last executing test programs:

9.881315839s ago: executing program 3 (id=1610):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
syz_io_uring_setup(0x4b3a, &(0x7f0000000180)={0x0, 0x1c75, 0x20000, 0x8200, 0x335}, &(0x7f0000000240), &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
syz_clone3(&(0x7f0000000300)={0xd0280f80, 0x0, 0x0, 0x0, {0x100003c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@typedef={0x2, 0x0, 0x0, 0x8, 0x5}, @restrict={0x3, 0x0, 0x0, 0xb, 0x5}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x42}, 0x57)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
iopl(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000380))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r3, 0x8800000)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001c80)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000140)="2bef7b950ac3c3ec", 0x8}], 0x1}}], 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r4, r3, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100))

8.530908916s ago: executing program 1 (id=1618):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffffffaaa4f0ff00000000b7060000ff23bdf1383552e50d19df5a08ffffff2d6405000000000065060400010000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f01726a067818b990b13bfddb7e78270e00720596b93b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100000000000000000000000000880223b3683c0175c21d55f7ddf7b40a0031a5343acf836fe2cb4af7864f9c7900000000000079e460daf20000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xb}, {0xfff2}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040}, 0x4000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
syz_open_dev$tty20(0xc, 0x4, 0x1)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000003060101000000000000000002000046335579210a260001"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340), 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
read$FUSE(r6, &(0x7f0000004180)={0x2020}, 0x2020)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

8.204825787s ago: executing program 3 (id=1619):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket(0x1d, 0xa, 0x4)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000000100)={'sit0\x00', 0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r3, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
madvise(&(0x7f0000d8b000/0x4000)=nil, 0x4000, 0xc)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
write$midi(r4, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000100), 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)

6.345392754s ago: executing program 1 (id=1623):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r4)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0x2, 0xb}, {0xffff, 0xe}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffffd}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x5}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r3, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="2703", 0x2}], 0x1}, 0x4)

5.03874288s ago: executing program 0 (id=1624):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0xffffffff}, 0x50)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@map=r2, 0x4, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", "000400", "78cb6e6d9d2574d4"}, 0x28)
close_range(r0, 0xffffffffffffffff, 0x0)

4.98221185s ago: executing program 2 (id=1625):
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet_icmp(0x2, 0x2, 0x1)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000700)={0x0, 0xf5ff, &(0x7f0000000140)={&(0x7f0000000740)=@newtfilter={0xb0, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x7c, 0x2, [@TCA_U32_ACT={0x54, 0x7, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xf, 0x3}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x6, 0x9, 0x6, 0x1, 0xd6}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0xe}}]}, 0xb0}}, 0x24040084)

4.98177023s ago: executing program 0 (id=1626):
r0 = syz_open_dev$dri(&(0x7f00000002c0), 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newtaction={0xa8, 0x30, 0x1, 0x0, 0x0, {}, [{0x94, 0x1, [@m_ife={0x90, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0xffff}}]}, {0x4b, 0x6, "58dfbdccfce61c01dee9758d17c0bf3aecb60cf561d936ffc46b6f08d48968e25bbcb649e306c0386081422792eca673277d8b3e6256011746d68cb3077cd813913ededafdc7d3"}, {0xc}, {0xc}}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @none, 0x7ff}, 0xe)
getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f00000000c0))
write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0x78)
sendfile(0xffffffffffffffff, r2, &(0x7f00000001c0), 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$radio(0x0, 0x3, 0x2)
socket$kcm(0x29, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$addseals(r2, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r1, @ANYRES32=0x0, @ANYBLOB="fff0000008030000"], 0x20}, 0x1, 0x0, 0x0, 0x20081}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="200000001100010027bd7000fddbdf2500000000", @ANYRES32=r6, @ANYBLOB="801400000421000041fda70e0000003b009f460372fae0cae5f66e14a3d6302747888aa1930451d348c184c110bf01c2d4ab8b2dbb1593b08e3d9934f8b06923c7501ecec693f3284209caac12"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)
ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000100)={0x0, 0x0, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000080)={0x0, r7, 0x4, 0xfffffffe, 0x0, 0x2, 0x0, 0x1, 0x73})

4.912191961s ago: executing program 3 (id=1627):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
syz_io_uring_setup(0x4b3a, &(0x7f0000000180)={0x0, 0x1c75, 0x20000, 0x8200, 0x335}, &(0x7f0000000240), &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
syz_clone3(&(0x7f0000000300)={0xd0280f80, 0x0, 0x0, 0x0, {0x100003c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@typedef={0x2, 0x0, 0x0, 0x8, 0x5}, @restrict={0x3, 0x0, 0x0, 0xb, 0x5}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x42}, 0x57)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
iopl(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000380))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r4, &(0x7f0000001c80)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000140)="2bef7b950ac3c3ec", 0x8}], 0x1}}], 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r5, r3, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100))

4.512005499s ago: executing program 1 (id=1628):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffffffaaa4f0ff00000000b7060000ff23bdf1383552e50d19df5a08ffffff2d6405000000000065060400010000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f01726a067818b990b13bfddb7e78270e00720596b93b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100000000000000000000000000880223b3683c0175c21d55f7ddf7b40a0031a5343acf836fe2cb4af7864f9c7900000000000079e460daf20000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xb}, {0xfff2}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040}, 0x4000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
syz_open_dev$tty20(0xc, 0x4, 0x1)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000003060101000000000000000002000046335579210a260001"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340), 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
read$FUSE(r5, &(0x7f0000004180)={0x2020}, 0x2020)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

3.962013914s ago: executing program 0 (id=1629):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000080)=0x3, 0x4)
socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000040)=ANY=[@ANYRES32=r1], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
mount$9p_virtio(&(0x7f00000000c0), 0x0, 0x0, 0x20000cc, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x20000000)
r5 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000400000000000000010000009500190000"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r8, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r8, 0x0, 0xffffffdb)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

3.961620467s ago: executing program 2 (id=1630):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock(&(0x7f0000b1d000/0x2000)=nil, 0x2000)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x34}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00005f0000/0x1000)=nil, 0x1000, 0x0, 0x3, 0x100000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x3e, 0x0, 0x0)
pwritev(r0, 0x0, 0x0, 0x9, 0x800000b)

2.75005115s ago: executing program 1 (id=1631):
socket(0x14, 0x80000, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000040000000400000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000300)=""/102392, 0x18ff8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$notify(r3, 0x402, 0x19)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003200)=@newsa={0x15c, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24, 0x9, {0xf, 0x81, 0x9, 0x100}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=ANY=[@ANYBLOB="3c0100001a000100feffffff00010000e0000002000000000000000000000000fc0100000000000000000000000000010001071c4e2300050a0000203a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000fc020000000000000000000000000001fe000000000000009201000000000010a39b000000000000ffff0000000000001c250800000000000500000000000000feffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffefffffffc8300000000000080000000053500000200010020000000480003006465666c6174650000000000000000a1a9eea00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001d00fffeffff"], 0x13c}}, 0x844)
setsockopt$sock_int(r4, 0x1, 0x6, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001800dd8d000000ba7e9698ed1fbfa80e000000000002"], 0x3c}}, 0x0)
r9 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r9, &(0x7f0000000000)={0x27}, 0x62)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r10, &(0x7f0000000000)={0x27}, 0x74)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xf8, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x9, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x32}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xf8}}, 0x0)

