200)='net/protocols\x00')
userfaultfd(0x80001)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x1e1730a30afb6559, 0x8014)

2.210342572s ago: executing program 1 (id=1418):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x8925, &(0x7f0000000080)={0xff00, 0x0, 0xdffffffd, 0x40, 0x0, "bb4000000000000200"})
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x10000)
ioctl$CEC_ADAP_G_CAPS(r1, 0xc04c6100, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000640)={0x23804800, 0x0, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x80}}, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001300))
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x88802, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r5, 0x40047459, &(0x7f00000000c0)=0xa2149)
pwritev(r5, &(0x7f0000000040)=[{&(0x7f00000002c0)="80fd0200004010e3d0706bf66a4505e430cd4a0edaf9e9a393b8ce789d5e465a5ed7a3a185251208e9652a3bf726261c0d15973bf89dd09aa531f59a39c317d9ae", 0x41}], 0x1, 0x0, 0x5)
bind$inet(r3, &(0x7f00000002c0)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
r6 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r6, 0xc02464bb, &(0x7f0000000180)={0x1, r7, 0x0, 0x7, 0x10000, 0xffff, 0xb78c, 0x8})
r8 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r8, 0x5, &(0x7f00000005c0)='fd', 0x0, 0xffffffffffffffff)
epoll_wait(0xffffffffffffffff, &(0x7f0000000240)=[{}, {}], 0x2, 0xa)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000400)={0x7, @output={0x1000, 0x1, {0x6, 0x7}, 0x2, 0x6}})
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001000000800000fa", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x80, 0x20200)

2.138550706s ago: executing program 3 (id=1419):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
readlink(0x0, 0x0, 0x0)
openat$cuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_clone3(&(0x7f00000023c0)={0x220000000, &(0x7f00000021c0), &(0x7f0000002200), &(0x7f0000002240), {0x6}, &(0x7f0000002280)=""/155, 0x9b, &(0x7f0000002340)=""/1, &(0x7f0000002380)=[0xffffffffffffffff], 0x1}, 0x58)
read$FUSE(0xffffffffffffffff, &(0x7f00000025c0)={0x2020}, 0x2020)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000006300)={{{@in=@multicast2, @in=@private}}, {{@in=@local}, 0x0, @in=@initdev}}, &(0x7f0000004780)=0xe4)
getgroups(0x7, &(0x7f00000047c0)=[0xee01, 0x0, 0x0, 0xee00, 0xee00, 0xffffffffffffffff, 0x0])
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x404, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000001dc0)={0x50, 0x0, r2, {0x7, 0x2b, 0x0, 0x2b418842, 0x6}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000004200)="aa8e9df36226466e888b39901e75023156b5530e75c1e203314842ea78a6048cdec3383c60dcd8fa24f6928f6e02ab1090989c59ae38dceda05af132af4546a298837c63ea70975feb0919d7f7766791d530b90d522b23c58776ac7a4035383c5a0dd90d8b766c96816631f1742a0da0ce6ddd053a05966f6b6ec22dd28a0a2636d07696a307496b0b0d8bb370227dca3c96838e556681409be388f1dfbf500f1aee82b374f4473aecbdb77cf567fece7f8ec733fa91aa92a186f9768d16d0257ef826959fb3a73e4976a019bde8a82e9bb0a0443cbb1ab2c6e8f8748489948710294efb79d70edec2271491bc1cddc9c9d2713cc3063761f2bea07f5577bbe5224302ef23adcc96cb5ecee406c7977c97d7000000006e28198954bba79006fd58b2a2b43047e7f3ead143ccb6b27043d7a7512e9d3bad0138554f4b465ab6d1cec9b40cb301ac6491ee7fcdc0588e53eb2510471de91e3e73c98f0a3cc9929eac63f477a1208a80f8c75d0a1d9edb895d675d036a1863dddea98b18c846ac253b2470324b21eaaa6e69389b91bcd470995cd6835c6fac80d5ca41b66562c910f893124cf0f20dc65d90aa0f9cd1a7c88f755aaf33875d7639ae1b7413834636de57f44302b723646257ee7456bdfee10f2eaf0c05f2cf01a115ed8ac2908827af3d85da2f1bcf53d87ee830dc5e98fcfc1a22e547ce57508f606945a7599d8e1cc0268987cb7b3d00a6bfacea7bd05430255bc8b473a071b83695783944ef856fc89906e0b44a13166309bc8cc1dbae68399e1e8e4a2ea265c1a104dd862563cdaeee2b37e72fbda323cc72360b6d4fad2fd2409397f90422bbe6e9068aaf38e18918736e6357a6caac59ae803ffbe853ff716a388423bbc93bb2d6b1222bb94c96a3bddf421288d47039fa1b73573dbed87e1f6b280f8b045f9be8e0d85f6cf416bfc0f3f4ce988aefa2382cccf39e40b2a1657814b7953d0a0aea45d50d02d66982e5269f1ededd6a9f8f9e212314a4bb5c2f4898278fd3a585c1ff60e435b186c552134e5ddb0f2cc95dac405bc4bd32ccda41b05c6a376070c8ef2d6eb3ea7fce97da8f09440d47dc5faca6271d1ce4f4201b315d1cc3fa1d4cc2baa14e4c57bafb7b5bb2e9e859505360e1738a36100dd6c2fb6610fc0ed88e452148ecd8b73517f69c28f0c979525d21ba4fef353eebb2326f48217c44a322e9f1f08f92af1ff5ee5f2dc563f1a0edb09d0646105be0c46ddc8b71301e68013e863d539af5b3a2b11f770d8c0c086988216602619ec440f98d434add23bc7f54d145260773e53121188ca179832d5c406f2b4a91045edca91232416219fade02bf6ba002352943850294b05d9a142889205e6b69336cecfe8a7cfc88688368d54b475f3915eea851334395f80b41177ed4d17d91880a22c1c0cf33a550e32fbf76505458d07ebccc4e77bafae1700c9997f6fe28452f011e370642f228bbf0e2f3dc05741127f6d73e96c073b26e730ac19cb17dfc63c0ed4b5d53ffd6e312e3e80822c8bbea3cf2914f3f8ee53fb4edde1d4507fa9d7de54eecb75132befab6bf486cb05bc8727dadac49c83bf08d9eb94621b42241f9eb8fd1e6fbf969d932a023760faa62c178b7f0a1d43adbf5c21a35a58d381442ecdfc2dcce2d11e5efae8433b14fc9fc28294ae76eaa95f38ac121f255d9b478c81a1caf5c606c34e6efa80dd3aa77cc4001b9fceebcc77a1efea7bf9f749f62c7a8bd5deb0f70c54ab5daab010cf14b2f1012516dc1639edb2d890638b73559d060be47f594f322efdd40c5945148fe1690585923488910fcb3159006f935f7d184e4b4c404ccb6e2a799cc67aa2b56a13c16e3ad92b85a12060881c1d140708ffece6965f9746ed4eef74d37424e760f4b266c80c93390523eadc65494962bed4efc86a0fead2fe25c9108c5d591770cee92f9ff2d916ba0dedc6551a47ce3a4dbc97043e588b3483f0793786fe9f32f1b79ba3f4c4ccabba52a59861c8024bcdfc8ecb0acc821160b060d5dc24f0ade14d08b56218a32a03f9eba729c02fc6b714bc72b11cc7fe47b51b3a174cfa2d8f5df80a0fd4d1dd2ed36b868b46ee5a8cc72e91b57bd05005b5142b5531650813fb5496af379f9e7b1b73c49c64dead9725af0742a41b770205390791de856715c0138ca22f134911a28d2caf22ef21049d1ba721d278bcf675317c5303cbaf96535414fd92c55d741120200d49729e01e399e4c30fa8da659654196af7991a3d294c775a610f242a56c88d542641036de7eccbd64f9f306a3920596d350637a6409f667110b46c6d85ab94df4d7b0af12318522ba1e745e7de45176789a53213b9b3d23b2599275e4f1858fdb2fd63f8c6f7990235e2fb3c4c8f215715973b60b1e56d1f061b6ff33510d08fa403559cbcc21bd141b41f1e9ab4e163a0f80a918ba13031c483931a9dcdb790ad77fbdf5634662cb75e79d986e4724f64c80203600df7ac9950330431b83777bd968a86be5698b13c37513235ac89a0a1dcb799112a86a2d96b1708e0c5e983756d8243927fc7d42be6ff4c946c0763a9745897726f38b65920363b7c32051bf9e770ab1ec140ff11fc639f36fa760afcfd6ba2f609df8cb0949f26119895b69c8ffd0836a01da1e407ba08f37a1144674f5a71b3499ffcccb21e75f19cdfb33c7eded5fa5c264784a78edc5f6de17da15317a66fea522b6e92a52efa5013797212d816c3229c7dd523e2165f9f042c3b3b16e608a1d87ab9c46c2b291bf547e1f4312913b16e39a714c24ebc5cb4f4f80bb20ce4efdf2921db45b7389fef98bd0e8aa40be16758b0d7755ab631b27c5d49225e84fea63e3f031c665851ef4ed18628b26445da2cad4741800cf72a401ad79a7462657068e0f2ee65eeb86da66890247cb45b31d3ad06ea7500eac5be65528c55bf190b0ec27673b67b36117344097a0dbb9db47a2b5144218002d14cbb98629c2ed35db5cdcf93994e3e3d1a1673ff60ec0d9bae1217ba6f39ae4ac4c9e5a19f85634f3091150c4724aaabe3bd1445cfa33fac93b86c5871ca168a728899e2e0062a596fba22b962764420f1268bb8ae0a894559c488cfce6b71aa8478964d2eef5086b2cee891ca031b6543bb7ba55006621f1d80e17abcba9f9d05fc5e61c6c4a890aba4b205f5570e7866ec4de380420c4758de63ff0f7b1acb0521e45cd9bc54df1a4614c04c524f43e86f58757eddb645bbc56a63de5bb560f56a31796dc344d58e2ff2d3fe5228d87c0439e6353943c92160fb847a172eea37ad0c22de5d1e7cd66730218832c87b73366131e29a1545b26d4c500a9afd75864b460cea1ba33a5dca6e5585e9c78a8ee3361f20e2b79489ed2ef1c935d7deeef6de0d009b72a0751929209b351331c0225c29341f5d476b278061a0a33c1e455815bbb83eebf5f5c3fe97c4b3df32846a094501a157196b6c1db1e05cec4f2dee823ebea7da05f5ee63aee1670128471465ae83defcf26aba78f18544146fcc9305ed5899965edbcf9f677c499a52d984db346c12faf02553338e6553488c29c9f3f4537a9437b5eb7382f95f9e844d27fa0b1ffc48d2b44e383b1fdb567b7f23863e8e10b6210f8031859cea410d52f99b5a8d2f218e7c92e231904b171dc077c636db15087cfb0ca6a2cd09f6b7973627a03ebfb4772daddc8ad7c9e534d8bc58cfc6d1305374b589a2a85c8a3c471c7408712ff5cfd7a50bee627d0417a5667dba71866320857cdb84e071a37e477f1b5ac16bdd464d8bf3ae31860ad19722bea1d85d1a5c09e1ab36dcd6c4bf524ed2137745e3562147081027d7852bee1ccc9563e4ff0ce72affa7002e9a066591ddf31abc4388281d98d2d88fa1c5f22cb60523e72e3d838fc6b0163fe0082ce0d8d59098363a174818113182d40cdb6367cb4a867c5aaa480c95f4a98439a2b58291fedcbfedfc3ebb41fe6b0a12fce36518ea6082fb919cdff23e3b40aa26eac8d634e03fc3a1e0fafe402c875709b15b622f35bfdd233ea8d7989ec38dfa1e5b5688d76c615b5efba62dd7d50be97b92f16c838edecd426e18dd270ddda42121d7ad8d26ec28df29580e6dcd7f968885d1cbc5f573efda890a408b45701bdf5cb2e3c54f8481710145ac1f5bdb1b53a1e9a7efd8a3ad7dad7bd0fa017e080854913beda2ccc95631a5c1da5c5afaa84bcc3f1a7041208fac9e09ef52140f142bed882b8988ea062cc8ecd7fd78fd33aeee8e8d5cc891514e3407fbb171e84e45fa14713e995513e16763424e356032ac81047c8e2bfe05dfecc510b55866d4a8696c91afd7b6b809fcf2e0f8a21834f43149d8e2b5dc5fddacb8ff9341376281e8f7d762fdb61a8e6536529b0d4d3cd8217fdb4f0b8341587737da7f50dbe4e5b7851a25d52066bd0e3ad11aed47ee02bec11d0f125cdee1f505cc5c1223d386b2fda556331cf57d8df433927cf12a5fbff853be266c5a64b6424f7b106931d312f0fd447206d21c1945579915e7e21627c7fc423a813823ce5fa2c6f3114303d0995c5706418a088535c62eda2a60c82b727c31177252f8ea025c16a3676ea0ccec24ea57e68c7e0f1b0e06f78a8ccead63eb4c0ef5c59b1d3a805644f8089e604a5bd3aa4494ff7fca02dd5894a6f02e572edd487af04ace3e37f19074325613d6f7d2af73062607b45a3c9365337a1c5e6bae9702a65f0a1b9ce75e43f6381efd9d610ad37532b62c6ab5957ded77a5d01604f67d7ccaa495266ab7fe161268b9a6156643ab6289fa0be75ac433a0204df164c02d3d0cb1b7bf0acd92ca8ff19b710b0b511820d0500fdf58f598fc611380a0f7dffce7bbc934edc967ba0094a0281750176748a4e2c99684c1c4a40258b0da77a0bfb9a4b808d5932443389f0f346dad998cee519624aeb07ea4446064282b1448bfa2e5ac3393d30b5c3865a8995869f69bab0747cfcbbd2bfd407c82e198da326f36be9a508e12d6d73fb262b37fcd7ff70b372c966b7198a9f2364012ff8127f200c079cb70d550f9483c1bf9fba69ebc961c989a82fc38cffe853e4738f33f1fa42fe7167e4bb79110f237d7e4989d2f6f4bd21905e491e2d4b6ac5a66025c11a93ab1eddcade3c3e78c270eaf6a0a6ed43df6e35bcaea9aa716d547d2136c2388379abf645e3f7cad1cc1fdc92b882729ff92b0612302970bd9ca7e36d76b2eb4d9dfe35116bb7771e448867e57026e622e1e54422b064fdb707fef339aa16fde808f622a7269b77c292c7e85fade6dcde475c2f61d71370209bc0e46ba7c7b71e41df246d283f5574205ca6b4819c63d97193eb084fd6b0c20b956cfc4b45b51fd46b2e034ff0f003179c7539fbc4e888c0633767604ed0f07beb4fe00f5a3b56ad9f3997cb49c7a8b92a719411b20874686a8a5ab462914baa85d016df99796a868af3dfa6ad98ceaaa18af2f2fad2ebf3dee1df8c8863e84ed83d6da5e283ca9cc385e0ded20531f127ff4aa974b91634d8f367154d3e23ebb04571a5a453d1265e873d00d40be7e1eb7e74529822b4c81d742c981a988fb786084cbd1e721358c7a1ea5293aa609773b890a5c9de4d1349588def4232d41fa5d7cfbc3dd130754891c304118a895268555874613e9c89c66bceea609e7ca1a914ea327db1f85a3809098e801289d8ab71997c2ad5bd1f3fd4b3c6b80667ac2b6b23b35018206dbf708284f0e0fac58d0b6d72c0d0034b6ed37b1f9931158f2443f045f65e33084ebc6aac93d8c0e3c1c52878dd3f54b9f88a40821090cdeb3bdbb61f0be16338a2a7ba0f77e9ecd5400b6f809a49eee78346c69e7ab560fcc32f2d19e665bb91fbc00e4c00838a1385d5156d1696f694027a9e6a7ef66933202012caca81c1b3ebe64976a9d000e28a6aae5d6f061c5acf8e4bca00bc5ecc547ab1664cdb2125300130a5a92abc0d36cf911fb3123034e925ea097fde14253dd3de52bf5c8a6bf01436c92dbbf5450a9b7775a981b09eab05406dae83f8ddcf898b1bace4b8487f0b4ec5b5316a9b7e3bcd6da41caa23604b3932ff3daf31bb19e74c687773bb54503f6b3ed74aef1410dc4a9a72fa05b1e120e682a7e7f9b8c7b6836fa9d8f96d16fa17975bc3dd7784f0d621d5a69038b0947d1cb47381c82c6df030fc8033dd66b380d884b12991ef5d5283e552f723aaf791bf3af581423c57b536b91e5a158695b68f7eccfd72fd2af1016e261ec863215d1df0fe756366e56fa86c4495cd9a45e83227af93a5b431c5d33fea2b3d469aab08f57b85b3a14a47d7da8ca74dae34f963cf660057466dac3937ce00060f8db8099178944aa37474a37eaef3b9ca04bd0eb1d03c25887d530cd690625f5829830851a6a58a7b411bc87aa70f26e80514799664e35c44db243d61add5bcaba3695e45e9f1a3cbf8ebdfb87571c44b9dcddc5fd422e94cbeb02bb58abd14e140829e12f7f0c7e3cc1a1bcae8429775e531710bfa504e103b17c20c329f653c015ab514fd6cf162b96d871930de99413e148fa58c1ff262a997c6ed1bc008912c6b864031dc95b5a3ad6aa3521167a62fe771baff828cafaf178539048d2e91a62ee7a50df04062422150347774db320fb535ddd4c03a8cdfc3affd253c200e1d5678ff12eb6f5bd43da636778cd2f8551295f4cbbc902322e491c5c10fee144daeaec4cc2a2f855f5312f4c8cac1155c8d3b93a5fe6a60118a0a9912b16d583582b478e4f05c375247d4cd897c49a8cfd2540833311039d9b121e5d5779d71b206d0d862b95e0eab28005f86ddd6ec514d931a521fc035eaacfd10ec5f97af541cabf08512f6c79e7e0db5217bd14aab6d3e9458018c3e59769bcb689347d7e394b469e9c9d9da2be8fc7a54b1aab301b68c1faf7ba7bfd05b8a313c902ad3733e523fd64739d9af110e39a96f1048fd6a43d13045ec71ff3d1f64a904f3878cb18f58b3b84942331ec05d3372a328a83e8aab828574313964f6f6c5af246faf2c69a95e9ceca77c0fbf303103a2d38ef6da2929a3dbccae5823f82d9a37c989154c8a760df8e7d8589daf1fd69683cadd2c7ac13e285a7661c23913912ee272797e3a0808654fd0b9f74f2fe04cb34167aa630b8aa58efc2586bef8c7c2e354d7c8d08de7d25a80b08bae8d2326d16a15d537d8baffcbbae460ce608ded63a45bdf0caf9dc335aa8d2aac03a62a9c6c62ce7c2caa9a731baa549d1880d3facdb4bee43ae27ccd5a22f143da8e7b4deb5c2a194d450eb5ff6949a950115d4e1d60fc75115346a0aaaf1400a301dcc8a04f9d2762c093f88adac799f6bd5150ca9c7d3ac1f728b88b1b0807a7407ad9b8febd89a801c9845af62bf2fc98aea4835d52871774e72b9fc07d26d55ef163833fd2f5c951ff963f43fcdaf03995cf3f14360b05be587e7a19fb760a944166b1fbd04c0d02bda8ff5d92a23c4e683db1b2823a6b02a16a7bc7963aaeeec43d97a85752fa439544127fb71d8b4fee6a09b966bc4e7be67acca35bfe4acabf18f6e9cc938c1e0af43e11754cbe7b37738019d9a162083f5f1fcdd9299921a349f1e0ee840b19fed4c0b5273d5e71ff5f1f20dbb36c89e1edbbef78de1a6229a2cd22bcf2164a1b567f7c08c6ba78ff2e53bc348dd2ab53b9deffc9cf8726feaf9cb07b4f94d189314da8c0005f3bb031e44c402339588832779790e814c707fdbe0830d53b4d35812f27e7709bee185d6d6d67a65382dcf56d567180a4a74cb05b0f7d0202bf33b88729f2bab7003264a2d67ea93d022baea74d7ca54a0081923a82e56750f22f58bc997ea57afe1bce18405383055745f0c6bfbbc514df76107b3c5d04bfe033dace72bd5bead25e736a0052b6efe7eb1153d1afe9202e227d60e4e38f5f294894d2ef9b89998194492e427442a18506e24ddcc1952354fe0250ad949be08a63b6c0e206ecbac70415c36f1bf78d7068ce8eb804561eab2540c6c984e63d1217de1242ae70a5dd457d7a96f24ad9e8a59c060a2a95e9e04a6a4429f40d47d2770e9d3ece295d748aa30a7bbd2aec570733be7855c3a789d71d94b3c86ccdd3cca3ddcb35a969e8c2d5b17ded6ab8b81b90a4206ac2ff163c04ba9886b5ec6138db5eb6ffc19201f66a1057858e564960de679b2996bb93c8d2b440fde169d1fbb5886fe673639c514c2eb8bca75f79abbb73c4a125e5f4d7d4ccd5c9fc85cedc9fe6f2b2b75ec384fa6ecec37579a70bd29b4c9893badb36e1b33cf61b07ee7d2a5550ac9f23b5fe629297efe94eb8a8c2adce65a61ddae84544fe8f81455e2d053fdf7efde38b92b0b4d3e7ff9d81f5de7d571cb4db7e059cbe1ac2153b22b57b4d45d58fa50d152efa2d85d262238ce4816e40f93b65f53b6646297f69e3dde4ae7c57e9112054cb831eca5716863196db7667674b00be7c83f900c944ea2bc8e8e6b6b335a6e9f63e6f6635f6afc0889355aa4f0b928b90f76e6f03b5d40e9a0cace6243aff4590c0ef255860401b16da288687e890b1921b8ba63860df7aad86279c89d16cc4ad1ef4633639f203724c1958fb3b6a990f555e8df8f494fbdae25b353c14fe524541347c1d7f61c349f55773575fab73df09ebd1c635ad5f93fc8e075093ec3fd8b832e5331e329c2578d1f6f7a0a44838e578fe40db7d11645c2c73e0a438a80085988294d98a4ef4c5faa593dd5a9b0dec12d8a6dfd15cc4503bb2078739f26f9c10d0b1fc2634094cfd2ff6bec88a7513debde5fcabb85fd31df8d97bcfaf247edb89cb056fc52bc06f117a3e1022a57817b9abe1793cf279e163212f501681eb9ef08e39adb9ba80ec3cd45f5ae7afc0c256a3470e8ed3ca41c5502c510f0526eab848ec5a7115a53741cf05846989b9b5fc6d2ad74fb855a852e3fc7234bb0ed8b6937167133925dbeb4313a9895860e761300a0695e03e81c2c1e3fe3f4b8c42c946b010259ffa4c1d345350020cddc8e9697fb83c22fff5190558551584368e7a270f958bc72e2624c3e45bbef318b5134f0419e725945e445993f2f176f0a21f5dba86398529fe5159d57c0d75d64f950763b52935e778b20356615409dcb088514eeba3f811e9ce6ce2bd1ba6ac932bd79f7a518959f99d52acbc2a1d0c02c70b9ea46d662d39c315b36315f4220e5dce293275050a3e6df506d0c1d7786017572cd758ba4995963fa034ecd49cadb42bb1ee280600557ce2e17488e1dd4595b8c7d4f20f420a3a01b6228d764c5069222cc93e2091fd2053f05a50eda7840c13f45c6e2a2fbc0f9de4baefb7b40ea1fb7e9d30fb1fdb8f20eafca0c7c8c61c57dfcb8e2836e8d0ce546e8e37b9fc467e1bbeab314be171573398e0c2fb032049a99acf174a857c019609e83010dda8da078a4311efcaaff62fa908dde87cec4d41078c343eec5a80c42d0146d57e9a14f2b5611be05e3b665728c14ea9536d146926fe1e8d5acf12afca415ef5ad77bdfead7ea087183962592296d3d892c64a0a3b9fc95b50f03df7f4f50f950b43a289af09ca92a01a684e5c649b8da4a3365878273a00afd14b4fa2ddaeea5007f728899ba9f5fc9d1d7893a489e56c5fb152e5f775042f4b3bab6cea9cbf9a2b91647fe3c62d3ae4b5d065460b51d51b6e91f2f4fe90a3775e6312ffc805612fee8c314ee70c92de3feefb3cda56a59ddba83757b0e85cb0ee7ad1ac608a1e6a64656d9f586afc38fd1f6474b521724532d88cd351688db077dc9d229a78f8704b21f85324bf9c697874cac5f709c6701a421ac368edda0ec3a0b90268c449acf753d7e8cab501ae3d7e04788e899ec54a2517545b68fd928fb659349e1692bdeccca648fd13a7602868c44e77ed6fd587538a74adc6acdb1ebd1816af88ece2ca64f2603428a0aa842fe86be6b2b568fd29c23433c9e3f9f0e45bd13beb22ac06eb82ae0eb2b3b328aca4abba5e72a155e2cc82ac92c4697fdb9439511c1144fe2ba36f516fa181f7f8d58af69f87a6c936d1e561fff0509819e65a681aaea445a106f8ff3dfd987e2e24e977281cb85cc5e5eb987da2d17e73dacfd9880bd14ecad13d5705643f926303b389a61fd63139577de263a5fdef1facdac0068a9471fc17ac654e88e0a0d12c8aca1e850b64a88f2382e0cf3a4e3363827a06abc1eeb87216e3447dfbf8c04080ca2fe1a08cc2e2001eb386cf02ac0d3b328bcf1de009d048a03cd955c628971c30a137dc66879cbe938390a8f63251f55e559549dd11969b637876a20bc7c6f5fe2b753923d2f0269f2082206eb2312f40654cc95bb38add159104495018a5aa7b8f5836162de9a03b6981c662f2ee02a168d530a002616c09c4cc26c2a2726711e3e25b4e3acb6dcba25fde78ecede51f01e22a2f79409c77011a599ff57d81e70dbde5fcbdc841f9af0e49e8200cd2d3c73013e0e5608ee1951ac04a111864b545e7bc2434c2474286519feaff4da07324d1b13bb16d1daa1d485bcd5466b82c9622f92664f1153d08c6e644b3d0f5902b4d749895f7763015bf0e2849703ed920a3866a260f22fe40f46c76ca6ca10ae8994505fa613a6b1aec84ee6620c25ca4d002f56ddd21b12eed5132634a3194281283fe5fdac07d2fec091dc0f748fe25c6b08cf8d4ff893e863a43c4c92fba47d86c8dfbbabbdca0cec09f732bc0b8df2a97ee7208e64512249300aa4c44c10d4c4503bd76e7b4e2c9aa2e274166ef103d5c832a760f33b5a0eae4dab922f0fec5adbf409bff956b4ce40e6157d498d46ae053f1ad73655bfb0a3dfac6b96c09bac4d07e6bd7f3ac6337f58cccc631466985f6ad680d21a5fe9a9bde4b6980c689e6e8c7a413b6e3084997c089443ffaca9be80c96ce1d9b6de074b4aecfd2db3b679a2d5cf0523aa14414699d481eace4aa397d818ff4d3e73d82031849c7e4f1f1503b636728637f87cf7a7df5472abfcb7e5d77439e1018dba49a41e1c8e63942fe0d1a426f390e8e225fee14501a34762b8d835ca14d6a3a3d8042724ea9e6b568fe0eb84306397ffa8345935e9be8642e6ffbd96e636fd16cacae5d4b88fd0aa0bfbba8221f68eabc98c67de6f9eab2cca07b096b458bbfdc7f1da0bb845a1a6e19c6da87a958acb1aad0b74d6537e97fb0673a20178cbb963f909839e49ec593ddcfc3046aa54c22e3a54148c440d1f2ba1fa7417572c629e48e6d2e07760a87581971d1edccc03c0e465d4d6321d820b3346fb516c1813585a6a8462124f91428a90ed037f40cd6f23596dc90c03825636e55a061838964213c70104ec0c5909a0c62240e93314f9b67ce8fafa115251282a6ee7a036a861d1af11919dbfa7ceb7b2260e66be6300a536e78ebdf60a6f022574b35205341f3557e409d8ecc0c2304b372605c9284aebe1b92f13051db78210df83873b0496625507cf8e1ee5e90aa66f45be75e388d6e0a021b8af3787ee06cd710719b4d06ca5ba5f87de812a660f939584ea880d3c71bc58135e612431850180ee39b707bd98aff26d2c5e4396b43daefd82b2ec1004978637b8d389cc415d628fea6f66f28664f9409448e68a2d48a0a00", 0x2000, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x90, 0x0, 0x7fc, {0x1, 0x3, 0xea, 0x57e, 0x8, 0x6, {0x4, 0x4000000, 0xfffffffffffffff8, 0x8, 0x3, 0x7d, 0xfffffffe, 0x5b, 0x1, 0x8000, 0x4, r3, r4, 0x3, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
fstat(0xffffffffffffffff, &(0x7f0000004940))
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000049c0))
fstat(0xffffffffffffffff, &(0x7f0000004a00))
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000004a80))
getegid()
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
read$FUSE(r5, &(0x7f0000000580)={0x2020, 0x0, <r6=>0x0, <r7=>0x0, <r8=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000029c0)={0x658, 0x0, r6, [{{0x0, 0x2, 0x8001, 0x46, 0xff, 0x2, {0x6, 0xfa9, 0xfffffffffffffff9, 0xfff, 0x2, 0x3, 0x4, 0x0, 0xed07, 0xa000, 0x8, r7, 0x0, 0x55fd, 0x80000001}}, {0x0, 0x3, 0x6, 0x5, 'vcan0\x00'}}, {{0x6, 0x0, 0x5, 0xffffffffffffffc0, 0x3, 0x200, {0x3, 0x2, 0x5, 0xffffffffffffff01, 0xf, 0x7, 0xffff, 0x2, 0xfffffe01, 0x3000, 0x2, r7, r8, 0x5, 0x4c18}}, {0x0, 0x10001, 0x8, 0xb, '%pB    \x00'}}, {{0x1, 0x0, 0xffffffff, 0x7, 0xf425, 0x2, {0x6, 0x7, 0x2, 0xf, 0xffffffffffffffff, 0x1, 0x2, 0x8, 0x9461, 0xe000, 0x7, r7, r8, 0x8000, 0x1ff8000}}, {0x1, 0xd0a9, 0xa, 0x9a5e, '/dev/cuse\x00'}}, {{0x6, 0x2, 0x5f, 0x4, 0x4, 0x1, {0x0, 0x7, 0x1000, 0xfffffffffffffff9, 0x8001, 0x0, 0x800, 0x80000000, 0xb83, 0xc000, 0x80000001, r7, r8, 0x28a, 0x7}}, {0x5, 0x4, 0x1, 0xa, '\x00'}}, {{0x5, 0x2, 0x8, 0x8001, 0xd, 0x6, {0x6, 0x184, 0x587, 0x8000, 0x8, 0x0, 0xffffffff, 0x6, 0x10, 0x2000, 0xb, r7, r8, 0x80000000, 0xb}}, {0x2, 0x8, 0x1, 0xa2, '('}}, {{0x2, 0x1, 0x9, 0x6, 0xfffffff8, 0x7fff, {0x5, 0x1, 0xc, 0xa, 0x6, 0x6, 0x3, 0x6, 0x7, 0x8000, 0x8, r7, r8, 0x5, 0x3}}, {0x3, 0x2, 0x1, 0x9, ','}}, {{0x6, 0x0, 0x5dd5, 0x3, 0x5, 0x81, {0x3, 0x100000001, 0x5, 0x2, 0x1, 0x2, 0x6, 0x69504f9e, 0x80000000, 0x2000, 0x6, r7, r8, 0x6, 0x5}}, {0x0, 0xfffffffffffffffc, 0x6, 0x4, '&\'.:&('}}, {{0x2, 0x1, 0x401, 0x5, 0x80, 0x4, {0x5, 0x404, 0x5, 0x4, 0x801, 0xff, 0x6, 0xd7a2, 0x7fff, 0x4000, 0x7f, 0x0, 0x0, 0x7fffffff, 0xc6}}, {0x4, 0x100000001, 0x4, 0xf4f, '\\--,'}}, {{0x5, 0x1, 0x7ff, 0x4, 0x3d, 0x7f, {0x6, 0x7, 0x5, 0x3, 0x59ec, 0x5, 0x4, 0xf6c, 0x80000000, 0x4000, 0x80, r7, r8, 0x6, 0x6a4a}}, {0x2, 0x54f, 0x8, 0x3ff, 'nl80211\x00'}}, {{0x5, 0x2, 0x2, 0x49f, 0x7fff, 0x65, {0x5, 0xbe4a, 0x707, 0x4b3, 0x0, 0x3, 0x10001, 0xfffff800, 0x6, 0x4000, 0x4b4cca3e, 0xee00, r8, 0x1, 0x62e2}}, {0x2, 0x101, 0x1, 0x3, '\xad'}}]}, 0x658)
getegid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000004e00)={{{@in6=@private0, @in=@initdev}}, {{@in=@remote}, 0x0, @in6=@private2}}, &(0x7f0000004f00)=0xe4)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r10 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r10, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})

