last executing test programs:

7.288804158s ago: executing program 1 (id=862):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x13, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b41f654b82bf8ff00000000bfa100000000000007010020f8ffffffb702000008000000b7030000000000000000000006000000d7f259a1f42fafa0b70947135e1801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8fffffdb702000008000000b703000005000000850000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r0}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
ioctl$NBD_DO_IT(r1, 0xab03)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$tipc(0x1e, 0x5, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$packet(0x11, 0x2, 0x300)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time\x00')
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x800)
r4 = syz_ublk_setup_io_uring(0x22, &(0x7f0000000340)={0x0, 0x0, 0x100, 0x2, 0x1df}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0, &(0x7f00000004c0)=<r7=>0x0)
syz_io_uring_submit(r5, r6, r7, &(0x7f0000000980)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, {0x11e6}})
syz_ublk_setup_io_uring(0x557a, &(0x7f00000000c0)={0x0, 0x8be8, 0x80, 0x2, 0x3ac, 0x0, r4}, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0))
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r8=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r8, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)

7.063016544s ago: executing program 1 (id=864):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x13) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x13)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x10, 0x200, 0x70bd28, 0x25dfdbfb, {0x7}, [@generic="94251beb75"]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40090)
r1 = syz_open_dev$evdev(&(0x7f00000001c0), 0xe27db0e3, 0x10000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r3, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f00000002c0))
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000200)=""/43)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000074000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d300012802c0001800a0001006c696d69740000001c0002800c00024000000000000010000c000140fffffffffffffffd080003400000013a"], 0xbc}}, 0x20050800)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3800000040000701feffffff02000000017c0000040042800c00018006000600800a00001400028010000b800c0015"], 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0xc800) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3800000040000701feffffff02000000017c0000040042800c00018006000600800a00001400028010000b800c0015"], 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0xc800)

6.99056475s ago: executing program 1 (id=865):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x90280, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_emit_ethernet(0x6e, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400000010000100000000000000000000ab9a1aee00000a20000000000a0300010073797a30000000009c000000090a0104000000000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100d56f6e6e6c696d69740000861529556dec384d40000000001400017b090001106cdbf80789f3f947dd0002aaede1416306000000000386e25c986e024a0e9d1bcfd45f0f4c44d9afcfd96f6ec3f72d1e8939f99c163bb9aee231a3ff"], 0xe4}, 0x1, 0x0, 0x0, 0x2400c044}, 0x880)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r3, 0x1, 0x22, &(0x7f0000000600)=0xb, 0x4)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000600)=0x9, 0x4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000002c0), 0x0)
listen(r4, 0x7)
openat$vhost_vsock(0xffffff9c, &(0x7f0000000300), 0x2, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @multicast2}], 0x10)
listen(r3, 0x7)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004d968119f68f58d94773b9ab884100003c"], 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r5, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="48000000101400012abd7000fbdbdf2508004b001300000008000100666010720800030000210000280001000100000008004c080000000008c67ee237004c000100000008004a0073b5fa55f6a7e2be76c0a7e2e1e720ddeee952acca6db9019afcee3b691104515db65e91cbc7ce5aebe45c7bb168b48198b39601d2"], 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc048aeca, &(0x7f0000000100)={0x8, 0x0, [{0x0, 0x0, 0x7}, {0x400000b3, 0x0, 0x1}, {0x9bd, 0x0, 0x66}, {0x9a7, 0x0, 0x2000000f0a}, {0x809, 0x0, 0x3}, {0x879, 0x0, 0x8}, {0xada}, {0x827}]})
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000001c0)={0x1, 0x0, [{0x1, 0x2, 0x80, 0xfffffff9, 0xeaa}]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000c40)={0x1, 0x0, [{0x480}]})
r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r10, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})

5.63072507s ago: executing program 1 (id=873):
r0 = openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0185647, 0x0)
syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f00000001c0))
prlimit64(0x0, 0xc, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd7000fcdbdf2502000000080001"], 0x1c}}, 0x840)
write$nci(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="5001ff"], 0x102)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve1\x00'})
r5 = socket(0x10, 0x803, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_ringparam={0x10, 0x7, 0x0, 0x81, 0xfffffffd, 0x7f, 0x6, 0x4}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = openat$full(0xffffff9c, &(0x7f0000000080), 0x181400, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={r8, r8, 0x1f, 0x0, @void}, 0x10)
sendto$inet_nvme_icreq_pdu(r8, &(0x7f0000000140)={{0x0, 0x6, 0x80, 0x2}, 0x0, 0x0, 0x2}, 0x80, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)=<r10=>0x0)
timer_settime(r10, 0x0, &(0x7f0000000000)={{0x0, 0x989680}}, 0x0)
clock_nanosleep(0x0, 0x0, &(0x7f0000000340)={0x0, 0x989680}, 0x0)

4.928509363s ago: executing program 2 (id=874):
socket(0x15, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="31032fbd7000fddbdf250800000008000300", @ANYRES32=r2, @ANYBLOB="05002d000100000008000600", @ANYRES8=r0], 0x2c}, 0x1, 0x0, 0x0, 0x8814}, 0x20000084)