2.742840969s ago: executing program 3 (id=1632):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYRESHEX=0x0], 0x14}}, 0x20008000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4000005)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x4)
write(r3, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x0, 0x29, 0x80, 0xf, 0xffffffff, 0x91b1}, [@TCA_NETEM_RATE={0x14, 0x6, {0x8, 0x7, 0x5}}]}}}]}, 0x60}}, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x2)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x4e25, 0x0, @empty, 0x7}, 0x1c)
sendmmsg(r6, &(0x7f0000000940)=[{{&(0x7f0000000540)=@l2={0x1f, 0xc, @none, 0x5a}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000300)="4a9656155aeb81aa285e30d54388b031769bf6f76e", 0x15}, {&(0x7f0000000380)="77dd", 0x2}, {&(0x7f0000000680)="ceffc1daf29b23145f2d585a33ad6ee5adf73fdb20f367f80203628bcce081043c1593a30d832a7aa19503815eeb1e8d9a3ff7ddfd3e3cc4b0c46b24efd59742902f3e4e2fb5606aaecf095b45dda251a5ed310047238033656dbf604f88bd4e9c062dc8c5b959a8de42090837a09ac99eff2449560b97c50bd2c5fd19e599ee275455340a4af3334713d37a6d1a9b59c3ae4e09c2cf3a772eae7a28a297acb32c73c3", 0xa3}, {&(0x7f0000000740)="26ba96bbd4ac7af520f2608cbd8322551a905a158bf10d7611e8978f02f383d85fcccc91ef6bf97551fbab57f84f67c92a4314e5f4f03f3db4650b407c70b1a7a4db9773b8bcfc053525be8de6fbdd11a85547c19c6e41f029b00e66b07fcb2403919982d98aa9ff0fff9bbb804efa516ed15c58d3e296a4f5127923da4436727050c8e3d2ea94598571e51aacd427dbff498a9c9cf9a5c4ba927d14949cdf2eb5a01c3c3d85bc95291aa11d665a8c5cebb5b934b423b78cdd59b0f78721e504837bee9a79a20de5ec1c8510e1e2129551eb6fffb2f4600142832acc7eb049d8ab13797b", 0xe4}, {&(0x7f00000005c0)="d7090c184e389afd2b0e1ae7d2b821ed63c265f075b4b6588ad26f583c4a06ed", 0x20}, {&(0x7f0000000840)="2c060a765aa5d3ed615f4a86a9c16547b98b54ea7a5fe86815e9fcce1de3543acd6cbca1ac6718f5b5c506d380d33cf1cbc23972f0de35f318ea28f356f27f15cb5b9f67bd18e2e2e87a7bafc762f824e193350f488cbe75814a4599c4f364e33b005a1edad4abcee5cc72bd0cc1373d80d8d81325a2424caf8af862ae7b5746135a15f65583b2b811be65d2fe53af67a5fb64422a3d36ebcb34c5fa2a7a084342af8a3093d69dc4ea", 0xa9}, {&(0x7f0000001300)="387d39f71a62f759f6b0714be3118fe7d126718b50efd3a7154cfd867e512646828ee9293219b4ef653d10f281738011e07e8fddc221a97cef869d5cd7e4a06d81b81a9a3b569d68505e95bceaf02efdfe8fb567532275fcd9d8bd37dd179d998fab4029af59cfcf2fb34db12f6b688127438a0346ddd5aaf61124f43adbe716b3b6d17b8f23a1c6eca09a5f08893f73ed1c2d00a019ccfc412a5664a29312cb8b03a6ab888f2fb04ce3d2799ebc26f5a4e75459b09e165764621c188a0c3b520fd5dbfb733df4def739a1775fd4386b325ebde39579283fdc4fe55732a37a379f62e163868fcbc69df95e4a2bc97a61d833796df58bf64153d3927eac68a307eb532a16aaf22e565597683647c3aa5c1a487dd5b39bb1f2aa6481cda4b6f4258cc639ebae2b34091a859dc569513bbaa00800ce43deeddbcb64879a8f1d6d25d69a110cf157be89aaa427b998146a5d03aad3bbb8a2b129c43c144ff19e14e68adce9655fda435b015d54acd257b9ab7f7cc7c63a913be265809fbdb0e25fc98369c6b5cfc58e1f83a1249d70b98707edbdc2e9cac7be9ff2fabb8232c1aa2dd7b0821e7554cf2486149aaea1ec9a00bd18acd2b2920589551fd034d9e842d0b6092e0ee5058990b64dca320286da59366310a9682fdea1450f2e573d66a7b93f6f4f88a5cfeb181e1243fe415a97d0291f78acbe26f788de7fdc46c5a67841c4d1585a012b9a3ece124814c8f20167fa4f3766170411082b01654d03b981b61d5285fdad8caed695edb130589c18a3a0e30c4c45c421898dcd3dae84cf243a0e4f70a5caa8211818025053cf5518979fdede53bb7b885160476911d84c2fa2db3da2ee1eb0fba7d93687f7618086e50cfc673a55328158a8ffe4d3fdf99d3c3a68a5fadfee80a11f7573213030f33f48124689d679417da520fefc81112608c00857fe40672f0ffe88b6a57360bfa8bc8c18d540eb51a9fd434b77c63e8629acfd425c2c8162353da3d0009f416a6a14410d74ecbbb07fa2db42050ee99d8d0f07df9fcd09f6ca41e06f37e07dd995d56c6fefa172cb2d437577e691542523d4cfcb003ceed6446cb0f97b03ec9c1d29182a09f91783ffa1eb2ad2200444103cd64aaaa30be30841cc78c5223b25b414da351a76d6cb8b267a44e3d4d2d3b805814692db118abe83ec176977fe30fc6e87bd6630c0ea74ecab80fcbb725c03ebcaf58845e9d2dee8c87eb1d582a84aea58125689cfa3a50c5b032bae56a612ab45e71665893c9bde45c54d2439b33d443a37e8d8cdc94c06a710033e9d55c9da591f37e19503ec21cdda9711eb6e2ab393c30fa0f191f44c12d7a74487464985a6f277af8347520752f01ece7fe906a573c47ced6764c7b5dc6081e2fe0beed3daf6dd3a7ada3321c778b2be95f18a4ad2f1aa668ba9e8c4fc62a1f98aaab046578ae54471975241dd2318d32b55e33c80a27e9241782b633de5d26346bc53275727100e83a8394d6b1e2d59fb5d7a744d7fb2d982ac28177023b52bcaf564236462dbe962eeea9e6a78853e6ca3fcd87d2e05b9d39a693e6033dc0ff040f4cec6e1be91cbfeb88634bf48efbcd9575222310c8c57f2fddf4e16826b5739c69d7056c0e238a53892bd8c5cc8c7f946f6b8912dda8613ca681cf4491d4873c18cb5df0190fae5e24e56fadf585635f5a7b8acdbb36ae663348bdeb2e3418e49675681e1c09b996b2ad30a3928cb6c5346ece047aa30dcef52eb25ed176cbc236e4a6ea36b6e08833d29fd91b1d63e53011a64cd567bf7805420c3fac4e59db193a2d13212969ba7707ba2d502b833673c5e2dcbd1961b94958d55ea56595501e17edcce00f576b5cf343d8414ceb0d09534cc13cbbf024b1590712c16f6896d8253ec4dbccf4ded0987a803320560cbd19354044eb58f315f15500ada649077cca37e6af48f17061a37db36c8ac0e690df8cfdbd614cb9fa3b107e04c33cd162d9dccd417705f33c9571439bd900b4da0d38acd96aec4cbb3d6a0602e9b7fffc83d4b6d3e654597b680856b484d45e2494a1b10c17b6ed28dce53b652b55a20c09d40f2c58548cf2cb33cb4358c8b79a27aac0ab06341a5c62effb88fcedd18992d0345d0e7ccba3517394a27cba9015ea633477035ba0f2b4e2c3c2e079f19ac205246625a68194d2eb8d4e6320f514456b27124a38ae7ba4823e65c4802b80d2ed6dc4f18e922e786ac24694060fa75a5fbca3664bd2c922fb520831fbc84ab8b11068da5f224128e422fc10881d43f74fe53d965b812ea6b28a18edcb6a6225c799976e507d10f832d23362f47ccf86f2111ac6cbb7b44ff093e7c85ff35c13508de5e7f4e190bc2df60dbaaae4163ad4fa657c39977a4ed0d4003b3f42fb203ae742f849862352c5cdecdd297587df7430441d9ce83f7e95d955c894213a82b08addcc033f5064c1642722b0cad42f1a9cd49b783281d4335a80b6f5228e9f93a8e43569bd362528ac77f8915d4d12a5addcce4b135d6296156939b8d36b63da8c44156170865262e859364fc47d259fc05b049bd9ca42ce19b16757c77a7c538720dbd0eb5bbc4814bb1c99c48a5ed76810d2b083b0e0c73c3912664ce45e34867383fe7fa5590c067f6c172bd9e1059688285264745d68806155fb9147610a610e9740d298d8c412a5ac144f30450274a2f917a9d5e656d847d8b30284bd43e210623228aaf81831d0c2c55956a8e48d49d61ca63a97deef657641731954ffa0c75a4b1a2fe4cf04045637ec6c30608fd29bfb6f777863636425d4a64fbfb62379458e0e8bbd22026416bf3500c7706dfc1a760d7a70e2c63753f42394a0fc6c13da8ea4c80327cf33817bdf3fc74c6d03d07224eaa03b3b963ff88de121c989942117b67b55c95aaa4d97dd681d24e6a3faf28a4d7b8dc803aee84bde4124bc18bf919ea4fe1e01728a2ee1ef153d0e9d64e62d5e3bb7d11198fe23576a8334768d9e63d5248579b8e3a27c275792ab99cf34e134982cdef6e96db1fdef056bcc2ea9e7475fdab6f3924b0fe6b2982cab4735bc771b0739d735c795122db2c766218b461230b8ad7c4dd86a6ce479f7485c34fb4ba65a2063dc9b001217c94d67a9085ddf1ecadb0fed93857a593a2d3722db69b0d27ed7f1dfb0aa1223ca07ee23091c67ba5a96c668a2a42d41d0d0ea350d424e7c5119cab41a0b4851556655e10c06c99866f080e2481a5e799b51d85d6208f398d7280a62d476ff6aae8f654d56a587b06e1808cfa5706d55520da721095725112f1f233e6ec2602897f2a2b73a52ff1eefb4fac469bc7ae8ee094780e21372d8589ec867acad7182be214407122c5276e82fc9a2f64b360d185ff2b1a0ebd67b49eea361c71dd001d3d6b10b4fcb439770860536addad78daf60606808743a05799c1e4b59c58c4a39c8f88c328178cf3fb25670fa51e3f985c39a26a53c36e97ce1bfd28accc8916aed7b46dbea5457acc99c8af864f117ae5175ba0d7cbb37af3c20fb7edaf684ca38c487f5743284e51474061ef0ef14986cf105dcdf02ce92a26f897b37517123f1432c6db84a66ae31ec901d60b42cde9f3c6287369e9887cc66c255516f5e1a62bc136791edb2acdb7e424f30a76fea811b60bcde2deb13d24ddd65f5201378db53352f850457139335d2636f99e086941d28b4a4d3d1e52718fee80e5d6744f1e3d635ba169a978c204436dc64bdffc1f1c62c0ccc8db27e6fb220d77cff96bc811a782c419fc5e42c4b4f2f2b04e887c1b3958d36c15f7424ed827c2bfc49b82ff1f6ad725816ec163d3d48dac958d72ddea980cd2090515b54a441cc673e0c41388a8a60bc5325d5624eb2145b4d04bca02810728126a3a2fa3cf643f6737a701fa144dc85eea2ce6c0b659d9ea1758ffa447c8f49becc5a4b9b211ea1dc0e9e8c5bef0fbb6c0ef047e3d81bdb686c5d8827a95e9487020e77a02f787d7a463834c06655696387a9fa57dfba998b5185878d18746c8a9ebb3eec51647167d8b4147d24888871ea3af081933700f4631050777e015560ee474fedbbb0ef46ec75193f8e4d3ad2760951094677f8c92d4f55ef2952fdb291fef4bb2647134d551f586ba3bd3a95bb4e05328e2cdf0d3ded8a619d3d70aee9129b0daf57c3079b3efc1684ac16765a389ea9fd650a05914912156975caf6ef43b2eabedb98fa9cde4ffb0c07b55069f441afea5ee4c720bde22450f5aaab06979c702eb3f8220e0ffc6b6ba7f3073bda50c50473e366e3d27883eb5a4611fcfe283197afd76799f1b28bbd4bcf0c154d44ad8f2aa465762543b882c87c9d1be18b04ac7986c8e3b339628bf10b6e139d06dc913726ceeff045a17b9e0495848328d55e5484d24fe97afbcfad59710ea4ca2fdb65fcde68ee80f37fe31b2ae173a627d3145af2378f7e18b1d4af874d7e54b091e89f8e734f0c5fde26c50739486eb26894925b7540b6e7dcdc0fc930d43e35629631a458c5cc26899ed11ce398a40a62a1a5aa60631d1f65e45103d4bb860aa78fde5714b3f3a0ea66913d8f4920acf764ba0bf9677ecc2c041d5727237a9f5f7ccb5aec530a5cc789ba23b02c25191ce9e591484b360e75f0bb8ed741d6cbab239c7ff3b19589a23d07673c296cdce100bdab96d5d925f6436122383a2b710c50f8ae9578ab4358eddc105769f19679e658a0b6bebfce294f2ba2728e203d2907b68b7593eb49e50d27af111dc9fd2097ba914f0fa19a7df17cb753f09e8e62ecf5fa524a2df78b096c25cb5a3ffb4e7d420b7ce53a60033b5f2a1b39678e33be7cc74fbfa72767565bb195b52e84391f62d5c6a81f62b5379a5cb133903e7cf22ff3d10ccddf5c3966ae746fc09f99d40e0a587d42e0bf0210cb47d41a474163a608bab0da8b20cb553f5b249931bb96c6cadc3de371fe15390736e0426724e03dd75b4f56a82f19b6bf462beea0d672ba106a44beae0a022f7571c55eb345ebf7137ed2acc34be6afa4a1625f76136e3b27aeffd82a35b8b361afdac36a41fb064ee4a8fb429bc13a4065eb14da4ca54b958cd573a74b0e3e3614a909dbf55ead895ea8e310b3d3ea323a1f0e5ee11129b49b720f46f1d814638971d2ce71040e9e73c7839ce4b41379a58c32263e3a549ffc14c5eb335a0571731ff7bf15e2d2c830b0adcd387fd86b0ba63e03f7ba77608a7922232872c47f4e9c91cfcb5fee42d61c598af0c9cd2edfda08fe82f1c46fdd5c088d7cb5aa75434e9f9c0596b266e8d970c2d3da2d023efe0bfd5bac65dd9838c99c5fc05292bdafd53b2a5b153a19d88db198c32c724fa592ab0bb73ba318023723842ee2e79384514137081712e6366b484ceb1f030e15cfb164eb8657769bf212b79cfa8460276cf6f5f1c55feba2a0b280c6e642aac077badefbf6ffb663651746b9185173e07a7447080037e887224b210531ee5239c226b5daeff5c494a759017f52b18400eaa9828d911d7620fba183f94f408ce65ec3cf3eaf95745ced89d045e64bb3c0fd4e7736e8ea0897581ec91f7a6ceb64b661a56e838976e07ec71c64224af93bd3571bae45fcf465c307304011e58d0899b26775f13d5287a6c78c7d71211f6e687bdb78fc26aa0b439396d8eb75cf8339de0947a22f4c234973fe2304483b967c4fabd863b58d4f5030f2bb81e857dc341e5a8d30ebe2294b42e9231fdda5efd41fad2bbb0cbfe5d1935cfacd67575423fb2535027f8029272a4a5da656e7286d11250af44118511712de1ccc45a90969288db", 0x1000}, {&(0x7f0000000600)="dcf149ed7c9de2d22fd379c9b0cd3424f0d1b84310d686e7", 0x18}], 0x8, &(0x7f0000002300)=[{0x100c, 0x102, 0x43, "3a3b0ed0802acee6ec86157f34fa1240423d3770e17bdb5401d4e5b215a375aef2b505090bed58d943e6f9f894b0a964c36d89b39e3c2cc65bf8c4e931cf7458f15f540abc052f7e2225a01329af6965c69f79ac4783562d16ef3bcb4ef44a3ab576fd70ac6660474f4d6148b8baff716ad5184a6b63018e83b6fe676edac4a6e95c7325fc0ec0fd2dfe9f081e3c69e0fee69aa640a2338fe2ebf6278a3b72ad084f99bff6e38d006f83bb43c0cb641ffb7bede5711718b8858b8734e59076000a5f6e02991d7abfb58f0ebfaf4775fd554f315b8bd8ad88c89e1ed76d330af79f58e348383a2f6d67a1b80bd61f43c1dc2c5a83353d6bffb4476309fb323f4fbf2dea3c8590e040ea0e7ef72175c5378b9736251f3990464faba841f803a35842b80da7d0fed0d90e2be00ebf8408a05bf930b2f8cb5d533f7a386d632636c1a2cb14ce231f40ab4ece1c76f984ee5a7c8d81bf686a048bc76d9b302a1fdb81a6d44911d421952d9026aa530ae3e953091a633963975fb78c1e26fe4d171ebaae79a900bdd9f1a218f838ebf86681935c35c38e7ce447586c34eb10ce61611874bc1c0b61240202d53e1c6a2c8c59cb7e91ebbf3656f76229eaf0330b97dd7616e203ab9d00d982583ac4c1a27348d3f83efd4f97133f6e82ea264da2df8cf8b7bc132c181213065cbda12d02265190756299c9f00b49ed8ffb55e79d081d1e1fda6d5455f0ee36fd126198d8a708b4c4016c9c90d6b7d9427c81239cfbdb34aa12684875ce7ea1cb601cd522c5c7fde8d84b96829cc7e9b60074cd8a5c67dacf2f73fa62c500814410337b7e3aac1e97cbe0223d35a6e875c122e14b002e29968a5e02ea3750f012ddedcf2b3d5f1dbfdd452b8daf75960276d9bff78091dc080e246e27bb71a39d8517baaff77be127372d473ce99f4d9adce26abb6dbe72f2b0407f93ab63697d0c4815c038c627b7ed68638fb75218f210096a5f76c60f417b019726969d47b08a32a9ed0b08484b2e2c6e0e9f8f5d3957a2339b661932306c63f95e57106d6d21f245890bc08ade516353cf4ca1f6f253e52c6975d459e00f2190ac7e0cb9704a3f15b20227189a0cc0df6c6da973c1854646294fa71314330406ba0a966c69503c316a11f93083db6df4212357463fe9388a082dbd6756cc2183d1b2092f8a6f0b4bedce1d440729b2a938cdc4b5c9a81a2eadbd896c4b810765b31e7690f7f4b843561138bac1ccb07e3b7b7da09cba1fe5d2ce95a2d6cc8515295e8984c2e2849844ff21edd539c01c3a840fb01ed5f37be0e5b81eac3b0651667d94ee1bb753dbeeaac83a007370a8ea98362ad7183d72359bb96cfc01ff3d8524e5e33f9c63144d49cad02aa4b5652f864e2a65d68880c00cc5b6c1f42fea48ff41a75572439b991cfa7667f3fadfdea5af7da25932c1a6ea233547fb5cc478d14e76350ebe11b9c34052ebcbcf57e6a4e135a3617e4aad90793dfa9db85edf45f002ae8646e8b97122a05111839b19f97918578f9ede11f609b0ed96088606342ab404e1173ab15abe33c9ef95128e1a9f982ae056a8530aec3d1e757e08992603c2c72a40f3d5b6724d6eb81e983b6af8b80d7817553f3245e2cc2a15254db91c4801b89041ab9acc7e7b216307b1f147408437b00ef4acdaf01c493323e23a0554c1515171b58d034fea8d5e44870d650aaf3e989edc1dd35ec55f755be03b894908c4e868af95b9794a412c8cedfbbbe859185c5b95df25d2de4e13dc20a029ecb07d9138773cededeeef3c6cd3e74cdb8438dcff09588fec27a8738e8a410f2d89ea6ef2f96d12db22b05feb7ccbea40863f781d887fd382ceec63f5ee84eb91c0d60a6b55b6d8c46c270cc6fd6ea32a5950b9e24fd3a3520cb50ae1f32a67e63a49d527ead281e80150ead7d2a72b1c08e90e81af85b49e42ea7f42909bd410e369f609ab7a23874adf54ea75429ac5470e706a427dca868172bed8a2d2d761094aa982663962c8be3a1e3749a5005c323943996f6901224b9ca534b9ba20d1af8f829edc12f0e11acff26cf0a7efcffcdc80ff2e3ff94fd1f2f21262fd9d5cfe6882efaf15d8942b75ddb1d65ddb250327aaba3745378f46cf5656ea767f7dcaddb0a05bb6cdfa0b9f6b4e61305147c2a3f9721d305b9a29f441a3e968d66893d714cba9d193906097515d26c16ce646c65da48db3da0edc22ede41061ae29ddea54c666524ffd278352927b3daf51684956ca771b6d9ab99b1154c53e16f99d9deb53ff49490b460694e986a3a7093f6c0b7c120e07c9e35e1463a9211e602ac6fac744f0d79f6a114266e671d0777161b4a39a24b81d24023d33306644484b8ef72adb651d1b97040dd7d11bea2ef1a729bb7870ea4f5fc7c0246c7359043e4a73f4f32e9cca12e0ae344f59534ab20638d5a8c94f0f5798d78b92f46ab7f93dcf56b5a08d6808ef8a2e7c5ab6abd416bdc221f4f8a5be419b2b6bf3a6dcde9369565403c4b2b1a9d7084731b604b57beca54d35a7e9443fc24e89678413991315af00217f45278838c8b04e7386a62c75f0e97c3058efd6f33199b00a74ab2e2f0d39462c244f09aedbdfcc4908423945e9a68b252e4c3b607332a5295fcefa81cd0765095c8af608e43c121a9a317a9cf5ab8e3670b4ba951e2a96d030f3ae5e04e925e92a79434a912e9362a59fa3e382471773a58ccd0731ebd103914d7ccd0a5972e9244531c83aa2d3919e99047046fd7fb829d0a2e6000239012578c6ce138dfa59eb9f4a9e92cc978f62ed4ccb2379a8cddeb591233fcf246937b4a810e44fcc509aeeab834dce2cb9b2c56aa711d37f270edac6c72c0054bcbff57e9824fb84bdb7dfdd78e4d06b50d916212cd9bf56260f4f57de91c2670366943719c8b73d17c1b936abb3f5783681ef191343eefa7151371a9a9bc64eaa71ee281b2506c1115ccecd87ca8f74d50e9b56e9665270d672f4a66099515f4a14e5f3daa1a0738631ceb78ac2a384ecec02c86c9ffd62003251cb99f14d127aad72454546c73e1f96080517bce0967d17f65052ecb8c333c64c67275bf2ddbd3f8ff36a4ad597159b29df5f826f9a226bdaa4464525c70ca2c056858d79b9cc2f3c85577090478bfe30658b6da3a94241918343e12194c33d4ab4ad48b4ebf8ba28e7131014514737f0f8f80ab1a09bdb98684caa0808e9759c2cdfb3b413750540bc948377f19bbe13e79e9947eb83ad661e391195e5d31d7ea002e5572a6f8e24891620075b2138f0fd8b2eea16b2b56ccd0cc292074d6e5a90c23ea8603030bebe6fc8e47b627940c14817f67cf97f88acea3d1aff66d09d69f8f2bd3651b4a205ac3e6a1723881cccaea7ca0864ff8fd29827d6475dca70900513292897850018776dc07da728ba89944940c09821dae8362ec2f7970e6cfb36b16ceb0b2846255e8b33e4e883d0fb4207273ce5ff78d5dd10d5fac561d78a52922798f9f1655b714eab2e239698c93bc1a09354fda9d87a03fec7b83fb8c684b60374d935f0f0882c060bbf3d809545dcdb1690985d0c6a5a2888f6d404f729e4dcb431e9576673a51cf22d2ea66566818645b10e09b10392032f1b6c61f9e8a0d24911fc743532c70beed173681d32ce7ce78c5cdaefad8fc8d43ad6ca133d5b52544e665e7db15c8ee2a23c19dddd916a6212f59a66d043480b8a3c3f07ed496bb23beffd20d0e6c1d8b746ad164ec95e0d0f67d5cfde6b94902672dffb5d710fce6ff836a99b5065ee0816011c44fb8c5fa9869f135c666731cede4255255a97eb32874af60d3df0d45466dcf4c5c62542f9a77f2f8cb1fc0957dd2a309494667151cbf253767d835c2c9319614cf5161485fcb9d2fa6fb0ab61746232ba88d41a41c642ee1e41421e5dc044d082644c808cd08643dd40f03ad20ba4a8f038b99955208cc75640f13d2320b3637a987efe1f0b8e9eab996d2995ed852bf3df3b5375ee93612194d98e2d4cd1ed678c49148ba280b716535ccf2c1c281665e7ba75a1b444eeffc2e0100b2bcec21eeefbee2fe7cfaa27ba6478573f68f89091a4df6753b12ee94735e4ca9e24dea13535ef5fa10e373265cb95f535e6affba6f3cd9b33f1ecefe5c7b5c8166f6a294888c284dcc5436b2d58b25c62a6c35bed5cbc8f68450edc40e2c9aa0fa08b6c1cd7916aba333533283c57a4f2d0d5e783fc77f69bac2b6df6c81f9274a9d8d85f9dca71e19d8b7b4dc4e1269d241f74751ead998514313fbbed57d31cfef67bfb496c3b1bae791de139da2ccabc7b81ef4f57a9d2f6e5cf1025d9bea206e7af17759f98cef669d82c3bb79ffbaa05f6a23178f0856700ec56c890c02eb6c0ed93738f511ec70d65205b91cde61256a36a00234a7c9308e41d5f1b0cacb16ef241fd4a0dffc1af49274ad7e50f22f8a7faa22dd8864d425044ac91a7fda4cf7a17d756ee7105b4c0ec7650502c980d7e737f46ebd4d740ff3d549d095e52197e788d7f2a76239e7bb8ba028c922aadc57c9cd629e35977a0fa0ffaef76408454c64f6fb12ace1552254c6c06ea168ed4d8ce128068db031bf500f39d52081e9e45910cdfcc6a8a970286ee91716f074ae72d0dc3a88a38dbe03bcdf827b9691b01d5c83439987097a6ecbc361571235013e67bf38611bbb60eb68d4009bf8242a73149ff28028396cb1a7db7e8d39b7c1589c66a8b216de65c88674bb85cf6fb0cb6b675aa57616f9c02290422607149c2adb455940de64ea73eb95212b795baefea8cf4d1bf7049d4583127b154a1a7acda526b99c718f03b656ef898739d9125f8c2386624f9dbbd6d427f2c2997aeb56b4c4481d227499a7aa49c2219ff99c8880be96b8bed945b0d80b93174b80038ed2f336f6523605cc8c62d5b55489bc16accbdf88d803105726739576fd115f9a5b6c26358b75d8709170b2bc8b8c40ac82eb48ea00d69e78af629840204c491132d3fd0b85a705eb84e0501db994fd2a9b2e988ebf665349398309eeb155677bd6530794775b1797097cbd7a0de3f28a4513627bb45e3f2655b7f10dea6063e1f28e4ab536f795eebacf261c1abfa19e0faa707169cbaab3daf0470d7d16c1aba503c89db971c5df4d5450319dc6d922ee9cf030d2ac887816b840f8e38840a47945febb68e816fae17d42e9904b91c4b722061029f442bf20469a29e6a3fc39ee9489f661150a34e2e7036ec172b2244bc6a0b8e3848a42c488aaf79bc699aecd2877c746f0bf3761a2c6a9f67f9fd83fa2ff41fae4bab34add64f53fc423dee42530b3bdec4de971964de26eae8ed4f9327c81819a4d3d85a44a338472b4350b3028bce9f4bbd8493547b9d807d52103da3636f34122b6144e12faea115eca9d39542ff8bf0752e820f702340dba5e66f8ffe8e9a9afee67782e26575b60e3b25b9112ad73ae4e603ad882f7ceb974afef54f36ea72004d7d1d61680c932826a3a23240f27df67935d6bed9f3d341e2ee89d5fa733d09192bebb72769f0530e2270e1bec3397e14c2754392d0e0b65346bc616e4d5a9cec65ffa8c9151a42e3b5fe42cee9fbcd933ebdc6999a76f57a13939f01d6ad52cd5250d0a835d9d9d6995078f1dddf865e7f5b414433ac5427e1a447edbd4464259ecc810c4713d34fee94f60d0fe9b0192c4649ece5223b0026a97804179b322016458e75d59f543a9415faef61b31e78757d5da2d210b34f391f8d7963fa583d3ec5c9349db96b8243ad0886d091dbf18e9f367749627fb966cb23c3319162dc68da7e"}, {0x24, 0x1, 0x25b, "f2a24b9a297f7e3defb4591f93bec4db0f87b08cf40d"}], 0x1030}}], 0x1, 0x0)
r7 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r7, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x28)
quotactl_fd$Q_GETINFO(r4, 0x0, 0xffffffffffffffff, &(0x7f00000000c0))
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r8, 0x4068aea3, &(0x7f00000004c0)={0xdb, 0x0, 0x7f9a})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000640)='io_uring_complete\x00', r9}, 0x18)
r10 = syz_io_uring_setup(0x23ce, &(0x7f0000000400)={0x0, 0x79b0, 0x20, 0xfffffffd, 0x275}, &(0x7f0000000340)=<r11=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r10, 0x627, 0x4c1, 0x43, 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x3, 0x10000, 0x0, 0x3, 0x9, 0x6, 0x30002, 0x739, 0x1, 0x73e, 0x7, 0x100000000, 0x1000008, 0x6, 0x3ff, 0xf6], 0x1001, 0x80440})
ioctl$KVM_SET_REGS(r12, 0x4090ae82, &(0x7f00000003c0)={[0x4, 0xffffffffc, 0x5, 0x41, 0x4, 0x0, 0x2004ca, 0x10001, 0x40000000000a1d, 0x1, 0x2, 0x7fff, 0x800000000000004, 0x2, 0x0, 0x7f00000000], 0x4008, 0xd81})

2.662643546s ago: executing program 0 (id=1633):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_int(r0, 0x11a, 0x3, &(0x7f0000000040), 0x4)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f00000009c0)={0x44, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc01cf509, &(0x7f0000000080)={<r3=>r2, 0xc, 0x3e08000})
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x17, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000000180)='syzkaller\x00', 0x7, 0xc3, &(0x7f0000000200)=""/195, 0x0, 0x52, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x10000}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4, 0x0, 0x3f1}, 0x10, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r4, r5, 0x26, 0x0, @void}, 0x10)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={<r7=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r7, 0x7}}, 0x48)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000300)={<r9=>0xffffffffffffffff}, 0x2, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r8, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r9, 0x10, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90)
close(r5)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r10, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGMASK(r2, 0x80045b10, 0x0)

2.604142453s ago: executing program 3 (id=1634):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
syz_io_uring_setup(0x4b3a, &(0x7f0000000180)={0x0, 0x1c75, 0x20000, 0x8200, 0x335}, &(0x7f0000000240), &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
syz_clone3(&(0x7f0000000300)={0xd0280f80, 0x0, 0x0, 0x0, {0x100003c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@typedef={0x2, 0x0, 0x0, 0x8, 0x5}, @restrict={0x3, 0x0, 0x0, 0xb, 0x5}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x42}, 0x57)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
iopl(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000380))
ftruncate(0xffffffffffffffff, 0x8800000)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r3, &(0x7f0000001c80)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000140)="2bef7b950ac3c3ec", 0x8}], 0x1}}], 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100))

2.600026078s ago: executing program 2 (id=1635):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
syz_io_uring_setup(0x4b3a, &(0x7f0000000180)={0x0, 0x1c75, 0x20000, 0x8200, 0x335}, &(0x7f0000000240), &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
syz_clone3(&(0x7f0000000300)={0xd0280f80, 0x0, 0x0, 0x0, {0x100003c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@typedef={0x2, 0x0, 0x0, 0x8, 0x5}, @restrict={0x3, 0x0, 0x0, 0xb, 0x5}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x42}, 0x57)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
iopl(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000380))
ftruncate(0xffffffffffffffff, 0x8800000)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r3, &(0x7f0000001c80)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000140)="2bef7b950ac3c3ec", 0x8}], 0x1}}], 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100))

1.088805813s ago: executing program 2 (id=1636):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = syz_clone3(&(0x7f0000000440)={0x20000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x3b}, &(0x7f0000000340)=""/242, 0xf2, &(0x7f00000001c0)=""/76, &(0x7f0000000140)=[0xffffffffffffffff], 0x1}, 0x58)
syz_open_procfs(r1, &(0x7f00000004c0)='fd/4\x00')
sendmsg$key(r0, &(0x7f0000000080)={0x2, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
recvmmsg(r0, &(0x7f0000001580)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000800)=[{&(0x7f0000001740)=""/4081, 0xff1}, {&(0x7f0000000640)=""/251, 0xfb}, {&(0x7f0000000300)=""/52, 0x34}, {&(0x7f0000000180)=""/51, 0x33}, {&(0x7f0000000240)=""/140, 0x8c}], 0x5}}, {{&(0x7f0000000500)=@x25, 0x80, &(0x7f00000009c0)=[{&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000000780)=""/69, 0x45}, {&(0x7f0000000840)=""/112, 0x70}, {&(0x7f0000003740)=""/4096, 0x1000}, {&(0x7f0000004740)=""/4096, 0x1000}, {&(0x7f0000000740)=""/52, 0x34}, {&(0x7f00000008c0)=""/199, 0xc7}], 0x7}, 0x5}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a00)=""/107, 0x6b}, {&(0x7f0000000a80)=""/3, 0x3}, {&(0x7f0000005740)=""/4096, 0x1000}, {&(0x7f0000000ac0)=""/3, 0x3}, {&(0x7f0000000b00)=""/107, 0x6b}, {&(0x7f0000000b80)=""/207, 0xcf}], 0x6}, 0x8}, {{&(0x7f0000000cc0)=@phonet, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000d40)=""/87, 0x57}, {&(0x7f0000000dc0)=""/231, 0xe7}, {&(0x7f0000000ec0)=""/101, 0x65}], 0x3, &(0x7f0000000f80)=""/11, 0xb}, 0x2}, {{&(0x7f0000000fc0)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001080)=[{&(0x7f0000001040)=""/63, 0x3f}], 0x1, &(0x7f00000010c0)=""/16, 0x10}, 0x8}, {{&(0x7f0000001100)=@nfc_llcp, 0x80, &(0x7f0000001500)=[{&(0x7f0000006740)=""/4096, 0x1000}, {&(0x7f0000001180)=""/203, 0xcb}, {&(0x7f0000001280)=""/152, 0x98}, {&(0x7f0000001340)=""/31, 0x1f}, {&(0x7f0000001380)=""/159, 0x9f}, {&(0x7f0000001440)=""/115, 0x73}, {&(0x7f00000014c0)=""/20, 0x14}], 0x7, &(0x7f0000001540)=""/35, 0x23}, 0xf26}], 0x6, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2) (async)
syz_clone3(&(0x7f0000000440)={0x20000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x3b}, &(0x7f0000000340)=""/242, 0xf2, &(0x7f00000001c0)=""/76, &(0x7f0000000140)=[0xffffffffffffffff], 0x1}, 0x58) (async)
syz_open_procfs(r1, &(0x7f00000004c0)='fd/4\x00') (async)
sendmsg$key(r0, &(0x7f0000000080)={0x2, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) (async)
recvmmsg(r0, &(0x7f0000001580)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000800)=[{&(0x7f0000001740)=""/4081, 0xff1}, {&(0x7f0000000640)=""/251, 0xfb}, {&(0x7f0000000300)=""/52, 0x34}, {&(0x7f0000000180)=""/51, 0x33}, {&(0x7f0000000240)=""/140, 0x8c}], 0x5}}, {{&(0x7f0000000500)=@x25, 0x80, &(0x7f00000009c0)=[{&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000000780)=""/69, 0x45}, {&(0x7f0000000840)=""/112, 0x70}, {&(0x7f0000003740)=""/4096, 0x1000}, {&(0x7f0000004740)=""/4096, 0x1000}, {&(0x7f0000000740)=""/52, 0x34}, {&(0x7f00000008c0)=""/199, 0xc7}], 0x7}, 0x5}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a00)=""/107, 0x6b}, {&(0x7f0000000a80)=""/3, 0x3}, {&(0x7f0000005740)=""/4096, 0x1000}, {&(0x7f0000000ac0)=""/3, 0x3}, {&(0x7f0000000b00)=""/107, 0x6b}, {&(0x7f0000000b80)=""/207, 0xcf}], 0x6}, 0x8}, {{&(0x7f0000000cc0)=@phonet, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000d40)=""/87, 0x57}, {&(0x7f0000000dc0)=""/231, 0xe7}, {&(0x7f0000000ec0)=""/101, 0x65}], 0x3, &(0x7f0000000f80)=""/11, 0xb}, 0x2}, {{&(0x7f0000000fc0)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001080)=[{&(0x7f0000001040)=""/63, 0x3f}], 0x1, &(0x7f00000010c0)=""/16, 0x10}, 0x8}, {{&(0x7f0000001100)=@nfc_llcp, 0x80, &(0x7f0000001500)=[{&(0x7f0000006740)=""/4096, 0x1000}, {&(0x7f0000001180)=""/203, 0xcb}, {&(0x7f0000001280)=""/152, 0x98}, {&(0x7f0000001340)=""/31, 0x1f}, {&(0x7f0000001380)=""/159, 0x9f}, {&(0x7f0000001440)=""/115, 0x73}, {&(0x7f00000014c0)=""/20, 0x14}], 0x7, &(0x7f0000001540)=""/35, 0x23}, 0xf26}], 0x6, 0x2, 0x0) (async)