1.944287978s ago: executing program 2 (id=1420):
socket$qrtr(0x2a, 0x2, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r0, 0x80805659, &(0x7f0000000540)={0x0, @src_change})
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d200100000000009500000000000000bc26080000000000bf67000000000000070300000fff070067020000030000001606000080ffffffbf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x58, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000680)={0x40, 0x0, <r7=>r3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xf, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfd9, 0x0, 0x0, 0x0, 0x400}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x4}, @exit, @map_idx={0x18, 0x1, 0x5, 0x0, 0x10}, @tail_call, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000400)='syzkaller\x00', 0x6, 0x1e, &(0x7f0000000440)=""/30, 0x41000, 0x4, '\x00', r5, 0x0, r6, 0x8, &(0x7f0000000600)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x1, 0x8, 0x5, 0xf2}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000006c0)=[0x1, r7], &(0x7f0000000700)=[{0x5, 0x1, 0xc, 0x3}, {0x2, 0x5, 0xc, 0x4}, {0x2, 0x4, 0x0, 0x4}], 0x10, 0xffff}, 0x94)
preadv2(0xffffffffffffffff, &(0x7f0000000b00), 0x0, 0x4, 0x3ff, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
close(0x3)
ioctl$XFS_IOC_GETBMAP(r4, 0xc0205826, &(0x7f0000000140)={0x8000000000000001, 0xaea8, 0x7, 0x800, 0x8})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000380)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x4}, 0x50)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e29004218030018258000000000000002", 0x29}], 0x1}, 0x0)