2.499489834s ago: executing program 0 (id=883):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={<r1=>0xffffffffffffffff}, 0x111}}, 0xfffffe2c)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r1, 0x1, 0x30, 0x30, 0x0, @in6={0x1b, 0x4e22, 0x0, @loopback, 0x10000c01}, @ib={0x1b, 0xdb, 0xffff8001, {"1ad1f300"}, 0x8000000000000001, 0x2, 0x3}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r1, 0x4734}}, 0x10)
close(0x3)
syz_open_procfs(0x0, &(0x7f0000000540)='clear_refs\x00')
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d6080045000058036c907800000000000000000420880b0000000000000800000086dd080088be00000000100000000100000000000000080022eb0000000020fd00000200000000000000000000000800655800000000"], 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
stat(&(0x7f0000000600)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240)={0x80, 0x0, 0x7})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f00000000c0)={0x170001, 0x10a000})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYRESHEX=r2, @ANYBLOB="da3ab93d2f010400005fb0321da67132027d1085968f8c7aa43e3ba3852bb6f4811b18d33e11f31fb2ece2d81225dc1848b686912cd55664486dfcce7dcb730bdeac9bbed71b2303cd579e4cf49cab7388be739946818c46d8e8f163cdeda7d26f09458a5aa89c9271b72fb1fce15d5e0068ed21bf75d7148fd723439e5bff7605fff009a9b01cacf7736dc20705f3b77eaf37b6079e7865f7df9dcbdbd5c79a10d59c4fc7e9a52c5998067254951061d6244e21e98ebb68", @ANYRES8, @ANYRESDEC=r2, @ANYRES16, @ANYRES16, @ANYRES32=r2, @ANYRESDEC=r1], 0x30}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80e40, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x0, 0x0, 0x0, 0xf}, &(0x7f0000000080)=0x20)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r3, 0xc0403d08, &(0x7f0000000500))
ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000100)={{0x100, 0x0, 0x0, 0x2}, 'syz1\x00', 0x1a})
fchmod(r4, 0x8)
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x4, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, 0x0, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x0, 0x0, 0x0)

1.94665709s ago: executing program 2 (id=884):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x30, r0, 0xffffe000)
chroot(&(0x7f0000000300)='.\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r1)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[], 0x48}, 0x300}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x300}, 0x8040)
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
openat$kvm(0xffffffffffffff9c, 0x0, 0x8ab43, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x8801)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000001340)={{0x0, 0x0, 0x0, 0x8, 'syz0\x00'}, 0x3, 0x0, 0x8, 0x0, 0x3, 0x0, 'syz1\x00', &(0x7f0000000180)=['\x00', '-[\'\x00', 'r\x0e\x81|\x0f\xa3\x8a\xb9\x8c\x94\x04\x17\v\rh\x10'], 0xc15c})
creat(0x0, 0xd931d3864d39dcca)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x8c5)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x200)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
getcwd(&(0x7f0000000180)=""/164, 0xa4)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40440, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)

1.9461672s ago: executing program 1 (id=885):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x9, 0x3, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x904}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0200000004000000040000000800000014100000", @ANYRES32, @ANYBLOB="0000000003130000000000bfef57405421728b94e653fb0000000000000000008b6df43ccd655b6cc8b8b3af581b492d071a46e8ddcbba99bc737fd291a4a997edde13fa481e3f10f78994eb5cc804377708e226b2aa0a22a3f773d375791669a3cc0cea72969932f8c94d20128dd3e241cc0401adb914a342fcca589c35f757ad315bedbe8328b2fde78c43bf9f2e2cecfe4904a897ab4734f3c852e5543fa30814361dbea5989111b75ee07e668a12c80af7eb605eee1786ceaefa74c52d7a871b1b9c1659", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000080000000000000000000080850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r2}, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
getrlimit(0x2, &(0x7f00000001c0))
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf3000000000000025000200091bfeff3d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200000300000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_msg}, 0x48)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x89901)
timer_create(0x6, &(0x7f0000000700)={0x0, 0xb, 0x4, @thr={&(0x7f0000000340)="af7382ae1bd6f0f646e5d627aa6c80db0bc5c676102493a44ce3b1323f89fc02a416c8a01099170e23072a47675b1dc26c7f77c7a4dd2c4a83ca977004878b37b2924a575a4935d31ee25fe75f2fa988695f1dd3aec77e40dea01ff18c7020021127f63005b8cf06c16b761dfed1e515a2e7ff9bcc44a254beacfa71a081dd0f5df121592ee0622c2d2e6ba639e8b9aaa41105e8d6858b06e1807d6602cda18078d3b97798cd832379549bdde94713be1f85655057f16f964cbfdb5876dc62b203f7080541d10b7e37f442322766591a31f7e15a400967d0fd59e2e78706a8cf04fa09cef92af17ba03a18c077a221855601", &(0x7f0000000600)="e769b9c628ab32887e032ac1e3570d2eae0ebd211779810c5cb369cab56f50b214f20770e9750e86642eedc873e81a7c47264deda555bc16161a84d637fde1b4cf6467918b01e73a8b03ac204cf44a64c69b39f715c5086ad62fc31711383725c77b73b1b44649cf4c8950a60242a28ac576fc4a56e8070de0c91583f3d36f387a96868fc396ab9f2b5bd29180c1f00d2f5873a83c05758fde6b197aa01a3b50fc25aa6bc02b2ea339b863a5e3d90a4d24fc1e2a38aba88637aa2034f68d7d6fe2f72521cda2a1788092f4c448992784b0909592a89774b53fae47a770b8887e7d51385ba721d10f31b6b9dd129df8296f6de3adfd21194e6cc72c0ea8f31b"}}, &(0x7f0000000740)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000780)={{0x77359400}, {0x77359400}}, &(0x7f00000007c0))
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', 0x220)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setresgid(0xee00, 0xffffffffffffffff, 0x0)