1.060094582s ago: executing program 3 (id=1637):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="28000000f74d173b651f6d1fba336388630f9123bc153230c62007c5d78a7d41a657f1dad7b70e83e1b3e1991cb7975148126097d891b05cd708c90c7b4b7f652ec0b4653a2b889342cde8db", @ANYRES16=0x0, @ANYBLOB="010029bd7000fddbdf255e0000000c00990005000000430000000800a00003000000"], 0x28}, 0x1, 0x0, 0x0, 0x20080080}, 0x20008885)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0xff7c, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x0, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x49, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x3}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = open$dir(&(0x7f0000000340)='./file0\x00', 0x10080, 0x3f1)
linkat(r4, &(0x7f0000000400)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000680)='./file0\x00', 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58)
prlimit64(r1, 0xe, &(0x7f0000000300)={0x9e8, 0x9}, &(0x7f00000003c0))
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r6 = accept4(r5, 0x0, 0x0, 0x800)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca0200000000000000adcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d070490893616810a121ff4feedd1d176b313b9fc7bf31ddff431a4a50760ce18a76c4b7aa73cec3eec984c76d16f798c436410f3f4a41715e736a132c3cb9421be0b3c2bd40b75896c007fa2d47e3d8392d905d582b8eff689b0f493770c91e8c2e8bd0b08ffa4fd0289b04b0ea024768d196ef721314d68d29988b01871c6ea39f95a0b77744caadd24867acab274e8e4bf3fb44df31e15ffdce52f9f60ffe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000005c0)=ANY=[@ANYRES32=r8, @ANYRES32=r8, @ANYBLOB='/\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYRESDEC=r2, @ANYRES64=0x0, @ANYRESDEC=r6, @ANYRES32=r7], 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000001c0)=ANY=[@ANYRES32=r7, @ANYRES32=r8, @ANYBLOB='/'], 0x20)

1.044224627s ago: executing program 0 (id=1638):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r1, &(0x7f0000000780)='system.posix_acl_access\x00', &(0x7f0000000880)={{}, {}, [], {0x4, 0x6}, [{0x8, 0x1}], {0x10, 0x3}, {0x20, 0x3}}, 0x2c, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
r2 = openat(0xffffffffffffff9c, &(0x7f0000002600)='./file1\x00', 0x14d842, 0x5)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs/custom1\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(0xffffffffffffffff, r1, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x7c, 0x0, &(0x7f0000000540)=[@acquire, @acquire_done={0x40106309, 0x1}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x1, &(0x7f0000002640)=""/4096, 0x1000, 0x0, 0x28}, @flat=@handle={0x73682a85, 0x1000}}, &(0x7f0000000480)={0x0, 0x18, 0x40}}}, @enter_looper, @decrefs, @decrefs={0x40046307, 0x2}, @decrefs={0x40046307, 0x2}], 0x0, 0x0, 0x0})
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f00000001c0)={0x7, 0x0, [{0x80000000, 0x6, 0x0, 0x4, 0x2}, {0x80000000, 0xf, 0x7, 0x30e0, 0x10bf}, {0x40000000, 0x3, 0x80000000, 0x9, 0x81}, {0xb, 0x6, 0x64b, 0x0, 0xff}, {0xd, 0x2, 0x21, 0xfffffff8, 0x1}, {0x80000000, 0x3, 0x5d, 0x10000, 0x2}, {0x7, 0x0, 0x1ff, 0x7, 0xfff}]})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
r7 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
r8 = socket(0x1, 0x803, 0x0)
getsockopt$sock_buf(r8, 0x1, 0x27, 0x0, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000140)={0xc, 0x0, &(0x7f0000000180)=[@free_buffer={0x40086303, r7}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000480), 0x0, 0x0, 0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000000300)="c99bfa0018", 0x5)
r10 = accept4(r9, 0x0, 0x0, 0x0)
sendmmsg$alg(r10, &(0x7f0000001800)=[{0x0, 0x0, 0x0}], 0x1, 0x5)
recvfrom$inet(r10, 0x0, 0x0, 0x2102, 0x0, 0x0)
pipe(&(0x7f0000000300))
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000340)="cb"})

812.255798ms ago: executing program 2 (id=1639):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0xa, 0x1, 'AUDIT\x00'}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_INFO={0x4}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xa0}}, 0x0)

752.13603ms ago: executing program 2 (id=1640):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8982, &(0x7f0000000500)={0x7, 'ip6tnl0\x00', {0x2}, 0x9})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x20040001)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff}, 0x106, 0x3}}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000900)=r3}, 0x1c)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000b40)={'gretap0\x00', &(0x7f0000000ac0)={'gre0\x00', <r6=>0x0, 0x10, 0x80, 0x7fff, 0x3, {{0xf, 0x4, 0x0, 0x2, 0x3c, 0x67, 0x0, 0x0, 0x4, 0x0, @broadcast, @empty, {[@ssrr={0x89, 0x13, 0xbc, [@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @broadcast]}, @generic={0x5ffb67d8d2084db6, 0x9, "32da3364c43387"}, @ra={0x94, 0x4, 0x1}, @end, @ssrr={0x89, 0x7, 0x9d, [@dev={0xac, 0x14, 0x14, 0x41}]}]}}}}})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x14542, 0x0)
write$P9_RREADLINK(r7, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
r8 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x18, 0x13, &(0x7f0000000980)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3c}, [@jmp={0x5, 0x0, 0x1, 0x8, 0xb, 0x18, 0x4}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffe}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4b34, 0x0, 0x0, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000a40)='GPL\x00', 0xc18, 0x1a, &(0x7f0000000a80)=""/26, 0x40f00, 0x2, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000b80)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000bc0)={0x3, 0xb, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000c00)=[0xffffffffffffffff, 0x1, r8], &(0x7f0000000c40)=[{0x2, 0x3, 0x2, 0x1}], 0x10, 0x7}, 0x94)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r2, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @empty}}}, 0x118)
r9 = io_uring_setup(0x3a66, &(0x7f0000000300)={0x0, 0xeabc, 0x200, 0x1, 0x265})
io_uring_register$IORING_REGISTER_PBUF_RING(r9, 0x16, &(0x7f0000000880)={&(0x7f0000001000)={[{&(0x7f0000000380)="8b9e94487d43fbe3bb24e613ff26fad005b93deb75c7ebf60ca88b9cd04ddb71497b53b4f19a224f6e329b1318eee22cb0e3a6a5cfea2a21daa114eb297c81ad37a4b6423e4dc1e69c29e9a5dc7c9afc1e48cf538c77ed45725d56a90399b1e5bb9798c8d6bcd3113e140ef3805cec9b56b623dfb1dc40524415824076f60a202a433cb45ee83191b20a135936ed44acb1158057bcaeece8daf5c84be3c0acd9275bf672c6259effebd742482dc304b99f242f71d7d5fa21efd3de44fa316470892ab072be9ba969b0", 0xc9}, {&(0x7f0000000480)="b88cd29472cc0b229c616183c3462a34879f6a0fed620277105401adafd2f271ba398c8e46f1ac4e40c6374181aa3a952cc08fe6d0933cbd829c880c13ede5454407fc267031137c1c4af603c56475b63fbe654dd867016851f7f272b148fd86000ff378227d3bf9b0b8d7d4f776", 0x6e, 0x1}, {&(0x7f0000000500)}, {&(0x7f0000000540)="91a991f8dc3be3536302a376240639ba078b0e1a1672f6128500a4e395530ce3264b9446cde547682c7e7d932e9371475df9", 0x32, 0x3}, {&(0x7f00000006c0)="4726a8d7a02a1c5db1778be06a777853a02e442168a915b4b18b9ab018fffcda6c3b252395bebd9714822c651072c38068d26ba991fc118364cc0b5c969d5896150f38ebb5eae0c39143c1ffb84172f9cb37b9f599fd8b211b7d6b6fa7fb9adfa0d560d229fc72c9289e1beec1203ef6b541ac4e9f95a9849f98bac97d32a0d035e1c97abc1403206730b38f6e6797af0ed73c5727c787af5685070f2dfe2c9bc0c15857d531dcf30757ccefed1c377965fb9fdf33b21d234f2ab774a2ba", 0xbe}, {&(0x7f0000000580)="92869b28b17034277fe2164ccd780cdb62de2469bbe0629ace24b113339ab6e7c0d284cf7bf897", 0x27, 0x2}, {&(0x7f0000000780)="d32994dc612338fe7d9b69379a87a067d64583c3d564f2fc94e88e74c913c23a2d1187ffb246cbdf181b8994c600beb74a3d806caf97c5b1290e3762aaccb117716ec8bcc795a2324412beeda67e52fa5bd62c87dad90df4fe41c99dbffe39f97f886eb0cdc2cab67a23a1d08ec5d704db29449603f10da5c57360be013fbbf7eba2d58de54fb0ce8a3cce3d7274ee7fd0fd2a52a8e3128ed08a322a64e68dcee517bf76184005679baad1c9f3d3a94cb8e68ad274286122602b6844373353035c597a9ebf0ea8339e882d25245e6c641561f8f54df51074727c8bf8f7e97c88c31b93af1696", 0xe6, 0x1}, {&(0x7f00000005c0)="58e2e9cd3197a1583372897a350307deb2453517787e9896e2a85612ba29099eaafe8b5289c7", 0x26, 0x1}]}, 0x8, 0x1}, 0x1)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6076b2af00072f0020010001ff0200000000000000000000000000010000883e00189078030000000100000267ecd0504ba1aba3e4edb91abc926ec27b5e342382d73908c3c5e500c872d2451aca8ffd28aee0360c3f49515dbeb2235e941b5da504b948000000000000000000000400"], 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_usb_connect$cdc_ncm(0x2, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

143.587397ms ago: executing program 0 (id=1641):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
syz_io_uring_setup(0x4b3a, &(0x7f0000000180)={0x0, 0x1c75, 0x20000, 0x8200, 0x335}, &(0x7f0000000240), &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
syz_clone3(&(0x7f0000000300)={0xd0280f80, 0x0, 0x0, 0x0, {0x100003c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@typedef={0x2, 0x0, 0x0, 0x8, 0x5}, @restrict={0x3, 0x0, 0x0, 0xb, 0x5}, @union={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x42}, 0x57)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
iopl(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000380))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r4, &(0x7f0000001c80)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000140)="2bef7b950ac3c3ec", 0x8}], 0x1}}], 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r5, r3, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100))

119.557205ms ago: executing program 1 (id=1642):
syz_emit_ethernet(0x56, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "cb2891", 0x20, 0x2b, 0x0, @remote, @local, {[@fragment={0x33, 0x0, 0xf, 0x1, 0x0, 0x19, 0x65}], {0x0, 0x0, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x401}}}}}}}, 0x0)

0s ago: executing program 1 (id=1643):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock(&(0x7f0000b1d000/0x2000)=nil, 0x2000)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x34}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00005f0000/0x1000)=nil, 0x1000, 0x0, 0x3, 0x100000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x3e, 0x0, 0x0)
pwritev(r0, 0x0, 0x0, 0x9, 0x800000b)

kernel console output (not intermixed with test programs):