1.933297506s ago: executing program 1 (id=1421):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000140)={0x8, 0x26})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r1 = openat$sr(0xffffff9c, &(0x7f0000001c80), 0x40840, 0x0)
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r1, 0x12, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x5, 0x7fff7ffc}]})
fchown(r2, 0xffffffffffffffff, 0xee00)
r3 = landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r3, 0x0)
mount$tmpfs(0x0, &(0x7f0000000300)='./file0/file1\x00', &(0x7f0000000340), 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000680)="98"})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})
sendmsg$kcm(r6, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000580)="dafebf30d4895ab12b67e2ffea195a868d87d9a73b58efc2b2319945b9f6e61afbc7178f77197cc8d0877a049f567810526e96d29db4e0c340a1fdffc5a8c6618cf620b0228b04dde8e071e1f7d1d8ffb44263d749804693c89204c43cab0ac26990010b8299652634080f9bd0feafa58b166e014babcdb53076e0d313c2009cfe145d95da7e4a67ba2a09600d709f21441c691fefdef4508623552c8c6f1a467ad7df732320acbd1e3c661db64d1120e5fc9bb33bd00e84fb84276d495d51603b100128e73db94b07a453de3fe94e7a5797a9c86920647a90ff4f3b80b365c135575974696693919007007950c6b3c4ebb344deeb5b3a7de427b64c5f34", 0xfe}, {&(0x7f0000000680)="0fba636c2c6ade93d306ee15259476adcf4418a3c524742f6309d63094c1f0e62ab74ff82a72052e19169f9eeaffeed785aa8bd236a9c561e30648e4630b8a000252a7c54753dca8d2dd8a9a19813c0ef96d840f347f6938cfebf428f1dc5fad96bff43975b6de04d5ad9f0c5c71bf91a37ad0ed2c22afd4ea58459dd366aef199b28a41d6b718bdb6de993799b39c63e2f195a5596a463096a4ba756c", 0x9d}, {&(0x7f0000000740)="4dbc4855f256742cc02bf50669988fa30e43755c3f6169e2a73ea21911e2a438746b23208c648e10feb5fc33721c46b379799c271d2af6b3363af82c8aea5c25b1024982300a825233636b0a42c5ffec2964ba7a57607e3badf617ef9470eed27ca6817480a66c07f079e5634a9f8bc01218d216e91ee0d1142a12b397d5d7d005bcb69b1da6304eda552fab", 0x8c}, {&(0x7f0000000800)="c7328e0e52ce9318cc9916f5639bfba7da8aa3e67f4c1e7306ce537dccc260458ed692c9a54d98506283bb13e88e185c3ace2a420e6ae6abd11bced50e827769e6873efa4c2937690f9e1b6796f3766c86a832f1e969f5f2374eeff79b15e3b81c886b503e2199f7babbb5a442fdfa409284931421a9375327a1789c8b4e6bfdacf02505c99c861e06308568a1102c011fa51ac60fc2659671f2430ea1c8b66dbaa775b7ceee429404", 0xa9}, {&(0x7f00000008c0)="be330e1b5a110f531b7185e420bd964769ccac2e798fd0f127768190a5a760f0db25893fd6cc9c87da26157fbba2cbac6501b555ea6d2fe2518304a1f02f5dc342b5aada9cc23bff0fcf34258425f36afc01112c6f7acd26d70097362f9e16d6e210d2960021a7f875e660231fcc1266bb1660e65a1f698f42baca039abd1ab3b294c4fd544839fef50f2b2b246871d0387c04c52b7ee7ce0732df160edaf1ff6acf725e939ed73624bf2e6682253db95195e24ef230330528932f56d63d97d45aa79fe4bb6e3031", 0xc8}, {&(0x7f00000009c0)="42c9974650bec43a083a0008a248a1136f221396a08d68ad19936be55e7a7f7a8af4b4d091c412d0bda49a7507f231713981ca38e0e10776a8076d31b78d8507004be38a0a6172d072fd4ca7b5ad86b8b57bc5770cb4b236397c35d826e47debad51d19d675973b42c4d1a41f9c63c90f726f945e4be47a6edc95691506fb61115a0a52b91355ffb5e54155f621d39c5e85cbf1d1ff4e75e37de71c34f56e183e96a930a2119a70fbfbf64db214fd5649bd116e402fb2c05336201a0dd0fe926d2f414a27efd512085106d1a4fe714f0fd404e7b25670d54d5cae83582ebae622ef1640a9d10cb783a9122ac2a05b8d7fbff981aa1554c3dbcd89616b352", 0xfe}, {&(0x7f0000000ac0)="252abb6496bbec2dba4e37d57e2fe260c585aa2eded62074d66442160d2e4ce48af1e9a42305d193a0d1653187b2e88a290f1b67853b", 0x36}, {&(0x7f0000000b00)="d78c5f71e824a88870c1d4f5c5c0923072bd6fd8267dc1bc0188cd085cb363f69060c85ee4d9e057f361035a1fb0e229a13ba1c36a9cf2ded73a3e788575d4d167e151bb2cd202ea6908e6ac74b560943f0d5f3eb14a1605736eeac4447a566f63697bd4a21ee6a6f30787eca115d7c6af63eac6d7722991cb83e546a2e6e68b5becb6486455203e9cc24a04b081f0a192e3f260148a170152d7e533a82bbc484b6d291f1c3a752233b87827783ac34f980e0c8383e491cc083becade262795b381a221065dbf7c712ffd6b8b63397db4225596d1c4aa2f33fdd6df85bb94175f44d2de5aa5b06c83755e3abe39b4cf3be334a49ec455bbf7cf053739663653178088af1b6186ab066c96cfd678972869addb4f3a03efae620441c7b95a97c0061a45401d6694758025146914265ed63ff33a86a7254fcf3ed94ef6b0739444d0e00b6213ef590a6af68fe514843196f476ed3822c6654cc234aeaee231dbccec5f69ae446b195fa907dd05d95b677a2161816018d589aac1d00bb3a22da920d9fd54768b185c4fa2e32dd59fbce3401cd54b2f2d85c7b1a83808191aa9e4b4632e353a872292bbd2de30d452f067fd1a7ae8a63e50597344053ad5f85b0183513e865ee066d4f24d7295493bda121de37596af87501ac0dac15fb02bde996987b1f354294ee3fb696bedbbe18e1c9af90433542d5a79b55445dbcf0ffb9663429401ef8ab1a36c0c919011febd0f488dea20d42c9b11803cb081eb93a2362089d4d2ffbfad76324a184dbd868c363cb38362283e3362ecc0331301cb2b73c52a61641d7b656deeedc91b7f43d9bd916b340886809c81e9fc116ed3ad09ea9f1fba7dfbba6d5eec48ef740afafb54d2f8b35cfc162076e97825d852c10f8ad0703df77fbda6db08d0d215adbea040433484099b204a3639b356caa63ced0a09be21e10dec5da47e5226a2df5470b328a54912204f3882f9e2b17a851bf8575e33b22822d81cbab8a3bc73f4e755d76c898fdaf3c602ffe1aa8bd6ff67aa32c7dcaeda1cf4d953f48d0f619ac84ad8a297c6e8049cdabf0918e7cf283e9d529141cba63517c4acacf0ebc84352bc308ff4336c4a1dc3de73efbb6c7e381642c2ca300b2731ec1792a03a2c0d4edd1fea42ef6bb4c469ccba3010f7d3691aa395718661bcddeeaff6621e6dd14b8feabfa85f05f2e1c12165bdf2f054d57a2cd511e3e323f80747985682e1355c4432443cfb09a80faa1bb0e09aa73d5582bb6afd3df36a52ba95f70e8c9efc891fd5cad3bab49ea4fd7609e21fc8d62142f521334ff61d7a8954a130434bdf2a6e83fe80ab5a03c441aa76a2f0c58501304d9f881ef7668b68982c01cfc743d0836288cfc52240f861b77c98bf7016229076b159de06660c2242a2d4c85166bc5aea4fad27ce07a2cc9afc2c95188c34acff4bc0ccf16f373f9691d749bc1218969a6d1c2a61d4857147f0a23bc1b0ae544f91be7a824cb0f2c62be674f498485a34263850ef92774cacf2540ffa57ebe846a7ac463384f3b85536162dccd96185a59c99b4da8f1757a4044c3ded7ddcd1f32d43ba3e80b4853d2e075e04ff01d4b2babf42c81fcf09878448e87e84d78274cc190ffac95575ec55d93e582dc98bcf7efe5f6631adc597562a219e6a180cd5002c47c8300412ec53c30d8f1cafeee450654bd676ba0c6350b29f16e8e904fda3a8fea71471233df35616fbc08066033642d50b1d86f2420051ea1298536b53e2b6c744dfe7c36a985ebe5d2ec672d3bb45637936a0426bf5f9af7e8e53b664a8618e25aa65573aed22df747cfce7d5a484e2ed4097ca29795351cec81a7fe4ce2f445d49f14039ebbd2620b90685c0c921996e585fa0d460a7bd746c428b2200d5127dd46bdb313a01c5aab292c48ade6e845ad06fb2c16e1de5460b76b416f7583fe9f253c3f4a4f00481302a0d61e760bff45c5483091cd963dc4d0554978ceaca69f9fbd69c37be64e5cd51e77cc7ab84c4bf2322201c76d101b1386d1140f5501c34104dcc096497f2e9ea02bc8d5f323aaa013578aa56c3526486dcb40644486fce8df194c9e3a3d4633d2b593a9eb2a6a6ce8cd41e9e0d5451534bc10074363f6dc81cf9508ce0d6aba8393637ad7b65e9dd6ddd5cb827848e61bb9406fb3b70e3bff4e39c39458e98fce7a4e553cb81f9fc1fcdddedf85475ad4a875db38c5978b92ff62b491aa5af4b7d08b483418555abb8bcd2ab2d4c53498d372aa727ff7a7a9253b939092420b73ccacf28932a2090f6c76ddf2a41df6f92005bab6ff3920ff64498b7ca075e9211212321ca047f639bb4a6d0b1c53f9469af2061e2fca55f1aaeff91de0c1497398adfedca5ce136a8c8f037b8bcd1a5a89f191ddf19b8778858464a43ba6336edf9aaf5cfef339bc45208475205cfbbed2000379db2ff3f3e637ff85bb26439498773490c682ec81585eda25228abf5a1e7724a897c0c2caad2bd5ce63b1ded12bacf5fda67dd236f7323822b4afea88d39627f65bb79fcb9c1a05a4734246d561bf942c1b23af02355a63b502e77adea8b5dd3faeff31d2a0323f4e9b8e4ebb070ca32ce99e06afb2048156ba2f91aaf6fbf7bc8117d2916511b81084c02c61d387c8e105eafccd6985d58b78777e71be53c4d5e4d9f77dbe3fa3d43974ec73536954e98b09b5c397fa7ea869211de86df40777f0405bfad8771dd016adbb56522c0b9d03b4c56238b56bd063a4e9fb94a5fe25baec8bc77e2cab5d26b5f963086fdad78bf797b38f6763b804f21275dd551eaefb242f78069421cc8822fdd2dd480b02bfa1772485b4ce3c498c7b8d0c6724db3065405644d4452982f8a93626982f70f48af2e5cc7598e5ea7737afe63a01f7c1e882aff68e7bb750534f1650a8894ba1fbcaf65541863bcabcaf1115c5041b280303c84ed395a0fc36b9307152a008aa1ae8ff1489121594b0c20bcb0f500622c51fd645bbd38ec075b2240e70d3ad1b1eedaf67309330586bdce5a2433a80f041ea4b062d192e740745f9c013907df5839af35b9d1e291c944895e92fa11980169bb4264b8b28035dd9ed73b6281fcd4bfce7c80229f1954b458ec8fd9e8b95ab5eeb9ecc45fd136f18b6a8872e31c7c4fcf73e5b1e507b1caf1968c226da10abf6fcfd1be4032ded1324880f71bff5f25debc3739f3e1f826997c4e3673bcd149222137ed1aefe9200133b0a44caa944d0cce5484fd1f69c523228b776200b7c0278693019d38c1de5174a969700eafaa4c7cf7a039b144c1222165321657a95efb02e55c642610e5048884a56ca9e15845b2729f8b72bbc90d7a795fa38c86ce5962be95775c67282edb7c10df784f5fb17087dde883eaafe85ba35672e64baea89ca6dd407739f403da5376f55a49f431fa66ae31c15efe6eeae9d533f7d27563b259aebb9b86b5050a18c5b8ab787c64eb8a7a146589408cfe96a73aa369fdd61f88012aeb2c1ac191591dea4759178c7707357be7591e0d60a6d5d130abf41ba37e23058c468900383bcacb1e3c56f8ef67bc34d244ad581188f8762ff51ed3662e043b6ebdbd8bcc3cf816bef9277cbd77f4f3553e88e94b83a30ffb6340c4ef991a67586f0ff5aa2038e0118a33092e0cce81ec69e93c36c684592241a73aa5bf1478bbe121eef6b2256e106f2b97464fd920fcfdc9c5db0ad258730de6bc92f6c527aafd5f2b670d706efc2bb51b10bc3cf41ecfe226828b9b8cee007a4f1a584352fdc8dc04f2e4381082a2fb13fca50a89ec323b05603a9539858a76791f23b0ae052ce2058404fa6fd5a65276ac438af7f6a7a761c5ff2937d4fd75e0c0a8c3661bb0ab8163fbc188ec8244f44918cb16b1a8fa74f5c4f12cee55fdd7ff58aa1ccc6bb8aa0ea9bea5297a5b29c57550c4ced0dfd793224d62dc87f7995d981a4c7aafd38493741ae54adfb38b5398cd2d8013169a1b9625a16164d7e15971c7d62a46b9f371be76bf8c3b22c4aaa18e222923609681dc9dd9ead0f9f2dadc4d0160cdac31bd2de283a858105361efb2f670e27a9e2d3d25d23f59914cdf336ab91a2cff0d768f477cecb00ab51117e3d491702081b6ee7f8116cc534bbe225975b5fd2156cffbfb9a3c984ce746ca8204a7beeafd7a350a8fc9d1adfe09591930aad146b39a05974f1aedd028ebaebf2369ce3a6c8ee3b886f6a3ffb52541cad76f2ed682ede6de918734bee6789e914740cb990724ca6eb7d48b3ad19b16594250a5bcd4c87cca5b66d287e83e9d8a7b7bbaca9393e3ddb6779ede0d837430ec4b83e5e9f068eae8db48ece323d7ac8fc5bb3cd21b4abebe5f48b5d31364b3a8599ae4a7e329806d0a88f15ef88eedaf2f48541a9a478fa76b7046d632cda71a68a23398d24ca7bc1641d9d95a97111f461e25bdcab5a40288c73b8681761b11b42e6e36db2553d4cb66c64ec4c426bff793164a81199f32d02d74fa4e3b7f4c439165dab1efde910b49c571587ca435dfaf39582d54452ddbd3c2f2a65b433de5c9ade1af9f931afef568f44dd27a163e749721ce6c6e1a4cf19a631fb0d65a20b8e9a179ff42b4a2bbcf10616235e9a74145690e7973bca1f173c93ebbf18f002cd08bfb6cdaf16acfaf3786a5a045748bbb1d0f6da64fe5dd5ba71bef4b8fa86dc05ea89e53a35cca058a510e6c2793e2e5bbe919a0cfe65139ad9be73dc830614c90ddecc39b40944cfeebee8b7551441fda7ce4566ec2f850f0b792abaa1ae7f252c458ecb911b6aa0c4b838275eb4889d6bb1fbf74340deb376174d38bcf2992b931d5aafee23c529f1f4ea39b24cab879cd00d6b549a3481fb09c9a50f6a186880907c91b7e02f22fabcc5d986fa437f7a74fc9c971f54ca05d957e14f37bd0f6860fd7fd85fc2734d25951b4206067cb2ed561d26480423827a89b94432d720da115d94aca57a6bb8b038567da414aa08ff970697105f77d42bad7fbd6d8a80554fa03a054fee8ca93b0b0994deb1a4ac0f5fca4c308cda880afe64b16cb4f4522a6bcb13db6064755cb12b54dd2da4f4251154a575c8f3acc1be5db566a75c392b7bb27f49537a24c2d2e8e83d978716b3c94a8267b75e8054520dc1b0e28d857373fbd415ae08f9e421e1764d58b9646920f5457efc43d807c7fddf9d1227a3fa6089acd10f10f0f1df499470c0badf3e0940a47980f65f3d2f6fd360972aba35d6dd13e4b0230ae9e4bb9994acc20df98af349bb4d924fd52e6c64aa33d0a444efbd00b4bcea7377eb4c42319399bac2a1250b4b172a8bafd6b05e28e9742e072ba3d393acf070c4e688327597803173048b9784f41f4f6fa4fc8f9402bfc906e8a8bb346874ff9e6f0b79b1020c5699a27ef7427e18f25d6fea662ebdcc9ea5400eb9a3c0d1b7b0ab614bfaded0db180b0f9b2c82915f82c25336e3774544e8505c7f6167ce09d01f59d1c9bc3743d06645d19786e765e4dac2eab646563de462e0f77c5a2fc9db59aa557c62b2845fd87259aacf1fc6ee9c1b685253424249a455c2e5d7a154bfca403b0ef8d0b93d065feebf6ce8cf64cd6350a83acd98ac78be49e8496fb448f48484145e3ef8ff9bc30c98f3bb9d35a3856a19bad8089bc41c0eb45c114b88fd8c20ec479f819f3c32fede673301c0afa73fdc5d26b715728f49d074081f76e989fd0aaf86443b72803e0815a7f9396af5f34bde1710ae05bc6bc7a6eedc14492bf7d2137d33c5a280c70ffe6d4e5780be4336c06b6c54187addbab6cc3e8779b1f06daa6fbaf5c267", 0x1000}], 0x8, &(0x7f0000001b40)=[{0xc4, 0x116, 0x320, "b415983a4198d93ff84a8e8044dcefe76cdfd93bfab74fddc65b491187e40a6c95c023302371ee6ea19c5bf2659caeaf118356e339c73f0b160a71b5ddef2aeb4db90e457b7719f1f895f74767549e49cb8bd88462131c7fa6e26b31fb35ef86a8423991aaa14db6a0e72f508162f7fa260047cac40755b63466a2e3b16cfb70d8bba1ec9fbe1719d3c2d21f422891099b0af834191285dd293314ea99e228e8040def5824e10a4418ff973d65c1551609cac7d4454ee6bc"}], 0xc4}, 0x40011)
umount2(&(0x7f0000000500)='./file1\x00', 0x6)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x0)
open(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10)
mount$bind(&(0x7f0000000440)='\x00', &(0x7f0000000480)='./file0/file0\x00', &(0x7f00000004c0), 0x21, 0x0)

1.842503548s ago: executing program 4 (id=1422):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
socket(0x2b, 0x80801, 0x1)
socket(0x2b, 0x80801, 0x1)
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="07d971f7999bf315340000000000000000000400000000000200400c0800034000000036080005400000001a100002"], 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x60}, 0x0)
syz_clone(0x40000200, &(0x7f00000000c0)="9dcfd1b6b28ad386f4ad76f487a84326eca7782eb1d8d3078134ae8b5e82728b2a87ce04d1ef25b6ee976329f8618fb896762c62d06c069772b85674571f4fdd4ef693d60389386e0b3649eb0eb94e6963d5d8f47533c926313fe711bb0e93fa5742ca3aadc23e0c6df304", 0x6b, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="b24faaa06a75ef85459fc3a5102796eeb43d218d66a2cb7b11481d4780fd7a02424bd3a9d07cdd6a9f73408e52fd4583ef440e680e540b56417f141bd23921ea4a4513854cad1614c718d1ff8132a57232c852d6da9abe6702a50d0816b265a2ed22c06ae798893af9de4939f146b1eb779d591c654c4e9caa90")
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x14, 0x14, 0x601, 0x0, 0x0, {0x2b, 0xfa}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (fail_nth: 3)
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})

1.38076914s ago: executing program 4 (id=1423):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000007fc0), 0x0, 0x40080)

1.290836005s ago: executing program 4 (id=1424):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r0, 0x800000000000)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5885}, 0x0, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
io_uring_setup(0xf08, 0x0)
ioctl$PIO_UNIMAP(r2, 0x4b67, 0x0)

1.110942538s ago: executing program 3 (id=1425):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x8925, &(0x7f0000000080)={0xff00, 0x0, 0xdffffffd, 0x40, 0x0, "bb4000000000000200"})
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x10000)
ioctl$CEC_ADAP_G_CAPS(r1, 0xc04c6100, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000640)={0x23804800, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(0x0, 0x0, &(0x7f0000001300))
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x88802, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f00000000c0)=0xa2149)
pwritev(r4, &(0x7f0000000040)=[{&(0x7f00000002c0)="80fd0200004010e3d0706bf66a4505e430cd4a0edaf9e9a393b8ce789d5e465a5ed7a3a185251208e9652a3bf726261c0d15973bf89dd09aa531f59a39c317d9ae", 0x41}], 0x1, 0x0, 0x5)
bind$inet(r3, &(0x7f00000002c0)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
r5 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r5, 0xc02464bb, &(0x7f0000000180)={0x1, r6, 0x0, 0x7, 0x10000, 0xffff, 0xb78c, 0x8})
r7 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r7, 0x5, &(0x7f00000005c0)='fd', 0x0, 0xffffffffffffffff)
epoll_wait(0xffffffffffffffff, &(0x7f0000000240)=[{}, {}], 0x2, 0xa)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x700}], 0x40000cf, 0x0)
ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000400)={0x7, @output={0x1000, 0x1, {0x6, 0x7}, 0x2, 0x6}})
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001000000800000fa", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x80, 0x20200)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000ff00000000000000000000008500000041000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000700000085000000a500000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.020693736s ago: executing program 4 (id=1426):
socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[], 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone3(&(0x7f0000000240)={0x200a40080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00')
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x2c}, 0x94)
readv(r2, &(0x7f0000001700)=[{&(0x7f0000000080)=""/86, 0x56}], 0x1)
syz_open_procfs(0x0, &(0x7f0000000200)='net/protocols\x00')
userfaultfd(0x80001)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x1e1730a30afb6559, 0x8014)

990.614903ms ago: executing program 4 (id=1427):
socket(0x400000000010, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001240)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
msgctl$IPC_SET(0x0, 0xfffff000, 0x0)
add_key(&(0x7f0000000200)='cifs.idmap\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000280)="3038c4eb9f6a876bbcf1ee50d2400738d957b6c3613a9aa314ad06a5c2b2188543", 0x21, 0xfffffffffffffffe)
r2 = shmget$private(0x0, 0x800000, 0x54003f00, &(0x7f0000800000/0x800000)=nil)
shmat(r2, &(0x7f0000000000/0x4000)=nil, 0xbbdccba4532b703b)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r4=>0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = syz_usb_connect(0x1, 0x3f, &(0x7f0000000740)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f0002000000090505020000", @ANYBLOB='`'], 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r7, 0xc0145b0e, &(0x7f0000000040))
openat2$dir(0xffffff9c, &(0x7f0000000640)='./cgroup\x00', &(0x7f0000000680)={0x40, 0xa1, 0x1}, 0x18)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x14, 0x3b, 0x1, 0x0, 0x25dfdbfb, "", [@nested={0x4, 0x117}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x300})
ioctl$UFFDIO_CONTINUE(r8, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f00004cd000/0x1000)=nil, 0x1000}})
syz_clone(0x40080020, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = signalfd4(r4, &(0x7f0000000180)={[0x7ab9, 0x7]}, 0x8, 0x80000)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f00000003c0), r5)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r9, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="b45397b8ef041352dc0000006014000041ff61f4b8a51dbbde8631c186f7068abbb81a3aff8dda7f421725e7fb7b30164386c3b3b7229b9d78d320ef374bb7499f538c016c6f82f03d2bd0b5fcee7ae56b9a9b8d3728c0f856e8bfd92502abc875506b", @ANYRES16=r10, @ANYBLOB="02002cbd7000fcdbdf2542000000080001007063690011000200303030303a30303a31302e30000000000d0087006c325f64726f70730000000005008300010000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000500830000000000080001007063690011000200303030303a30303a31302e30000000000d0087006c325f64726f7073000000000500830001000000"], 0xb4}, 0x1, 0x0, 0x0, 0x20004001}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x100, 0x70bd0a, 0xfffffffe, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0xffff, 0x1}, {0x16}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0x3}}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1000}]}, 0x44}}, 0x2004809c)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)

963.966544ms ago: executing program 1 (id=1428):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
sendmmsg(r0, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000500)=@rxrpc=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e22, @rand_addr=0x64010100}}, 0x80, 0x0}}], 0x2, 0x4)

930.275392ms ago: executing program 3 (id=1429):
setfsgid(0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000480)='virtiofs\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
getsockname$inet6(r3, 0x0, &(0x7f0000000c80))
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x6, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, r1, r2, 0x440}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
quotactl$Q_GETNEXTQUOTA(0xffffffff80000902, &(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, r1, &(0x7f00000000c0))

565.681833ms ago: executing program 2 (id=1430):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000240), 0x22601, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x0, "94c492eb2665203d36bec70800890100000000e1100a0000005900", <r1=>0xffffffffffffffff})
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x9000000, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

480.696862ms ago: executing program 2 (id=1431):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000), 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x3, 0x4002004be, 0x7ff, 0x10009, 0x6, 0x400, 0x80, 0x89, 0x0, 0x3, 0x8d], 0x100000, 0x2c08c6})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f000000d640)={0x0, 0x0, &(0x7f000000d600)={&(0x7f0000000440)=@newqdisc={0x1fc, 0x24, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffff}, {0x4, 0x3}, {0x8, 0x7}}, [@q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x50}]}}, @q_dsmark={{0xb}, {0x10, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x6}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}]}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1a}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}]}}, @q_dsmark={{0xb}, {0x20, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x18}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}]}}, @q_dsmark={{0xb}, {0x4c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x13}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xb8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xffff}]}}, @q_dsmark={{0xb}, {0x24, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xa}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x8004}, 0x880)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x9, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x2, 0x6, 0xfffffffffffffffe, 0x8000000000000000, 0xf4a, 0x100000000, 0xbdb], 0xffff1001, 0x4000})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x300f, 0x2, 0x0, 0x0, 0x0, 0x1})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

140.79419ms ago: executing program 4 (id=1432):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfffffffd, 0x8, &(0x7f0000006680))
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x301880)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffea1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet(0x2, 0x3, 0x2)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f00000001c0)={0x1, 0x0, 0x98, &(0x7f00000000c0)={0x0, 0x1000, 0xd}})
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0})
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000400)={0x0, 0x2000}, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x24000890}, 0x0)
pipe2$watch_queue(&(0x7f0000000000), 0x80)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)={0x60, r5, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000431}, 0x4040084)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000340), r4)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r4, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x74, r7, 0x300, 0x70bd28, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x74}}, 0x4001844)
ioctl$CDROM_LAST_WRITTEN(r0, 0x5395, 0x0)
epoll_create1(0x0)