1.570140977s ago: executing program 3 (id=886):
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xb5da, 0x10100, 0xfffffffc, 0x3}, &(0x7f0000002000), &(0x7f0000000000), &(0x7f0000000000))
r1 = io_uring_setup(0x1e3, &(0x7f0000000280)={0x0, 0x1f38, 0x20, 0x2, 0xe5, 0x0, r0})
r2 = socket$netlink(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000000f80)={0x6, 0x1, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000640)=""/87, 0x57}, {&(0x7f0000000840)=""/197, 0xc5}, {&(0x7f00000009c0)=""/75, 0x4b}, {&(0x7f0000000b80)=""/198, 0xc6}, {&(0x7f0000000c80)=""/220, 0xdc}, {&(0x7f0000000e00)=""/249, 0xf9}], &(0x7f0000000f40)=[0xa1a5, 0x1, 0x7, 0x8]}, 0x20)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, <r5=>0x0, 0x0, <r6=>0x0], &(0x7f0000000200), 0x4, r4})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000500)={0x601, 0x1, &(0x7f0000000180)=[r4], &(0x7f0000000480)=[0x2], &(0x7f0000000440)=[r6, r5], &(0x7f0000000040), 0x0, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000007e000000000008000000000010009b853bbfc0b83cc2b6f69690344002e9e48116c4535c0436"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0700000004000000200000000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\a'], 0x48)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000940), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000980)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r9, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)={0x74, r10, 0x5aa35dd3a2be2ad9, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_FRAME={0x44, 0x33, @mgmt_frame=@probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x8}, @broadcast, @device_a, @initial, {0x0, 0xac5}}, 0x7ff, @random=0x4, 0x640, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x2, 0x3, 0x4, 0x0, {0x100000436, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x400, 0x4, 0xfd}}, @void, @void}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000}, 0x8040)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={0x38, r10, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000006c0)=@newtaction={0x180, 0x30, 0x400, 0x0, 0x0, {}, [{0x16c, 0x1, [@m_ct={0x133, 0x3, 0x0, 0x0, {{0x7}, {0x90, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "360b2e2edbaa205280765c402691ed81"}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @mcast1}, @TCA_CT_PARMS={0x18, 0x1, {0x200, 0xfffff801, 0x20000000, 0x2, 0x2}}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e23}, @TCA_CT_LABELS={0x14, 0x7, "c051a8be2fc68cd791b8df21361522e2"}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @local}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e23}, @TCA_CT_LABELS_MASK={0x14, 0x8, "6656094ed82f3ec1a92e7a2f68a96459"}]}, {0xb4, 0x6, "f6556c6168637c8a1bb1f200e278d92d27811119fc75a7341eed05c7269df40c6d68adf2dc4c412bd744aab2717ebfe0f7d36766d1d9031d6c5c262949ebfea0e9a5187e2f5dd20a54f32efcf001a32f916bb3b59761950fa2f135bf7a1fd0162324c7a76c9504fd6f13ee97219a90a3d197420e308ce59eec04bf0b5d03e73e96a1c0a1e1fe38018093adff7908f7321f650cf3462da4eaaa86af9a4ddf7883e6c19fda110b90eb94ef8b518c0ee38a"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x180}}, 0x0)
r12 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r12, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r13=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r12, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r13, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x101c, 0x10, 0x4, 0x401, 0x100, 0xa, 0x0, 0x52, 0x43, 0x7e9, 0x401, 0x9aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000340)={&(0x7f0000000300)=[0x0, 0x0], 0x2, 0x0, <r14=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f00000003c0)={&(0x7f0000000040), 0x0, r13, r14, 0x1ff, 0xfff, 0x1, 0x8, {0x4bc, 0x0, 0xd, 0x8, 0xf2, 0x7, 0x3, 0x3, 0x5, 0xd1, 0x3, 0x7, 0x3db6, 0x8, "bfc7024be202f33634f6d8ab5fc7878f7f10c0cc68a1dbe687c9aace2d97d6c6"}})