 SerialNumber=0
[  303.971645][ T6003] usb 6-1: Manufacturer: syz
[  303.980219][ T6003] usb 6-1: config 0 descriptor??
[  304.028387][ T9436] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  304.497620][ T8317] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  304.993776][ T9457] syz_tun: entered allmulticast mode
[  305.049326][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  305.055110][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  305.078252][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  305.084157][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  305.109661][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  305.173179][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  305.320214][ T9465] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  305.323070][ T9465] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  305.327419][ T9465] vhci_hcd vhci_hcd.0: Device attached
[  305.606550][ T8646] usb 38-1: SetAddress Request (22) to port 0
[  305.608661][ T8646] usb 38-1: new SuperSpeed USB device number 22 using vhci_hcd
[  305.976481][ T9466] vhci_hcd: connection reset by peer
[  305.976759][ T5006] vhci_hcd vhci_hcd.0: stop threads
[  305.976889][ T5006] vhci_hcd vhci_hcd.0: release socket
[  305.976998][ T5006] vhci_hcd vhci_hcd.0: disconnect device
[  306.113601][ T6003] usbhid 6-1:0.0: can't add hid device: -71
[  306.113656][ T6003] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  306.121236][ T6003] usb 6-1: USB disconnect, device number 7
[  308.586786][  T840] usb 42-1: device descriptor read/8, error -110
[  308.977535][  T840] usb usb42-port1: attempt power cycle
[  309.537370][  T840] usb usb42-port1: unable to enumerate USB device
[  310.669762][ T8646] usb 38-1: device descriptor read/8, error -110
[  311.067366][ T8646] usb usb38-port1: attempt power cycle
[  311.627629][ T8646] usb usb38-port1: unable to enumerate USB device
[  316.409541][ T9524] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  316.409561][ T9524] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  316.410063][ T9524] vhci_hcd vhci_hcd.0: Device attached
[  316.696545][ T6003] usb 40-1: SetAddress Request (6) to port 0
[  316.696648][ T6003] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[  317.137056][ T9526] vhci_hcd: connection reset by peer
[  317.137354][   T46] vhci_hcd vhci_hcd.1: stop threads
[  317.137377][   T46] vhci_hcd vhci_hcd.1: release socket
[  317.137458][   T46] vhci_hcd vhci_hcd.1: disconnect device
[  317.401359][ T6491] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  317.546484][ T6491] usb 8-1: Using ep0 maxpacket: 8
[  317.548146][ T6491] usb 8-1: config 0 interface 0 has no altsetting 0
[  317.549083][ T6491] usb 8-1: New USB device found, idVendor=04d8, idProduct=00e3, bcdDevice= 0.00
[  317.549097][ T6491] usb 8-1: New USB device strings: Mfr=31, Product=0, SerialNumber=0
[  317.549107][ T6491] usb 8-1: Manufacturer: syz
[  317.550468][ T6491] usb 8-1: config 0 descriptor??
[  317.564821][ T9538] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  317.564850][ T9538] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  317.565526][ T9538] vhci_hcd vhci_hcd.0: Device attached
[  317.836534][ T8647] usb 42-1: SetAddress Request (30) to port 0
[  317.836585][ T8647] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd
[  318.116770][ T8317] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  318.152347][ T9544] tunl0: entered promiscuous mode
[  318.157779][ T9544] netlink: 'syz.0.955': attribute type 4 has an invalid length.
[  318.166306][ T9544] __nla_validate_parse: 68 callbacks suppressed
[  318.166326][ T9544] netlink: 9 bytes leftover after parsing attributes in process `syz.0.955'.
[  318.347745][ T9551] netlink: 4 bytes leftover after parsing attributes in process `syz.0.956'.
[  318.382403][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.956'.
[  318.480779][ T9539] vhci_hcd: connection reset by peer
[  318.492900][ T8072] vhci_hcd vhci_hcd.2: stop threads
[  318.495245][ T8072] vhci_hcd vhci_hcd.2: release socket
[  318.499327][ T8072] vhci_hcd vhci_hcd.2: disconnect device
[  319.294651][ T6491] usbhid 8-1:0.0: can't add hid device: -71
[  319.297019][ T6491] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  319.301229][ T6491] usb 8-1: USB disconnect, device number 19
[  319.729584][ T9573] xt_addrtype: ipv6 does not support BROADCAST matching
[  321.790315][ T6003] usb 40-1: device descriptor read/8, error -110
[  321.794786][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  321.797798][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  322.178333][ T6003] usb usb40-port1: attempt power cycle
[  322.747256][ T6003] usb usb40-port1: unable to enumerate USB device
[  322.906638][ T8647] usb 42-1: device descriptor read/8, error -110
[  323.297890][ T8647] usb usb42-port1: attempt power cycle
[  323.857594][ T8647] usb usb42-port1: unable to enumerate USB device
[  328.806723][ T9625] netlink: 4 bytes leftover after parsing attributes in process `syz.1.974'.
[  329.485061][ T9630] netlink: 64 bytes leftover after parsing attributes in process `syz.2.976'.
[  330.252613][ T9634] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  330.254883][ T9634] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  330.276190][ T9634] vhci_hcd vhci_hcd.0: Device attached
[  330.599306][ T9635] vhci_hcd: connection closed
[  330.600475][   T12] vhci_hcd vhci_hcd.3: stop threads
[  330.604323][   T12] vhci_hcd vhci_hcd.3: release socket
[  330.607371][   T63] usb 44-1: SetAddress Request (22) to port 0
[  330.609878][   T63] usb 44-1: new SuperSpeed USB device number 22 using vhci_hcd
[  330.613748][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  330.636561][   T63] usb 44-1: enqueue for inactive port 0
[  331.040443][   T63] usb usb44-port1: attempt power cycle
[  331.307236][ T9648] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  331.597056][   T63] usb usb44-port1: unable to enumerate USB device
[  332.614043][ T9678] binder: Bad value for 'stats'
[  332.616865][ T9667] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  332.619332][ T9667] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  332.622610][ T9667] vhci_hcd vhci_hcd.0: Device attached
[  332.723484][ T9683] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  332.725813][ T9683] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  332.731494][ T9683] vhci_hcd vhci_hcd.0: Device attached
[  332.806690][   T60] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  332.926533][   T60] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  332.992461][ T9679] vhci_hcd: connection reset by peer
[  333.001177][   T46] vhci_hcd vhci_hcd.1: stop threads
[  333.005468][   T46] vhci_hcd vhci_hcd.1: release socket
[  333.011067][   T46] vhci_hcd vhci_hcd.1: disconnect device
[  333.156511][   T29] usb 38-1: SetAddress Request (26) to port 0
[  333.158969][   T29] usb 38-1: new SuperSpeed USB device number 26 using vhci_hcd
[  333.288062][ T9684] vhci_hcd: connection reset by peer
[  333.291600][ T7035] vhci_hcd vhci_hcd.0: stop threads
[  333.294149][ T7035] vhci_hcd vhci_hcd.0: release socket
[  333.296516][ T7035] vhci_hcd vhci_hcd.0: disconnect device
[  333.964246][ T9696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.994'.
[  333.973308][ T9696] netlink: 80 bytes leftover after parsing attributes in process `syz.1.994'.
[  334.963329][ T9718] binder: 9716:9718 ioctl c0306201 80000680 returned -14
[  335.477512][ T9732] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  335.479654][ T9732] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  335.482950][ T9732] vhci_hcd vhci_hcd.0: Device attached
[  335.652157][ T9737] loop6: detected capacity change from 0 to 2640
[  335.676877][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.680648][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.689728][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.699135][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.747305][ T9739] loop6: detected capacity change from 2640 to 524288000
[  335.751243][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.755636][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.762752][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.768191][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.773646][ T9604] ldm_validate_partition_table(): Disk read failed.
[  335.775120][ T9743] netlink: 'syz.3.1008': attribute type 4 has an invalid length.
[  335.780794][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.784107][ T9604] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.789581][ T9604] Dev loop6: unable to read RDB block 0
[  335.794327][ T9604]  loop6: unable to read partition table
[  335.805172][ T9737] ldm_validate_partition_table(): Disk read failed.
[  335.812829][ T9737] Dev loop6: unable to read RDB block 0
[  335.815215][ T9743] netlink: 'syz.3.1008': attribute type 4 has an invalid length.
[  335.818471][ T9737]  loop6: unable to read partition table
[  335.821582][ T9737] loop_reread_partitions: partition scan of loop6 (ir�c����VU�X��G�����ZtM<I�i8NL���	��W�@��Q6��%�������) failed (rc=-5)
[  336.123602][ T9733] vhci_hcd: connection closed
[  336.123962][ T8059] vhci_hcd vhci_hcd.1: stop threads
[  336.123983][ T8059] vhci_hcd vhci_hcd.1: release socket
[  336.124136][ T8059] vhci_hcd vhci_hcd.1: disconnect device
[  338.056513][   T60] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  338.187748][   T29] usb 38-1: device descriptor read/8, error -110
[  338.603996][   T29] usb usb38-port1: attempt power cycle
[  339.027519][ T9794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'.
[  339.033666][ T9794] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1024'.
[  339.103946][ T9795] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  339.106117][ T9795] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  339.113166][ T9795] vhci_hcd vhci_hcd.0: Device attached
[  339.316772][   T29] usb 38-1: SetAddress Request (29) to port 0
[  339.320215][   T29] usb 38-1: new SuperSpeed USB device number 29 using vhci_hcd
[  339.327634][ T6491] usb usb40-port1: attempt power cycle
[  339.738934][ T9796] vhci_hcd: connection reset by peer
[  339.741746][ T8059] vhci_hcd vhci_hcd.0: stop threads
[  339.744243][ T8059] vhci_hcd vhci_hcd.0: release socket
[  339.747032][ T8059] vhci_hcd vhci_hcd.0: disconnect device
[  339.897460][ T6491] usb usb40-port1: unable to enumerate USB device
[  340.156661][ T9802] FAULT_INJECTION: forcing a failure.
[  340.156661][ T9802] name failslab, interval 1, probability 0, space 0, times 0
[  340.161239][ T9802] CPU: 1 UID: 0 PID: 9802 Comm: syz.2.1027 Not tainted syzkaller #0 PREEMPT(full) 
[  340.161267][ T9802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  340.161274][ T9802] Call Trace:
[  340.161279][ T9802]  <TASK>
[  340.161284][ T9802]  dump_stack_lvl+0x16c/0x1f0
[  340.161306][ T9802]  should_fail_ex+0x512/0x640
[  340.161319][ T9802]  ? kmem_cache_alloc_noprof+0x62/0x770
[  340.161335][ T9802]  should_failslab+0xc2/0x120
[  340.161352][ T9802]  kmem_cache_alloc_noprof+0x83/0x770
[  340.161366][ T9802]  ? prepare_creds+0x2c/0x940
[  340.161382][ T9802]  ? prepare_creds+0x2c/0x940
[  340.161393][ T9802]  prepare_creds+0x2c/0x940
[  340.161406][ T9802]  lookup_user_key+0x399/0x1300
[  340.161422][ T9802]  ? __pfx_lookup_user_key+0x10/0x10
[  340.161438][ T9802]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  340.161456][ T9802]  __do_sys_add_key+0x25b/0x470
[  340.161474][ T9802]  ? __pfx___do_sys_add_key+0x10/0x10
[  340.161490][ T9802]  ? ksys_write+0x1ac/0x250
[  340.161506][ T9802]  ? do_user_addr_fault+0x843/0x1370
[  340.161523][ T9802]  __do_fast_syscall_32+0xe8/0x680
[  340.161542][ T9802]  do_fast_syscall_32+0x32/0x80
[  340.161551][ T9802]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.161565][ T9802] RIP: 0023:0xf709d579
[  340.161574][ T9802] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  340.161585][ T9802] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  340.161595][ T9802] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000000000000
[  340.161602][ T9802] RDX: 0000000080000240 RSI: 000000000000002c RDI: 00000000ffffffff
[  340.161612][ T9802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  340.161618][ T9802] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  340.161625][ T9802] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.161638][ T9802]  </TASK>
[  340.374994][ T9803] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1026'.
[  340.388708][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1026'.
[  341.709267][ T5298] Bluetooth: hci1: command 0x0c1a tx timeout
[  342.292706][ T9858] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1046'.
[  342.378668][ T9864] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  342.380865][ T9864] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  342.383564][ T9864] vhci_hcd vhci_hcd.0: Device attached
[  342.570859][ T9874] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1053'.
[  342.786860][ T9869] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  342.789212][ T9869] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  342.833638][ T9869] vhci_hcd vhci_hcd.0: Device attached
[  342.834900][ T9882] tmpfs: Bad value for 'mpol'
[  343.106635][ T5990] usb 40-1: SetAddress Request (14) to port 0
[  343.109843][ T5990] usb 40-1: new SuperSpeed USB device number 14 using vhci_hcd
[  343.308773][ T9865] vhci_hcd: connection closed
[  343.309767][ T1165] vhci_hcd vhci_hcd.0: stop threads
[  343.313383][ T1165] vhci_hcd vhci_hcd.0: release socket
[  343.315434][ T1165] vhci_hcd vhci_hcd.0: disconnect device
[  343.337991][ T9873] vhci_hcd: connection reset by peer
[  343.348858][ T1165] vhci_hcd vhci_hcd.1: stop threads
[  343.351319][ T1165] vhci_hcd vhci_hcd.1: release socket
[  343.355018][ T1165] vhci_hcd vhci_hcd.1: disconnect device
[  344.520056][ T9922] fuse: Unknown parameter '0'
[  344.552506][   T29] usb 38-1: device descriptor read/8, error -110
[  344.675267][   T29] usb usb38-port1: unable to enumerate USB device
[  344.737256][ T6491] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  344.918248][ T9922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1061'.
[  344.947492][ T9915] ubi31: detaching mtd0
[  344.953203][ T9915] ubi31: mtd0 is detached
[  345.161966][ T9964] FAULT_INJECTION: forcing a failure.
[  345.161966][ T9964] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.166685][ T9964] CPU: 1 UID: 0 PID: 9964 Comm: syz.3.1065 Not tainted syzkaller #0 PREEMPT(full) 
[  345.166701][ T9964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.166708][ T9964] Call Trace:
[  345.166713][ T9964]  <TASK>
[  345.166719][ T9964]  dump_stack_lvl+0x16c/0x1f0
[  345.166741][ T9964]  should_fail_ex+0x512/0x640
[  345.166756][ T9964]  _copy_from_user+0x2e/0xd0
[  345.166769][ T9964]  do_compat_sigaltstack+0xf6/0x310
[  345.166781][ T9964]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  345.166791][ T9964]  ? ia32_restore_sigcontext+0x451/0x630
[  345.166803][ T9964]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  345.166830][ T9964]  ? rcu_is_watching+0x12/0xc0
[  345.166847][ T9964]  ? _raw_spin_unlock_irq+0x23/0x50
[  345.166861][ T9964]  ? lockdep_hardirqs_on+0x7c/0x110
[  345.166879][ T9964]  compat_restore_altstack+0x17/0x40
[  345.166891][ T9964]  __do_compat_sys_rt_sigreturn+0x204/0x270
[  345.166903][ T9964]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  345.166919][ T9964]  ? rcu_is_watching+0x12/0xc0
[  345.166934][ T9964]  do_int80_emulation+0x104/0x480
[  345.166953][ T9964]  asm_int80_emulation+0x1a/0x20
[  345.166964][ T9964] RIP: 0023:0xf7f23577
[  345.166973][ T9964] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  345.166984][ T9964] RSP: 002b:00000000f541655c EFLAGS: 00000296
[  345.166993][ T9964] RAX: 0000000000000139 RBX: 0000000000000008 RCX: 0000000000000000
[  345.166999][ T9964] RDX: 000000000000000b RSI: 0000000000000000 RDI: 0000000000000007
[  345.167005][ T9964] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  345.167011][ T9964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  345.167018][ T9964] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.167031][ T9964]  </TASK>
[  345.774478][ T9987] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  345.776763][ T9987] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  345.796114][ T9987] vhci_hcd vhci_hcd.0: Device attached
[  345.872310][ T9996] FAULT_INJECTION: forcing a failure.
[  345.872310][ T9996] name failslab, interval 1, probability 0, space 0, times 0
[  345.884253][ T9996] CPU: 0 UID: 0 PID: 9996 Comm: syz.2.1076 Not tainted syzkaller #0 PREEMPT(full) 
[  345.884270][ T9996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.884277][ T9996] Call Trace:
[  345.884282][ T9996]  <TASK>
[  345.884287][ T9996]  dump_stack_lvl+0x16c/0x1f0
[  345.884309][ T9996]  should_fail_ex+0x512/0x640
[  345.884322][ T9996]  ? kmem_cache_alloc_noprof+0x62/0x770
[  345.884337][ T9996]  should_failslab+0xc2/0x120
[  345.884354][ T9996]  kmem_cache_alloc_noprof+0x83/0x770
[  345.884367][ T9996]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  345.884385][ T9996]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  345.884410][ T9996]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  345.884427][ T9996]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  345.884449][ T9996]  mmu_topup_memory_caches+0x25/0x170
[  345.884463][ T9996]  kvm_mmu_load+0xd6/0x2390
[  345.884476][ T9996]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  345.884492][ T9996]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  345.884510][ T9996]  ? __pfx_kvm_mmu_load+0x10/0x10
[  345.884522][ T9996]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  345.884540][ T9996]  ? kvm_check_and_inject_events+0x63d/0x1050
[  345.884556][ T9996]  vcpu_run+0x39d2/0x5a80
[  345.884568][ T9996]  ? find_held_lock+0x2b/0x80
[  345.884582][ T9996]  ? vmx_vcpu_load_vmcs+0x222/0x770
[  345.884603][ T9996]  ? __pfx_vcpu_run+0x10/0x10
[  345.884623][ T9996]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  345.884636][ T9996]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  345.884653][ T9996]  kvm_vcpu_ioctl+0x76d/0x16d0
[  345.884673][ T9996]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  345.884690][ T9996]  ? tomoyo_path_number_perm+0x18d/0x580
[  345.884704][ T9996]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  345.884721][ T9996]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  345.884739][ T9996]  ? do_vfs_ioctl+0x128/0x14f0
[  345.884752][ T9996]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  345.884771][ T9996]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  345.884789][ T9996]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  345.884806][ T9996]  ? __fget_files+0x20e/0x3c0
[  345.884820][ T9996]  ? __fput_deferred+0x430/0x480
[  345.884833][ T9996]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  345.884851][ T9996]  __ia32_compat_sys_ioctl+0x242/0x370
[  345.884866][ T9996]  __do_fast_syscall_32+0xe8/0x680
[  345.884885][ T9996]  do_fast_syscall_32+0x32/0x80
[  345.884895][ T9996]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  345.884909][ T9996] RIP: 0023:0xf709d579
[  345.884918][ T9996] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  345.884928][ T9996] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  345.884939][ T9996] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  345.884946][ T9996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  345.884952][ T9996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  345.884958][ T9996] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  345.884964][ T9996] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.884978][ T9996]  </TASK>
[  346.089498][ T9999] loop5: detected capacity change from 0 to 7
[  346.100226][ T9604] Dev loop5: unable to read RDB block 7
[  346.102671][ T9604]  loop5: AHDI p1 p2 p3
[  346.104415][ T9604] loop5: partition table partially beyond EOD, truncated
[  346.111723][ T9604] loop5: p1 start 1601398130 is beyond EOD, truncated
[  346.114223][ T9604] loop5: p2 start 1702059890 is beyond EOD, truncated
[  346.126710][  T840] usb 38-1: SetAddress Request (30) to port 0
[  346.129610][  T840] usb 38-1: new SuperSpeed USB device number 30 using vhci_hcd
[  346.180659][ T9999] Dev loop5: unable to read RDB block 7
[  346.182672][ T9999]  loop5: AHDI p1 p2 p3
[  346.184134][ T9999] loop5: partition table partially beyond EOD, truncated
[  346.196590][ T9999] loop5: p1 start 1601398130 is beyond EOD, truncated
[  346.199076][ T9999] loop5: p2 start 1702059890 is beyond EOD, truncated
[  346.294227][ T9990] vhci_hcd: connection reset by peer
[  346.312148][ T9944] vhci_hcd vhci_hcd.0: stop threads
[  346.314393][ T9944] vhci_hcd vhci_hcd.0: release socket
[  346.316968][ T9944] vhci_hcd vhci_hcd.0: disconnect device
[  346.705128][T10018] io-wq is not configured for unbound workers
[  347.068825][T10033] Invalid source name
[  347.113969][T10035] IPVS: sh: FWM 3 0x00000003 - no destination available
[  347.836881][T10049] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  347.839133][T10049] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  347.842591][T10049] vhci_hcd vhci_hcd.0: Device attached
[  348.107251][ T6003] usb 44-1: SetAddress Request (26) to port 0
[  348.109369][ T6003] usb 44-1: new SuperSpeed USB device number 26 using vhci_hcd
[  348.186690][ T5990] usb 40-1: device descriptor read/8, error -110
[  348.271937][T10057] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0
[  348.370440][T10057] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0
[  348.443096][T10057] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0
[  348.491789][T10050] vhci_hcd: connection reset by peer
[  348.495467][ T9941] vhci_hcd vhci_hcd.3: stop threads
[  348.500345][ T9941] vhci_hcd vhci_hcd.3: release socket
[  348.502269][ T9941] vhci_hcd vhci_hcd.3: disconnect device
[  348.577375][ T5990] usb usb40-port1: attempt power cycle
[  348.587402][T10057] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20002 - 0
[  348.767864][ T1245] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20002 - 0
[  348.774967][ T1245] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20002 - 0
[  348.780400][T10066] IPVS: sh: FWM 3 0x00000003 - no destination available
[  348.802697][ T1245] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20002 - 0
[  348.808997][ T1245] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20002 - 0
[  349.157140][ T5990] usb usb40-port1: unable to enumerate USB device
[  349.776515][T10090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1108'.
[  349.892865][ T5990] IPVS: starting estimator thread 0...
[  350.056664][T10093] IPVS: using max 44 ests per chain, 105600 per kthread
[  350.217509][T10098] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  350.219720][T10098] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  350.225190][T10098] vhci_hcd vhci_hcd.0: Device attached
[  350.346587][   T24] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  350.560634][T10113] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1118'.
[  350.641162][T10113] netlink: 'syz.2.1118': attribute type 4 has an invalid length.
[  350.768855][T10100] vhci_hcd: connection closed
[  350.769946][   T75] vhci_hcd vhci_hcd.0: stop threads
[  350.780463][   T75] vhci_hcd vhci_hcd.0: release socket
[  350.783042][   T75] vhci_hcd vhci_hcd.0: disconnect device
[  351.236364][  T840] usb 38-1: device descriptor read/8, error -110
[  351.239073][   T24] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  351.244171][   T24] usb 6-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b
[  351.247344][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.249990][   T24] usb 6-1: Product: syz
[  351.251442][   T24] usb 6-1: Manufacturer: syz
[  351.253092][   T24] usb 6-1: SerialNumber: syz
[  351.660715][  T840] usb usb38-port1: attempt power cycle
[  351.667313][   T24] as10x_usb: device has been detected
[  351.732810][T10141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1127'.
[  351.924007][   T24] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe)
[  351.939435][   T24] usb 6-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)...
[  351.974118][   T24] as10x_usb: error during firmware upload part1
[  351.976740][   T24] Registered device Elgato EyeTV DTT Deluxe
[  351.978150][   T24] usb 6-1: USB disconnect, device number 8
[  351.992775][   T24] Unregistered device Elgato EyeTV DTT Deluxe
[  351.994023][   T24] as10x_usb: device has been disconnected
[  352.417369][  T840] usb usb38-port1: unable to enumerate USB device
[  353.157315][ T6003] usb 44-1: device descriptor read/8, error -110
[  353.559601][ T6003] usb usb44-port1: attempt power cycle
[  353.839889][T10174] overlayfs: failed to resolve './file0': -2
[  353.971199][T10174] input: syz0 as /devices/virtual/input/input39