0s ago: executing program 3 (id=1433):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000), 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x3, 0x4002004be, 0x7ff, 0x10009, 0x6, 0x400, 0x80, 0x89, 0x0, 0x3, 0x8d], 0x100000, 0x2c08c6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f000000d640)={0x0, 0x0, &(0x7f000000d600)={&(0x7f0000000440)=@newqdisc={0x1fc, 0x24, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffff}, {0x4, 0x3}, {0x8, 0x7}}, [@q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x50}]}}, @q_dsmark={{0xb}, {0x10, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x6}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}]}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1a}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}]}}, @q_dsmark={{0xb}, {0x20, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x18}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}]}}, @q_dsmark={{0xb}, {0x4c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x13}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xb8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xffff}]}}, @q_dsmark={{0xb}, {0x24, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xa}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x8004}, 0x880)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x9, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x2, 0x6, 0xfffffffffffffffe, 0x8000000000000000, 0xf4a, 0x100000000, 0xbdb], 0xffff1001, 0x4000})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x300f, 0x2, 0x0, 0x0, 0x0, 0x1})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

][ T5848] usb 8-1: USB disconnect, device number 22
[  336.239370][ T9734] siw: device registration error -23
[  336.939384][ T6152] usb 6-1: USB disconnect, device number 25
[  336.999861][ T9740] IPv6: sit1: Disabled Multicast RS
[  337.641934][ T6152] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  337.693120][ T6493] usb 7-1: new low-speed USB device number 26 using dummy_hcd
[  337.764520][   T40] kauditd_printk_skb: 40 callbacks suppressed
[  337.764538][   T40] audit: type=1800 audit(2000000147.503:2453): pid=9771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.992" name="SYSV00000000" dev="tmpfs" ino=8 res=0 errno=0
[  337.801921][ T6152] usb 8-1: Using ep0 maxpacket: 32
[  337.805185][ T6152] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  337.808223][ T6152] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  337.811221][ T6152] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  337.814276][ T6152] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  337.817696][ T6152] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  337.820841][ T6152] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  337.825124][ T6152] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  337.828153][ T6152] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.833076][ T6152] usb 8-1: config 0 descriptor??
[  337.853202][ T6493] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  337.857058][ T6493] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  337.860484][ T6493] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  337.864067][ T6493] usb 7-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  337.868268][ T6493] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  337.871213][ T6493] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.877327][ T6493] usbtmc 7-1:16.0: bulk endpoints not found
[  338.455442][ T9785] lo speed is unknown, defaulting to 1000
[  338.719977][ T6152] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 23 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  339.032801][   T40] audit: type=1326 audit(2000000148.773:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.040734][ T6152] usb 8-1: USB disconnect, device number 23
[  339.047725][ T6152] usblp0: removed
[  339.050234][   T40] audit: type=1326 audit(2000000148.773:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.067415][   T40] audit: type=1326 audit(2000000148.773:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.127567][   T40] audit: type=1326 audit(2000000148.773:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.136487][   T40] audit: type=1326 audit(2000000148.773:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.147500][   T40] audit: type=1326 audit(2000000148.773:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.155480][   T40] audit: type=1326 audit(2000000148.773:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.163432][   T40] audit: type=1326 audit(2000000148.773:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.172625][   T40] audit: type=1326 audit(2000000148.773:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9790 comm="syz.3.997" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  339.213381][ T9798] overlayfs: failed to resolve './file0': -2
[  339.611928][ T5848] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  339.772059][ T5848] usb 8-1: Using ep0 maxpacket: 32
[  339.777240][ T5848] usb 8-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  339.782397][ T5848] usb 8-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  339.787114][ T5848] usb 8-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  339.791509][ T5848] usb 8-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  339.798086][ T5848] usb 8-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  339.802348][ T5848] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.805585][ T5848] usb 8-1: Product: syz
[  339.807608][ T5848] usb 8-1: Manufacturer: syz
[  339.809761][ T5848] usb 8-1: SerialNumber: syz
[  339.825609][    C2] imon 8-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  339.835809][ T5848] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:155.0/input/input32
[  340.041897][ T5848] imon 8-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  340.045103][ T5848]  (id 0x00)
[  340.111943][ T5848] rc_core: IR keymap rc-imon-pad not found
[  340.114716][ T5848] Registered IR keymap rc-empty
[  340.117148][ T5848] imon 8-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  340.123233][ T5848] imon 8-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  340.247692][ T5848] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:155.0/rc/rc0
[  340.257249][ T5848] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:155.0/rc/rc0/input33
[  340.268082][ T5848] imon 8-1:155.0: iMON device (15c2:ffdc, intf0) on usb<8:24> initialized
[  340.442120][ T6152] usb 7-1: USB disconnect, device number 26
[  340.652986][ T9821] trusted_key: encrypted_key: master key parameter is missing
[  340.780169][ T9801] FAULT_INJECTION: forcing a failure.
[  340.780169][ T9801] name failslab, interval 1, probability 0, space 0, times 0
[  340.787534][ T9801] CPU: 2 UID: 0 PID: 9801 Comm: syz.3.1000 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  340.787576][ T9801] Tainted: [L]=SOFTLOCKUP
[  340.787583][ T9801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  340.787592][ T9801] Call Trace:
[  340.787599][ T9801]  <TASK>
[  340.787605][ T9801]  dump_stack_lvl+0x100/0x190
[  340.787629][ T9801]  should_fail_ex.cold+0x5/0xa
[  340.787671][ T9801]  ? tomoyo_encode2+0xfb/0x3c0
[  340.787693][ T9801]  should_failslab+0xc2/0x120
[  340.787713][ T9801]  __kmalloc_noprof+0xe0/0x850
[  340.787735][ T9801]  ? d_absolute_path+0x136/0x1b0
[  340.787756][ T9801]  tomoyo_encode2+0xfb/0x3c0
[  340.787779][ T9801]  tomoyo_encode+0x29/0x50
[  340.787797][ T9801]  tomoyo_realpath_from_path+0x18c/0x690
[  340.787823][ T9801]  tomoyo_path_number_perm+0x23c/0x580
[  340.787839][ T9801]  ? tomoyo_path_number_perm+0x22e/0x580
[  340.787857][ T9801]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  340.787898][ T9801]  ? find_held_lock+0x2b/0x80
[  340.787918][ T9801]  ? __fget_files+0x215/0x3d0
[  340.787941][ T9801]  ? hook_file_ioctl_common+0x149/0x410
[  340.787959][ T9801]  ? __fget_files+0x215/0x3d0
[  340.787985][ T9801]  ? __fget_files+0x21f/0x3d0
[  340.788007][ T9801]  security_file_ioctl_compat+0xd3/0x230
[  340.788026][ T9801]  __ia32_compat_sys_ioctl+0xc2/0x360
[  340.788047][ T9801]  __do_fast_syscall_32+0xe7/0x950
[  340.788068][ T9801]  ? lockdep_hardirqs_on+0x78/0x100
[  340.788091][ T9801]  do_fast_syscall_32+0x32/0x70
[  340.788113][ T9801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.788132][ T9801] RIP: 0023:0xf7f43fcc
[  340.788153][ T9801] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  340.788168][ T9801] RSP: 002b:00000000f54044a4 EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  340.788185][ T9801] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0085504
[  340.788195][ T9801] RDX: 00000000f54044e8 RSI: 00000000f73d4ff4 RDI: 00000000f54044f4
[  340.788204][ T9801] RBP: 00000000f54044f0 R08: 0000000000000000 R09: 0000000000000000
[  340.788214][ T9801] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  340.788223][ T9801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.788245][ T9801]  </TASK>
[  340.788327][ T9801] ERROR: Out of memory at tomoyo_realpath_from_path.
[  340.965526][ T9823] imon:send_packet: task interrupted
[  340.976470][ T9823] imon:send_packet: packet tx failed (-512)
[  340.979859][ T9823] imon:vfd_write: send packet #1 failed
[  340.985545][ T9823] imon:send_packet: task interrupted
[  340.987779][ T9823] imon:send_packet: packet tx failed (-512)
[  340.991251][ T9823] imon:vfd_write: send packet #0 failed
[  340.994402][ T9823] imon:send_packet: packet tx failed (-32)
[  340.996888][ T9823] imon:vfd_write: send packet #0 failed
[  341.000911][ T6493] usb 8-1: USB disconnect, device number 24
[  341.001924][ T6152] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  342.332095][ T6152] usb 7-1: Using ep0 maxpacket: 8
[  342.682478][ T6152] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  342.686292][ T6152] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  342.689477][ T6152] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  342.692655][ T6152] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  342.701784][ T6152] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  342.709693][ T6152] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.921389][ T9842] trusted_key: encrypted_key: master key parameter is missing
[  342.934425][ T6152] usb 7-1: GET_CAPABILITIES returned 0
[  342.991953][ T5985] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  343.013584][ T6152] usbtmc 7-1:16.0: can't read capabilities
[  343.151980][ T5985] usb 6-1: Using ep0 maxpacket: 8
[  343.155955][ T5985] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  343.160771][ T5985] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  343.165988][ T5985] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  343.170552][ T5985] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  343.176505][ T5985] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  343.180475][ T5985] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.323372][ T9848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.326324][ T9848] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.330955][    C2] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  343.333989][ T9848] usbtmc 7-1:16.0: Unable to send data, error -71
[  343.346665][ T9845] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  343.349349][ T9845] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  343.386845][ T9845] vhci_hcd vhci_hcd.0: Device attached
[  343.411294][ T5985] usb 6-1: GET_CAPABILITIES returned 0
[  343.415581][ T5985] usbtmc 6-1:16.0: can't read capabilities
[  343.602074][ T6152] usb 43-1: new low-speed USB device number 7 using vhci_hcd
[  343.609772][ T9852] binder: Unknown parameter ''
[  343.741632][ T9855] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.750763][ T9855] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.761763][    C2] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  343.768714][ T9855] usbtmc 7-1:16.0: Unable to send data, error -71
[  343.996094][ T9846] vhci_hcd: connection reset by peer
[  343.998745][   T13] vhci_hcd vhci_hcd.3: stop threads
[  344.001356][   T13] vhci_hcd vhci_hcd.3: release socket
[  344.004137][   T13] vhci_hcd vhci_hcd.3: disconnect device
[  344.480240][ T9857] netlink: 'syz.4.1014': attribute type 9 has an invalid length.
[  344.483722][ T9857] netlink: 191164 bytes leftover after parsing attributes in process `syz.4.1014'.
[  344.552518][ T9858] netlink: 'syz.4.1014': attribute type 1 has an invalid length.
[  344.640809][ T9860] overlayfs: failed to resolve './file0': -2
[  344.770223][ T5985] usb 7-1: USB disconnect, device number 27
[  344.883861][ T9867] lo speed is unknown, defaulting to 1000
[  346.978207][ T5985] usb 6-1: USB disconnect, device number 26
[  347.085569][ T9884] team0: No ports can be present during mode change
[  347.093876][ T9885] binder: Unknown parameter ''
[  347.534946][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  347.534958][   T40] audit: type=1326 audit(2000000157.273:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.552381][ T1484] usb 8-1: new low-speed USB device number 25 using dummy_hcd
[  347.555582][   T40] audit: type=1326 audit(2000000157.273:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.575058][   T40] audit: type=1326 audit(2000000157.293:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.588013][   T40] audit: type=1326 audit(2000000157.293:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.597891][   T40] audit: type=1326 audit(2000000157.293:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.612820][   T40] audit: type=1326 audit(2000000157.293:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.624188][   T40] audit: type=1326 audit(2000000157.293:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.635204][   T40] audit: type=1326 audit(2000000157.293:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.651893][   T40] audit: type=1326 audit(2000000157.293:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  347.669470][   T40] audit: type=1326 audit(2000000157.293:2492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.1.1026" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706efcc code=0x7ffc0000
[  348.290288][ T1484] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  348.439727][ T1484] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  348.442979][ T1484] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  348.446594][ T1484] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  348.450655][ T1484] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  348.453683][ T1484] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.461013][ T1484] usbtmc 8-1:16.0: bulk endpoints not found
[  348.941976][ T9910] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1028'.
[  349.037965][ T9913] lo speed is unknown, defaulting to 1000
[  349.172818][ T6152] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  349.714483][ T9924] team0: Port device syz_tun added
[  349.825401][ T9932] x_tables: duplicate underflow at hook 1
[  350.159365][ T9943] trusted_key: encrypted_key: master key parameter is missing
[  350.466056][ T5985] usb 8-1: USB disconnect, device number 25
[  350.512192][ T9945] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  350.514967][ T9945] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  350.581471][ T9945] vhci_hcd vhci_hcd.0: Device attached
[  350.823377][ T6152] usb 39-1: new low-speed USB device number 4 using vhci_hcd
[  350.963805][ T9952] binder: Unknown parameter ''
[  351.189516][ T9963] FAULT_INJECTION: forcing a failure.
[  351.189516][ T9963] name failslab, interval 1, probability 0, space 0, times 0
[  351.204670][ T9963] CPU: 0 UID: 0 PID: 9963 Comm: syz.3.1044 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  351.204701][ T9963] Tainted: [L]=SOFTLOCKUP
[  351.204707][ T9963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  351.204718][ T9963] Call Trace:
[  351.204725][ T9963]  <TASK>
[  351.204731][ T9963]  dump_stack_lvl+0x100/0x190
[  351.204756][ T9963]  should_fail_ex.cold+0x5/0xa
[  351.204779][ T9963]  ? tomoyo_encode2+0xfb/0x3c0
[  351.204800][ T9963]  should_failslab+0xc2/0x120
[  351.204822][ T9963]  __kmalloc_noprof+0xe0/0x850
[  351.204849][ T9963]  ? d_absolute_path+0x136/0x1b0
[  351.204871][ T9963]  tomoyo_encode2+0xfb/0x3c0
[  351.204897][ T9963]  tomoyo_encode+0x29/0x50
[  351.204917][ T9963]  tomoyo_realpath_from_path+0x18c/0x690
[  351.204946][ T9963]  tomoyo_path_number_perm+0x23c/0x580
[  351.204964][ T9963]  ? tomoyo_path_number_perm+0x22e/0x580
[  351.204984][ T9963]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  351.205005][ T9963]  ? get_pid_task+0x106/0x250
[  351.205058][ T9963]  ? find_held_lock+0x2b/0x80
[  351.205080][ T9963]  ? __fget_files+0x215/0x3d0
[  351.205100][ T9963]  ? hook_file_ioctl_common+0x149/0x410
[  351.205118][ T9963]  ? __fget_files+0x215/0x3d0
[  351.205143][ T9963]  ? __fget_files+0x21f/0x3d0
[  351.205168][ T9963]  security_file_ioctl_compat+0xd3/0x230
[  351.205190][ T9963]  __ia32_compat_sys_ioctl+0xc2/0x360
[  351.205212][ T9963]  __do_fast_syscall_32+0xe7/0x950
[  351.205238][ T9963]  ? lockdep_hardirqs_on+0x78/0x100
[  351.205264][ T9963]  do_fast_syscall_32+0x32/0x70
[  351.205289][ T9963]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  351.205312][ T9963] RIP: 0023:0xf7f43fcc
[  351.205326][ T9963] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  351.205343][ T9963] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  351.205360][ T9963] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c050561a
[  351.205371][ T9963] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  351.205381][ T9963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  351.205391][ T9963] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  351.205401][ T9963] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  351.205425][ T9963]  </TASK>
[  351.205442][ T9963] ERROR: Out of memory at tomoyo_realpath_from_path.
[  351.996967][ T9946] vhci_hcd: connection reset by peer
[  351.999519][ T7290] vhci_hcd vhci_hcd.1: stop threads
[  352.002728][ T7290] vhci_hcd vhci_hcd.1: release socket
[  352.005488][ T7290] vhci_hcd vhci_hcd.1: disconnect device
[  352.134228][ T9978] overlayfs: failed to clone lowerpath
[  352.177681][ T9984] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1050'.
[  352.282166][ T9991] trusted_key: encrypted_key: master key parameter is missing
[  352.803654][T10000] trusted_key: encrypted_key: master key parameter is missing
[  353.057094][T10002] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  353.059723][T10002] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  353.062513][T10002] vhci_hcd vhci_hcd.0: Device attached
[  353.538586][T10010] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  353.540546][T10010] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  353.543117][T10010] vhci_hcd vhci_hcd.0: Device attached
[  353.617049][T10013] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  353.822410][ T5818] usb 42-1: SetAddress Request (14) to port 0
[  353.857436][ T5818] usb 42-1: new SuperSpeed USB device number 14 using vhci_hcd
[  353.907143][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.910497][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.952369][T10003] vhci_hcd: connection closed
[  353.952567][   T13] vhci_hcd vhci_hcd.1: stop threads
[  353.958321][   T13] vhci_hcd vhci_hcd.1: release socket
[  353.962579][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  353.982058][ T5756] Bluetooth: hci4: command 0x1003 tx timeout
[  353.986308][   T62] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  354.069472][ T5756] Bluetooth: hci2: command 0x0406 tx timeout
[  354.121073][T10018] loop2: detected capacity change from 0 to 7
[  354.134038][T10018] Dev loop2: unable to read RDB block 7
[  354.138639][T10018]  loop2: unable to read partition table
[  354.141322][T10018] loop2: partition table beyond EOD, truncated
[  354.144806][T10018] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5)
[  354.253299][T10011] vhci_hcd: connection reset by peer
[  354.263131][ T1257] vhci_hcd vhci_hcd.2: stop threads
[  354.264857][ T1257] vhci_hcd vhci_hcd.2: release socket
[  354.268525][ T1257] vhci_hcd vhci_hcd.2: disconnect device
[  354.521893][   T59] usb 8-1: new low-speed USB device number 26 using dummy_hcd
[  354.673525][   T59] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  354.676970][   T59] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  354.680551][   T59] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  354.683967][   T59] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  354.688049][   T59] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  354.690976][   T59] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.696234][   T59] usbtmc 8-1:16.0: bulk endpoints not found
[  354.696529][T10031] FAULT_INJECTION: forcing a failure.
[  354.696529][T10031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.702959][T10031] CPU: 0 UID: 0 PID: 10031 Comm: syz.1.1062 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  354.702989][T10031] Tainted: [L]=SOFTLOCKUP
[  354.702993][T10031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  354.702999][T10031] Call Trace:
[  354.703003][T10031]  <TASK>
[  354.703008][T10031]  dump_stack_lvl+0x100/0x190
[  354.703024][T10031]  should_fail_ex.cold+0x5/0xa
[  354.703039][T10031]  _copy_to_iter+0x5a4/0x1720
[  354.703053][T10031]  ? __pfx__copy_to_iter+0x10/0x10
[  354.703063][T10031]  ? __up_read+0x2c1/0x6e0
[  354.703087][T10031]  ? find_held_lock+0x2b/0x80
[  354.703101][T10031]  ? __pfx___up_read+0x10/0x10
[  354.703111][T10031]  ? seq_read_iter+0xd33/0x1270
[  354.703122][T10031]  ? seq_read_iter+0xd33/0x1270
[  354.703136][T10031]  seq_read_iter+0xdab/0x1270
[  354.703154][T10031]  seq_read+0x33b/0x4c0
[  354.703165][T10031]  ? __pfx_seq_read+0x10/0x10
[  354.703185][T10031]  ? __pfx_seq_read+0x10/0x10
[  354.703197][T10031]  proc_reg_read+0x120/0x330
[  354.703209][T10031]  ? __pfx_proc_reg_read+0x10/0x10
[  354.703222][T10031]  vfs_read+0x1e4/0xb30
[  354.703236][T10031]  ? __pfx_vfs_read+0x10/0x10
[  354.703246][T10031]  ? find_held_lock+0x2b/0x80
[  354.703259][T10031]  ? __fget_files+0x215/0x3d0
[  354.703271][T10031]  ? __fget_files+0x215/0x3d0
[  354.703285][T10031]  ? __fget_files+0x21f/0x3d0
[  354.703301][T10031]  ksys_pread64+0x161/0x1a0
[  354.703314][T10031]  ? __pfx_ksys_pread64+0x10/0x10
[  354.703326][T10031]  ? exit_to_user_mode_loop+0xdd/0x4a0
[  354.703337][T10031]  ? rcu_is_watching+0x12/0xc0