1.489174281s ago: executing program 0 (id=887):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x13, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b41f654b82bf8ff00000000bfa100000000000007010020f8ffffffb702000008000000b7030000000000000000000006000000d7f259a1f42fafa0b70947135e1801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8fffffdb702000008000000b703000005000000850000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r0}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x2)
ioctl$NBD_SET_SOCK(r1, 0xab00, 0xffffffffffffffff)
syz_open_dev$ndb(&(0x7f0000000280), 0x0, 0x0)
ioctl$NBD_DO_IT(r1, 0xab03)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$tipc(0x1e, 0x5, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$packet(0x11, 0x2, 0x300)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time\x00')
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x800)
r3 = syz_ublk_setup_io_uring(0x22, &(0x7f0000000340)={0x0, 0x0, 0x100, 0x2, 0x1df}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0, &(0x7f00000004c0)=<r6=>0x0)
syz_io_uring_submit(r4, r5, r6, &(0x7f0000000980)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, {0x11e6}})
syz_ublk_setup_io_uring(0x557a, &(0x7f00000000c0)={0x0, 0x8be8, 0x80, 0x2, 0x3ac, 0x0, r3}, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0))
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r7=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r7, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)

1.33554761s ago: executing program 2 (id=888):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="20000000110001011f00"/20, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

1.305161147s ago: executing program 3 (id=889):
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xb5da, 0x10100, 0xfffffffc, 0x3}, &(0x7f0000002000), &(0x7f0000000000), &(0x7f0000000000))
syz_ublk_setup_io_uring(0x3d74, &(0x7f0000000a40)={0x0, 0x1d56, 0x0, 0x1, 0x3bf}, &(0x7f0000000ac0), &(0x7f0000000d80), &(0x7f0000000fc0))
r0 = socket$netlink(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000f80)={0x6, 0x1, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000640)=""/87, 0x57}, {&(0x7f0000000840)=""/197, 0xc5}, {&(0x7f00000009c0)=""/75, 0x4b}, {&(0x7f0000000b80)=""/198, 0xc6}, {&(0x7f0000000c80)=""/220, 0xdc}, {&(0x7f0000000e00)=""/249, 0xf9}], &(0x7f0000000f40)=[0xa1a5, 0x1, 0x7, 0x8]}, 0x20)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, <r3=>0x0, 0x0, <r4=>0x0], &(0x7f0000000200), 0x4, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000500)={0x601, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000480)=[0x2], &(0x7f0000000440)=[r4, r3], &(0x7f0000000040), 0x0, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000007e000000000008000000000010009b853bbfc0b83cc2b6f69690344002e9e48116c4535c0436"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0700000004000000200000000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\a'], 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000940), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000980)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r7, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)={0x74, r8, 0x5aa35dd3a2be2ad9, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x44, 0x33, @mgmt_frame=@probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x8}, @broadcast, @device_a, @initial, {0x0, 0xac5}}, 0x7ff, @random=0x4, 0x640, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x2, 0x3, 0x4, 0x0, {0x100000436, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x400, 0x4, 0xfd}}, @void, @void}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000}, 0x8040)
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={0x38, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000006c0)=@newtaction={0x180, 0x30, 0x400, 0x0, 0x0, {}, [{0x16c, 0x1, [@m_ct={0x133, 0x3, 0x0, 0x0, {{0x7}, {0x90, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "360b2e2edbaa205280765c402691ed81"}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @mcast1}, @TCA_CT_PARMS={0x18, 0x1, {0x200, 0xfffff801, 0x20000000, 0x2, 0x2}}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e23}, @TCA_CT_LABELS={0x14, 0x7, "c051a8be2fc68cd791b8df21361522e2"}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @local}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e23}, @TCA_CT_LABELS_MASK={0x14, 0x8, "6656094ed82f3ec1a92e7a2f68a96459"}]}, {0xb4, 0x6, "f6556c6168637c8a1bb1f200e278d92d27811119fc75a7341eed05c7269df40c6d68adf2dc4c412bd744aab2717ebfe0f7d36766d1d9031d6c5c262949ebfea0e9a5187e2f5dd20a54f32efcf001a32f916bb3b59761950fa2f135bf7a1fd0162324c7a76c9504fd6f13ee97219a90a3d197420e308ce59eec04bf0b5d03e73e96a1c0a1e1fe38018093adff7908f7321f650cf3462da4eaaa86af9a4ddf7883e6c19fda110b90eb94ef8b518c0ee38a"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x180}}, 0x0)
r10 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r11=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r10, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r11, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x101c, 0x10, 0x4, 0x401, 0x100, 0xa, 0x0, 0x52, 0x43, 0x7e9, 0x401, 0x9aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000340)={&(0x7f0000000300)=[0x0, 0x0], 0x2, 0x0, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000003c0)={&(0x7f0000000040), 0x0, r11, r12, 0x1ff, 0xfff, 0x1, 0x8, {0x4bc, 0x0, 0xd, 0x8, 0xf2, 0x7, 0x3, 0x3, 0x5, 0xd1, 0x3, 0x7, 0x3db6, 0x8, "bfc7024be202f33634f6d8ab5fc7878f7f10c0cc68a1dbe687c9aace2d97d6c6"}})