[  353.973736][T10174] input: failed to attach handler leds to device input39, error: -6
[  354.117010][ T6003] usb usb44-port1: unable to enumerate USB device
[  357.286699][T10222] overlayfs: failed to resolve './file0': -2
[  357.360318][T10224] input: syz0 as /devices/virtual/input/input40
[  357.362965][T10224] input: failed to attach handler leds to device input40, error: -6
[  358.688192][T10248] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  358.690656][T10248] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  358.694915][T10248] vhci_hcd vhci_hcd.0: Device attached
[  358.986518][   T10] usb 42-1: SetAddress Request (34) to port 0
[  358.988579][   T10] usb 42-1: new SuperSpeed USB device number 34 using vhci_hcd
[  359.692911][T10264] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  359.695871][T10264] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  359.711425][T10264] vhci_hcd vhci_hcd.0: Device attached
[  359.786921][T10250] vhci_hcd: connection closed
[  359.787398][ T1245] vhci_hcd vhci_hcd.2: stop threads
[  359.787419][ T1245] vhci_hcd vhci_hcd.2: release socket
[  359.787486][ T1245] vhci_hcd vhci_hcd.2: disconnect device
[  359.802395][   T10] usb 42-1: enqueue for inactive port 0
[  359.976617][   T63] usb 44-1: SetAddress Request (30) to port 0
[  359.979573][   T63] usb 44-1: new SuperSpeed USB device number 30 using vhci_hcd
[  360.189151][   T10] usb usb42-port1: attempt power cycle
[  360.359397][T10265] vhci_hcd: connection reset by peer
[  360.360278][  T106] vhci_hcd vhci_hcd.3: stop threads
[  360.363242][  T106] vhci_hcd vhci_hcd.3: release socket
[  360.363302][  T106] vhci_hcd vhci_hcd.3: disconnect device
[  360.802587][   T10] usb usb42-port1: unable to enumerate USB device
[  360.852058][T10293] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  360.852089][T10293] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  360.852345][T10293] vhci_hcd vhci_hcd.0: Device attached
[  361.116739][ T5990] usb 42-1: SetAddress Request (38) to port 0
[  361.117008][ T5990] usb 42-1: new SuperSpeed USB device number 38 using vhci_hcd
[  361.424181][T10295] vhci_hcd: connection reset by peer
[  361.424751][ T9943] vhci_hcd vhci_hcd.2: stop threads
[  361.424775][ T9943] vhci_hcd vhci_hcd.2: release socket
[  361.424857][ T9943] vhci_hcd vhci_hcd.2: disconnect device
[  362.667441][T10320] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  362.669606][T10320] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  362.672321][T10320] vhci_hcd vhci_hcd.0: Device attached
[  363.177804][T10323] vhci_hcd: connection closed
[  363.183124][ T9943] vhci_hcd vhci_hcd.3: stop threads
[  363.193052][ T9943] vhci_hcd vhci_hcd.3: release socket
[  363.194993][ T9943] vhci_hcd vhci_hcd.3: disconnect device
[  363.438463][T10335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1177'.
[  365.066526][   T63] usb 44-1: device descriptor read/8, error -110
[  365.937051][   T63] usb usb44-port1: attempt power cycle
[  366.078312][T10370] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1185'.
[  366.196604][ T5990] usb 42-1: device descriptor read/8, error -110
[  366.236672][ T6026] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  366.388092][ T6026] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  366.393413][ T6026] usb 7-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b
[  366.396967][ T6026] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.399730][ T6026] usb 7-1: Product: syz
[  366.401591][ T6026] usb 7-1: Manufacturer: syz
[  366.403778][ T6026] usb 7-1: SerialNumber: syz
[  366.480426][T10373] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  366.482936][T10373] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  366.490003][T10373] vhci_hcd vhci_hcd.0: Device attached
[  366.501096][   T63] usb usb44-port1: unable to enumerate USB device
[  366.617098][ T5990] usb usb42-port1: attempt power cycle
[  366.726546][ T5938] Bluetooth: hci3: Unknown advertising packet type: 0x1e
[  366.726707][ T5938] Bluetooth: hci3: adv larger than maximum supported
[  366.729472][ T5938] Bluetooth: hci3: Malformed LE Event: 0x0d
[  366.737062][ T6026] as10x_usb: device has been detected
[  366.739216][ T6026] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe)
[  366.745630][ T6026] usb 7-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)...
[  366.764034][ T6026] as10x_usb: error during firmware upload part1
[  366.772600][ T6026] Registered device Elgato EyeTV DTT Deluxe
[  366.774453][ T6026] usb 7-1: USB disconnect, device number 16
[  366.790799][ T6026] Unregistered device Elgato EyeTV DTT Deluxe
[  366.791654][ T6026] as10x_usb: device has been disconnected
[  366.803542][   T29] usb 38-1: SetAddress Request (34) to port 0
[  366.806353][   T29] usb 38-1: new SuperSpeed USB device number 34 using vhci_hcd
[  367.001584][T10374] vhci_hcd: connection reset by peer
[  367.005050][ T9944] vhci_hcd vhci_hcd.0: stop threads
[  367.007133][ T9944] vhci_hcd vhci_hcd.0: release socket
[  367.009387][ T9944] vhci_hcd vhci_hcd.0: disconnect device
[  367.089011][T10380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1188'.
[  367.177276][ T5990] usb usb42-port1: unable to enumerate USB device
[  367.527098][T10382] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  367.530052][T10382] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  367.532311][T10382] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  367.534534][T10382] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  367.537655][T10387] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  367.540142][T10387] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  367.543248][T10387] vhci_hcd vhci_hcd.0: Device attached
[  367.816626][ T5990] usb 42-1: SetAddress Request (42) to port 0
[  367.818914][ T5990] usb 42-1: new SuperSpeed USB device number 42 using vhci_hcd
[  368.280856][T10388] vhci_hcd: connection reset by peer
[  368.284084][   T75] vhci_hcd vhci_hcd.2: stop threads
[  368.284305][   T75] vhci_hcd vhci_hcd.2: release socket
[  368.284470][   T75] vhci_hcd vhci_hcd.2: disconnect device
[  369.037092][T10423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1200'.
[  369.546583][ T5938] Bluetooth: hci3: command 0x0c1a tx timeout
[  369.546617][ T5298] Bluetooth: hci2: command 0x0c1a tx timeout
[  369.551030][ T5298] Bluetooth: hci1: command 0x0c1a tx timeout
[  370.266602][   T40] audit: type=1326 audit(1766911060.251:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10446 comm="syz.1.1208" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x0
[  370.304044][   T40] audit: type=1326 audit(1766911060.281:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10446 comm="syz.1.1208" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x0
[  370.856009][T10452] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  370.858178][T10452] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  370.906705][T10452] vhci_hcd vhci_hcd.0: Device attached
[  371.139062][T10463] delete_channel: no stack
[  371.176690][ T6003] usb 44-1: SetAddress Request (34) to port 0
[  371.179200][ T6003] usb 44-1: new SuperSpeed USB device number 34 using vhci_hcd
[  371.296500][T10453] vhci_hcd: connection reset by peer
[  371.408605][   T75] vhci_hcd vhci_hcd.3: stop threads
[  371.410400][   T75] vhci_hcd vhci_hcd.3: release socket
[  371.413249][   T75] vhci_hcd vhci_hcd.3: disconnect device
[  371.626596][ T5941] Bluetooth: hci3: command 0x0c1a tx timeout
[  371.661572][T10478] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1215'.
[  371.866639][   T29] usb 38-1: device descriptor read/8, error -110
[  372.262184][   T29] usb usb38-port1: attempt power cycle
[  372.906691][ T5990] usb 42-1: device descriptor read/8, error -110
[  372.934944][T10491] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  372.937190][T10491] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  372.963481][T10491] vhci_hcd vhci_hcd.0: Device attached
[  373.226789][   T29] usb usb38-port1: unable to enumerate USB device
[  373.647244][T10492] vhci_hcd: connection closed
[  373.647435][ T9944] vhci_hcd vhci_hcd.2: stop threads
[  373.651766][ T9944] vhci_hcd vhci_hcd.2: release socket
[  373.654139][ T9944] vhci_hcd vhci_hcd.2: disconnect device
[  374.030590][ T5990] usb 42-1: enqueue for inactive port 0
[  374.246629][ T5990] usb usb42-port1: attempt power cycle
[  374.467933][T10523] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1227'.
[  374.731311][T10524] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  374.733581][T10524] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  374.755483][T10524] vhci_hcd vhci_hcd.0: Device attached
[  374.932205][ T5990] usb usb42-port1: unable to enumerate USB device
[  375.026539][ T6439] usb 40-1: SetAddress Request (18) to port 0
[  375.029423][ T6439] usb 40-1: new SuperSpeed USB device number 18 using vhci_hcd
[  375.104278][T10525] vhci_hcd: connection reset by peer
[  375.111430][ T9941] vhci_hcd vhci_hcd.1: stop threads
[  375.113935][ T9941] vhci_hcd vhci_hcd.1: release socket
[  375.120595][ T9941] vhci_hcd vhci_hcd.1: disconnect device
[  375.160233][T10533] fuse: root generation should be zero
[  375.426973][T10542] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  375.936010][T10552] overlayfs: failed to resolve './file0': -2
[  376.015953][T10552] input: syz0 as /devices/virtual/input/input41
[  376.018325][T10552] input: failed to attach handler leds to device input41, error: -6
[  376.266552][ T6003] usb 44-1: device descriptor read/8, error -110
[  376.690129][ T6003] usb usb44-port1: attempt power cycle
[  376.719599][   T40] audit: type=1326 audit(1766911066.701:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.729049][   T40] audit: type=1326 audit(1766911066.701:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.739888][   T40] audit: type=1326 audit(1766911066.701:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.749657][   T40] audit: type=1326 audit(1766911066.701:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.760058][   T40] audit: type=1326 audit(1766911066.711:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.769243][T10572] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  376.773173][   T40] audit: type=1326 audit(1766911066.711:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.780504][   T40] audit: type=1326 audit(1766911066.731:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.795746][   T40] audit: type=1326 audit(1766911066.731:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.804823][   T40] audit: type=1326 audit(1766911066.731:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.813144][   T40] audit: type=1326 audit(1766911066.731:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10565 comm="syz.2.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709d579 code=0x7ffc0000
[  376.857197][T10574] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  377.257709][ T6003] usb usb44-port1: unable to enumerate USB device
[  377.652152][T10588] overlayfs: failed to resolve './file0': -2
[  377.735985][T10590] input: syz0 as /devices/virtual/input/input42
[  377.740605][T10590] input: failed to attach handler leds to device input42, error: -6
[  378.227311][T10601] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  378.227338][T10601] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  378.227770][T10601] vhci_hcd vhci_hcd.0: Device attached
[  378.853280][T10602] vhci_hcd: connection closed
[  378.859292][ T8059] vhci_hcd vhci_hcd.1: stop threads
[  378.866898][ T8059] vhci_hcd vhci_hcd.1: release socket
[  378.869143][ T8059] vhci_hcd vhci_hcd.1: disconnect device
[  379.965824][T10649] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  380.107148][ T6439] usb 40-1: device descriptor read/8, error -110
[  380.219382][T10659] overlayfs: failed to resolve './file0': -2
[  380.278526][T10660] input: syz0 as /devices/virtual/input/input43
[  380.281320][T10660] input: failed to attach handler leds to device input43, error: -6
[  380.497273][ T6439] usb usb40-port1: attempt power cycle
[  380.887945][T10666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1261'.
[  380.898241][T10666] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1261'.
[  381.069879][ T6439] usb usb40-port1: unable to enumerate USB device
[  381.520452][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1263'.
[  382.465116][T10688] overlayfs: failed to resolve './file0': -2
[  382.963062][T10693] overlayfs: failed to resolve './file0': -2
[  383.076032][T10693] input: syz0 as /devices/virtual/input/input44
[  383.078617][T10693] input: failed to attach handler leds to device input44, error: -6
[  383.245411][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  383.246054][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  384.088808][T10706] overlayfs: failed to resolve './file0': -2
[  384.157435][T10707] input: syz0 as /devices/virtual/input/input45
[  384.160662][T10707] input: failed to attach handler leds to device input45, error: -6
[  384.944061][T10719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1278'.
[  384.945806][T10719] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1278'.
[  385.576251][T10731] IPVS: sh: FWM 3 0x00000003 - no destination available
[  386.652775][T10751] overlayfs: failed to resolve './file0': -2
[  386.758762][T10753] input: syz0 as /devices/virtual/input/input46
[  386.761303][T10753] input: failed to attach handler leds to device input46, error: -6
[  386.923672][T10756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1288'.
[  387.588634][T10767] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  387.591445][T10767] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  387.594851][T10767] vhci_hcd vhci_hcd.0: Device attached
[  387.609912][T10771] overlayfs: failed to resolve './file0': -2
[  387.887660][ T6003] usb 40-1: SetAddress Request (22) to port 0
[  387.901322][ T6003] usb 40-1: new SuperSpeed USB device number 22 using vhci_hcd
[  388.227546][T10768] vhci_hcd: connection reset by peer
[  388.242636][ T9943] vhci_hcd vhci_hcd.1: stop threads
[  388.270582][ T9943] vhci_hcd vhci_hcd.1: release socket
[  388.282530][ T9943] vhci_hcd vhci_hcd.1: disconnect device
[  389.007369][T10785] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  390.317700][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1302'.
[  392.011741][T10818] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1308'.
[  392.017166][T10818] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1308'.
[  392.087799][T10821] FAULT_INJECTION: forcing a failure.
[  392.087799][T10821] name failslab, interval 1, probability 0, space 0, times 0
[  392.093486][T10821] CPU: 2 UID: 0 PID: 10821 Comm: syz.2.1309 Not tainted syzkaller #0 PREEMPT(full) 
[  392.093510][T10821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  392.093521][T10821] Call Trace:
[  392.093529][T10821]  <TASK>
[  392.093536][T10821]  dump_stack_lvl+0x16c/0x1f0
[  392.093591][T10821]  should_fail_ex+0x512/0x640
[  392.093617][T10821]  ? __kmalloc_cache_noprof+0x5f/0x800
[  392.093641][T10821]  should_failslab+0xc2/0x120
[  392.093668][T10821]  __kmalloc_cache_noprof+0x80/0x800
[  392.093689][T10821]  ? __xdp_reg_mem_model+0x134/0x680
[  392.093717][T10821]  ? __xdp_reg_mem_model+0x134/0x680
[  392.093740][T10821]  __xdp_reg_mem_model+0x134/0x680
[  392.093764][T10821]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[  392.093791][T10821]  ? page_pool_list+0x223/0x2a0
[  392.093814][T10821]  xdp_reg_mem_model+0x22/0x70
[  392.093858][T10821]  bpf_test_run_xdp_live+0x1ca/0x770
[  392.093884][T10821]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  392.093945][T10821]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  392.093984][T10821]  ? __might_fault+0x13b/0x190
[  392.094014][T10821]  ? bpf_test_init.isra.0+0x51/0x130
[  392.094038][T10821]  bpf_prog_test_run_xdp+0xd3d/0x1660
[  392.094068][T10821]  ? __fget_files+0x204/0x3c0
[  392.094095][T10821]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  392.094120][T10821]  ? __might_fault+0x50/0x190
[  392.094144][T10821]  ? fput+0x70/0xf0
[  392.094161][T10821]  ? __bpf_prog_get+0x97/0x2a0
[  392.094184][T10821]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  392.094207][T10821]  __sys_bpf+0x1035/0x4980
[  392.094228][T10821]  ? __pfx___sys_bpf+0x10/0x10
[  392.094245][T10821]  ? find_held_lock+0x2b/0x80
[  392.094273][T10821]  ? find_held_lock+0x2b/0x80
[  392.094301][T10821]  ? __mutex_unlock_slowpath+0x161/0x790
[  392.094343][T10821]  ? fput+0x70/0xf0
[  392.094359][T10821]  ? ksys_write+0x1ac/0x250
[  392.094384][T10821]  ? __pfx_ksys_write+0x10/0x10
[  392.094413][T10821]  __ia32_sys_bpf+0x76/0xe0
[  392.094430][T10821]  ? lockdep_hardirqs_on+0x7c/0x110
[  392.094457][T10821]  __do_fast_syscall_32+0xe8/0x680
[  392.094487][T10821]  do_fast_syscall_32+0x32/0x80
[  392.094504][T10821]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  392.094526][T10821] RIP: 0023:0xf709d579
[  392.094541][T10821] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  392.094557][T10821] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  392.094575][T10821] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000340
[  392.094585][T10821] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  392.094594][T10821] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  392.094605][T10821] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  392.094614][T10821] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  392.094636][T10821]  </TASK>
[  392.986534][ T6003] usb 40-1: device descriptor read/8, error -110
[  393.377480][ T6003] usb usb40-port1: attempt power cycle
[  393.875361][T10845] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  393.877708][T10845] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  393.881356][T10845] vhci_hcd vhci_hcd.0: Device attached
[  394.000163][ T6003] usb usb40-port1: unable to enumerate USB device
[  394.059017][T10846] vhci_hcd: connection closed
[  394.059311][ T9943] vhci_hcd vhci_hcd.2: stop threads
[  394.063980][ T9943] vhci_hcd vhci_hcd.2: release socket
[  394.066935][ T9943] vhci_hcd vhci_hcd.2: disconnect device
[  394.694237][T10871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1317'.
[  394.936157][T10873] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  394.946845][T10873] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  394.960538][T10874] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  394.977033][T10874] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  394.993684][T10873] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  395.000441][T10873] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  395.026760][T10873] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  395.044055][T10873] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  395.164417][T10883] IPVS: sh: FWM 3 0x00000003 - no destination available
[  397.534780][T10922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1326'.
[  397.542349][T10922] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1326'.
[  397.617537][T10925] overlayfs: failed to resolve './file0': -2
[  398.480763][T10930] overlayfs: failed to resolve './file0': -2
[  399.024094][T10944] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  399.026341][T10944] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  399.034987][T10944] vhci_hcd vhci_hcd.0: Device attached
[  399.316600][ T6003] usb 42-1: SetAddress Request (47) to port 0
[  399.319240][ T6003] usb 42-1: new SuperSpeed USB device number 47 using vhci_hcd
[  399.560448][T10945] vhci_hcd: connection reset by peer
[  399.560676][ T8059] vhci_hcd vhci_hcd.2: stop threads
[  399.560694][ T8059] vhci_hcd vhci_hcd.2: release socket
[  399.560771][ T8059] vhci_hcd vhci_hcd.2: disconnect device
[  400.397575][T10964] overlayfs: failed to resolve './file0': -2
[  400.599650][T10970] IPVS: sh: FWM 3 0x00000003 - no destination available
[  400.819352][T10974] input: syz0 as /devices/virtual/input/input48
[  400.828406][T10974] input: failed to attach handler leds to device input48, error: -6
[  401.060760][T10978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1344'.
[  401.859323][T10995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1347'.
[  401.864281][T10996] FAULT_INJECTION: forcing a failure.
[  401.864281][T10996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.865985][T10995] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1347'.
[  401.872651][T10996] CPU: 3 UID: 0 PID: 10996 Comm: syz.0.1346 Not tainted syzkaller #0 PREEMPT(full) 
[  401.872673][T10996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.872685][T10996] Call Trace:
[  401.872707][T10996]  <TASK>
[  401.872715][T10996]  dump_stack_lvl+0x16c/0x1f0
[  401.872745][T10996]  should_fail_ex+0x512/0x640
[  401.872769][T10996]  _copy_to_user+0x32/0xd0
[  401.872791][T10996]  simple_read_from_buffer+0xcb/0x170
[  401.872818][T10996]  proc_fail_nth_read+0x197/0x240
[  401.872847][T10996]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  401.872877][T10996]  ? rw_verify_area+0xcf/0x6c0
[  401.872899][T10996]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  401.872928][T10996]  vfs_read+0x1e4/0xcf0
[  401.872955][T10996]  ? __pfx___mutex_lock+0x10/0x10
[  401.872985][T10996]  ? __pfx_vfs_read+0x10/0x10
[  401.873008][T10996]  ? find_held_lock+0x2b/0x80
[  401.873037][T10996]  ? __fget_files+0x20e/0x3c0
[  401.873075][T10996]  ksys_read+0x12a/0x250
[  401.873099][T10996]  ? __pfx_ksys_read+0x10/0x10
[  401.873125][T10996]  ? do_user_addr_fault+0x843/0x1370
[  401.873151][T10996]  __do_fast_syscall_32+0xe8/0x680
[  401.873182][T10996]  do_fast_syscall_32+0x32/0x80
[  401.873199][T10996]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  401.873220][T10996] RIP: 0023:0xf7fd1579
[  401.873235][T10996] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  401.873252][T10996] RSP: 002b:00000000f54a5590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  401.873270][T10996] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54a5620
[  401.873282][T10996] RDX: 000000000000000f RSI: 00000000f7466ff4 RDI: 0000000000000000
[  401.873292][T10996] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  401.873301][T10996] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  401.873312][T10996] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  401.873336][T10996]  </TASK>
[  401.965647][T10999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1348'.
[  402.306490][ T6043] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  402.468835][ T6043] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  402.468946][ T6043] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  402.468969][ T6043] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.475772][ T6043] usb 8-1: config 0 descriptor??
[  402.705028][ T6043] usbhid 8-1:0.0: can't add hid device: -71
[  402.705129][ T6043] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  402.710798][ T6043] usb 8-1: USB disconnect, device number 20
[  403.197022][T11038] overlayfs: failed to resolve './file0': -2
[  403.356718][T11040] input: syz0 as /devices/virtual/input/input49
[  403.357596][   T10] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  403.362347][T11040] input: failed to attach handler leds to device input49, error: -6
[  404.036466][   T10] usb 8-1: Using ep0 maxpacket: 32
[  404.040627][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  404.044676][   T10] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  404.047844][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.058406][   T10] usb 8-1: config 0 descriptor??
[  404.074801][   T10] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  404.095746][   T10] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  404.226907][T11043] can: request_module (can-proto-0) failed.
[  404.343204][T11051] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1359'.
[  404.348154][ T6003] usb 42-1: device descriptor read/8, error -110
[  404.561794][T11061] IPVS: sh: FWM 3 0x00000003 - no destination available
[  404.621363][T11062] syz.2.1357 (11062): attempted to duplicate a private mapping with mremap.  This is not supported.
[  404.757791][ T6003] usb usb42-port1: attempt power cycle
[  405.279857][T11073] overlayfs: failed to resolve './file0': -2
[  405.327265][ T6003] usb usb42-port1: unable to enumerate USB device
[  405.393620][T11075] input: syz0 as /devices/virtual/input/input50
[  405.396597][T11075] input: failed to attach handler leds to device input50, error: -6
[  405.614288][T11078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1365'.
[  405.618599][T11078] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1365'.
[  405.643612][ T6439] usb 8-1: USB disconnect, device number 21
[  405.652030][ T6439] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  407.178006][T11089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  407.225611][T11089] Bluetooth: MGMT ver 1.23