[  354.703351][T10031]  __do_fast_syscall_32+0xe7/0x950
[  354.703367][T10031]  ? lockdep_hardirqs_on+0x78/0x100
[  354.703382][T10031]  do_fast_syscall_32+0x32/0x70
[  354.703397][T10031]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  354.703410][T10031] RIP: 0023:0xf706efcc
[  354.703420][T10031] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  354.703430][T10031] RSP: 002b:00000000f543c50c EFLAGS: 00000292 ORIG_RAX: 00000000000000b4
[  354.703459][T10031] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 0000000080000000
[  354.703466][T10031] RDX: 0000000000000055 RSI: 0000000000000100 RDI: 0000000000000000
[  354.703471][T10031] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  354.703477][T10031] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  354.703483][T10031] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  354.703497][T10031]  </TASK>
[  355.102964][   T59] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  355.255364][T10037] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1064'.
[  355.261765][ T5985] usb 8-1: USB disconnect, device number 26
[  355.300320][T10041] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1065'.
[  355.306611][   T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.314497][   T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.321502][   T59] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  355.336494][   T59] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  355.344052][   T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.350384][   T59] usb 7-1: config 0 descriptor??
[  355.485185][T10043] trusted_key: encrypted_key: master key parameter is missing
[  355.760743][   T59] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd
[  355.778134][   T59] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  355.981969][ T6152] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  356.041570][T10057] ip6gre1: entered allmulticast mode
[  356.047345][T10057] team0: Device ip6gre1 is of different type
[  356.385885][   T40] kauditd_printk_skb: 81 callbacks suppressed
[  356.385897][   T40] audit: type=1326 audit(2000000166.123:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.395533][   T40] audit: type=1326 audit(2000000166.123:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.403129][   T40] audit: type=1326 audit(2000000166.123:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.411595][   T40] audit: type=1326 audit(2000000166.123:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.418648][   T40] audit: type=1326 audit(2000000166.123:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.426039][   T40] audit: type=1326 audit(2000000166.123:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.432996][   T40] audit: type=1326 audit(2000000166.123:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.439890][   T40] audit: type=1326 audit(2000000166.123:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.446844][   T40] audit: type=1326 audit(2000000166.123:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.453862][   T40] audit: type=1326 audit(2000000166.123:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  356.767730][T10071] siw: device registration error -23
[  357.207447][ T1340] usb 7-1: reset high-speed USB device number 28 using dummy_hcd
[  357.326734][T10075] FAULT_INJECTION: forcing a failure.
[  357.326734][T10075] name failslab, interval 1, probability 0, space 0, times 0
[  357.333001][T10075] CPU: 3 UID: 0 PID: 10075 Comm: syz.1.1075 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  357.333033][T10075] Tainted: [L]=SOFTLOCKUP
[  357.333039][T10075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  357.333050][T10075] Call Trace:
[  357.333057][T10075]  <TASK>
[  357.333064][T10075]  dump_stack_lvl+0x100/0x190
[  357.333091][T10075]  should_fail_ex.cold+0x5/0xa
[  357.333116][T10075]  should_failslab+0xc2/0x120
[  357.333138][T10075]  __kmalloc_cache_noprof+0x7a/0x6f0
[  357.333164][T10075]  ? snd_pcm_oss_change_params_locked+0x81c/0x39f0
[  357.333194][T10075]  ? _snd_pcm_hw_param_min+0x1ea/0x670
[  357.333224][T10075]  snd_pcm_oss_change_params_locked+0x81c/0x39f0
[  357.333263][T10075]  ? _kstrtoull+0x13c/0x1f0
[  357.333287][T10075]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  357.333317][T10075]  ? __pfx___mutex_lock+0x10/0x10
[  357.333353][T10075]  ? import_ubuf+0x1b6/0x220
[  357.333387][T10075]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  357.333416][T10075]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  357.333442][T10075]  snd_pcm_oss_read+0x3d4/0x730
[  357.333474][T10075]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  357.333500][T10075]  vfs_readv+0x5d8/0x8d0
[  357.333525][T10075]  ? __pfx_vfs_readv+0x10/0x10
[  357.333563][T10075]  ? __fget_files+0x21f/0x3d0
[  357.333592][T10075]  ? do_readv+0x13e/0x340
[  357.333609][T10075]  do_readv+0x13e/0x340
[  357.333628][T10075]  ? __pfx_do_readv+0x10/0x10
[  357.333645][T10075]  ? ksys_write+0x1ac/0x250
[  357.333668][T10075]  ? rcu_is_watching+0x12/0xc0
[  357.333698][T10075]  __do_fast_syscall_32+0xe7/0x950
[  357.333722][T10075]  ? lockdep_hardirqs_on+0x78/0x100
[  357.333747][T10075]  do_fast_syscall_32+0x32/0x70
[  357.333772][T10075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  357.333795][T10075] RIP: 0023:0xf706efcc
[  357.333812][T10075] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  357.333828][T10075] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000091
[  357.333846][T10075] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  357.333857][T10075] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  357.333866][T10075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  357.333876][T10075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  357.333886][T10075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  357.333910][T10075]  </TASK>
[  357.487099][T10080] binder: 10079:10080 ioctl c0306201 80000040 returned -22
[  357.490453][T10080] binder: 10079:10080 ioctl c0306201 80000640 returned -22
[  357.512523][T10081] openvswitch: netlink: VXLAN extension message has 12 unknown bytes.
[  357.597561][T10082] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1074'.
[  358.664423][T10099] FAULT_INJECTION: forcing a failure.
[  358.664423][T10099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.668715][T10099] CPU: 2 UID: 0 PID: 10099 Comm: syz.3.1084 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  358.668743][T10099] Tainted: [L]=SOFTLOCKUP
[  358.668748][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  358.668756][T10099] Call Trace:
[  358.668762][T10099]  <TASK>
[  358.668768][T10099]  dump_stack_lvl+0x100/0x190
[  358.668789][T10099]  should_fail_ex.cold+0x5/0xa
[  358.668804][T10099]  _copy_from_iter+0x1f4/0x1690
[  358.668817][T10099]  ? __asan_memset+0x23/0x50
[  358.668833][T10099]  ? __pfx__copy_from_iter+0x10/0x10
[  358.668844][T10099]  ? __pfx___alloc_skb+0x10/0x10
[  358.668860][T10099]  netlink_sendmsg+0x808/0xda0
[  358.668877][T10099]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.668893][T10099]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  358.668912][T10099]  ____sys_sendmsg+0x9e1/0xb70
[  358.668925][T10099]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.668941][T10099]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.668961][T10099]  ___sys_sendmsg+0x190/0x1e0
[  358.668977][T10099]  ? __pfx____sys_sendmsg+0x10/0x10
[  358.668999][T10099]  ? find_held_lock+0x2b/0x80
[  358.669021][T10099]  __sys_sendmsg+0x170/0x220
[  358.669033][T10099]  ? __pfx___sys_sendmsg+0x10/0x10
[  358.669043][T10099]  ? __fget_files+0x21f/0x3d0
[  358.669059][T10099]  ? ksys_write+0x1ac/0x250
[  358.669072][T10099]  ? rcu_is_watching+0x12/0xc0
[  358.669087][T10099]  __do_fast_syscall_32+0xe7/0x950
[  358.669102][T10099]  ? lockdep_hardirqs_on+0x78/0x100
[  358.669117][T10099]  do_fast_syscall_32+0x32/0x70
[  358.669131][T10099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.669145][T10099] RIP: 0023:0xf7f43fcc
[  358.669154][T10099] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  358.669164][T10099] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  358.669175][T10099] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000640
[  358.669182][T10099] RDX: 000000000400c080 RSI: 0000000000000000 RDI: 0000000000000000
[  358.669188][T10099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.669194][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  358.669200][T10099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.669213][T10099]  </TASK>
[  358.807591][ T6493] usb 7-1: USB disconnect, device number 28
[  358.954276][ T5818] usb 42-1: device descriptor read/8, error -110
[  359.374272][ T5818] usb usb42-port1: attempt power cycle
[  359.996771][T10122] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1094'.
[  360.121912][ T5818] usb usb42-port1: unable to enumerate USB device
[  360.735681][T10133] syzkaller0: entered promiscuous mode
[  360.737603][T10133] syzkaller0: entered allmulticast mode
[  361.269213][T10148] siw: device registration error -23
[  363.833612][   T29] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  364.004023][   T29] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  364.031915][   T29] usb 6-1: config 1 has an invalid descriptor of length 238, skipping remainder of the config
[  364.052849][   T29] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  364.057103][   T29] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  364.071949][   T29] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  364.077497][   T29] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  364.088805][   T29] usb 6-1: Product: syz
[  364.090681][   T29] usb 6-1: Manufacturer: syz
[  364.115187][   T29] cdc_wdm 6-1:1.0: skipping garbage
[  364.120598][   T29] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  364.821365][T10195] FAULT_INJECTION: forcing a failure.
[  364.821365][T10195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.833032][T10195] CPU: 3 UID: 0 PID: 10195 Comm: syz.3.1114 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  364.833061][T10195] Tainted: [L]=SOFTLOCKUP
[  364.833065][T10195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  364.833072][T10195] Call Trace:
[  364.833075][T10195]  <TASK>
[  364.833080][T10195]  dump_stack_lvl+0x100/0x190
[  364.833096][T10195]  should_fail_ex.cold+0x5/0xa
[  364.833110][T10195]  strncpy_from_user+0x3b/0x2d0
[  364.833124][T10195]  do_getname+0x78/0x390
[  364.833141][T10195]  do_sys_openat2+0xc5/0x1e0
[  364.833157][T10195]  ? __pfx_do_sys_openat2+0x10/0x10
[  364.833172][T10195]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  364.833190][T10195]  ? __fget_files+0x21f/0x3d0
[  364.833204][T10195]  __ia32_compat_sys_openat+0x12d/0x210
[  364.833222][T10195]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  364.833238][T10195]  ? ksys_write+0x1ac/0x250
[  364.833252][T10195]  ? rcu_is_watching+0x12/0xc0
[  364.833267][T10195]  do_int80_emulation+0x141/0x700
[  364.833283][T10195]  asm_int80_emulation+0x1a/0x20
[  364.833294][T10195] RIP: 0023:0xf714616b
[  364.833303][T10195] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  364.833313][T10195] RSP: 002b:00000000f54063cc EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  364.833323][T10195] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5406490
[  364.833330][T10195] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  364.833336][T10195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  364.833341][T10195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  364.833348][T10195] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  364.833361][T10195]  </TASK>
[  365.384053][T10205] netlink: zone id is out of range
[  365.386433][T10205] netlink: get zone limit has 4 unknown bytes
[  366.103690][ T5985] usb 6-1: USB disconnect, device number 27
[  366.245969][T10208] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  366.277202][T10208] block device autoloading is deprecated and will be removed.
[  366.307912][T10207] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  366.473710][T10207] block device autoloading is deprecated and will be removed.
[  368.063706][T10215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1120'.
[  368.085014][T10215] 8021q: adding VLAN 0 to HW filter on device bond3
[  368.114427][T10215] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  368.116916][T10215] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  368.132372][T10215] vhci_hcd vhci_hcd.0: Device attached
[  368.152397][T10240] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  368.354791][T10237] vhci_hcd: connection closed
[  368.356024][ T1194] vhci_hcd vhci_hcd.3: stop threads
[  368.360233][ T1194] vhci_hcd vhci_hcd.3: release socket
[  368.367089][ T1194] vhci_hcd vhci_hcd.3: disconnect device
[  369.782180][ T6493] usb usb44-port1: attempt power cycle
[  369.892205][ T5985] usb 7-1: new low-speed USB device number 29 using dummy_hcd
[  369.985555][T10255] siw: device registration error -23
[  370.043689][ T5985] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  370.049047][ T5985] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  370.053084][ T5985] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  370.056466][ T5985] usb 7-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  370.067892][ T5985] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  370.072111][ T5985] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.085155][ T5985] usbtmc 7-1:16.0: bulk endpoints not found
[  370.362412][ T6493] usb usb44-port1: unable to enumerate USB device
[  370.394539][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  370.394556][   T40] audit: type=1326 audit(2000000180.133:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.414511][   T40] audit: type=1326 audit(2000000180.133:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.427802][   T40] audit: type=1326 audit(2000000180.133:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.436855][   T40] audit: type=1326 audit(2000000180.133:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.446172][   T40] audit: type=1326 audit(2000000180.133:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.453297][   T40] audit: type=1326 audit(2000000180.133:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.460294][   T40] audit: type=1326 audit(2000000180.133:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.468864][   T40] audit: type=1326 audit(2000000180.133:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.480953][   T40] audit: type=1326 audit(2000000180.133:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.492086][   T40] audit: type=1326 audit(2000000180.133:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.3.1133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  370.657530][T10279] lo speed is unknown, defaulting to 1000
[  371.864305][T10290] 9p: Bad value for 'wfdno'
[  372.298189][T10303] siw: device registration error -23
[  372.372439][T10306] fuse: fd is not a fuse device
[  372.461952][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  372.650538][ T5848] usb 7-1: USB disconnect, device number 29
[  372.833972][T10311] 8021q: VLANs not supported on ipvlan0
[  374.305036][T10335] FAULT_INJECTION: forcing a failure.
[  374.305036][T10335] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  374.309439][T10335] CPU: 0 UID: 0 PID: 10335 Comm: syz.3.1153 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  374.309464][T10335] Tainted: [L]=SOFTLOCKUP
[  374.309469][T10335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  374.309478][T10335] Call Trace:
[  374.309485][T10335]  <TASK>
[  374.309491][T10335]  dump_stack_lvl+0x100/0x190
[  374.309511][T10335]  should_fail_ex.cold+0x5/0xa
[  374.309529][T10335]  ? prepare_alloc_pages+0x16d/0x5f0
[  374.309552][T10335]  should_fail_alloc_page+0xeb/0x140
[  374.309572][T10335]  prepare_alloc_pages+0x1f0/0x5f0
[  374.309592][T10335]  ? rcu_is_watching+0x12/0xc0
[  374.309609][T10335]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  374.309635][T10335]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  374.309660][T10335]  ? arch_stack_walk+0xa6/0xf0
[  374.309688][T10335]  ? mas_next_node+0x29c/0x1020
[  374.309705][T10335]  ? stack_trace_save+0x8e/0xc0
[  374.309726][T10335]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  374.309759][T10335]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  374.309788][T10335]  ? mt_validate_nulls+0x1b3/0xa10
[  374.309810][T10335]  ? look_up_lock_class+0x55/0x120
[  374.309832][T10335]  ? __lock_acquire+0x4a5/0x2630
[  374.309847][T10335]  ? css_rstat_updated+0x1ce/0x5a0
[  374.309874][T10335]  ? __lock_acquire+0x4a5/0x2630
[  374.309888][T10335]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.309910][T10335]  ? policy_nodemask+0xed/0x4f0
[  374.309929][T10335]  alloc_pages_mpol+0x1fb/0x540
[  374.309949][T10335]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  374.309967][T10335]  ? find_held_lock+0x2b/0x80
[  374.309987][T10335]  ? __pud_alloc+0x4f6/0x690
[  374.310003][T10335]  ? __pud_alloc+0x4f6/0x690
[  374.310023][T10335]  alloc_pages_noprof+0x1a/0x160
[  374.310045][T10335]  __pmd_alloc+0x3b/0x950
[  374.310063][T10335]  ? __pud_alloc+0x4fb/0x690
[  374.310084][T10335]  __handle_mm_fault+0xa9c/0x2a00
[  374.310105][T10335]  ? mt_find+0x45e/0x8e0
[  374.310129][T10335]  ? __pfx___handle_mm_fault+0x10/0x10
[  374.310150][T10335]  ? __pfx_mt_find+0x10/0x10
[  374.310184][T10335]  handle_mm_fault+0x36d/0xa20
[  374.310215][T10335]  __get_user_pages+0x1178/0x32a0
[  374.310249][T10335]  ? __pfx___get_user_pages+0x10/0x10
[  374.310269][T10335]  get_user_pages_remote+0x3d2/0xb10
[  374.310293][T10335]  ? __pfx_get_user_pages_remote+0x10/0x10
[  374.310313][T10335]  ? __pfx_create_init_stack_vma+0x10/0x10
[  374.310337][T10335]  get_arg_page+0xf4/0x310
[  374.310353][T10335]  ? __pfx_get_arg_page+0x10/0x10
[  374.310369][T10335]  ? alloc_bprm+0x3da/0x710
[  374.310381][T10335]  ? alloc_bprm+0x3da/0x710
[  374.310398][T10335]  copy_string_kernel+0x17d/0x3f0
[  374.310415][T10335]  ? alloc_bprm+0x420/0x710
[  374.310434][T10335]  do_execveat_common.isra.0+0x2e6/0x580
[  374.310456][T10335]  __ia32_compat_sys_execve+0x9c/0xd0
[  374.310492][T10335]  __do_fast_syscall_32+0xe7/0x950
[  374.310513][T10335]  ? lockdep_hardirqs_on+0x78/0x100
[  374.310535][T10335]  do_fast_syscall_32+0x32/0x70
[  374.310557][T10335]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.310574][T10335] RIP: 0023:0xf7f43fcc
[  374.310588][T10335] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  374.310602][T10335] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 000000000000000b
[  374.310618][T10335] RAX: ffffffffffffffda RBX: 0000000080000400 RCX: 0000000000000000
[  374.310628][T10335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  374.310637][T10335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.310645][T10335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.310651][T10335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.310671][T10335]  </TASK>
[  374.498251][T10340] lo speed is unknown, defaulting to 1000
[  374.604386][T10347] team0: No ports can be present during mode change
[  374.722837][T10352] netlink: 'syz.3.1157': attribute type 8 has an invalid length.
[  374.728138][T10352] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1157'.
[  374.777033][T10353] netlink: 'syz.3.1157': attribute type 8 has an invalid length.
[  374.781922][T10353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1157'.
[  374.940258][T10355] FAULT_INJECTION: forcing a failure.
[  374.940258][T10355] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  374.945781][T10355] CPU: 0 UID: 0 PID: 10355 Comm: syz.3.1158 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  374.945805][T10355] Tainted: [L]=SOFTLOCKUP
[  374.945811][T10355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  374.945820][T10355] Call Trace:
[  374.945826][T10355]  <TASK>
[  374.945833][T10355]  dump_stack_lvl+0x100/0x190
[  374.945856][T10355]  should_fail_ex.cold+0x5/0xa
[  374.945873][T10355]  ? prepare_alloc_pages+0x16d/0x5f0
[  374.945895][T10355]  should_fail_alloc_page+0xeb/0x140
[  374.945933][T10355]  prepare_alloc_pages+0x1f0/0x5f0
[  374.945957][T10355]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  374.945985][T10355]  ? clockevents_program_event+0x1bf/0x820
[  374.946005][T10355]  ? clockevents_program_event+0x1bf/0x820
[  374.946027][T10355]  ? ktime_expiry_to_cycles+0xc0/0x2c0
[  374.946043][T10355]  ? ktime_expiry_to_cycles+0x3c/0x2c0
[  374.946062][T10355]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  374.946088][T10355]  ? clockevents_program_event+0x1ef/0x820
[  374.946112][T10355]  ? __pfx_clockevents_program_event+0x10/0x10
[  374.946132][T10355]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  374.946153][T10355]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  374.946179][T10355]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.946204][T10355]  ? policy_nodemask+0xed/0x4f0
[  374.946226][T10355]  alloc_pages_mpol+0x1fb/0x540
[  374.946246][T10355]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  374.946274][T10355]  alloc_pages_noprof+0x1a/0x160
[  374.946296][T10355]  get_free_pages_noprof+0x10/0xb0
[  374.946313][T10355]  __kasan_populate_vmalloc+0xa0/0x210
[  374.946333][T10355]  alloc_vmap_area+0x95d/0x2b70
[  374.946352][T10355]  ? __pfx_alloc_vmap_area+0x10/0x10
[  374.946368][T10355]  __get_vm_area_node+0x1ca/0x330
[  374.946384][T10355]  __vmalloc_node_range_noprof+0x228/0x1630
[  374.946399][T10355]  ? vhost_task_create+0x1db/0x370
[  374.946411][T10355]  ? rcu_is_watching+0x12/0xc0
[  374.946428][T10355]  ? vhost_task_create+0x1db/0x370
[  374.946442][T10355]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  374.946460][T10355]  ? rcu_is_watching+0x12/0xc0
[  374.946477][T10355]  ? trace_kmem_cache_alloc+0xd5/0x100
[  374.946491][T10355]  ? vhost_task_create+0x1db/0x370
[  374.946501][T10355]  __vmalloc_node_noprof+0xad/0xf0
[  374.946515][T10355]  ? vhost_task_create+0x1db/0x370
[  374.946527][T10355]  copy_process+0x7fb/0x7e00
[  374.946550][T10355]  ? __pfx_copy_process+0x10/0x10
[  374.946566][T10355]  ? lockdep_init_map_type+0x5c/0x250
[  374.946578][T10355]  ? lockdep_init_map_type+0x5c/0x250
[  374.946589][T10355]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  374.946607][T10355]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  374.946624][T10355]  vhost_task_create+0x1db/0x370
[  374.946635][T10355]  ? __pfx_vhost_task_create+0x10/0x10