1.238763352s ago: executing program 0 (id=890):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/power/pm_print_times', 0x2242, 0x114)
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x80000)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000400)={0x0, 0x1, 0xbe})
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x14)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/unix\x00')
pread64(r5, &(0x7f0000001c00)=""/4108, 0x100c, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="03000080060000cc5c988eba0000000080000001f3e89431612867007f4ce4f828760201cbad0001000300ffdf81300000", @ANYRES32=r4, @ANYBLOB='y\x00'/20, @ANYRES32=0x0, @ANYRES32=r5, @ANYBLOB="0400000004000000020000000000000000000000000000000000000073ad0f33ed935828d3b895b160c0e90a93b2012de1d54e6efc21459aba2a9862631119034d76fb53f3603acb84a7897aa86cbd54e6a766c9cac79e6fb7eb3459a2bffe390cca0fe38462aa7bca9b88ef13290b03b1d10b64f1f9b1c023b7c25b87a2758143a46767640100000000000000898bc5e5"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone3(&(0x7f0000000380)={0x20000000, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r6 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x2c0})
sendfile(r6, r7, 0x0, 0x2000fb)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000100)=@assoc_value, &(0x7f0000000000)=0x8)
socket$inet(0x2, 0x4000000000000001, 0x0)
r8 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r8, 0x1)
r9 = openat$vcs(0xffffff9c, &(0x7f0000000040), 0x539002, 0x0)
dup(r9)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

1.159718349s ago: executing program 3 (id=891):
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x702, 0xe80, 0x0, &(0x7f0000000580)="e460334470d8d400eb00c15286dd", 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.159353781s ago: executing program 2 (id=892):
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x6, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000002280)=ANY=[@ANYBLOB="18020000e2ffffff00000000000000c685000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093add57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf72ee7944e810d0223917c3d042410f57466f59544047d6d8ac44060000000000ee16c729300d2301800000000000002b5a8b05fcc154ad5290a8cdb97c343f454ff69dd6cbde49b28a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b5592bf17956f3547497aba814382ff67b345b677a9d6523d87008000000400000000003fe8613ca29ff92be0d8deffff7b68136b0046d535dd39c0f35408869e9b342b953f91447e6b9eab304f134306320600a44095254b45a6c1312a13696c7202df5f764713504facc532c5a6d44d99ec7530ed7b0311000000000000e54e9072a22d911f4a2c2e2fa806e63c5cd98a8569a6d6bcfb000064885117e2ad910eae67e0ebe380d0f648713e68153579e02d71c58d147b00821ab9a6475b31e1ebf1369a04000000fbf3983f283f2f00000000992774814d63c933912d000006000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d02000000000000000edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b5062809a7418b165dd0336d226bac1e1223be1c97b15175d0e664beb126000e96549e1a1228c686edb475b705eaa9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412131ed9925989e01eae489ec7052e0ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000423346da092cbe220de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f03000000000000005dcf4f2aaee86d4802000000000000007cdb686d5da2a42e4b5024b6535811f362201d4f82012e6af704973d04ea923c19e6cb723c1923b3eea2d73e176dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2bd4e96c93bff3ad04a82ff3cfadcf65eb92adc6c68d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a9a362ee9cc624ec454b90200fd9603f96908bddc14500000000000000000000000000044d917c62b27679913075731e8fddb07c10c82002d60181588ae63a440454287de9e340f611267f37bdd0f2d21cb06fcaf45a0a297e396f428d43371424b307eef82c5d6d19f3ef0d3b8f7fa51957e3099caab31133b34a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e248deb8c83ab6eb2c72c484241dc3b66da78260f800fffd39368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f5078191c8a02ad436725771738a2a98891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423c1cbc8b5d19167152823ed853140edda002c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd77125d98120358900000892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f21ca450139c558000000000000000000000800000000000000000075aa0000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf00334fa94da8477be7d99b558ec6a5b1596ac1e7617c6b32eed0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde330a193a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbd11b015c415ca04192fbfb1a8b0e3460af35771dbac10062835c9bab3ad09f7a022c52d8000000000000000000004000000000000000000000000000000000000000000400000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de4295777a17bf4dfdfee5de0f3e4dadf51ab9562827b762fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c8182d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c877a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5f3c20dbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966950000000000000000c187da23d6855500fe8510b51e13a890e394b84a6ea2cc8d42b97c697c29122298d55e2e1cca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3872342dea9252132860c9af1bd5fe263c0313dea5d6e0c11a466d6892ed65f34667dd79b07b5cbdd8aa7dd561a26b5562d4861a7e1b0f48930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a107763138e8d9876291af2076890c47925ac773d95d2ca42acb3e5f3a1550665b898462c139ffd0106bc8a61b6117d252efcab7106b4c3a3c13a70ff452e9d2096142c517b0e91b5cf88332faca5b3ee96363065c3ce32d3d39ec36e20d597e05664f2526bd918090649da11f7299789d00f502cdf1e99d3efecb9b457642fe810370ba4fbe00fa60a28af966a27a1659e448bbe43a1dcd2ea760018b57a36ac41ef2051a7b703d55c0602540663016e20d50385766df4dac47802a55bd38dd767ee9960c6daa704fc5d01a14591f26b7b538c9bb22f6a2f7a34d1b9edfd125a9e25a110228c64253588ff420644dbc0854e69a7bdda72f93ceaccf92cfe7dd6296c950db10f6dd8a5ef9b73cf6a12a1ba16fdc7e35b805f4fd2fcff0a623722149c1465e4de2d53f0f10b14c21865027abc71a12cb1e9f8029c7a20000000eeb0d53a83e518c8d2052c08b515d9d0bde24ac4e798040c7db0bb03c019507d6377f3d5dd94a27abc6d6b120d61f772407e0d2cb50d29168b68aef9f176b4c3aa8b21279d4ea9c1f669aa8c2c17d5b3a8d1dda58d26f1019af04b7774c85d5bce8be010f27c5211938031c3404680b01279c778bd1fe1b48c4b5b8e0fe756e54a8d76b7cec5e3407d93b4eadc446440607de844acf5524a4657e33af2115547b735b57b5092d0bc8fa6acb832509abe0882d570ce400aaebd7baff88526608d6991aac95751671174129457e4a03aca69d82b64b89e6ad6ed1e275ec5002e48170e4c7b4f3971481098dedb88fba90770e44bf404d5a97fefe2fe8e459fe45933b78c7ab5fe985a480193a20fb07da1455fb283df68af569ac82aa6dc703e29bf158931fb79f2abfa6ff7eb8c4f381c9da58bea460e2ead969933e5391970ca4fddd64da2e5df9c4d82044068caaaab771b37bb06bbe673056d849825525f1120b2250f6b8520381f7a74b1c687781cb6b23e67b918844b83dbaeeb559ec8520d710dd6d6b4e64838bd434a36ed03fc0c488b24571032ffbc9f8ce97041e1bc4729d539358dc9599c1266b9ce2cb6dd0ad57a6e9d3d4a11a27f70b2934c96237e2ba09c58eeda678d4d08b6da99b7a86e946215afb1b48792fde54492e306cb5342e2589874b603a1de972b1f09cc350096f5c3e814118af9ba0793cfdf20c77b34eacfdf63ce59ec4d2f867bf884e941559b068d908325667672b5e1cf71f4829c0493e8b141399ed926b822becead7a0a2b4a4c008ab16b616d60f347e4da54f06443507efe57ea62399ef4eb11b2f559e1b056456a53998bf1c6d13c92e75136147f91ae3a75ca15eb1b51bf700b3c0bf54bc3745ff313c5e75dc66386897f6ee45429371b8d0878c442ad2fe9baf85c1390da13efc353ccbef950c29f39ddf436f0d9bf1be1515ed251d8b6f11ecb16b1e8d1ed04196e9b6c2f9e068b7749bb6c1f533e493f22c901662c65cb761dc2eeff2f698bd4dbae83e2dfdc4f1c7f918a00515c1bc189d10ec22b35c92725cbf0ba244fd029c4f026f68e000000060000ab0476c3fd7f7c1e5c000000000000000000000011e43e39d3f4394fbfa13c416b1c443c5e52eea726491ad75100ebad7c6d5a665c59a3fb158e43da904f19e7e8daa4e90390b8da945f6cd78536c0d2be07221f85ad46b180f256d4d84592691d15d65896b66b63a46705338b67b72dc1c3075fcdc5cbffb0366151632ba5be8ae815dfea9fadfd31c473a24a73d3e5116c3023b3563c72d26fbd59877132bde5ca4ef8d92fd3613c768b35223f6fd0b5e9a8b98cccf1e2b4612e620e3a159d6365c9045aaa826aa0ee6d26cf0397ce674c20824584b464ebdc2f3ea26a7aec4570b242a6677a4e9187f8591c3a9bdc0000001a002364bbd93964a8d0bdc802b9be2500"/3636], &(0x7f0000000040)='GPL\x00', 0x4, 0xfdc0, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
setsockopt$sock_attach_bpf(r0, 0x29, 0x22, &(0x7f0000000100)=r1, 0x120) (fail_nth: 2)