[  407.573624][T11088] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  408.255794][T11096] IPVS: sh: FWM 3 0x00000003 - no destination available
[  408.568167][T11102] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1373'.
[  409.231938][T11113] overlayfs: failed to resolve './file0': -2
[  409.360699][T11113] input: syz0 as /devices/virtual/input/input51
[  409.363480][T11113] input: failed to attach handler leds to device input51, error: -6
[  412.125298][T11160] IPVS: sh: FWM 3 0x00000003 - no destination available
[  413.773899][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  413.773912][   T40] audit: type=1326 audit(1766911103.751:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.800566][   T40] audit: type=1326 audit(1766911103.751:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.816787][   T40] audit: type=1326 audit(1766911103.751:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.829069][   T40] audit: type=1326 audit(1766911103.751:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.846544][   T40] audit: type=1326 audit(1766911103.751:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.854058][   T40] audit: type=1326 audit(1766911103.751:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.868731][   T40] audit: type=1326 audit(1766911103.751:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.885645][   T40] audit: type=1326 audit(1766911103.751:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.893073][   T40] audit: type=1326 audit(1766911103.751:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  413.913050][   T40] audit: type=1326 audit(1766911103.751:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.1396" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd1598 code=0x7ffc0000
[  414.244795][T11191] IPVS: sh: FWM 3 0x00000003 - no destination available
[  415.068965][   T29] libceph: connect (1)[c::]:6789 error -97
[  415.079821][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  415.110111][T11188] ceph: No mds server is up or the cluster is laggy
[  415.832166][T11227] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1405'.
[  416.494445][T11238] xt_policy: too many policy elements
[  417.055020][T11246] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1421'.
[  417.841984][T11257] SQUASHFS error: Failed to read block 0x0: -5
[  417.906116][T11259] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1416'.
[  417.912465][T11259] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1416'.
[  421.116690][T11277] FAULT_INJECTION: forcing a failure.
[  421.116690][T11277] name failslab, interval 1, probability 0, space 0, times 0
[  421.121459][T11277] CPU: 3 UID: 0 PID: 11277 Comm: syz.0.1420 Not tainted syzkaller #0 PREEMPT(full) 
[  421.121475][T11277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  421.121482][T11277] Call Trace:
[  421.121486][T11277]  <TASK>
[  421.121491][T11277]  dump_stack_lvl+0x16c/0x1f0
[  421.121513][T11277]  should_fail_ex+0x512/0x640
[  421.121526][T11277]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  421.121542][T11277]  should_failslab+0xc2/0x120
[  421.121559][T11277]  kmem_cache_alloc_node_noprof+0x86/0x800
[  421.121572][T11277]  ? __alloc_skb+0x156/0x410
[  421.121588][T11277]  ? __alloc_skb+0x156/0x410
[  421.121598][T11277]  __alloc_skb+0x156/0x410
[  421.121609][T11277]  ? __alloc_skb+0x35d/0x410
[  421.121620][T11277]  ? __pfx___alloc_skb+0x10/0x10
[  421.121631][T11277]  ? find_held_lock+0x2b/0x80
[  421.121675][T11277]  nf_tables_rule_notify+0xe0/0x6d0
[  421.121698][T11277]  nf_tables_commit+0x34da/0x8c40
[  421.121725][T11277]  ? __pfx_nf_tables_commit+0x10/0x10
[  421.121742][T11277]  ? __pfx_nf_tables_newrule+0x10/0x10
[  421.121760][T11277]  ? __nla_parse+0x40/0x60
[  421.121776][T11277]  nfnetlink_rcv_batch+0x115e/0x2350
[  421.121797][T11277]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  421.121812][T11277]  ? lockdep_hardirqs_on+0x7c/0x110
[  421.121829][T11277]  ? __dev_queue_xmit+0x782/0x4650
[  421.121840][T11277]  ? __local_bh_enable_ip+0xa4/0x120
[  421.121875][T11277]  ? __nla_parse+0x40/0x60
[  421.121891][T11277]  nfnetlink_rcv+0x3c1/0x430
[  421.121903][T11277]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  421.121923][T11277]  netlink_unicast+0x5aa/0x870
[  421.121942][T11277]  ? __pfx_netlink_unicast+0x10/0x10
[  421.121958][T11277]  ? __pfx___might_resched+0x10/0x10
[  421.121978][T11277]  netlink_sendmsg+0x8c8/0xdd0
[  421.121996][T11277]  ? __pfx_netlink_sendmsg+0x10/0x10
[  421.122013][T11277]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  421.122034][T11277]  ____sys_sendmsg+0xa5d/0xc30
[  421.122053][T11277]  ? btrfs_backref_error_cleanup+0xbd4/0xd70
[  421.122071][T11277]  ? __pfx_____sys_sendmsg+0x10/0x10
[  421.122088][T11277]  ? get_compat_msghdr+0x11a/0x170
[  421.122108][T11277]  ___sys_sendmsg+0x134/0x1d0
[  421.122122][T11277]  ? __pfx____sys_sendmsg+0x10/0x10
[  421.122143][T11277]  ? find_held_lock+0x2b/0x80
[  421.122165][T11277]  __sys_sendmsg+0x16d/0x220
[  421.122179][T11277]  ? __pfx___sys_sendmsg+0x10/0x10
[  421.122198][T11277]  ? do_user_addr_fault+0x843/0x1370
[  421.122214][T11277]  __do_fast_syscall_32+0xe8/0x680
[  421.122232][T11277]  do_fast_syscall_32+0x32/0x80
[  421.122242][T11277]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  421.122256][T11277] RIP: 0023:0xf7fd1579
[  421.122265][T11277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  421.122276][T11277] RSP: 002b:00000000f54c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  421.122287][T11277] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  421.122294][T11277] RDX: 0000000004008014 RSI: 0000000000000000 RDI: 0000000000000000
[  421.122300][T11277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  421.122306][T11277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  421.122313][T11277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  421.122326][T11277]  </TASK>
[  421.757840][   T40] kauditd_printk_skb: 390 callbacks suppressed
[  421.757852][   T40] audit: type=1326 audit(2000000007.290:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000
[  421.776355][   T40] audit: type=1326 audit(2000000007.290:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000
[  421.783462][   T40] audit: type=1326 audit(2000000007.290:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  421.810675][   T40] audit: type=1326 audit(2000000007.290:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  421.818639][   T40] audit: type=1326 audit(2000000007.290:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000
[  421.825958][   T40] audit: type=1326 audit(2000000007.290:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000
[  421.834266][   T40] audit: type=1326 audit(2000000007.290:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  421.842290][   T40] audit: type=1326 audit(2000000007.290:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000
[  421.850632][   T40] audit: type=1326 audit(2000000007.300:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000
[  421.859629][   T40] audit: type=1326 audit(2000000007.300:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11286 comm="syz.3.1425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000
[  421.898033][T11287] binder: 11286:11287 ioctl 84009422 80000c40 returned -22
[  421.972729][T11295] veth1_macvtap: left promiscuous mode
[  421.982623][T11295] macsec0: entered allmulticast mode
[  422.021602][T11295] veth1_macvtap: entered promiscuous mode
[  422.028554][T11295] veth1_macvtap: entered allmulticast mode
[  422.033748][T11295] macsec0: left allmulticast mode
[  422.039570][T11295] veth1_macvtap: left allmulticast mode
[  422.347238][T11282] netlink: 'syz.1.1424': attribute type 1 has an invalid length.
[  422.379265][T11282] bond3: entered promiscuous mode
[  422.381999][T11282] 8021q: adding VLAN 0 to HW filter on device bond3
[  422.474714][T11306] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  422.477605][T11306] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  422.504199][T11282] bond3: (slave bridge0): making interface the new active one
[  422.516053][T11306] vhci_hcd vhci_hcd.0: Device attached
[  422.516135][T11282] bridge0: entered promiscuous mode
[  422.522398][T11282] bond3: (slave bridge0): Enslaving as an active interface with an up link
[  422.756123][ T6003] usb 44-1: SetAddress Request (38) to port 0
[  422.758915][ T6003] usb 44-1: new SuperSpeed USB device number 38 using vhci_hcd
[  423.086699][T11319] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  423.089085][T11319] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  423.102231][T11319] vhci_hcd vhci_hcd.0: Device attached
[  423.286090][T10122] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  423.345961][T10122] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  423.666411][T11325] FAULT_INJECTION: forcing a failure.
[  423.666411][T11325] name failslab, interval 1, probability 0, space 0, times 0
[  423.670648][T11325] CPU: 0 UID: 0 PID: 11325 Comm: syz.2.1435 Not tainted syzkaller #0 PREEMPT(full) 
[  423.670675][T11325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  423.670683][T11325] Call Trace:
[  423.670688][T11325]  <TASK>
[  423.670694][T11325]  dump_stack_lvl+0x16c/0x1f0
[  423.670714][T11325]  should_fail_ex+0x512/0x640
[  423.670727][T11325]  ? __kvmalloc_node_noprof+0x129/0xa40
[  423.670744][T11325]  should_failslab+0xc2/0x120
[  423.670762][T11325]  __kvmalloc_node_noprof+0x14a/0xa40
[  423.670776][T11325]  ? __pfx_dev_addr_init+0x10/0x10
[  423.670789][T11325]  ? lockdep_init_map_type+0x5c/0x270
[  423.670800][T11325]  ? alloc_netdev_mqs+0xaef/0x1550
[  423.670818][T11325]  ? alloc_netdev_mqs+0xaef/0x1550
[  423.670832][T11325]  alloc_netdev_mqs+0xaef/0x1550
[  423.670850][T11325]  rtnl_create_link+0xc08/0xf60
[  423.670868][T11325]  rtnl_newlink+0xb3b/0x1f50
[  423.670887][T11325]  ? __pfx_rtnl_newlink+0x10/0x10
[  423.670907][T11325]  ? lockdep_hardirqs_on+0x7c/0x110
[  423.670926][T11325]  ? kmem_cache_free+0x2d8/0x770
[  423.670940][T11325]  ? kfree_skbmem+0x1a4/0x1f0
[  423.670956][T11325]  ? find_held_lock+0x2b/0x80
[  423.670970][T11325]  ? __dev_queue_xmit+0x782/0x4650
[  423.670985][T11325]  ? find_held_lock+0x2b/0x80
[  423.670998][T11325]  ? __pfx_rtnl_newlink+0x10/0x10
[  423.671012][T11325]  ? __pfx_rtnl_newlink+0x10/0x10
[  423.671026][T11325]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  423.671042][T11325]  ? __pfx_rtnl_newlink+0x10/0x10
[  423.671057][T11325]  rtnetlink_rcv_msg+0x95e/0xe90
[  423.671073][T11325]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  423.671092][T11325]  ? ref_tracker_free+0x37c/0x830
[  423.671108][T11325]  netlink_rcv_skb+0x158/0x420
[  423.671124][T11325]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  423.671140][T11325]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  423.671161][T11325]  ? netlink_deliver_tap+0x1ae/0xd30
[  423.671179][T11325]  netlink_unicast+0x5aa/0x870
[  423.671196][T11325]  ? __pfx_netlink_unicast+0x10/0x10
[  423.671217][T11325]  netlink_sendmsg+0x8c8/0xdd0
[  423.671235][T11325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  423.671253][T11325]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  423.671274][T11325]  ____sys_sendmsg+0xa5d/0xc30
[  423.671293][T11325]  ? __pfx_____sys_sendmsg+0x10/0x10
[  423.671309][T11325]  ? get_compat_msghdr+0x11a/0x170
[  423.671342][T11325]  ___sys_sendmsg+0x134/0x1d0
[  423.671369][T11325]  ? __pfx____sys_sendmsg+0x10/0x10
[  423.671397][T11325]  ? find_held_lock+0x2b/0x80
[  423.671420][T11325]  __sys_sendmsg+0x16d/0x220
[  423.671434][T11325]  ? __pfx___sys_sendmsg+0x10/0x10
[  423.671453][T11325]  ? do_user_addr_fault+0x843/0x1370
[  423.671470][T11325]  __do_fast_syscall_32+0xe8/0x680
[  423.671489][T11325]  do_fast_syscall_32+0x32/0x80
[  423.671499][T11325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  423.671513][T11325] RIP: 0023:0xf709d579
[  423.671522][T11325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  423.671534][T11325] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  423.671545][T11325] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  423.671551][T11325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  423.671558][T11325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  423.671564][T11325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  423.671570][T11325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  423.671584][T11325]  </TASK>
[  423.867473][T11320] vhci_hcd: connection reset by peer
[  423.869699][ T1245] vhci_hcd vhci_hcd.0: stop threads
[  423.871562][ T1245] vhci_hcd vhci_hcd.0: release socket
[  423.873810][ T1245] vhci_hcd vhci_hcd.0: disconnect device
[  424.112787][T11307] vhci_hcd: connection reset by peer
[  424.116917][  T106] vhci_hcd vhci_hcd.3: stop threads
[  424.118798][  T106] vhci_hcd vhci_hcd.3: release socket
[  424.120736][  T106] vhci_hcd vhci_hcd.3: disconnect device
[  424.605533][T11333] ip6erspan0: entered allmulticast mode
[  424.677897][T11335] veth1_macvtap: left promiscuous mode
[  424.679924][T11335] macsec0: entered allmulticast mode
[  424.724893][T11335] veth1_macvtap: entered promiscuous mode
[  424.727331][T11335] veth1_macvtap: entered allmulticast mode
[  424.730049][T11335] macsec0: left allmulticast mode
[  424.732337][T11335] veth1_macvtap: left allmulticast mode
[  424.756507][T11329] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  424.759679][T11329] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  424.772726][T11338] FAULT_INJECTION: forcing a failure.
[  424.772726][T11338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  424.778752][T11338] CPU: 0 UID: 0 PID: 11338 Comm: syz.3.1439 Not tainted syzkaller #0 PREEMPT(full) 
[  424.778779][T11338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  424.778791][T11338] Call Trace:
[  424.778799][T11338]  <TASK>
[  424.778806][T11338]  dump_stack_lvl+0x16c/0x1f0
[  424.778840][T11338]  should_fail_ex+0x512/0x640
[  424.778863][T11338]  _copy_to_user+0x32/0xd0
[  424.778887][T11338]  simple_read_from_buffer+0xcb/0x170
[  424.778915][T11338]  proc_fail_nth_read+0x197/0x240
[  424.778954][T11338]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  424.778986][T11338]  ? rw_verify_area+0xcf/0x6c0
[  424.779010][T11338]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  424.779038][T11338]  vfs_read+0x1e4/0xcf0
[  424.779066][T11338]  ? __pfx___mutex_lock+0x10/0x10
[  424.779096][T11338]  ? __pfx_vfs_read+0x10/0x10
[  424.779120][T11338]  ? find_held_lock+0x2b/0x80
[  424.779152][T11338]  ? __fget_files+0x20e/0x3c0
[  424.779182][T11338]  ksys_read+0x12a/0x250
[  424.779209][T11338]  ? __pfx_ksys_read+0x10/0x10
[  424.779241][T11338]  __do_fast_syscall_32+0xe8/0x680
[  424.779272][T11338]  do_fast_syscall_32+0x32/0x80
[  424.779289][T11338]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  424.779311][T11338] RIP: 0023:0xf7f23579
[  424.779327][T11338] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  424.779345][T11338] RSP: 002b:00000000f5416590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  424.779362][T11338] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5416620
[  424.779375][T11338] RDX: 000000000000000f RSI: 00000000f73b6ff4 RDI: 0000000000000000
[  424.779386][T11338] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  424.779397][T11338] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  424.779407][T11338] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  424.779432][T11338]  </TASK>
[  424.786088][T11329] vhci_hcd vhci_hcd.0: Device attached
[  424.839154][T11342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1441'.
[  424.916556][T11330] vhci_hcd: connection closed
[  424.922422][ T9944] vhci_hcd vhci_hcd.2: stop threads
[  424.926074][ T9944] vhci_hcd vhci_hcd.2: release socket
[  424.927919][ T9944] vhci_hcd vhci_hcd.2: disconnect device
[  425.138832][T11347] netlink: 'syz.3.1442': attribute type 1 has an invalid length.
[  425.167459][T11347] bond2: entered promiscuous mode
[  425.170117][T11347] 8021q: adding VLAN 0 to HW filter on device bond2
[  425.190781][T11347] bond2: (slave bridge1): making interface the new active one
[  425.194429][T11347] bridge1: entered promiscuous mode
[  425.197857][T11347] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  426.276307][T11371] ieee802154 phy0 wpan0: encryption failed: -22
[  426.369139][T11376] macsec0: entered allmulticast mode
[  426.384256][T11376] veth1_macvtap: entered allmulticast mode
[  426.395819][T11376] macsec0: left allmulticast mode
[  426.397526][T11376] veth1_macvtap: left allmulticast mode
[  426.775522][T11385] netlink: 'syz.3.1452': attribute type 1 has an invalid length.
[  426.788212][T11382] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1451'.
[  426.799021][T11385] bond3: entered promiscuous mode
[  426.801148][T11385] 8021q: adding VLAN 0 to HW filter on device bond3
[  426.814848][T11385] bond3: (slave bridge2): making interface the new active one
[  426.817944][T11385] bridge2: entered promiscuous mode
[  426.820722][T11385] bond3: (slave bridge2): Enslaving as an active interface with an up link
[  427.099712][  T840] libceph: connect (1)[c::]:6789 error -101
[  427.102720][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  427.359337][  T840] libceph: connect (1)[c::]:6789 error -101
[  427.361935][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  427.593436][T11412] FAULT_INJECTION: forcing a failure.
[  427.593436][T11412] name failslab, interval 1, probability 0, space 0, times 0
[  427.598275][T11412] CPU: 2 UID: 0 PID: 11412 Comm: syz.1.1459 Not tainted syzkaller #0 PREEMPT(full) 
[  427.598292][T11412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  427.598299][T11412] Call Trace:
[  427.598303][T11412]  <TASK>
[  427.598307][T11412]  dump_stack_lvl+0x16c/0x1f0
[  427.598328][T11412]  should_fail_ex+0x512/0x640
[  427.598341][T11412]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  427.598357][T11412]  should_failslab+0xc2/0x120
[  427.598373][T11412]  kmem_cache_alloc_node_noprof+0x86/0x800
[  427.598387][T11412]  ? __alloc_skb+0x156/0x410
[  427.598402][T11412]  ? __alloc_skb+0x156/0x410
[  427.598412][T11412]  __alloc_skb+0x156/0x410
[  427.598423][T11412]  ? __alloc_skb+0x35d/0x410
[  427.598434][T11412]  ? __pfx___alloc_skb+0x10/0x10
[  427.598445][T11412]  ? lockdep_hardirqs_on+0x7c/0x110
[  427.598464][T11412]  ? kfree+0x2f8/0x6e0
[  427.598477][T11412]  inet_netconf_notify_devconf+0x8b/0x1f0
[  427.598490][T11412]  inetdev_event+0xea8/0x1870
[  427.598501][T11412]  ? ib_netdevice_event+0xfc/0x330
[  427.598515][T11412]  ? __pfx_inetdev_event+0x10/0x10
[  427.598526][T11412]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  427.598541][T11412]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  427.598559][T11412]  notifier_call_chain+0xbc/0x3e0
[  427.598577][T11412]  ? __pfx_inetdev_event+0x10/0x10
[  427.598590][T11412]  call_netdevice_notifiers_info+0xbe/0x110
[  427.598609][T11412]  unregister_netdevice_many_notify+0xf81/0x2590
[  427.598630][T11412]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  427.598652][T11412]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  427.598665][T11412]  ? linkwatch_fire_event+0x20c/0x270
[  427.598675][T11412]  ? netif_carrier_off+0xa3/0xc0
[  427.598693][T11412]  unregister_netdevice_queue+0x305/0x3c0
[  427.598709][T11412]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  427.598724][T11412]  ? linkwatch_schedule_work+0x181/0x1c0
[  427.598735][T11412]  ? linkwatch_fire_event+0x6f/0x270
[  427.598748][T11412]  __tun_detach+0x119c/0x1490
[  427.598761][T11412]  ? __pfx_tun_chr_close+0x10/0x10
[  427.598771][T11412]  tun_chr_close+0xc2/0x230
[  427.598781][T11412]  __fput+0x402/0xb70
[  427.598795][T11412]  fput_close_sync+0x118/0x260
[  427.598807][T11412]  ? __pfx_fput_close_sync+0x10/0x10
[  427.598818][T11412]  ? dnotify_flush+0x79/0x4c0
[  427.598833][T11412]  __ia32_sys_close+0x8b/0x120
[  427.598846][T11412]  __do_fast_syscall_32+0xe8/0x680
[  427.598865][T11412]  do_fast_syscall_32+0x32/0x80
[  427.598874][T11412]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.598889][T11412] RIP: 0023:0xf7fe4579
[  427.598898][T11412] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  427.598909][T11412] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000006
[  427.598920][T11412] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000
[  427.598927][T11412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  427.598933][T11412] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  427.598948][T11412] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  427.598958][T11412] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  427.598979][T11412]  </TASK>
[  427.785787][ T6003] usb 44-1: device descriptor read/8, error -110
[  427.876895][  T840] libceph: connect (1)[c::]:6789 error -101
[  427.879181][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  427.905026][T11397] ceph: No mds server is up or the cluster is laggy
[  428.176842][ T6003] usb usb44-port1: attempt power cycle
[  428.197051][T11421] netlink: 'syz.3.1461': attribute type 1 has an invalid length.
[  428.238901][T11421] bond4: entered promiscuous mode
[  428.245811][T11421] 8021q: adding VLAN 0 to HW filter on device bond4
[  428.281778][T11421] bond4: (slave bridge3): making interface the new active one
[  428.291852][T11421] bridge3: entered promiscuous mode
[  428.300691][T11421] bond4: (slave bridge3): Enslaving as an active interface with an up link
[  428.516525][T10122] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  428.767375][ T6003] usb usb44-port1: unable to enumerate USB device
[  429.114270][T11440] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1466'.
[  429.637807][T11436] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  429.640448][T11436] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  429.643574][T11436] vhci_hcd vhci_hcd.0: Device attached
[  429.925685][T10122] usb 42-1: SetAddress Request (51) to port 0
[  429.928104][T10122] usb 42-1: new SuperSpeed USB device number 51 using vhci_hcd
[  430.046720][T11441] vhci_hcd: connection reset by peer
[  430.055835][  T106] vhci_hcd vhci_hcd.2: stop threads
[  430.057908][  T106] vhci_hcd vhci_hcd.2: release socket
[  430.065642][  T106] vhci_hcd vhci_hcd.2: disconnect device
[  430.116821][T11448] kvm_intel: kvm [11447]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3
[  430.407389][T11451] syz.1.1469(11451): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  430.738737][T11461] netlink: 'syz.1.1472': attribute type 1 has an invalid length.
[  430.770669][T11461] bond4: entered promiscuous mode
[  430.773627][T11461] 8021q: adding VLAN 0 to HW filter on device bond4
[  430.796455][T11461] bond4: (slave bridge1): making interface the new active one
[  430.805797][T11461] bridge1: entered promiscuous mode
[  430.809051][T11461] bond4: (slave bridge1): Enslaving as an active interface with an up link
[  431.073663][   T29] libceph: connect (1)[c::]:6789 error -97
[  431.076761][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  431.122361][T11471] ceph: No mds server is up or the cluster is laggy
[  432.152672][T11484] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  432.155726][T11484] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  432.159272][T11484] vhci_hcd vhci_hcd.0: Device attached
[  432.425767][ T6003] usb 40-1: SetAddress Request (26) to port 0
[  432.428051][ T6003] usb 40-1: new SuperSpeed USB device number 26 using vhci_hcd
[  432.776767][T11485] vhci_hcd: connection reset by peer
[  432.779259][  T106] vhci_hcd vhci_hcd.1: stop threads
[  432.781252][  T106] vhci_hcd vhci_hcd.1: release socket
[  432.783209][  T106] vhci_hcd vhci_hcd.1: disconnect device
[  433.377897][T11504] input: syz0 as /devices/virtual/input/input52
[  433.519080][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.523463][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.528655][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.533483][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.538005][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.542190][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.547902][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.551333][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.555178][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.559710][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.565185][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.568804][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.572192][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.576862][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.581478][T11510] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  433.583926][T11510] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  433.587154][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.587804][T11510] vhci_hcd vhci_hcd.0: Device attached