[  374.946645][T10355]  ? register_lock_class+0x40/0x560
[  374.946659][T10355]  ? __pfx_vhost_task_fn+0x10/0x10
[  374.946671][T10355]  ? __pfx___mutex_lock+0x10/0x10
[  374.946690][T10355]  kvm_mmu_post_init_vm+0x1b3/0x370
[  374.946705][T10355]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  374.946719][T10355]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  374.946735][T10355]  kvm_vcpu_ioctl+0x730/0x1720
[  374.946746][T10355]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  374.946757][T10355]  ? tomoyo_path_number_perm+0x188/0x580
[  374.946770][T10355]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  374.946782][T10355]  ? get_pid_task+0x106/0x250
[  374.946801][T10355]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  374.946817][T10355]  ? do_vfs_ioctl+0x226/0x13e0
[  374.946828][T10355]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  374.946845][T10355]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  374.946855][T10355]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  374.946866][T10355]  ? __fget_files+0x21f/0x3d0
[  374.946881][T10355]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  374.946892][T10355]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  374.946918][T10355]  __do_fast_syscall_32+0xe7/0x950
[  374.946933][T10355]  ? lockdep_hardirqs_on+0x78/0x100
[  374.946948][T10355]  do_fast_syscall_32+0x32/0x70
[  374.946963][T10355]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.946977][T10355] RIP: 0023:0xf7f43fcc
[  374.946985][T10355] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  374.946996][T10355] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  374.947007][T10355] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  374.947014][T10355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  374.947020][T10355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.947025][T10355] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  374.947031][T10355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.947045][T10355]  </TASK>
[  374.947120][T10355] syz.3.1158: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  375.136408][T10355] CPU: 0 UID: 0 PID: 10355 Comm: syz.3.1158 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  375.136447][T10355] Tainted: [L]=SOFTLOCKUP
[  375.136454][T10355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  375.136463][T10355] Call Trace:
[  375.136474][T10355]  <TASK>
[  375.136480][T10355]  dump_stack_lvl+0x100/0x190
[  375.136502][T10355]  warn_alloc.cold+0x95/0x1c1
[  375.136521][T10355]  ? __pfx_warn_alloc+0x10/0x10
[  375.136546][T10355]  ? lockdep_hardirqs_on+0x78/0x100
[  375.136570][T10355]  ? __get_vm_area_node+0x2c5/0x330
[  375.136596][T10355]  ? __get_vm_area_node+0x208/0x330
[  375.136620][T10355]  __vmalloc_node_range_noprof+0xccd/0x1630
[  375.136643][T10355]  ? rcu_is_watching+0x12/0xc0
[  375.136668][T10355]  ? vhost_task_create+0x1db/0x370
[  375.136692][T10355]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  375.136719][T10355]  ? rcu_is_watching+0x12/0xc0
[  375.136738][T10355]  ? trace_kmem_cache_alloc+0xd5/0x100
[  375.136760][T10355]  ? vhost_task_create+0x1db/0x370
[  375.136776][T10355]  __vmalloc_node_noprof+0xad/0xf0
[  375.136797][T10355]  ? vhost_task_create+0x1db/0x370
[  375.136816][T10355]  copy_process+0x7fb/0x7e00
[  375.136852][T10355]  ? __pfx_copy_process+0x10/0x10
[  375.136877][T10355]  ? lockdep_init_map_type+0x5c/0x250
[  375.136895][T10355]  ? lockdep_init_map_type+0x5c/0x250
[  375.136912][T10355]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  375.136939][T10355]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  375.136964][T10355]  vhost_task_create+0x1db/0x370
[  375.136981][T10355]  ? __pfx_vhost_task_create+0x10/0x10
[  375.136996][T10355]  ? register_lock_class+0x40/0x560
[  375.137019][T10355]  ? __pfx_vhost_task_fn+0x10/0x10
[  375.137038][T10355]  ? __pfx___mutex_lock+0x10/0x10
[  375.137067][T10355]  kvm_mmu_post_init_vm+0x1b3/0x370
[  375.137090][T10355]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  375.137111][T10355]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  375.137132][T10355]  kvm_vcpu_ioctl+0x730/0x1720
[  375.137150][T10355]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  375.137167][T10355]  ? tomoyo_path_number_perm+0x188/0x580
[  375.137187][T10355]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  375.137205][T10355]  ? get_pid_task+0x106/0x250
[  375.137234][T10355]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  375.137271][T10355]  ? do_vfs_ioctl+0x226/0x13e0
[  375.137289][T10355]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  375.137316][T10355]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  375.137334][T10355]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  375.137351][T10355]  ? __fget_files+0x21f/0x3d0
[  375.137375][T10355]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  375.137392][T10355]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  375.137411][T10355]  __do_fast_syscall_32+0xe7/0x950
[  375.137433][T10355]  ? lockdep_hardirqs_on+0x78/0x100
[  375.137456][T10355]  do_fast_syscall_32+0x32/0x70
[  375.137483][T10355]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.137503][T10355] RIP: 0023:0xf7f43fcc
[  375.137516][T10355] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  375.137530][T10355] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  375.137546][T10355] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  375.137556][T10355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  375.137564][T10355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.137573][T10355] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  375.137582][T10355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.137604][T10355]  </TASK>
[  375.137626][T10355] Mem-Info:
[  375.283044][T10355] active_anon:10740 inactive_anon:154 isolated_anon:0
[  375.283044][T10355]  active_file:26440 inactive_file:2129 isolated_file:0
[  375.283044][T10355]  unevictable:1768 dirty:307 writeback:0
[  375.283044][T10355]  slab_reclaimable:7823 slab_unreclaimable:58521
[  375.283044][T10355]  mapped:28633 shmem:5155 pagetables:1882
[  375.283044][T10355]  sec_pagetables:314 bounce:0
[  375.283044][T10355]  kernel_misc_reclaimable:0
[  375.283044][T10355]  free:51884 free_pcp:13775 free_cma:0
[  375.302106][T10355] Node 0 active_anon:68kB inactive_anon:136kB active_file:4kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8060kB pagetables:1968kB sec_pagetables:1132kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  375.316451][T10355] Node 1 active_anon:42892kB inactive_anon:480kB active_file:105756kB inactive_file:8512kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:111204kB dirty:1228kB writeback:0kB shmem:17084kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6532kB pagetables:5260kB sec_pagetables:124kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  375.331073][T10355] Node 0 DMA free:2068kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:76kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:532kB local_pcp:232kB free_cma:0kB
[  375.347016][T10355] lowmem_reserve[]: 0 285 285 285 285
[  375.349997][T10355] Node 0 DMA32 free:16204kB boost:0kB min:13092kB low:16364kB high:19636kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20kB inactive_anon:136kB active_file:4kB inactive_file:4kB unevictable:3536kB writepending:0kB zspages:0kB present:1032196kB managed:292624kB mlocked:0kB bounce:0kB free_pcp:11532kB local_pcp:4052kB free_cma:0kB
[  375.366360][T10355] lowmem_reserve[]: 0 0 0 0 0
[  375.368648][T10355] Node 1 DMA32 free:180304kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41792kB inactive_anon:480kB active_file:105756kB inactive_file:8512kB unevictable:3536kB writepending:1228kB zspages:2164kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:44284kB local_pcp:14876kB free_cma:0kB
[  375.381916][T10355] lowmem_reserve[]: 0 0 0 0 0
[  375.386325][T10355] Node 0 DMA: 53*4kB (UM) 8*8kB (UM) 10*16kB (UM) 11*32kB (UM) 8*64kB (UM) 2*128kB (U) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2068kB
[  375.392491][T10355] Node 0 DMA32: 765*4kB (UME) 233*8kB (UME) 87*16kB (UME) 63*32kB (UME) 29*64kB (ME) 13*128kB (UME) 3*256kB (UM) 3*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 16204kB
[  375.399877][T10355] Node 1 DMA32: 230*4kB (UME) 1783*8kB (UE) 1706*16kB (UME) 309*32kB (UME) 185*64kB (UME) 133*128kB (UME) 85*256kB (UME) 57*512kB (UM) 23*1024kB (UM) 6*2048kB (UM) 3*4096kB (UM) = 180304kB
[  375.411208][T10355] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  375.419351][T10355] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  375.423491][T10355] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  375.427038][T10355] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  375.430859][T10355] 32726 total pagecache pages
[  375.432771][T10355] 306 pages in swap cache
[  375.434322][T10355] Free swap  = 120900kB
[  375.436074][T10355] Total swap = 124996kB
[  375.437807][T10355] 524155 pages RAM
[  375.439388][T10355] 0 pages HighMem/MovableOnly
[  375.441139][T10355] 210106 pages reserved
[  375.443316][T10355] 0 pages cma reserved
[  376.411898][   T40] kauditd_printk_skb: 104 callbacks suppressed
[  376.411911][   T40] audit: type=1326 audit(2000000185.373:2720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.421545][   T40] audit: type=1326 audit(2000000185.373:2721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.428657][   T40] audit: type=1326 audit(2000000185.373:2722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.431955][ T6493] usb 8-1: new low-speed USB device number 27 using dummy_hcd
[  376.436075][   T40] audit: type=1326 audit(2000000185.373:2723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.446196][   T40] audit: type=1326 audit(2000000185.373:2724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.453656][   T40] audit: type=1326 audit(2000000185.373:2725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.461363][   T40] audit: type=1326 audit(2000000185.373:2726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.469558][   T40] audit: type=1326 audit(2000000185.373:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.477482][   T40] audit: type=1326 audit(2000000185.373:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.485057][   T40] audit: type=1326 audit(2000000185.373:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10373 comm="syz.1.1166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  376.549638][T10383] fuse: Bad value for 'fd'
[  376.803439][T10385] fuse: Unknown parameter 'g‚oup_id'
[  377.173415][ T6493] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  377.176757][ T6493] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  377.179757][ T6493] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  377.182871][ T6493] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  377.186901][ T6493] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  377.189669][ T6493] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.197350][ T6493] usbtmc 8-1:16.0: bulk endpoints not found
[  377.364798][T10392] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  377.368048][T10392] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  377.736514][T10405] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1174'.
[  377.739709][T10405] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1174'.
[  377.772069][T10408] lo speed is unknown, defaulting to 1000
[  379.086118][ T5985] usb 8-1: USB disconnect, device number 27
[  379.683651][ T5985] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  379.910077][ T5985] usb 8-1: Using ep0 maxpacket: 8
[  380.132030][ T6493] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  380.281856][ T6493] usb 7-1: Using ep0 maxpacket: 32
[  380.311436][ T6493] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  380.345674][ T6493] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  380.361893][ T6493] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  380.406261][ T6493] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  380.442271][ T6493] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  380.446629][ T6493] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  380.460225][ T6493] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  380.464225][ T6493] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.474247][ T6493] usb 7-1: config 0 descriptor??
[  380.579002][ T5985] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  380.736291][ T5985] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  380.740600][ T5985] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  380.744998][ T5985] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  380.750442][ T5985] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  380.761485][ T5985] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.798351][ T6493] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  381.073574][ T5985] usb 8-1: GET_CAPABILITIES returned 0
[  381.075427][ T5985] usbtmc 8-1:16.0: can't read capabilities
[  381.327013][ T6493] usb 7-1: USB disconnect, device number 30
[  381.330811][ T6493] usblp0: removed
[  381.337587][T10426] [U] 
[  381.587320][T10450] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.600701][T10450] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  381.804855][T10454] lo speed is unknown, defaulting to 1000
[  381.822440][    T0] NOHZ tick-stop error: local softirq work is pending, handler #212!!!
[  381.928271][T10452] random: crng reseeded on system resumption
[  382.288569][T10459] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1189'.
[  382.512740][T10472] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  382.515789][T10472] IPv6: NLM_F_CREATE should be set when creating new route
[  382.723598][ T1432] ieee802154 phy0 wpan0: encryption failed: -22
[  382.799593][ T1432] ieee802154 phy1 wpan1: encryption failed: -22
[  383.410264][ T5848] usb 8-1: USB disconnect, device number 28
[  383.497956][   T40] kauditd_printk_skb: 586 callbacks suppressed
[  383.497968][   T40] audit: type=1326 audit(2000000193.233:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.511879][   T40] audit: type=1326 audit(2000000193.233:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.526574][   T40] audit: type=1326 audit(2000000193.243:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.535381][   T40] audit: type=1326 audit(2000000193.243:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.542473][   T40] audit: type=1326 audit(2000000193.243:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.549608][   T40] audit: type=1326 audit(2000000193.243:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.557488][   T40] audit: type=1326 audit(2000000193.243:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.588650][   T40] audit: type=1326 audit(2000000193.253:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.608719][   T40] audit: type=1326 audit(2000000193.253:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.629366][   T40] audit: type=1326 audit(2000000193.253:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10481 comm="syz.3.1194" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  383.660770][ T6493] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  383.682892][T10475] ip6_vti0: entered promiscuous mode
[  383.684703][T10475] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1193'.
[  383.811887][ T6493] usb 7-1: Using ep0 maxpacket: 8
[  383.817728][ T6493] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  383.822507][ T6493] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.826212][ T6493] usb 7-1: config 0 interface 0 has no altsetting 0
[  383.828949][ T6493] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  383.832695][ T6493] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.838586][ T6493] usb 7-1: config 0 descriptor??
[  384.384884][   T13] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  384.388020][   T13] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  384.393220][   T13] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  384.396393][   T13] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  384.557592][ T6493] hid_parser_main: 5 callbacks suppressed
[  384.557609][ T6493] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0
[  384.563880][ T6493] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0
[  384.566564][ T6493] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0
[  384.568955][ T6493] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0
[  384.571251][ T6493] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0
[  384.574282][ T6493] mcp2221 0003:04D8:00DD.0005: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  384.723637][T10500] FAULT_INJECTION: forcing a failure.
[  384.723637][T10500] name failslab, interval 1, probability 0, space 0, times 0
[  384.730844][T10500] CPU: 1 UID: 0 PID: 10500 Comm: syz.1.1200 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  384.730862][T10500] Tainted: [L]=SOFTLOCKUP
[  384.730866][T10500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  384.730872][T10500] Call Trace:
[  384.730875][T10500]  <TASK>
[  384.730880][T10500]  dump_stack_lvl+0x100/0x190
[  384.730896][T10500]  should_fail_ex.cold+0x5/0xa
[  384.730910][T10500]  should_failslab+0xc2/0x120
[  384.730922][T10500]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  384.730942][T10500]  ? ptlock_alloc+0x1f/0x70
[  384.730960][T10500]  ? __lock_acquire+0x4a5/0x2630
[  384.730972][T10500]  ptlock_alloc+0x1f/0x70
[  384.730987][T10500]  pte_alloc_one+0x82/0x3d0
[  384.731045][T10500]  __pte_alloc+0x6d/0x3e0
[  384.731062][T10500]  ? __pfx___pte_alloc+0x10/0x10
[  384.731074][T10500]  ? do_raw_spin_lock+0x128/0x260
[  384.731086][T10500]  ? find_held_lock+0x2b/0x80
[  384.731101][T10500]  do_anonymous_page+0x13c6/0x2050
[  384.731118][T10500]  ? __pmd_alloc+0x3fb/0x950
[  384.731133][T10500]  __handle_mm_fault+0x1d2c/0x2a00
[  384.731151][T10500]  ? mt_find+0x45e/0x8e0
[  384.731167][T10500]  ? __pfx___handle_mm_fault+0x10/0x10
[  384.731182][T10500]  ? __pfx_mt_find+0x10/0x10
[  384.731210][T10500]  ? find_vma+0xbf/0x140
[  384.731221][T10500]  ? __pfx_find_vma+0x10/0x10
[  384.731234][T10500]  handle_mm_fault+0x36d/0xa20
[  384.731257][T10500]  do_user_addr_fault+0x74c/0x12f0
[  384.731272][T10500]  ? trace_page_fault_kernel+0x7a/0x200
[  384.731286][T10500]  exc_page_fault+0x6f/0xd0
[  384.731300][T10500]  asm_exc_page_fault+0x26/0x30
[  384.731311][T10500] RIP: 0010:_copy_from_user+0x93/0xd0
[  384.731322][T10500] Code: e0 10 fd 89 ee 4c 89 ef 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 e8 19 a8 7d fd 0f 01 cb 4c 89 ef 48 89 de 48 89 e9 <f3> a4 0f 1f 00 49 89 cc 48 89 cb 0f 01 ca 31 ff 48 89 ce e8 d5 da
[  384.731332][T10500] RSP: 0018:ffffc90006f47be8 EFLAGS: 00050297
[  384.731342][T10500] RAX: 0000000000000001 RBX: 00000000800004c0 RCX: 0000000000000004
[  384.731348][T10500] RDX: 0000000000000001 RSI: 00000000800004c0 RDI: ffffc90006f47c68
[  384.731354][T10500] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000de8f8d
[  384.731361][T10500] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[  384.731366][T10500] R13: ffffc90006f47c68 R14: 1ffff92000de8f87 R15: 0000000000000006
[  384.731380][T10500]  ? _copy_from_user+0x87/0xd0
[  384.731390][T10500]  do_tcp_setsockopt+0x73e/0x2b40
[  384.731404][T10500]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  384.731417][T10500]  ? __pfx___might_resched+0x10/0x10
[  384.731432][T10500]  ? aa_sk_perm+0x309/0xaa0
[  384.731444][T10500]  ? ksys_write+0x190/0x250
[  384.731457][T10500]  ? __pfx_aa_sk_perm+0x10/0x10
[  384.731470][T10500]  ? find_held_lock+0x2b/0x80
[  384.731486][T10500]  tcp_setsockopt+0xe2/0x100
[  384.731497][T10500]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  384.731513][T10500]  do_sock_setsockopt+0xf3/0x1d0
[  384.731528][T10500]  __sys_setsockopt+0x119/0x190
[  384.731542][T10500]  __ia32_sys_setsockopt+0xbc/0x160
[  384.731552][T10500]  ? __do_fast_syscall_32+0x98/0x950
[  384.731567][T10500]  ? lockdep_hardirqs_on+0x78/0x100
[  384.731580][T10500]  __do_fast_syscall_32+0xe7/0x950
[  384.731594][T10500]  ? lockdep_hardirqs_on+0x78/0x100
[  384.731609][T10500]  do_fast_syscall_32+0x32/0x70
[  384.731624][T10500]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  384.731637][T10500] RIP: 0023:0xf706efcc
[  384.731646][T10500] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  384.731656][T10500] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  384.731665][T10500] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006
[  384.731671][T10500] RDX: 0000000000000006 RSI: 00000000800004c0 RDI: 0000000000000004
[  384.731677][T10500] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  384.731683][T10500] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  384.731689][T10500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  384.731702][T10500]  </TASK>
[  384.868185][T10467] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  384.880735][T10467] netlink: 'syz.2.1192': attribute type 5 has an invalid length.
[  384.884885][T10467] netlink: 9524 bytes leftover after parsing attributes in process `syz.2.1192'.
[  384.908478][T10467] team0 (unregistering): Port device team_slave_0 removed
[  384.917499][T10467] team0 (unregistering): Port device team_slave_1 removed
[  384.925011][T10467] team0 (unregistering): Port device syz_tun removed
[  384.953189][ T6152] usb 8-1: new low-speed USB device number 29 using dummy_hcd
[  385.116231][ T6493] usb 7-1: USB disconnect, device number 31
[  385.311865][ T6152] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  385.370250][ T6152] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  385.373520][ T6152] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  385.376594][ T6152] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  385.380664][ T6152] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  385.383609][ T6152] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.394309][ T6152] usbtmc 8-1:16.0: bulk endpoints not found
[  385.416153][T10507] overlayfs: failed to clone lowerpath
[  385.681892][ T1340] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  385.832101][ T1340] usb 6-1: Using ep0 maxpacket: 16
[  385.835528][ T1340] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  385.839324][ T1340] usb 6-1: New USB device found, idVendor=056a, idProduct=00b9, bcdDevice= 0.00
[  385.842728][ T1340] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.846679][ T1340] usb 6-1: config 0 descriptor??