1.079926102s ago: executing program 0 (id=893):
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0, 0xf4}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x34080}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x28}}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}}, 0x8c5)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r4, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffa})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x790f0000)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
lsetxattr$security_capability(&(0x7f0000002580)='./file0\x00', &(0x7f00000025c0), 0x0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
r5 = openat$ptp0(0xffffff9c, &(0x7f0000000340), 0x400, 0x0)
ioctl$PTP_PIN_GETFUNC(r5, 0xc0603d06, &(0x7f0000000380)={'\x00', 0x5, 0x2, 0x8001})
syz_io_uring_submit(0x0, 0x0, 0x0, &(0x7f0000000280)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x5})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r6, &(0x7f0000000180)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x38, r7, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x8}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x107}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040}, 0x4040080)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1d00000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='O', 0x1, 0x80, 0x0, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x212, 0x0, &(0x7f0000000680)="c3ef7f670000ec6783b4241544b50000000000000000000000000033a42c9550f50ac311e0f0544b00aab05450dc23d925bde6a1b56f92241432fa00228f11b0cc67e2e658d909c57270d30b39d3050b381d0000000000000004e1932780b192d2d61359ae0fe90b9d2a6faff570879d2f1b517210627c69e56ed195980a9a880700d5f059a6b7bb7b6a9787136a408914de373597695c519462765ac26a88185098ad1245c1d4d5162ce2fea5c53a8a44e93948de54e526e931694b28cdbc247797e769ef43a9f6bd08ef5c0abb843cc87035a5b7000083add0ccba38d197307108bfdbfae41be13e5d862e02e9f2d2582ff8ac1633f06ec78ba44e55b01022e4571179474ab5fdc0434372f826013043d00700000000000000a398285fc817fcc5ff0f02ea32cfd39b6a35f62e75f5a18720b2c73e9146cd67f57e2826f63986c202521300f2d4de3a1aed06b4771d349920e5a7891bd7b0ce80fdcbced288defdce000000e5ff00000000f75ac937aa74824fc2d467e0cfc3ff42b92176967ffb5940c531cb0dfb88cb3218c79c622b233ff7a008adf59e6dc4f4f306dd87ff882fa663110d10b9360893de41007872ca49edb852b1892823276badf3eaba18117ab83f7e38c666252d78151229c61119ba29e621def514c7f8ce13db7c270c0de77d53b5e759de5619636fe24e472e82043acf5731ca68b3b46a5b96bb8dba2b2dfc4782ac75523fcadbb4147f4de654", 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x10000008}, 0x4c)