[  433.591088][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.596265][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.599586][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.603629][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.608134][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.612296][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.617513][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.622659][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.628507][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.638727][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.645564][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.659776][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.697503][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.729037][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.739235][T11516] FAULT_INJECTION: forcing a failure.
[  433.739235][T11516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.744880][T11516] CPU: 3 UID: 0 PID: 11516 Comm: syz.0.1485 Not tainted syzkaller #0 PREEMPT(full) 
[  433.744907][T11516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.744919][T11516] Call Trace:
[  433.744927][T11516]  <TASK>
[  433.744935][T11516]  dump_stack_lvl+0x16c/0x1f0
[  433.744969][T11516]  should_fail_ex+0x512/0x640
[  433.744994][T11516]  _copy_from_user+0x2e/0xd0
[  433.745015][T11516]  ia32_restore_sigcontext+0xc3/0x630
[  433.745037][T11516]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  433.745062][T11516]  ? rcu_is_watching+0x12/0xc0
[  433.745089][T11516]  ? _raw_spin_unlock_irq+0x23/0x50
[  433.745114][T11516]  ? lockdep_hardirqs_on+0x7c/0x110
[  433.745145][T11516]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[  433.745167][T11516]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  433.745189][T11516]  ? rcu_is_watching+0x12/0xc0
[  433.745217][T11516]  do_int80_emulation+0x104/0x480
[  433.745248][T11516]  asm_int80_emulation+0x1a/0x20
[  433.745266][T11516] RIP: 0023:0xf7fd15a7
[  433.745281][T11516] Code: 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 90 58 b8 77 00 00 00 cd 80 90 8d b4 26 00 00 00 00 b8 ad 00 00 00 cd 80 <90> 90 90 90 90 90 90 90 90 55 89 e5 57 8d 3d 2c dc ff ff 56 53 e8
[  433.745315][T11516] RSP: 002b:00000000f54c5940 EFLAGS: 00000286 ORIG_RAX: 00000000000000ad
[  433.745332][T11516] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f54c59cc
[  433.745345][T11516] RDX: 00000000f54c594c RSI: 0000000000000004 RDI: 0000000000000000
[  433.745356][T11516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.745366][T11516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  433.745377][T11516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.745414][T11516]  </TASK>
[  433.753593][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.909293][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.919382][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.932814][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.945225][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.957490][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.966384][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.978280][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  433.991065][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  434.003572][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  434.019542][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  434.035746][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  434.052188][T11508] 9pnet_fd: p9_fd_create_tcp (11508): problem connecting socket to 127.0.0.1
[  434.563899][T11511] vhci_hcd: connection closed
[  434.564419][ T9943] vhci_hcd vhci_hcd.2: stop threads
[  434.564443][ T9943] vhci_hcd vhci_hcd.2: release socket
[  434.566831][ T9943] vhci_hcd vhci_hcd.2: disconnect device
[  434.985346][T10122] usb 42-1: device descriptor read/8, error -110
[  435.386409][T10122] usb usb42-port1: attempt power cycle
[  435.484080][T11538] kvm_intel: kvm [11536]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3
[  435.967716][T10122] usb usb42-port1: unable to enumerate USB device
[  436.012690][T11543] ieee802154 phy0 wpan0: encryption failed: -22
[  436.471909][T11548] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  436.474419][T11548] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  436.479644][T11548] vhci_hcd vhci_hcd.0: Device attached
[  436.755254][   T63] usb 44-1: SetAddress Request (42) to port 0
[  436.757490][   T63] usb 44-1: new SuperSpeed USB device number 42 using vhci_hcd
[  436.949122][T11549] vhci_hcd: connection reset by peer
[  436.955439][ T9944] vhci_hcd vhci_hcd.3: stop threads
[  436.957378][ T9944] vhci_hcd vhci_hcd.3: release socket
[  436.960746][ T9944] vhci_hcd vhci_hcd.3: disconnect device
[  437.741891][T11555] netlink: 'syz.2.1494': attribute type 1 has an invalid length.
[  437.764589][T11555] bond1: entered promiscuous mode
[  437.766843][T11555] 8021q: adding VLAN 0 to HW filter on device bond1
[  437.780075][ T6003] usb 40-1: device descriptor read/8, error -110
[  437.790585][T11555] bond1: (slave bridge1): making interface the new active one
[  437.792989][T11555] bridge1: entered promiscuous mode
[  437.796607][T11555] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  438.601213][T11563] ubi31: attaching mtd0
[  438.603674][T11563] ubi31: scanning is finished
[  439.349581][T11563] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  439.386023][T11567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1496'.
[  439.407731][T11567] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1496'.
[  439.559562][ T6003] usb usb40-port1: attempt power cycle
[  440.116053][ T6003] usb usb40-port1: unable to enumerate USB device
[  440.155055][T11571] netlink: 'syz.0.1497': attribute type 1 has an invalid length.
[  440.165191][T11571] bond1: entered promiscuous mode
[  440.165511][T11571] 8021q: adding VLAN 0 to HW filter on device bond1
[  440.200793][T11571] bond1: (slave bridge2): making interface the new active one
[  440.200842][T11571] bridge2: entered promiscuous mode
[  440.201817][T11571] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  440.314637][T11581] ubi31: attaching mtd0
[  440.321002][T11581] ubi31: scanning is finished
[  440.440486][T11581] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  440.440512][T11581] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  440.440531][T11581] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  440.440547][T11581] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  440.440565][T11581] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  440.440581][T11581] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  440.440595][T11581] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 287692620
[  440.440615][T11581] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  440.440678][T11583] ubi31: background thread "ubi_bgt31d" started, PID 11583
[  440.505992][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  440.506228][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  440.518098][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  440.518171][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  440.518618][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  440.533970][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  440.538965][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  440.543196][T11585] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  440.547460][T11585] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1)
[  441.396597][T11594] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  441.398986][T11594] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  441.401999][T11594] vhci_hcd vhci_hcd.0: Device attached
[  441.660389][T11598] syzkaller0: entered promiscuous mode
[  441.662657][T11598] syzkaller0: entered allmulticast mode
[  441.685007][   T60] usb 42-1: SetAddress Request (55) to port 0
[  441.687240][   T60] usb 42-1: new SuperSpeed USB device number 55 using vhci_hcd
[  441.785099][   T63] usb 44-1: device descriptor read/8, error -110
[  441.866103][T11602] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96
[  442.001342][T11595] vhci_hcd: connection reset by peer
[  442.005185][ T8059] vhci_hcd vhci_hcd.2: stop threads
[  442.007347][ T8059] vhci_hcd vhci_hcd.2: release socket
[  442.011595][ T8059] vhci_hcd vhci_hcd.2: disconnect device
[  442.098351][T11600] netlink: 'syz.3.1504': attribute type 1 has an invalid length.
[  442.111293][T11600] bond5: entered promiscuous mode
[  442.113353][T11600] 8021q: adding VLAN 0 to HW filter on device bond5
[  442.136370][T11600] bond5: (slave bridge4): making interface the new active one
[  442.139727][T11600] bridge4: entered promiscuous mode
[  442.143571][T11600] bond5: (slave bridge4): Enslaving as an active interface with an up link
[  442.195680][   T63] usb usb44-port1: attempt power cycle
[  442.329611][T11613] IPVS: sh: FWM 3 0x00000003 - no destination available
[  442.755316][   T63] usb usb44-port1: unable to enumerate USB device
[  442.851488][T11618] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  442.854685][T11618] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  442.860782][T11618] vhci_hcd vhci_hcd.0: Device attached
[  443.135044][T10122] usb 40-1: SetAddress Request (30) to port 0
[  443.137762][T10122] usb 40-1: new SuperSpeed USB device number 30 using vhci_hcd
[  443.654325][T11627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1510'.
[  443.768774][T11621] vhci_hcd: connection reset by peer
[  443.770866][ T9918] vhci_hcd vhci_hcd.1: stop threads
[  443.773507][ T9918] vhci_hcd vhci_hcd.1: release socket
[  443.776508][ T9918] vhci_hcd vhci_hcd.1: disconnect device
[  444.140717][T11631] 9pnet_fd: p9_fd_create_tcp (11631): problem connecting socket to 127.0.0.1
[  444.675682][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  444.679150][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  444.827868][T11645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1516'.
[  444.838649][T11643] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1516'.
[  444.843546][T11643] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1516'.
[  444.960284][T11650] FAULT_INJECTION: forcing a failure.
[  444.960284][T11650] name failslab, interval 1, probability 0, space 0, times 0
[  444.961121][T11635] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  444.966797][T11650] CPU: 3 UID: 0 PID: 11650 Comm: syz.1.1518 Not tainted syzkaller #0 PREEMPT(full) 
[  444.966823][T11650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  444.966834][T11650] Call Trace:
[  444.966840][T11650]  <TASK>
[  444.966847][T11650]  dump_stack_lvl+0x16c/0x1f0
[  444.966879][T11650]  should_fail_ex+0x512/0x640
[  444.966899][T11650]  ? fs_reclaim_acquire+0xae/0x150
[  444.966931][T11650]  should_failslab+0xc2/0x120
[  444.966958][T11650]  __kmalloc_noprof+0xeb/0x910
[  444.966979][T11650]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  444.967009][T11650]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  444.967032][T11650]  tomoyo_realpath_from_path+0xc2/0x6e0
[  444.967059][T11650]  ? tomoyo_profile+0x47/0x60
[  444.967088][T11650]  tomoyo_path_number_perm+0x245/0x580
[  444.967108][T11650]  ? tomoyo_path_number_perm+0x237/0x580
[  444.967130][T11650]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  444.967177][T11650]  ? find_held_lock+0x2b/0x80
[  444.967200][T11650]  ? hook_file_ioctl_common+0x144/0x410
[  444.967225][T11650]  ? __fget_files+0x20e/0x3c0
[  444.967248][T11650]  ? __fput_deferred+0x430/0x480
[  444.967269][T11650]  security_file_ioctl_compat+0x9b/0x240
[  444.967288][T11650]  __ia32_compat_sys_ioctl+0xc3/0x370
[  444.967305][T11650]  __do_fast_syscall_32+0xe8/0x680
[  444.967325][T11650]  do_fast_syscall_32+0x32/0x80
[  444.967335][T11650]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.967350][T11650] RIP: 0023:0xf7fe4579
[  444.967360][T11650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  444.967372][T11650] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  444.967383][T11650] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  444.967390][T11650] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  444.967397][T11650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  444.967403][T11650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  444.967410][T11650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.967424][T11650]  </TASK>
[  444.967429][T11650] ERROR: Out of memory at tomoyo_realpath_from_path.
[  444.969461][T11635] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  445.078819][T11646] netlink: 'syz.0.1515': attribute type 1 has an invalid length.
[  445.126990][T11646] bond2: entered promiscuous mode
[  445.128897][T11646] 8021q: adding VLAN 0 to HW filter on device bond2
[  445.132237][T11635] vhci_hcd vhci_hcd.0: Device attached
[  445.171838][T11646] bond2: (slave bridge3): making interface the new active one
[  445.189695][T11646] bridge3: entered promiscuous mode
[  445.192171][T11646] bond2: (slave bridge3): Enslaving as an active interface with an up link
[  445.484902][   T10] usb 44-1: SetAddress Request (46) to port 0
[  445.487804][   T10] usb 44-1: new SuperSpeed USB device number 46 using vhci_hcd
[  445.500024][T11651] vhci_hcd: connection closed
[  445.519353][T11653] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  445.526322][ T9918] vhci_hcd vhci_hcd.3: stop threads
[  445.528282][ T9918] vhci_hcd vhci_hcd.3: release socket
[  445.530400][ T9918] vhci_hcd vhci_hcd.3: disconnect device
[  446.536850][T11673] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  446.539070][T11673] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  446.547508][T11673] vhci_hcd vhci_hcd.0: Device attached
[  446.900931][T11676] vhci_hcd: connection reset by peer
[  446.904220][ T9934] vhci_hcd vhci_hcd.2: stop threads
[  446.906464][ T9934] vhci_hcd vhci_hcd.2: release socket
[  446.908770][   T60] usb 42-1: device descriptor read/8, error -110
[  446.911185][ T9934] vhci_hcd vhci_hcd.2: disconnect device
[  447.054663][   T63] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  447.204628][   T63] usb 6-1: Using ep0 maxpacket: 32
[  447.208374][   T63] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  447.211685][   T63] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  447.246841][   T63] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  447.250005][   T63] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.252642][   T63] usb 6-1: Product: syz
[  447.254063][   T63] usb 6-1: Manufacturer: syz
[  447.255884][   T63] usb 6-1: SerialNumber: syz
[  447.281795][T11686] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  447.284173][T11686] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  447.291813][T11686] vhci_hcd vhci_hcd.0: Device attached
[  447.375864][   T60] usb usb42-port1: attempt power cycle
[  447.570653][   T40] kauditd_printk_skb: 1118 callbacks suppressed
[  447.576950][   T40] audit: type=1326 audit(2000000033.101:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11679 comm="syz.1.1523" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe4579 code=0x0
[  447.683738][T11680] cgroup: name respecified
[  447.918563][T11687] vhci_hcd: connection closed
[  447.919972][ T9952] vhci_hcd vhci_hcd.3: stop threads
[  447.923440][ T9952] vhci_hcd vhci_hcd.3: release socket
[  447.925827][ T9952] vhci_hcd vhci_hcd.3: disconnect device
[  447.944679][ T6003] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  447.966342][   T60] usb usb42-port1: unable to enumerate USB device
[  448.104655][ T6003] usb 7-1: Using ep0 maxpacket: 32
[  448.115524][ T6003] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  448.119830][ T6003] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  448.136337][ T6003] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  448.139859][ T6003] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.143331][ T6003] usb 7-1: Product: syz
[  448.168264][ T6003] usb 7-1: Manufacturer: syz
[  448.170522][ T6003] usb 7-1: SerialNumber: syz
[  448.186697][T10122] usb 40-1: device descriptor read/8, error -110
[  448.402017][   T40] audit: type=1326 audit(2000000033.931:1594): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=11692 comm="syz.2.1525" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709d579 code=0x0
[  448.461284][T11705] cgroup: name respecified
[  448.575340][T10122] usb usb40-port1: attempt power cycle
[  448.975909][T11707] netlink: 'syz.0.1529': attribute type 1 has an invalid length.
[  448.991833][T11707] bond3: entered promiscuous mode
[  448.993861][T11707] 8021q: adding VLAN 0 to HW filter on device bond3
[  449.008345][T11707] bond3: (slave bridge4): making interface the new active one
[  449.011192][T11707] bridge4: entered promiscuous mode
[  449.014060][T11707] bond3: (slave bridge4): Enslaving as an active interface with an up link
[  449.062768][T11721] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  449.065043][T11721] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  449.068262][T11721] vhci_hcd vhci_hcd.0: Device attached
[  449.145316][T10122] usb usb40-port1: unable to enumerate USB device
[  449.354044][T11727] ubi: mtd0 is already attached to ubi31
[  449.670533][T11722] vhci_hcd: connection closed
[  449.672078][ T9952] vhci_hcd vhci_hcd.3: stop threads
[  449.676261][ T9952] vhci_hcd vhci_hcd.3: release socket
[  449.679462][ T9952] vhci_hcd vhci_hcd.3: disconnect device
[  449.824080][   T63] usb 6-1: 0:2 : does not exist
[  449.858420][   T63] usb 6-1: USB disconnect, device number 9
[  449.890718][T11728] udevd[11728]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  450.144469][   T60] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  450.304517][   T60] usb 5-1: Using ep0 maxpacket: 32
[  450.307393][   T60] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  450.310444][   T60] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  450.315732][   T60] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  450.318631][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.320986][   T60] usb 5-1: Product: syz
[  450.322260][   T60] usb 5-1: Manufacturer: syz
[  450.323849][   T60] usb 5-1: SerialNumber: syz
[  450.550203][   T40] audit: type=1326 audit(2000000036.082:1595): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=11731 comm="syz.0.1536" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd1579 code=0x0
[  450.602420][T11740] cgroup: name respecified
[  450.645199][   T10] usb 44-1: device descriptor read/8, error -110
[  450.742204][ T6003] usb 7-1: 0:2 : does not exist
[  450.794516][T11742] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  450.797511][T11742] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  450.801413][T11742] vhci_hcd vhci_hcd.0: Device attached
[  450.833971][ T6003] usb 7-1: USB disconnect, device number 17
[  450.894486][   T10] usb 44-1: SetAddress Request (47) to port 0
[  450.897027][   T10] usb 44-1: new SuperSpeed USB device number 47 using vhci_hcd
[  451.327631][T11744] vhci_hcd: connection reset by peer
[  451.331755][ T9934] vhci_hcd vhci_hcd.3: stop threads
[  451.334449][ T9934] vhci_hcd vhci_hcd.3: release socket
[  451.338141][ T9934] vhci_hcd vhci_hcd.3: disconnect device
[  451.626251][T11757] ubi: mtd0 is already attached to ubi31
[  451.715085][T11759] FAULT_INJECTION: forcing a failure.
[  451.715085][T11759] name failslab, interval 1, probability 0, space 0, times 0
[  451.720803][T11759] CPU: 3 UID: 0 PID: 11759 Comm: syz.2.1543 Not tainted syzkaller #0 PREEMPT(full) 
[  451.720827][T11759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.720839][T11759] Call Trace:
[  451.720846][T11759]  <TASK>
[  451.720854][T11759]  dump_stack_lvl+0x16c/0x1f0
[  451.720885][T11759]  should_fail_ex+0x512/0x640
[  451.720904][T11759]  ? __kmalloc_cache_noprof+0x5f/0x800
[  451.720928][T11759]  should_failslab+0xc2/0x120
[  451.720955][T11759]  __kmalloc_cache_noprof+0x80/0x800
[  451.720977][T11759]  ? v9fs_init_fs_context+0x47/0x590
[  451.721006][T11759]  ? v9fs_init_fs_context+0x47/0x590
[  451.721029][T11759]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  451.721055][T11759]  v9fs_init_fs_context+0x47/0x590
[  451.721080][T11759]  ? __pfx_v9fs_init_fs_context+0x10/0x10
[  451.721104][T11759]  alloc_fs_context+0x629/0xf50
[  451.721128][T11759]  path_mount+0xe21/0x23a0
[  451.721146][T11759]  ? rcu_is_watching+0x12/0xc0
[  451.721174][T11759]  ? __pfx_path_mount+0x10/0x10
[  451.721191][T11759]  ? kmem_cache_free+0x2d8/0x770
[  451.721213][T11759]  ? putname+0xf5/0x1a0
[  451.721234][T11759]  ? putname+0xf5/0x1a0
[  451.721252][T11759]  ? __ia32_sys_mount+0x291/0x310
[  451.721269][T11759]  __ia32_sys_mount+0x291/0x310
[  451.721288][T11759]  ? __pfx___ia32_sys_mount+0x10/0x10
[  451.721306][T11759]  ? do_user_addr_fault+0x843/0x1370
[  451.721334][T11759]  __do_fast_syscall_32+0xe8/0x680
[  451.721365][T11759]  do_fast_syscall_32+0x32/0x80
[  451.721404][T11759]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  451.721428][T11759] RIP: 0023:0xf709d579
[  451.721443][T11759] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  451.721460][T11759] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  451.721477][T11759] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000
[  451.721488][T11759] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000140
[  451.721499][T11759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  451.721509][T11759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  451.721519][T11759] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  451.721543][T11759]  </TASK>
[  453.149203][   T60] usb 5-1: 0:2 : does not exist
[  453.173442][   T60] usb 5-1: USB disconnect, device number 16
[  453.882026][T11768] netlink: 'syz.0.1547': attribute type 1 has an invalid length.
[  453.894689][T11768] bond4: entered promiscuous mode
[  453.896695][T11768] 8021q: adding VLAN 0 to HW filter on device bond4
[  454.164656][T11766] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  454.167035][T11766] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  454.170203][T11766] vhci_hcd vhci_hcd.0: Device attached
[  454.241164][T11778] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  454.246683][T11778] overlayfs: failed to set xattr on upper
[  454.249080][T11778] overlayfs: ...falling back to redirect_dir=nofollow.
[  454.251787][T11778] overlayfs: ...falling back to index=off.
[  454.254378][T11778] overlayfs: ...falling back to uuid=null.
[  454.357163][T11781] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1550'.
[  454.444706][ T8646] usb 42-1: SetAddress Request (59) to port 0
[  454.447593][ T8646] usb 42-1: new SuperSpeed USB device number 59 using vhci_hcd
[  455.166005][T11775] vhci_hcd: connection reset by peer
[  455.168378][ T8059] vhci_hcd vhci_hcd.2: stop threads
[  455.170646][ T8059] vhci_hcd vhci_hcd.2: release socket
[  455.173860][ T8059] vhci_hcd vhci_hcd.2: disconnect device
[  455.544324][   T60] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  455.694321][   T60] usb 6-1: Using ep0 maxpacket: 32
[  455.715113][   T60] usb 6-1: config 0 has an invalid interface number: 146 but max is 0
[  455.718245][   T60] usb 6-1: config 0 has no interface number 0
[  455.726087][   T60] usb 6-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  455.745652][   T60] usb 6-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  455.763034][   T60] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  455.773885][   T60] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  455.784267][   T60] usb 6-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  455.798713][   T60] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  455.813482][   T60] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  455.831034][   T60] usb 6-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  455.858542][   T60] usb 6-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  455.863289][   T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.867607][   T60] usb 6-1: Product: syz
[  455.869674][   T60] usb 6-1: Manufacturer: syz
[  455.871496][   T60] usb 6-1: SerialNumber: syz
[  456.018496][   T10] usb 44-1: device descriptor read/8, error -110
[  456.025292][   T60] usb 6-1: config 0 descriptor??
[  456.033645][T11789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  456.039769][   T60] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 1 is not bulk.
[  456.043721][   T60] microtek usb (rev 0.4.3): couldn't find an output bulk endpoint. Bailing out.
[  456.239228][T11799] netfs: Couldn't get user pages (rc=-14)
[  456.281396][T11800] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  456.284302][T11800] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  456.360230][   T10] usb usb44-port1: attempt power cycle
[  456.414174][   T40] audit: type=1800 audit(2000000041.752:1596): pid=11799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1553" name="file0" dev="9p" ino=71827879 res=0 errno=0
[  456.962837][T11800] vhci_hcd vhci_hcd.0: Device attached