[  385.851502][ T1340] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  386.014821][T10520] lo speed is unknown, defaulting to 1000
[  386.149140][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1203'.
[  386.160357][ T5985] usb 6-1: USB disconnect, device number 28
[  387.253526][T10530] exFAT-fs (nbd2): unable to read boot sector
[  387.256483][T10530] exFAT-fs (nbd2): failed to read boot sector
[  387.259090][T10530] exFAT-fs (nbd2): failed to recognize exfat type
[  387.636476][   T59] usb 8-1: USB disconnect, device number 29
[  387.725485][T10533] overlayfs: failed to clone lowerpath
[  387.784445][T10538] siw: device registration error -23
[  388.006047][T10543] siw: device registration error -23
[  388.363163][T10545] team0: No ports can be present during mode change
[  388.543701][   T40] kauditd_printk_skb: 167 callbacks suppressed
[  388.543714][   T40] audit: type=1326 audit(2000000198.123:3493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10551 comm="syz.3.1217" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf7f43fcc code=0x7ffc0000
[  389.812021][ T1484] usb 8-1: new low-speed USB device number 30 using dummy_hcd
[  389.973639][ T1484] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  389.979134][ T1484] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  389.990011][ T1484] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  389.995854][ T1484] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  390.004802][ T1484] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  390.010104][ T1484] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.022407][ T1484] usbtmc 8-1:16.0: bulk endpoints not found
[  390.184856][T10579] siw: device registration error -23
[  390.392996][T10585] trusted_key: encrypted_key: master key parameter is missing
[  390.406180][T10588] trusted_key: encrypted_key: master key parameter is missing
[  390.595707][T10591] lo speed is unknown, defaulting to 1000
[  390.673578][   T40] audit: type=1326 audit(2000000200.403:3494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.692860][   T40] audit: type=1326 audit(2000000200.403:3495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.719643][   T40] audit: type=1326 audit(2000000200.403:3496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.737264][   T40] audit: type=1326 audit(2000000200.403:3497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.749070][   T40] audit: type=1326 audit(2000000200.403:3498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.762579][   T40] audit: type=1326 audit(2000000200.403:3499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.777109][   T40] audit: type=1326 audit(2000000200.413:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.790938][   T40] audit: type=1326 audit(2000000200.413:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706efcc code=0x7ffc0000
[  390.800303][   T40] audit: type=1326 audit(2000000200.413:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.1.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  392.811312][   T59] usb 8-1: USB disconnect, device number 30
[  393.254720][T10632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1238'.
[  393.622944][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  393.622963][   T40] audit: type=1804 audit(2000000203.353:3525): pid=10636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1239" name="/newroot/285/file0" dev="tmpfs" ino=1634 res=1 errno=0
[  393.865740][  T218] Bluetooth: hci4: Frame reassembly failed (-84)
[  394.257218][T10655] lo speed is unknown, defaulting to 1000
[  395.415561][   T40] audit: type=1326 audit(2000000205.153:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.424552][   T40] audit: type=1326 audit(2000000205.153:3527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.434033][   T40] audit: type=1326 audit(2000000205.153:3528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.442739][   T40] audit: type=1326 audit(2000000205.153:3529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.451658][   T40] audit: type=1326 audit(2000000205.153:3530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.460424][   T40] audit: type=1326 audit(2000000205.153:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.469179][   T40] audit: type=1326 audit(2000000205.153:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.477751][   T40] audit: type=1326 audit(2000000205.153:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.486454][   T40] audit: type=1326 audit(2000000205.153:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.4.1251" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  395.647928][T10677] overlayfs: failed to clone lowerpath
[  395.962432][T10680] netlink: 'syz.1.1252': attribute type 10 has an invalid length.
[  395.965710][T10680] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1252'.
[  395.980795][ T5748] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  398.030556][T10712] team0: No ports can be present during mode change
[  398.691910][ T1484] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  398.851885][ T1484] usb 6-1: Using ep0 maxpacket: 8
[  398.862225][ T1484] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  398.875841][ T1484] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  398.888262][ T1484] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  398.897728][ T1484] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  398.905105][ T1484] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  398.912808][ T1484] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.125968][ T1484] usb 6-1: GET_CAPABILITIES returned 0
[  399.127898][ T1484] usbtmc 6-1:16.0: can't read capabilities
[  399.171960][ T1340] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  399.352499][ T1340] usb 8-1: Using ep0 maxpacket: 16
[  399.357213][ T1340] usb 8-1: config 0 has an invalid interface number: 132 but max is 0
[  399.360728][ T1340] usb 8-1: config 0 has no interface number 0
[  399.365558][ T1340] usb 8-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  399.369548][ T1340] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.374039][ T1340] usb 8-1: Product: syz
[  399.375646][ T1340] usb 8-1: Manufacturer: syz
[  399.377585][ T1340] usb 8-1: SerialNumber: syz
[  399.381714][ T1340] usb 8-1: config 0 descriptor??
[  399.385988][ T1340] hub 8-1:0.132: bad descriptor, ignoring hub
[  399.388178][ T1340] hub 8-1:0.132: probe with driver hub failed with error -5
[  399.470968][T10728] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  399.480784][T10728] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  399.488050][    C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  399.492950][T10728] usbtmc 6-1:16.0: Unable to send data, error -71
[  399.603642][T10731] siw: device registration error -23
[  399.849470][T10743] IPv6: sit1: Disabled Multicast RS
[  399.851765][T10743] sit1: entered allmulticast mode
[  400.041892][ T6493] usb 8-1: reset high-speed USB device number 31 using dummy_hcd
[  400.048970][ T6493] usb 8-1: device reset changed ep0 maxpacket size!
[  400.056731][ T6493] usb 8-1: USB disconnect, device number 31
[  400.361900][ T6493] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  400.421645][T10757] siw: device registration error -23
[  400.511876][ T6493] usb 8-1: Using ep0 maxpacket: 8
[  400.515020][ T6493] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  400.518752][ T6493] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  400.522159][ T6493] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  400.525394][ T6493] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  400.529485][ T6493] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  400.532477][ T6493] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.741931][ T6493] usb 8-1: GET_CAPABILITIES returned 0
[  400.744463][ T6493] usbtmc 8-1:16.0: can't read capabilities
[  400.749161][T10770] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1283'.
[  401.042261][T10781] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  401.050475][T10781] CIFS mount error: No usable UNC path provided in device string!
[  401.050475][T10781] 
[  401.054283][T10781] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  401.132844][T10782] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  401.136789][T10782] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  401.145169][T10784] siw: device registration error -23
[  401.156505][    C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  401.163017][T10782] usbtmc 6-1:16.0: Unable to send data, error -71
[  401.375587][T10787] siw: device registration error -23
[  401.499570][T10790] netlink: 'syz.4.1289': attribute type 13 has an invalid length.
[  401.624625][   T29] usb 6-1: USB disconnect, device number 29
[  401.832778][T10800] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1293'.
[  402.494689][   T40] kauditd_printk_skb: 86 callbacks suppressed
[  402.494700][   T40] audit: type=1326 audit(2000000212.233:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.515737][   T40] audit: type=1326 audit(2000000212.243:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.541406][   T40] audit: type=1326 audit(2000000212.243:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.550944][   T40] audit: type=1326 audit(2000000212.243:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.560695][   T40] audit: type=1326 audit(2000000212.243:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.567980][   T40] audit: type=1326 audit(2000000212.243:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.641832][T10817] FAULT_INJECTION: forcing a failure.
[  402.641832][T10817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.648812][T10817] CPU: 0 UID: 0 PID: 10817 Comm: syz.1.1298 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  402.648865][T10817] Tainted: [L]=SOFTLOCKUP
[  402.648870][T10817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  402.648880][T10817] Call Trace:
[  402.648884][T10817]  <TASK>
[  402.648889][T10817]  dump_stack_lvl+0x100/0x190
[  402.648913][T10817]  should_fail_ex.cold+0x5/0xa
[  402.648927][T10817]  _copy_from_user+0x2e/0xd0
[  402.648942][T10817]  kstrtouint_from_user+0xd6/0x1d0
[  402.648956][T10817]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  402.648970][T10817]  ? __lock_acquire+0x4a5/0x2630
[  402.648987][T10817]  proc_fail_nth_write+0x83/0x220
[  402.649004][T10817]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  402.649025][T10817]  vfs_write+0x2aa/0x1070
[  402.649037][T10817]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  402.649055][T10817]  ? __pfx_vfs_write+0x10/0x10
[  402.649066][T10817]  ? find_held_lock+0x2b/0x80
[  402.649079][T10817]  ? __fget_files+0x215/0x3d0
[  402.649095][T10817]  ? __fget_files+0x21f/0x3d0
[  402.649113][T10817]  ksys_write+0x12a/0x250
[  402.649125][T10817]  ? __pfx_ksys_write+0x10/0x10
[  402.649138][T10817]  ? rcu_is_watching+0x12/0xc0
[  402.649152][T10817]  do_int80_emulation+0x141/0x700
[  402.649177][T10817]  asm_int80_emulation+0x1a/0x20
[  402.649188][T10817] RIP: 0023:0xf71a616b
[  402.649197][T10817] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  402.649207][T10817] RSP: 002b:00000000f545d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  402.649218][T10817] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f545d5d0
[  402.649224][T10817] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  402.649230][T10817] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  402.649236][T10817] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  402.649242][T10817] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  402.649256][T10817]  </TASK>
[  402.649695][T10814] overlayfs: failed to clone lowerpath
[  402.834404][   T40] audit: type=1326 audit(2000000212.243:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.851679][   T40] audit: type=1326 audit(2000000212.243:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.859826][   T40] audit: type=1326 audit(2000000212.243:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  402.867272][   T40] audit: type=1326 audit(2000000212.243:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.4.1297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x7ffc0000
[  403.361116][T10829] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:20001
[  403.423229][ T6493] usb 8-1: USB disconnect, device number 32
[  403.431454][T10829] syz.1.1302 (10829) used greatest stack depth: 18968 bytes left
[  403.515183][T10832] overlayfs: failed to clone lowerpath
[  403.666615][T10842] netlink: 'syz.1.1307': attribute type 9 has an invalid length.
[  405.158206][T10868] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1314'.
[  405.978548][T10873] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1316'.
[  405.981517][T10873] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1316'.
[  405.999628][T10873] ip6gretap0: entered promiscuous mode
[  406.009002][T10873] debugfs: 'hsr1' already exists in 'hsr'
[  406.011883][T10873] Cannot create hsr debugfs directory
[  407.172098][   T59] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  407.312319][   T59] usb 7-1: device descriptor read/64, error -71
[  407.562138][   T59] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  407.792122][   T59] usb 7-1: device descriptor read/64, error -71
[  407.914644][   T59] usb usb7-port1: attempt power cycle
[  407.968537][T10884] siw: device registration error -23
[  408.300921][T10892] siw: device registration error -23
[  408.312121][T10893] siw: device registration error -23
[  408.482270][   T59] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  408.902515][   T59] usb 7-1: device descriptor read/8, error -71
[  409.151885][   T59] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  409.172268][   T59] usb 7-1: device descriptor read/8, error -71
[  409.221882][T10532] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  409.282088][   T59] usb usb7-port1: unable to enumerate USB device
[  409.371878][T10532] usb 8-1: Using ep0 maxpacket: 8
[  409.374825][T10532] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  409.382101][T10532] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  409.385606][T10532] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  409.390923][T10532] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  409.397485][T10532] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  409.401897][T10532] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.614999][T10532] usb 8-1: GET_CAPABILITIES returned 0
[  409.616979][T10532] usbtmc 8-1:16.0: can't read capabilities
[  409.754474][T10909] overlayfs: missing 'lowerdir'
[  409.755774][T10911] netlink: 1208 bytes leftover after parsing attributes in process `syz.2.1330'.
[  409.766690][T10911] block nbd2: NBD_DISCONNECT
[  409.883578][ T5748] Bluetooth: hci3: unexpected event for opcode 0x2041
[  409.998091][T10925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  410.004880][T10925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  410.028313][    C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  410.038616][T10925] usbtmc 8-1:16.0: Unable to send data, error -71
[  411.318671][T10951] fuse: fd is not a fuse device
[  411.376497][T10952] pimreg: entered allmulticast mode
[  411.481892][ T5845] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  411.632202][ T5845] usb 7-1: Using ep0 maxpacket: 32
[  411.636102][ T5845] usb 7-1: unable to get BOS descriptor or descriptor too short
[  411.640749][ T5845] usb 7-1: config 8 has an invalid interface number: 188 but max is 0
[  411.644284][ T5845] usb 7-1: config 8 has no interface number 0
[  411.646817][ T5845] usb 7-1: config 8 interface 188 has no altsetting 0
[  411.653306][ T5845] usb 7-1: string descriptor 0 read error: -22
[  411.656205][ T5845] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  411.660166][ T5845] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.668952][ T5845] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  411.673542][ T5845] dw2102: su3000_power_ctrl: 1, initialized 0
[  411.676245][ T5845] dvb-usb: bulk message failed: -22 (2/0)
[  411.684478][ T5845] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  411.689028][ T5845] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  411.693004][ T5845] usb 7-1: media controller created
[  411.695420][ T5845] dvb-usb: bulk message failed: -22 (6/0)
[  411.697917][ T5845] dw2102: i2c transfer failed.
[  411.699981][ T5845] dvb-usb: bulk message failed: -22 (6/0)
[  411.702585][ T5845] dw2102: i2c transfer failed.
[  411.704660][ T5845] dvb-usb: bulk message failed: -22 (6/0)
[  411.707190][ T5845] dw2102: i2c transfer failed.
[  411.709233][ T5845] dvb-usb: bulk message failed: -22 (6/0)
[  411.711662][ T5845] dw2102: i2c transfer failed.
[  411.715770][ T5845] dvb-usb: bulk message failed: -22 (6/0)
[  411.718286][ T5845] dw2102: i2c transfer failed.
[  411.720354][ T5845] dvb-usb: bulk message failed: -22 (6/0)
[  411.722887][ T5845] dw2102: i2c transfer failed.
[  411.724920][ T5845] dvb-usb: MAC address: 02:02:02:02:02:02
[  411.736984][ T5845] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  411.754369][ T5845] dvb-usb: bulk message failed: -22 (3/0)
[  411.757271][ T5845] dw2102: command 0x0e transfer failed.
[  411.759703][ T5845] dvb-usb: bulk message failed: -22 (3/0)
[  411.762247][ T5845] dw2102: command 0x0e transfer failed.
[  411.927488][T10953] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1343'.
[  412.084207][ T5845] dvb-usb: bulk message failed: -22 (3/0)
[  412.091585][ T5845] dw2102: command 0x0e transfer failed.
[  412.097108][ T5845] dvb-usb: bulk message failed: -22 (3/0)
[  412.099885][ T5845] dw2102: command 0x0e transfer failed.
[  412.104663][ T5845] dvb-usb: bulk message failed: -22 (1/0)
[  412.107318][ T5845] dw2102: command 0x51 transfer failed.
[  412.110796][T10948] dvb-usb: bulk message failed: -22 (4/0)
[  412.113891][T10948] dw2102: i2c transfer failed.
[  412.154665][ T5845] DVB: Unable to find symbol ds3000_attach()
[  412.156626][ T5845] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  412.209701][ T5888] usb 8-1: USB disconnect, device number 33
[  412.231881][ T5845] rc_core: IR keymap rc-su3000 not found
[  412.233713][ T5845] Registered IR keymap rc-empty
[  412.236461][ T5845] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  412.240636][ T5845] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input35
[  412.252682][ T5845] dvb-usb: schedule remote query interval to 150 msecs.
[  412.258708][ T5845] dw2102: su3000_power_ctrl: 0, initialized 1
[  412.260642][ T5845] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  412.281107][ T5845] usb 7-1: USB disconnect, device number 36
[  412.336024][ T5845] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  412.824789][T10971] overlayfs: missing 'lowerdir'
[  412.880670][T10979] lo speed is unknown, defaulting to 1000
[  413.645760][T10982] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  413.653586][T10982] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  413.656587][T10982] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  413.659407][T10982] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  414.072090][ T5845] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  414.081963][   T29] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  414.131998][ T6493] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  414.222022][ T5845] usb 8-1: Using ep0 maxpacket: 16
[  414.225829][ T5845] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  414.229290][ T5845] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  414.231924][   T29] usb 6-1: Using ep0 maxpacket: 8
[  414.233446][ T5845] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  414.237532][   T29] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  414.238748][ T5845] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.243345][   T29] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  414.247319][ T5845] usb 8-1: config 0 descriptor??
[  414.250123][   T29] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  414.256061][   T29] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  414.261600][   T29] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  414.266537][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.292432][ T6493] usb 7-1: Using ep0 maxpacket: 16
[  414.295632][ T6493] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  414.299127][ T6493] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  414.303220][ T6493] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  414.306335][ T6493] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.310485][ T6493] usb 7-1: config 0 descriptor??
[  414.480827][   T29] usb 6-1: GET_CAPABILITIES returned 0
[  414.484006][   T29] usbtmc 6-1:16.0: can't read capabilities
[  414.674192][ T5845] usbhid 8-1:0.0: can't add hid device: -71
[  414.676552][ T5845] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  414.685809][ T5845] usb 8-1: USB disconnect, device number 34
[  414.838225][T11018] FAULT_INJECTION: forcing a failure.
[  414.838225][T11018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  414.843517][T11018] CPU: 2 UID: 0 PID: 11018 Comm: syz.2.1361 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  414.843544][T11018] Tainted: [L]=SOFTLOCKUP
[  414.843550][T11018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  414.843560][T11018] Call Trace:
[  414.843567][T11018]  <TASK>
[  414.843575][T11018]  dump_stack_lvl+0x100/0x190
[  414.843599][T11018]  should_fail_ex.cold+0x5/0xa
[  414.843622][T11018]  copy_fpstate_to_sigframe+0x842/0xb00
[  414.843657][T11018]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  414.843681][T11018]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  414.843712][T11018]  ? rcu_is_watching+0x12/0xc0
[  414.843733][T11018]  ? x86_task_fpu+0x5f/0x90
[  414.843759][T11018]  get_sigframe+0x3fb/0x940
[  414.843789][T11018]  ? __pfx_get_sigframe+0x10/0x10
[  414.843816][T11018]  ? _raw_spin_unlock_irq+0x29/0x50
[  414.843842][T11018]  ? siginfo_layout+0x156/0x290
[  414.843867][T11018]  ia32_setup_rt_frame+0xe7/0xaf0
[  414.843892][T11018]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  414.843911][T11018]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  414.843934][T11018]  ? kernel_write+0x5e3/0x6c0
[  414.843965][T11018]  arch_do_signal_or_restart+0x43f/0x770
[  414.843993][T11018]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  414.844029][T11018]  ? rcu_is_watching+0x12/0xc0