1.079666652s ago: executing program 2 (id=894):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
open(0x0, 0x143142, 0x80)
listen(0xffffffffffffffff, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff000000010000000458000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) (fail_nth: 4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8010)
r3 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000040)={0x0, 0x2, 0x1000, 0xfffffffd}, &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000140))
r4 = socket$inet6(0xa, 0x3, 0xff)
dup2(r4, r4)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x100, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0)
syz_ublk_setup_queues(r3, 0x0, 0x0, &(0x7f00000002c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xcd26, 0x0, 0x3, 0x213}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1e3a, 0xb155c4dedb2408a4, 0x9, 0x102, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf39, 0x1000, 0x3, 0xca, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x2e84, 0x8, 0x1, 0x21b, 0x0, r3}}], 0x4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
close_range(r0, 0xffffffffffffffff, 0x0)

1.079491028s ago: executing program 3 (id=895):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000000)={0x0, 0xa, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="980000000b0601020000000000000000030000020500010007000000100007800c00018008000140ac1414430900020073797a3100"], 0x98}, 0x1, 0x0, 0x0, 0x4064}, 0x4800)

950.166484ms ago: executing program 3 (id=896):
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000014c0)={0xffffffffffffffff, 0xe0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0xa, &(0x7f0000000080)=[0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x30, &(0x7f0000000200)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001300), &(0x7f0000001340), 0x8, 0xb6, 0x8, 0x8, &(0x7f0000001380)}}, 0x10)
socket(0x22, 0x2, 0x401)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@deltclass={0x3c, 0x29, 0x20, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xffe0, 0x4}, {0xb, 0xd}, {0xa, 0x10}}, [@TCA_RATE={0x6, 0x5, {0x6, 0xeb}}, @TCA_RATE={0x6, 0x5, {0x40, 0x5}}, @TCA_RATE={0x6, 0x5, {0xe, 0x2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0xf6, 0x0, 0x1, 0x11, 0x6, @random="c62599a33a3d"}, 0x14)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000240)=ANY=[], 0xfdef)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000002280)=ANY=[@ANYBLOB="18020000e2ffffff00000000000000c685000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093add57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf72ee7944e810d0223917c3d042410f57466f59544047d6d8ac44060000000000ee16c729300d2301800000000000002b5a8b05fcc154ad5290a8cdb97c343f454ff69dd6cbde49b28a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b5592bf17956f3547497aba814382ff67b345b677a9d6523d87008000000400000000003fe8613ca29ff92be0d8deffff7b68136b0046d535dd39c0f35408869e9b342b953f91447e6b9eab304f134306320600a44095254b45a6c1312a13696c7202df5f764713504facc532c5a6d44d99ec7530ed7b0311000000000000e54e9072a22d911f4a2c2e2fa806e63c5cd98a8569a6d6bcfb000064885117e2ad910eae67e0ebe380d0f648713e68153579e02d71c58d147b00821ab9a6475b31e1ebf1369a04000000fbf3983f283f2f00000000992774814d63c933912d000006000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d02000000000000000edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b5062809a7418b165dd0336d226bac1e1223be1c97b15175d0e664beb126000e96549e1a1228c686edb475b705eaa9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412131ed9925989e01eae489ec7052e0ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000423346da092cbe220de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f03000000000000005dcf4f2aaee86d4802000000000000007cdb686d5da2a42e4b5024b6535811f362201d4f82012e6af704973d04ea923c19e6cb723c1923b3eea2d73e176dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2bd4e96c93bff3ad04a82ff3cfadcf65eb92adc6c68d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a9a362ee9cc624ec454b90200fd9603f96908bddc14500000000000000000000000000044d917c62b27679913075731e8fddb07c10c82002d60181588ae63a440454287de9e340f611267f37bdd0f2d21cb06fcaf45a0a297e396f428d43371424b307eef82c5d6d19f3ef0d3b8f7fa51957e3099caab31133b34a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e248deb8c83ab6eb2c72c484