[  457.095488][T11801] vhci_hcd: connection closed
[  457.095871][ T8059] vhci_hcd vhci_hcd.0: stop threads
[  457.101206][ T8059] vhci_hcd vhci_hcd.0: release socket
[  457.103842][ T8059] vhci_hcd vhci_hcd.0: disconnect device
[  457.139856][T11811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1555'.
[  457.145734][T11811] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1555'.
[  457.522658][   T10] usb usb44-port1: unable to enumerate USB device
[  457.814795][T11819] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  457.817177][T11819] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  457.820486][T11819] vhci_hcd vhci_hcd.0: Device attached
[  458.104500][T10122] usb 44-1: SetAddress Request (50) to port 0
[  458.107493][T10122] usb 44-1: new SuperSpeed USB device number 50 using vhci_hcd
[  458.125227][T11825] ubi: mtd0 is already attached to ubi31
[  458.231128][ T6439] usb 6-1: USB disconnect, device number 10
[  458.299970][T11822] vhci_hcd: connection reset by peer
[  458.302259][ T9934] vhci_hcd vhci_hcd.3: stop threads
[  458.306304][ T9934] vhci_hcd vhci_hcd.3: release socket
[  458.308604][ T9934] vhci_hcd vhci_hcd.3: disconnect device
[  459.553112][ T8646] usb 42-1: device descriptor read/8, error -110
[  460.354485][ T8646] usb usb42-port1: attempt power cycle
[  460.949102][ T8646] usb usb42-port1: unable to enumerate USB device
[  461.018624][T11841] netlink: 'syz.0.1573': attribute type 1 has an invalid length.
[  461.046031][T11841] bond5: entered promiscuous mode
[  461.054405][T11841] 8021q: adding VLAN 0 to HW filter on device bond5
[  461.094790][T11843] netlink: 'syz.3.1565': attribute type 1 has an invalid length.
[  461.107548][T11843] bond6: entered promiscuous mode
[  461.109496][T11843] 8021q: adding VLAN 0 to HW filter on device bond6
[  461.303694][T11862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1569'.
[  463.144789][T10122] usb 44-1: device descriptor read/8, error -110
[  463.269405][T11880] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  463.271614][T11880] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  463.275367][T11880] vhci_hcd vhci_hcd.0: Device attached
[  463.385977][T10122] usb 44-1: SetAddress Request (51) to port 0
[  463.390472][T10122] usb 44-1: new SuperSpeed USB device number 51 using vhci_hcd
[  463.455491][T11881] vhci_hcd: connection reset by peer
[  463.458353][ T1245] vhci_hcd vhci_hcd.3: stop threads
[  463.460574][ T1245] vhci_hcd vhci_hcd.3: release socket
[  463.463321][ T1245] vhci_hcd vhci_hcd.3: disconnect device
[  464.643720][   T63] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  464.803736][   T63] usb 5-1: Using ep0 maxpacket: 8
[  464.810058][   T63] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  464.815254][   T63] usb 5-1: config 0 has no interface number 0
[  464.819582][   T63] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  464.827574][   T63] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  464.899561][   T63] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 56, changing to 9
[  464.913786][   T63] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 8568, setting to 1024
[  464.923767][   T63] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  464.932239][   T63] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  464.945614][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.954361][   T63] usb 5-1: config 0 descriptor??
[  464.965290][   T63] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  465.162604][ T6003] usb 5-1: USB disconnect, device number 17
[  465.171509][ T6003] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  465.496458][T11905] netlink: 'syz.2.1580': attribute type 1 has an invalid length.
[  465.525022][T11905] bond2: entered promiscuous mode
[  465.527393][T11905] 8021q: adding VLAN 0 to HW filter on device bond2
[  465.896390][T11924] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  466.103990][ T8646] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  466.253608][ T8646] usb 5-1: Using ep0 maxpacket: 8
[  466.258902][ T8646] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  466.262521][ T8646] usb 5-1: config 0 has no interface number 0
[  466.265713][ T8646] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  466.270967][ T8646] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  466.276814][ T8646] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  466.281691][ T8646] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  466.287656][ T8646] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  466.291928][ T8646] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.300692][ T8646] usb 5-1: config 0 descriptor??
[  466.309786][ T8646] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  466.508799][T11923] FAULT_INJECTION: forcing a failure.
[  466.508799][T11923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.523749][T11923] CPU: 2 UID: 0 PID: 11923 Comm: syz.0.1585 Not tainted syzkaller #0 PREEMPT(full) 
[  466.523779][T11923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  466.523792][T11923] Call Trace:
[  466.523800][T11923]  <TASK>
[  466.523808][T11923]  dump_stack_lvl+0x16c/0x1f0
[  466.523843][T11923]  should_fail_ex+0x512/0x640
[  466.523868][T11923]  _copy_to_user+0x32/0xd0
[  466.523888][T11923]  simple_read_from_buffer+0xcb/0x170
[  466.523932][T11923]  proc_fail_nth_read+0x197/0x240
[  466.523967][T11923]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  466.524001][T11923]  ? rw_verify_area+0xcf/0x6c0
[  466.524024][T11923]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  466.524054][T11923]  vfs_read+0x1e4/0xcf0
[  466.524083][T11923]  ? __pfx___mutex_lock+0x10/0x10
[  466.524115][T11923]  ? __pfx_vfs_read+0x10/0x10
[  466.524137][T11923]  ? find_held_lock+0x2b/0x80
[  466.524165][T11923]  ? __fget_files+0x20e/0x3c0
[  466.524195][T11923]  ksys_read+0x12a/0x250
[  466.524219][T11923]  ? __pfx_ksys_read+0x10/0x10
[  466.524252][T11923]  __do_fast_syscall_32+0xe8/0x680
[  466.524294][T11923]  do_fast_syscall_32+0x32/0x80
[  466.524312][T11923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  466.524338][T11923] RIP: 0023:0xf7fd1579
[  466.524354][T11923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  466.524373][T11923] RSP: 002b:00000000f54c6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  466.524393][T11923] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54c6620
[  466.524405][T11923] RDX: 000000000000000f RSI: 00000000f7466ff4 RDI: 0000000000000000
[  466.524417][T11923] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  466.524428][T11923] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  466.524439][T11923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  466.524464][T11923]  </TASK>
[  466.534585][T11931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1589'.
[  466.543114][ T6003] usb 5-1: USB disconnect, device number 18
[  466.624446][ T6003] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  466.713133][T11937] ceph: No source
[  467.042298][T11941] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1590'.
[  467.064448][T11941] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1590'.
[  468.423724][T10122] usb 44-1: device descriptor read/8, error -110
[  468.533975][T10122] usb usb44-port1: attempt power cycle
[  469.095131][T10122] usb usb44-port1: unable to enumerate USB device
[  470.798923][T11964] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  470.801160][T11964] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  470.804254][T11964] vhci_hcd vhci_hcd.0: Device attached
[  471.083413][T10122] usb 42-1: SetAddress Request (63) to port 0
[  471.086287][T10122] usb 42-1: new SuperSpeed USB device number 63 using vhci_hcd
[  471.438523][T11965] vhci_hcd: connection reset by peer
[  471.441298][ T1245] vhci_hcd vhci_hcd.2: stop threads
[  471.444777][ T1245] vhci_hcd vhci_hcd.2: release socket
[  471.483616][ T1245] vhci_hcd vhci_hcd.2: disconnect device
[  471.966342][T11991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1602'.
[  473.057309][T12003] netlink: 'syz.0.1608': attribute type 3 has an invalid length.
[  473.062059][T12004] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  473.065478][T12004] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  473.067313][T12008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1609'.
[  473.069400][T12004] vhci_hcd vhci_hcd.0: Device attached
[  473.353264][ T6439] usb 40-1: SetAddress Request (34) to port 0
[  473.356378][ T6439] usb 40-1: new SuperSpeed USB device number 34 using vhci_hcd
[  473.535256][T12006] vhci_hcd: connection reset by peer
[  473.535622][ T9918] vhci_hcd vhci_hcd.1: stop threads
[  473.539554][ T9918] vhci_hcd vhci_hcd.1: release socket
[  473.539905][ T9918] vhci_hcd vhci_hcd.1: disconnect device
[  473.573267][   T60] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  473.843174][   T60] usb 5-1: Using ep0 maxpacket: 16
[  473.862740][   T60] usb 5-1: config 8 has an invalid interface number: 61 but max is 3
[  473.862758][   T60] usb 5-1: config 8 contains an unexpected descriptor of type 0x2, skipping
[  473.862826][   T60] usb 5-1: config 8 has an invalid interface number: 32 but max is 3
[  473.862838][   T60] usb 5-1: config 8 contains an unexpected descriptor of type 0x2, skipping
[  473.862847][   T60] usb 5-1: config 8 has an invalid interface number: 6 but max is 3
[  473.862914][   T60] usb 5-1: config 8 has an invalid interface number: 119 but max is 3
[  473.862927][   T60] usb 5-1: config 8 has an invalid interface number: 40 but max is 3
[  473.862945][   T60] usb 5-1: config 8 has 5 interfaces, different from the descriptor's value: 4
[  473.863020][   T60] usb 5-1: config 8 has no interface number 0
[  473.863030][   T60] usb 5-1: config 8 has no interface number 1
[  473.993312][   T60] usb 5-1: config 8 has no interface number 2
[  473.993329][   T60] usb 5-1: config 8 has no interface number 3
[  473.993339][   T60] usb 5-1: config 8 has no interface number 4
[  473.993468][   T60] usb 5-1: config 8 interface 61 altsetting 186 endpoint 0x1 has invalid maxpacket 608, setting to 64
[  473.993552][   T60] usb 5-1: config 8 interface 61 altsetting 186 has an invalid descriptor for endpoint zero, skipping
[  473.993628][   T60] usb 5-1: config 8 interface 61 altsetting 186 endpoint 0x2 has invalid maxpacket 1072, setting to 64
[  473.993712][   T60] usb 5-1: config 8 interface 32 altsetting 15 has a duplicate endpoint with address 0xA, skipping
[  473.993727][   T60] usb 5-1: config 8 interface 32 altsetting 15 has an invalid descriptor for endpoint zero, skipping
[  473.993800][   T60] usb 5-1: config 8 interface 32 altsetting 15 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  473.993818][   T60] usb 5-1: config 8 interface 32 altsetting 15 endpoint 0x9 has an invalid bInterval 171, changing to 11
[  473.993887][   T60] usb 5-1: config 8 interface 32 altsetting 15 has a duplicate endpoint with address 0xB, skipping
[  473.993964][   T60] usb 5-1: config 8 interface 32 altsetting 15 has 5 endpoint descriptors, different from the interface descriptor's value: 8
[  473.993981][   T60] usb 5-1: too many endpoints for config 8 interface 6 altsetting 81: 95, using maximum allowed: 30
[  473.994001][   T60] usb 5-1: config 8 interface 6 altsetting 81 has a duplicate endpoint with address 0x4, skipping
[  473.994078][   T60] usb 5-1: config 8 interface 6 altsetting 81 has a duplicate endpoint with address 0x8, skipping
[  473.994093][   T60] usb 5-1: config 8 interface 6 altsetting 81 has 3 endpoint descriptors, different from the interface descriptor's value: 95
[  473.994182][   T60] usb 5-1: config 8 interface 119 altsetting 5 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  474.059551][   T60] usb 5-1: config 8 interface 119 altsetting 5 has a duplicate endpoint with address 0x88, skipping
[  474.059570][   T60] usb 5-1: config 8 interface 119 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[  474.059583][   T60] usb 5-1: config 8 interface 119 altsetting 5 bulk endpoint 0xC has invalid maxpacket 8
[  474.059596][   T60] usb 5-1: config 8 interface 119 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[  474.059607][   T60] usb 5-1: config 8 interface 119 altsetting 5 has a duplicate endpoint with address 0xF, skipping
[  474.059619][   T60] usb 5-1: config 8 interface 119 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[  474.059642][   T60] usb 5-1: config 8 interface 40 altsetting 43 has a duplicate endpoint with address 0x4, skipping
[  474.059654][   T60] usb 5-1: config 8 interface 40 altsetting 43 has a duplicate endpoint with address 0xA, skipping
[  474.059666][   T60] usb 5-1: config 8 interface 61 has no altsetting 0
[  474.059675][   T60] usb 5-1: config 8 interface 32 has no altsetting 0
[  474.059685][   T60] usb 5-1: config 8 interface 6 has no altsetting 0
[  474.059694][   T60] usb 5-1: config 8 interface 119 has no altsetting 0
[  474.059703][   T60] usb 5-1: config 8 interface 40 has no altsetting 0
[  474.061619][   T60] usb 5-1: Dual-Role OTG device on HNP port
[  474.111231][   T60] usb 5-1: New USB device found, idVendor=2040, idProduct=c600, bcdDevice=6d.46
[  474.111249][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.111259][   T60] usb 5-1: Product: 鼻郖ỹ厘쐜Ὣ⢕򲛃ޓ랦㧮૽떊䞥Ӣ豺ﳨ茟옻ꨍ뽫㬘൏㩾꼊燊슎躎뎪쪾쩿㆝㉧Ԓ⼸祁엯躥ẅ鍥⵲삔衜퉕㓮ꣴ蹄傺ᠼ경账웷샸巒쉌莶丈猪ᙅ섘촬ட쫹纩⪠䄁웉ſ擿횟亖䈎䃓䘱걁拐ᤰ暓첸ჯƃᇍ툊⁕ᒯ鬑ᢠ嵮᝕鬇龣狐鋠슯䰭쌧ᆟ죖灪冽͉蚶靴뱩늳ꫨ㊻
[  474.111279][   T60] usb 5-1: Manufacturer: ᘎ
[  474.131498][   T60] usb 5-1: SerialNumber: 
[  474.493949][T12012] input: syz0 as /devices/virtual/input/input53
[  474.559915][   T60] usb 5-1: USB disconnect, device number 19
[  474.834473][T12037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1618'.
[  474.871833][T12039] can: request_module (can-proto-4) failed.
[  476.183561][T10122] usb 42-1: device descriptor read/8, error -110
[  476.623166][T10122] usb usb42-port1: attempt power cycle
[  477.485487][T10122] usb usb42-port1: unable to enumerate USB device
[  478.024464][T12057] syzkaller0: entered promiscuous mode
[  478.026854][T12057] syzkaller0: entered allmulticast mode
[  478.431705][ T6439] usb 40-1: device descriptor read/8, error -110
[  478.842396][ T6439] usb usb40-port1: attempt power cycle
[  479.194021][T12079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1628'.
[  479.454536][ T6439] usb usb40-port1: unable to enumerate USB device
[  480.393301][T12094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1631'.
[  480.646485][   T60] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  480.853189][   T60] usb 5-1: Using ep0 maxpacket: 8
[  480.857804][   T60] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  480.860835][   T60] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  480.864714][   T60] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  480.872131][   T60] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  480.876991][   T60] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  480.889362][   T60] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  480.986174][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.244876][   T60] usb 5-1: GET_CAPABILITIES returned 0
[  481.263052][   T60] usbtmc 5-1:16.0: can't read capabilities
[  481.961496][   T60] usb 5-1: USB disconnect, device number 20
[  482.096102][T12115] binder: BINDER_SET_CONTEXT_MGR already set
[  482.099350][T12115] binder: 12110:12115 ioctl 4018620d 800002c0 returned -16
[  482.106531][T12115] binder: BINDER_SET_CONTEXT_MGR already set
[  482.109137][T12115] binder: 12110:12115 ioctl 4018620d 80000040 returned -16
[  482.363427][T12121] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  482.366229][T12121] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  482.382867][T12121] vhci_hcd vhci_hcd.0: Device attached
[  482.551660][T12120] smc: removing ib device syz1
[  482.652792][ T6003] usb 44-1: SetAddress Request (54) to port 0
[  482.655677][ T6003] usb 44-1: new SuperSpeed USB device number 54 using vhci_hcd
[  483.292280][T12120] ------------[ cut here ]------------
[  483.295205][T12120] GID entry ref leak for dev syz1 index 2 ref=1
[  483.298268][T12120] WARNING: drivers/infiniband/core/cache.c:806 at gid_table_release_one+0x1ad/0x450, CPU#2: syz.2.1640/12120
[  483.304415][T12120] Modules linked in:
[  483.307701][T12120] CPU: 2 UID: 0 PID: 12120 Comm: syz.2.1640 Not tainted syzkaller #0 PREEMPT(full) 
[  483.312476][T12120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  483.317928][T12120] RIP: 0010:gid_table_release_one+0x1b6/0x450
[  483.321408][T12120] Code: 4c 24 38 48 c1 e8 03 4d 01 fc 48 89 44 24 08 eb 54 48 89 34 24 e8 1a 52 4f f9 48 8d 3d c3 83 26 08 48 8b 34 24 89 e9 44 89 f2 <67> 48 0f b9 3a e8 00 52 4f f9 48 89 d8 41 83 c6 01 48 c1 e8 03 42
[  483.330195][T12120] RSP: 0018:ffffc900034ff148 EFLAGS: 00010246
[  483.333464][T12120] RAX: 0000000000080000 RBX: ffff8880131c7200 RCX: 0000000000000001
[  483.337366][T12120] RDX: 0000000000000002 RSI: ffff88804ccf8fc0 RDI: ffffffff90958aa0
[  483.341772][T12120] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffed1009899c60
[  483.345791][T12120] R10: ffff88804c4ce303 R11: ffff888047c40b30 R12: ffffed1002638e5b
[  483.349588][T12120] R13: ffff88806ee8c000 R14: 0000000000000002 R15: dffffc0000000000
[  483.353779][T12120] FS:  0000000000000000(0000) GS:ffff8880978fc000(0063) knlGS:00000000f548db40
[  483.358253][T12120] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  483.362145][T12120] CR2: 00000000f54b5da4 CR3: 000000006f6ff000 CR4: 0000000000352ef0
[  483.366461][T12120] Call Trace:
[  483.368541][T12120]  <TASK>
[  483.370556][T12120]  ib_device_release+0xef/0x1e0
[  483.373345][T12120]  ? __pfx_ib_device_release+0x10/0x10
[  483.375423][T12120]  device_release+0xa4/0x240
[  483.377359][T12120]  kobject_put+0x1ef/0x6f0
[  483.379188][T12120]  put_device+0x1f/0x30
[  483.380867][T12120]  nldev_dellink+0x21f/0x320
[  483.383059][T12120]  ? __pfx_nldev_dellink+0x10/0x10
[  483.385147][T12120]  ? apparmor_capable+0x1d7/0x4e0
[  483.387084][T12120]  ? bpf_lsm_capable+0x9/0x10
[  483.388882][T12120]  ? security_capable+0x7e/0x260
[  483.391150][T12120]  ? ns_capable+0xd7/0x110
[  483.392884][T12120]  ? __pfx_nldev_dellink+0x10/0x10
[  483.395271][T12120]  rdma_nl_rcv_msg+0x38a/0x6e0
[  483.397299][T12120]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  483.399428][T12120]  ? __lock_acquire+0x436/0x2890
[  483.401435][T12120]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2d0/0x430
[  483.403829][T12120]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  483.406392][T12120]  ? netlink_deliver_tap+0x1ae/0xd30
[  483.408472][T12120]  netlink_unicast+0x5aa/0x870
[  483.410586][T12120]  ? __pfx_netlink_unicast+0x10/0x10
[  483.412500][T12120]  netlink_sendmsg+0x8c8/0xdd0
[  483.414517][T12120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.416477][T12120]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  483.418595][T12120]  ____sys_sendmsg+0xa5d/0xc30
[  483.420293][T12120]  ? __pfx_____sys_sendmsg+0x10/0x10
[  483.422103][T12120]  ? get_compat_msghdr+0x11a/0x170
[  483.424048][T12120]  ? __pfx_futex_wake_mark+0x10/0x10
[  483.426137][T12120]  ___sys_sendmsg+0x134/0x1d0
[  483.428041][T12120]  ? __pfx____sys_sendmsg+0x10/0x10
[  483.429990][T12120]  ? futex_private_hash_put+0x160/0x1b0
[  483.431960][T12120]  ? find_held_lock+0x2b/0x80
[  483.433707][T12120]  __sys_sendmsg+0x16d/0x220
[  483.435274][T12120]  ? __pfx___sys_sendmsg+0x10/0x10
[  483.437000][T12120]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  483.438909][T12120]  __do_fast_syscall_32+0xe8/0x680
[  483.440671][T12120]  do_fast_syscall_32+0x32/0x80
[  483.442332][T12120]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  483.444491][T12120] RIP: 0023:0xf709d579
[  483.445929][T12120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  483.452307][T12120] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  483.455157][T12120] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800002c0
[  483.457775][T12120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  483.460391][T12120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  483.463181][T12120] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  483.465817][T12120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  483.468484][T12120]  </TASK>
[  483.469677][T12120] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  483.472180][T12120] CPU: 2 UID: 0 PID: 12120 Comm: syz.2.1640 Not tainted syzkaller #0 PREEMPT(full) 
[  483.475339][T12120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  483.478891][T12120] Call Trace:
[  483.480030][T12120]  <TASK>
[  483.481024][T12120]  dump_stack_lvl+0x3d/0x1f0
[  483.482585][T12120]  vpanic+0x640/0x6f0
[  483.483913][T12120]  ? gid_table_release_one+0x1ad/0x450
[  483.485736][T12120]  panic+0xca/0xd0
[  483.486962][T12120]  ? __pfx_panic+0x10/0x10
[  483.488593][T12120]  check_panic_on_warn+0xab/0xb0
[  483.490276][T12120]  __warn+0x108/0x3c0
[  483.491610][T12120]  __report_bug+0x2a0/0x520
[  483.493241][T12120]  ? gid_table_release_one+0x1ad/0x450
[  483.495056][T12120]  ? __pfx___report_bug+0x10/0x10
[  483.496729][T12120]  report_bug_entry+0xe1/0x290
[  483.498359][T12120]  ? gid_table_release_one+0x1b6/0x450
[  483.500202][T12120]  handle_bug+0x18a/0x260
[  483.501655][T12120]  exc_invalid_op+0x17/0x50
[  483.503162][T12120]  asm_exc_invalid_op+0x1a/0x20
[  483.504769][T12120] RIP: 0010:gid_table_release_one+0x1b6/0x450
[  483.506790][T12120] Code: 4c 24 38 48 c1 e8 03 4d 01 fc 48 89 44 24 08 eb 54 48 89 34 24 e8 1a 52 4f f9 48 8d 3d c3 83 26 08 48 8b 34 24 89 e9 44 89 f2 <67> 48 0f b9 3a e8 00 52 4f f9 48 89 d8 41 83 c6 01 48 c1 e8 03 42
[  483.513108][T12120] RSP: 0018:ffffc900034ff148 EFLAGS: 00010246
[  483.515099][T12120] RAX: 0000000000080000 RBX: ffff8880131c7200 RCX: 0000000000000001
[  483.517674][T12120] RDX: 0000000000000002 RSI: ffff88804ccf8fc0 RDI: ffffffff90958aa0
[  483.520256][T12120] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffed1009899c60
[  483.522841][T12120] R10: ffff88804c4ce303 R11: ffff888047c40b30 R12: ffffed1002638e5b
[  483.525451][T12120] R13: ffff88806ee8c000 R14: 0000000000000002 R15: dffffc0000000000
[  483.528090][T12120]  ? gid_table_release_one+0x1a6/0x450
[  483.529928][T12120]  ib_device_release+0xef/0x1e0
[  483.531545][T12120]  ? __pfx_ib_device_release+0x10/0x10
[  483.533372][T12120]  device_release+0xa4/0x240
[  483.534911][T12120]  kobject_put+0x1ef/0x6f0
[  483.536387][T12120]  put_device+0x1f/0x30
[  483.537793][T12120]  nldev_dellink+0x21f/0x320
[  483.539322][T12120]  ? __pfx_nldev_dellink+0x10/0x10
[  483.541060][T12120]  ? apparmor_capable+0x1d7/0x4e0
[  483.542734][T12120]  ? bpf_lsm_capable+0x9/0x10
[  483.544293][T12120]  ? security_capable+0x7e/0x260
[  483.545981][T12120]  ? ns_capable+0xd7/0x110
[  483.547462][T12120]  ? __pfx_nldev_dellink+0x10/0x10
[  483.549164][T12120]  rdma_nl_rcv_msg+0x38a/0x6e0
[  483.550771][T12120]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  483.552525][T12120]  ? __lock_acquire+0x436/0x2890
[  483.554244][T12120]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2d0/0x430
[  483.556357][T12120]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  483.558648][T12120]  ? netlink_deliver_tap+0x1ae/0xd30
[  483.560398][T12120]  netlink_unicast+0x5aa/0x870
[  483.562007][T12120]  ? __pfx_netlink_unicast+0x10/0x10
[  483.563751][T12120]  netlink_sendmsg+0x8c8/0xdd0
[  483.565361][T12120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.567104][T12120]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  483.569118][T12120]  ____sys_sendmsg+0xa5d/0xc30
[  483.570744][T12120]  ? __pfx_____sys_sendmsg+0x10/0x10
[  483.572481][T12120]  ? get_compat_msghdr+0x11a/0x170
[  483.574188][T12120]  ? __pfx_futex_wake_mark+0x10/0x10
[  483.575923][T12120]  ___sys_sendmsg+0x134/0x1d0
[  483.577493][T12120]  ? __pfx____sys_sendmsg+0x10/0x10
[  483.579193][T12120]  ? futex_private_hash_put+0x160/0x1b0
[  483.581013][T12120]  ? find_held_lock+0x2b/0x80
[  483.582609][T12120]  __sys_sendmsg+0x16d/0x220
[  483.584138][T12120]  ? __pfx___sys_sendmsg+0x10/0x10
[  483.586040][T12120]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  483.587941][T12120]  __do_fast_syscall_32+0xe8/0x680
[  483.589671][T12120]  do_fast_syscall_32+0x32/0x80
[  483.591319][T12120]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  483.593429][T12120] RIP: 0023:0xf709d579
[  483.594791][T12120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  483.601122][T12120] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  483.603871][T12120] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800002c0
[  483.606476][T12120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  483.609045][T12120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  483.611672][T12120] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  483.614251][T12120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  483.616781][T12120]  </TASK>
[  483.618602][T12120] Kernel Offset: disabled
[  483.620050][T12120] Rebooting in 86400 seconds..