[  414.844053][T11018]  exit_to_user_mode_loop+0x86/0x4a0
[  414.844071][T11018]  ? do_int80_emulation+0x33f/0x700
[  414.844114][T11018]  do_int80_emulation+0x58b/0x700
[  414.844142][T11018]  asm_int80_emulation+0x1a/0x20
[  414.844160][T11018] RIP: 0023:0xf717616b
[  414.844174][T11018] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  414.844191][T11018] RSP: 002b:00000000f540c4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  414.844208][T11018] RAX: 0000000000000001 RBX: 0000000000000004 RCX: 00000000f540c5c0
[  414.844218][T11018] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  414.844228][T11018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  414.844237][T11018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  414.844247][T11018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  414.844271][T11018]  </TASK>
[  414.904441][T10986] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.956287][T10986] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  414.959928][ T6493] usbhid 7-1:0.0: can't add hid device: -71
[  414.963840][ T6493] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  414.984134][    C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  414.988582][ T6493] usb 7-1: USB disconnect, device number 37
[  414.992526][T10986] usbtmc 6-1:16.0: Unable to send data, error -71
[  415.077352][T11024] FAULT_INJECTION: forcing a failure.
[  415.077352][T11024] name failslab, interval 1, probability 0, space 0, times 0
[  415.085140][T11024] CPU: 3 UID: 0 PID: 11024 Comm: syz.3.1369 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  415.085167][T11024] Tainted: [L]=SOFTLOCKUP
[  415.085173][T11024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  415.085183][T11024] Call Trace:
[  415.085189][T11024]  <TASK>
[  415.085195][T11024]  dump_stack_lvl+0x100/0x190
[  415.085219][T11024]  should_fail_ex.cold+0x5/0xa
[  415.085242][T11024]  should_failslab+0xc2/0x120
[  415.085263][T11024]  __kvmalloc_node_noprof+0xfa/0xa00
[  415.085280][T11024]  ? alloc_netdev_mqs+0xd7/0x1560
[  415.085305][T11024]  ? __pfx_reg_vif_setup+0x10/0x10
[  415.085323][T11024]  alloc_netdev_mqs+0xd7/0x1560
[  415.085348][T11024]  vif_add+0xe27/0x15c0
[  415.085368][T11024]  ? rcu_is_watching+0x12/0xc0
[  415.085394][T11024]  ? __pfx_vif_add+0x10/0x10
[  415.085411][T11024]  ? ip_mroute_setsockopt+0x11b/0x12b0
[  415.085431][T11024]  ? unwind_get_return_address+0x59/0xa0
[  415.085456][T11024]  ? arch_stack_walk+0xa6/0xf0
[  415.085488][T11024]  ? find_held_lock+0x2b/0x80
[  415.085511][T11024]  ? __might_fault+0xc5/0x140
[  415.085539][T11024]  ? __might_fault+0xc5/0x140
[  415.085576][T11024]  ip_mroute_setsockopt+0x108f/0x12b0
[  415.085606][T11024]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  415.085649][T11024]  do_ip_setsockopt+0x382/0x3200
[  415.085681][T11024]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  415.085709][T11024]  ? aa_sk_perm+0x309/0xaa0
[  415.085730][T11024]  ? ksys_write+0x190/0x250
[  415.085752][T11024]  ? __pfx_aa_sk_perm+0x10/0x10
[  415.085789][T11024]  ip_setsockopt+0x5a/0xf0
[  415.085819][T11024]  raw_setsockopt+0x60/0x1b0
[  415.085845][T11024]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  415.085870][T11024]  do_sock_setsockopt+0xf3/0x1d0
[  415.085896][T11024]  __sys_setsockopt+0x119/0x190
[  415.085921][T11024]  __ia32_sys_setsockopt+0xbc/0x160
[  415.085939][T11024]  ? __do_fast_syscall_32+0x98/0x950
[  415.085963][T11024]  ? lockdep_hardirqs_on+0x78/0x100
[  415.085987][T11024]  __do_fast_syscall_32+0xe7/0x950
[  415.086011][T11024]  ? lockdep_hardirqs_on+0x78/0x100
[  415.086037][T11024]  do_fast_syscall_32+0x32/0x70
[  415.086062][T11024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  415.086089][T11024] RIP: 0023:0xf7f43fcc
[  415.086104][T11024] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  415.086121][T11024] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  415.086138][T11024] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  415.086149][T11024] RDX: 00000000000000ca RSI: 0000000080000740 RDI: 0000000000000010
[  415.086159][T11024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  415.086168][T11024] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  415.086178][T11024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  415.086202][T11024]  </TASK>
[  415.142064][ T5748] Bluetooth: hci1: command 0x0406 tx timeout
[  415.661974][ T5748] Bluetooth: hci3: command 0x0c1a tx timeout
[  415.664247][ T5756] Bluetooth: hci2: command 0x0406 tx timeout
[  416.641107][ T6493] usb 6-1: USB disconnect, device number 30
[  416.721700][T11038] FAULT_INJECTION: forcing a failure.
[  416.721700][T11038] name failslab, interval 1, probability 0, space 0, times 0
[  416.736437][T11038] CPU: 1 UID: 0 PID: 11038 Comm: syz.1.1374 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  416.736466][T11038] Tainted: [L]=SOFTLOCKUP
[  416.736472][T11038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  416.736483][T11038] Call Trace:
[  416.736489][T11038]  <TASK>
[  416.736495][T11038]  dump_stack_lvl+0x100/0x190
[  416.736520][T11038]  should_fail_ex.cold+0x5/0xa
[  416.736544][T11038]  ? tomoyo_encode2+0xfb/0x3c0
[  416.736566][T11038]  should_failslab+0xc2/0x120
[  416.736587][T11038]  __kmalloc_noprof+0xe0/0x850
[  416.736618][T11038]  tomoyo_encode2+0xfb/0x3c0
[  416.736642][T11038]  tomoyo_encode+0x29/0x50
[  416.736675][T11038]  tomoyo_realpath_from_path+0x18c/0x690
[  416.736704][T11038]  tomoyo_path_number_perm+0x23c/0x580
[  416.736723][T11038]  ? tomoyo_path_number_perm+0x22e/0x580
[  416.736744][T11038]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  416.736763][T11038]  ? get_pid_task+0x106/0x250
[  416.736810][T11038]  ? find_held_lock+0x2b/0x80
[  416.736831][T11038]  ? __fget_files+0x215/0x3d0
[  416.736851][T11038]  ? hook_file_ioctl_common+0x149/0x410
[  416.736872][T11038]  ? __fget_files+0x215/0x3d0
[  416.736895][T11038]  ? __fget_files+0x21f/0x3d0
[  416.736916][T11038]  security_file_ioctl_compat+0xd3/0x230
[  416.736936][T11038]  __ia32_compat_sys_ioctl+0xc2/0x360
[  416.736955][T11038]  __do_fast_syscall_32+0xe7/0x950
[  416.736977][T11038]  ? lockdep_hardirqs_on+0x78/0x100
[  416.737003][T11038]  do_fast_syscall_32+0x32/0x70
[  416.737027][T11038]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.737051][T11038] RIP: 0023:0xf706efcc
[  416.737065][T11038] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  416.737100][T11038] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  416.737118][T11038] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004048aec9
[  416.737128][T11038] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  416.737138][T11038] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  416.737147][T11038] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  416.737156][T11038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  416.737179][T11038]  </TASK>
[  416.737297][T11038] ERROR: Out of memory at tomoyo_realpath_from_path.
[  417.432778][T11054] random: crng reseeded on system resumption
[  417.456399][T11054] Restarting kernel threads ...
[  417.461653][T11054] Done restarting kernel threads.
[  417.581142][ T5848] IPVS: starting estimator thread 0...
[  417.671961][T11059] IPVS: using max 44 ests per chain, 105600 per kthread
[  417.705243][T11060] team0: No ports can be present during mode change
[  417.741910][ T5748] Bluetooth: hci2: command 0x0406 tx timeout
[  418.745212][T11074] kAFS: unable to lookup cell '(,c¾ûL'
[  418.881903][ T5848] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  419.011925][ T5848] usb 8-1: device descriptor read/64, error -71
[  419.272517][ T5848] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  419.412102][ T5848] usb 8-1: device descriptor read/64, error -71
[  419.522224][ T5848] usb usb8-port1: attempt power cycle
[  419.871901][ T5848] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  419.892619][ T5848] usb 8-1: device descriptor read/8, error -71
[  420.052751][T11083] overlay: Unknown parameter 'euid<00000000000000000000'
[  420.057711][T11083] 9pnet_fd: p9_fd_create_tcp (11083): problem connecting socket to 127.0.0.1
[  420.151926][ T5848] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  420.172479][ T5848] usb 8-1: device descriptor read/8, error -71
[  420.286862][ T5848] usb usb8-port1: unable to enumerate USB device
[  420.303080][   T40] kauditd_printk_skb: 141 callbacks suppressed
[  420.303092][   T40] audit: type=1326 audit(2000000230.043:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.312513][   T40] audit: type=1326 audit(2000000230.043:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.319729][   T40] audit: type=1326 audit(2000000230.053:3774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.326926][   T40] audit: type=1326 audit(2000000230.053:3775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.334313][   T40] audit: type=1326 audit(2000000230.053:3776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.341311][   T40] audit: type=1326 audit(2000000230.053:3777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.348359][   T40] audit: type=1326 audit(2000000230.053:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.355304][   T40] audit: type=1326 audit(2000000230.053:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.362322][   T40] audit: type=1326 audit(2000000230.063:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706efcc code=0x7ffc0000
[  420.369300][   T40] audit: type=1326 audit(2000000230.063:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11087 comm="syz.1.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  421.136176][T11103] lo speed is unknown, defaulting to 1000
[  421.407951][T11108] lo speed is unknown, defaulting to 1000
[  421.878457][T11118] FAULT_INJECTION: forcing a failure.
[  421.878457][T11118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.888035][T11118] CPU: 1 UID: 0 PID: 11118 Comm: syz.1.1399 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  421.888062][T11118] Tainted: [L]=SOFTLOCKUP
[  421.888068][T11118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  421.888078][T11118] Call Trace:
[  421.888084][T11118]  <TASK>
[  421.888091][T11118]  dump_stack_lvl+0x100/0x190
[  421.888114][T11118]  should_fail_ex.cold+0x5/0xa
[  421.888135][T11118]  copy_fpstate_to_sigframe+0x842/0xb00
[  421.888162][T11118]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  421.888182][T11118]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  421.888210][T11118]  ? rcu_is_watching+0x12/0xc0
[  421.888248][T11118]  ? x86_task_fpu+0x5f/0x90
[  421.888270][T11118]  get_sigframe+0x3fb/0x940
[  421.888297][T11118]  ? __pfx_get_sigframe+0x10/0x10
[  421.888320][T11118]  ? _raw_spin_unlock_irq+0x29/0x50
[  421.888339][T11118]  ? siginfo_layout+0x156/0x290
[  421.888362][T11118]  ia32_setup_rt_frame+0xe7/0xaf0
[  421.888385][T11118]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  421.888402][T11118]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  421.888422][T11118]  ? kernel_write+0x5e3/0x6c0
[  421.888444][T11118]  arch_do_signal_or_restart+0x43f/0x770
[  421.888468][T11118]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  421.888499][T11118]  ? rcu_is_watching+0x12/0xc0
[  421.888520][T11118]  exit_to_user_mode_loop+0x86/0x4a0
[  421.888536][T11118]  ? do_int80_emulation+0x33f/0x700
[  421.888559][T11118]  do_int80_emulation+0x58b/0x700
[  421.888582][T11118]  asm_int80_emulation+0x1a/0x20
[  421.888598][T11118] RIP: 0023:0xf71a616b
[  421.888612][T11118] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  421.888627][T11118] RSP: 002b:00000000f545d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  421.888645][T11118] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 00000000f545d5c0
[  421.888654][T11118] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  421.888663][T11118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  421.888671][T11118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  421.888681][T11118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  421.888703][T11118]  </TASK>
[  422.505586][T11126] fuse: fd is not a fuse device
[  422.761871][ T5848] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  423.680558][T11143] orangefs_mount: mount request failed with -4
[  423.858398][ T5848] usb 6-1: Using ep0 maxpacket: 8
[  423.866510][ T5848] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  423.873919][ T5848] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  423.878236][ T5848] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  423.883175][ T5848] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  423.888658][ T5848] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  423.892629][ T5848] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.049048][T11150] overlayfs: missing 'lowerdir'
[  424.141499][ T5848] usb 6-1: GET_CAPABILITIES returned 0
[  424.937650][ T5848] usbtmc 6-1:16.0: can't read capabilities
[  425.939986][T11128] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.943031][T11128] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.951841][    C3] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  425.954769][T11128] usbtmc 6-1:16.0: Unable to send data, error -71
[  426.538031][T11169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1412'.
[  426.604261][T11169] vxlan0: entered promiscuous mode
[  426.658441][   T13] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  426.663889][ T1194] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  427.116149][ T1194] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  427.119911][ T1194] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  427.155469][   T40] kauditd_printk_skb: 56 callbacks suppressed
[  427.155485][   T40] audit: type=1326 audit(2000000236.893:3838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.167245][   T40] audit: type=1326 audit(2000000236.893:3839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.178441][   T40] audit: type=1326 audit(2000000236.893:3840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.195155][   T40] audit: type=1326 audit(2000000236.893:3841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.215520][   T40] audit: type=1326 audit(2000000236.893:3842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.230079][   T40] audit: type=1326 audit(2000000236.893:3843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.249455][   T40] audit: type=1326 audit(2000000236.893:3844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.264244][   T40] audit: type=1326 audit(2000000236.893:3845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.280872][   T40] audit: type=1326 audit(2000000236.893:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.298796][   T40] audit: type=1326 audit(2000000236.893:3847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11170 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf703efcc code=0x7ffc0000
[  427.382298][ T1484] usb 6-1: USB disconnect, device number 31
[  428.037046][T11185] netlink: 'syz.1.1418': attribute type 4 has an invalid length.
[  428.068343][ T5848] lo speed is unknown, defaulting to 1000
[  428.083159][ T5848] syz2: Port: 1 Link DOWN
[  428.316572][T11193] lo speed is unknown, defaulting to 1000
[  428.444210][T11200] binder: 11190:11200 ioctl c0306201 80000040 returned -22
[  428.448065][T11200] binder: 11190:11200 ioctl c0306201 80000640 returned -22
[  428.543363][T11201] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  429.036993][T11208] netlink: 'syz.3.1425': attribute type 4 has an invalid length.
[  429.233668][T11214] No source specified
[  429.336380][T11216] lo speed is unknown, defaulting to 1000
[  430.215302][T11233] team0: Unable to change to the same mode the team is in
[  432.021952][ T5845] ------------[ cut here ]------------
[  432.026351][ T5845] bochs-drm 0000:00:01.0: [drm] vblank wait timed out on crtc 0
[  432.029262][ T5845] WARNING: drivers/gpu/drm/drm_vblank.c:1320 at drm_crtc_wait_one_vblank+0x2fd/0x500, CPU#0: kworker/0:3/5845
[  432.033828][ T5845] Modules linked in:
[  432.037273][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: kworker/0:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.041306][ T5845] Tainted: [L]=SOFTLOCKUP
[  432.043056][ T5845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  432.046902][ T5845] Workqueue: events drm_fb_helper_damage_work
[  432.049225][ T5845] RIP: 0010:drm_crtc_wait_one_vblank+0x303/0x500
[  432.051702][ T5845] Code: 48 8b 6b 50 48 85 ed 0f 84 96 01 00 00 e8 85 a0 65 fc 48 89 df e8 9d 93 90 00 48 89 c6 48 8d 3d 33 b9 40 0b 44 89 e9 48 89 ea <67> 48 0f b9 3a 44 89 ee 4c 89 e7 41 be 92 ff ff ff e8 17 f8 ff ff
[  432.059038][ T5845] RSP: 0000:ffffc900062afa68 EFLAGS: 00010293
[  432.061339][ T5845] RAX: ffffffff8c4d4540 RBX: ffff8880211d40d0 RCX: 0000000000000000
[  432.064416][ T5845] RDX: ffff88802078b460 RSI: ffffffff8c4d4540 RDI: ffffffff90e307e0
[  432.067482][ T5845] RBP: ffff88802078b460 R08: 0000000000000005 R09: 0000000000000000
[  432.070512][ T5845] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888040efc000
[  432.073406][ T5845] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000007ca6
[  432.075935][ T5845] FS:  0000000000000000(0000) GS:ffff88809717d000(0000) knlGS:0000000000000000
[  432.078750][ T5845] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  432.080810][ T5845] CR2: 0000000000000000 CR3: 000000004c343000 CR4: 0000000000352ef0
[  432.083385][ T5845] Call Trace:
[  432.084444][ T5845]  <TASK>
[  432.085383][ T5845]  ? __pfx_drm_crtc_wait_one_vblank+0x10/0x10
[  432.087313][ T5845]  ? __pfx_autoremove_wake_function+0x10/0x10
[  432.089220][ T5845]  ? lockdep_hardirqs_on+0x78/0x100
[  432.090858][ T5845]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  432.092742][ T5845]  ? drm_vblank_get+0x14f/0x280
[  432.094288][ T5845]  drm_client_modeset_wait_for_vblank+0xef/0x120
[  432.096310][ T5845]  drm_fb_helper_damage_work+0x164/0x640
[  432.098113][ T5845]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  432.100139][ T5845]  ? rcu_is_watching+0x12/0xc0
[  432.101669][ T5845]  process_one_work+0xa0e/0x1980
[  432.103299][ T5845]  ? __pfx_process_one_work+0x10/0x10
[  432.104999][ T5845]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  432.106989][ T5845]  worker_thread+0x5ef/0xe50
[  432.108460][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  432.110074][ T5845]  ? kthread+0x13a/0x450
[  432.111435][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  432.113125][ T5845]  kthread+0x370/0x450
[  432.114444][ T5845]  ? __pfx_kthread+0x10/0x10
[  432.115924][ T5845]  ret_from_fork+0x72b/0xd50
[  432.117466][ T5845]  ? __pfx_ret_from_fork+0x10/0x10
[  432.119103][ T5845]  ? __switch_to+0x800/0x1100
[  432.120608][ T5845]  ? __pfx_kthread+0x10/0x10
[  432.122147][ T5845]  ret_from_fork_asm+0x1a/0x30
[  432.123701][ T5845]  </TASK>
[  432.124697][ T5845] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  432.127285][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: kworker/0:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.131577][ T5845] Tainted: [L]=SOFTLOCKUP
[  432.133276][ T5845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  432.137119][ T5845] Workqueue: events drm_fb_helper_damage_work
[  432.139448][ T5845] Call Trace:
[  432.140744][ T5845]  <TASK>
[  432.141893][ T5845]  dump_stack_lvl+0x100/0x190
[  432.143759][ T5845]  vpanic+0x552/0x970
[  432.145311][ T5845]  ? __pfx_vpanic+0x10/0x10
[  432.147115][ T5845]  panic+0xd1/0xe0
[  432.148565][ T5845]  ? __pfx_panic+0x10/0x10
[  432.150291][ T5845]  ? check_panic_on_warn+0x1f/0x90
[  432.152216][ T5845]  check_panic_on_warn.cold+0x19/0x34
[  432.154371][ T5845]  ? drm_crtc_wait_one_vblank+0x2fd/0x500
[  432.156285][ T5845]  __warn.cold+0x191/0x328
[  432.157965][ T5845]  __report_bug+0x296/0x3d0
[  432.159747][ T5845]  ? drm_crtc_wait_one_vblank+0x2fd/0x500
[  432.161602][ T5845]  ? __pfx___report_bug+0x10/0x10
[  432.163410][ T5845]  ? lockdep_hardirqs_on+0x78/0x100
[  432.165124][ T5845]  report_bug_entry+0xe1/0x290
[  432.166756][ T5845]  ? drm_crtc_wait_one_vblank+0x303/0x500
[  432.168604][ T5845]  handle_bug+0x1cd/0x2a0
[  432.170033][ T5845]  exc_invalid_op+0x17/0x50
[  432.171551][ T5845]  asm_exc_invalid_op+0x1a/0x20
[  432.173168][ T5845] RIP: 0010:drm_crtc_wait_one_vblank+0x303/0x500
[  432.175370][ T5845] Code: 48 8b 6b 50 48 85 ed 0f 84 96 01 00 00 e8 85 a0 65 fc 48 89 df e8 9d 93 90 00 48 89 c6 48 8d 3d 33 b9 40 0b 44 89 e9 48 89 ea <67> 48 0f b9 3a 44 89 ee 4c 89 e7 41 be 92 ff ff ff e8 17 f8 ff ff
[  432.181555][ T5845] RSP: 0000:ffffc900062afa68 EFLAGS: 00010293
[  432.183610][ T5845] RAX: ffffffff8c4d4540 RBX: ffff8880211d40d0 RCX: 0000000000000000
[  432.186133][ T5845] RDX: ffff88802078b460 RSI: ffffffff8c4d4540 RDI: ffffffff90e307e0
[  432.188721][ T5845] RBP: ffff88802078b460 R08: 0000000000000005 R09: 0000000000000000
[  432.191529][ T5845] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888040efc000
[  432.194444][ T5845] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000007ca6
[  432.197161][ T5845]  ? drm_crtc_wait_one_vblank+0x2f3/0x500
[  432.198975][ T5845]  ? __pfx_drm_crtc_wait_one_vblank+0x10/0x10
[  432.200915][ T5845]  ? __pfx_autoremove_wake_function+0x10/0x10
[  432.202848][ T5845]  ? lockdep_hardirqs_on+0x78/0x100
[  432.204494][ T5845]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  432.206400][ T5845]  ? drm_vblank_get+0x14f/0x280
[  432.207970][ T5845]  drm_client_modeset_wait_for_vblank+0xef/0x120
[  432.209971][ T5845]  drm_fb_helper_damage_work+0x164/0x640
[  432.211779][ T5845]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  432.213808][ T5845]  ? rcu_is_watching+0x12/0xc0
[  432.215365][ T5845]  process_one_work+0xa0e/0x1980
[  432.216933][ T5845]  ? __pfx_process_one_work+0x10/0x10
[  432.218625][ T5845]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  432.220577][ T5845]  worker_thread+0x5ef/0xe50
[  432.222071][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  432.223703][ T5845]  ? kthread+0x13a/0x450
[  432.225105][ T5845]  ? __pfx_worker_thread+0x10/0x10
[  432.226774][ T5845]  kthread+0x370/0x450
[  432.228101][ T5845]  ? __pfx_kthread+0x10/0x10
[  432.229596][ T5845]  ret_from_fork+0x72b/0xd50
[  432.231127][ T5845]  ? __pfx_ret_from_fork+0x10/0x10
[  432.232947][ T5845]  ? __switch_to+0x800/0x1100
[  432.234719][ T5845]  ? __pfx_kthread+0x10/0x10
[  432.236249][ T5845]  ret_from_fork_asm+0x1a/0x30
[  432.237885][ T5845]  </TASK>
[  432.239613][ T5845] Kernel Offset: disabled
[  432.241004][ T5845] Rebooting in 86400 seconds..