241dc3b66da78260f800fffd39368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f5078191c8a02ad436725771738a2a98891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423c1cbc8b5d19167152823ed853140edda002c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd77125d98120358900000892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f21ca450139c558000000000000000000000800000000000000000075aa0000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf00334fa94da8477be7d99b558ec6a5b1596ac1e7617c6b32eed0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde330a193a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbd11b015c415ca04192fbfb1a8b0e3460af35771dbac10062835c9bab3ad09f7a022c52d8000000000000000000004000000000000000000000000000000000000000000400000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de4295777a17bf4dfdfee5de0f3e4dadf51ab9562827b762fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c8182d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c877a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5f3c20dbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966950000000000000000c187da23d6855500fe8510b51e13a890e394b84a6ea2cc8d42b97c697c29122298d55e2e1cca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3872342dea9252132860c9af1bd5fe263c0313dea5d6e0c11a466d6892ed65f34667dd79b07b5cbdd8aa7dd561a26b5562d4861a7e1b0f48930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a107763138e8d9876291af2076890c47925ac773d95d2ca42acb3e5f3a1550665b898462c139ffd0106bc8a61b6117d252efcab7106b4c3a3c13a70ff452e9d2096142c517b0e91b5cf88332faca5b3ee96363065c3ce32d3d39ec36e20d597e05664f2526bd918090649da11f7299789d00f502cdf1e99d3efecb9b457642fe810370ba4fbe00fa60a28af966a27a1659e448bbe43a1dcd2ea760018b57a36ac41ef2051a7b703d55c0602540663016e20d50385766df4dac47802a55bd38dd767ee9960c6daa704fc5d01a14591f26b7b538c9bb22f6a2f7a34d1b9edfd125a9e25a110228c64253588ff420644dbc0854e69a7bdda72f93ceaccf92cfe7dd6296c950db10f6dd8a5ef9b73cf6a12a1ba16fdc7e35b805f4fd2fcff0a623722149c1465e4de2d53f0f10b14c21865027abc71a12cb1e9f8029c7a20000000eeb0d53a83e518c8d2052c08b515d9d0bde24ac4e798040c7db0bb03c019507d6377f3d5dd94a27abc6d6b120d61f772407e0d2cb50d29168b68aef9f176b4c3aa8b21279d4ea9c1f669aa8c2c17d5b3a8d1dda58d26f1019af04b7774c85d5bce8be010f27c5211938031c3404680b01279c778bd1fe1b48c4b5b8e0fe756e54a8d76b7cec5e3407d93b4eadc446440607de844acf5524a4657e33af2115547b735b57b5092d0bc8fa6acb832509abe0882d570ce400aaebd7baff88526608d6991aac95751671174129457e4a03aca69d82b64b89e6ad6ed1e275ec5002e48170e4c7b4f3971481098dedb88fba90770e44bf404d5a97fefe2fe8e459fe45933b78c7ab5fe985a480193a20fb07da1455fb283df68af569ac82aa6dc703e29bf158931fb79f2abfa6ff7eb8c4f381c9da58bea460e2ead969933e5391970ca4fddd64da2e5df9c4d82044068caaaab771b37bb06bbe673056d849825525f1120b2250f6b8520381f7a74b1c687781cb6b23e67b918844b83dbaeeb559ec8520d710dd6d6b4e64838bd434a36ed03fc0c488b24571032ffbc9f8ce97041e1bc4729d539358dc9599c1266b9ce2cb6dd0ad57a6e9d3d4a11a27f70b2934c96237e2ba09c58eeda678d4d08b6da99b7a86e946215afb1b48792fde54492e306cb5342e2589874b603a1de972b1f09cc350096f5c3e814118af9ba0793cfdf20c77b34eacfdf63ce59ec4d2f867bf884e941559b068d908325667672b5e1cf71f4829c0493e8b141399ed926b822becead7a0a2b4a4c008ab16b616d60f347e4da54f06443507efe57ea62399ef4eb11b2f559e1b056456a53998bf1c6d13c92e75136147f91ae3a75ca15eb1b51bf700b3c0bf54bc3745ff313c5e75dc66386897f6ee45429371b8d0878c442ad2fe9baf85c1390da13efc353ccbef950c29f39ddf436f0d9bf1be1515ed251d8b6f11ecb16b1e8d1ed04196e9b6c2f9e068b7749bb6c1f533e493f22c901662c65cb761dc2eeff2f698bd4dbae83e2dfdc4f1c7f918a00515c1bc189d10ec22b35c92725cbf0ba244fd029c4f026f68e000000060000ab0476c3fd7f7c1e5c000000000000000000000011e43e39d3f4394fbfa13c416b1c443c5e52eea726491ad75100ebad7c6d5a665c59a3fb158e43da904f19e7e8daa4e90390b8da945f6cd78536c0d2be07221f85ad46b180f256d4d84592691d15d65896b66b63a46705338b67b72dc1c3075fcdc5cbffb0366151632ba5be8ae815dfea9fadfd31c473a24a73d3e5116c3023b3563c72d26fbd59877132bde5ca4ef8d92fd3613c768b35223f6fd0b5e9a8b98cccf1e2b4612e620e3a159d6365c9045aaa826aa0ee6d26cf0397ce674c20824584b464ebdc2f3ea26a7aec4570b242a6677a4e9187f8591c3a9bdc0000001a002364bbd93964a8d0bdc802b9be2500"/3636], &(0x7f0000000040)='GPL\x00', 0x4, 0xfdc0, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
setsockopt$sock_attach_bpf(r0, 0x29, 0x22, &(0x7f0000000100)=r4, 0x120)

715.774746ms ago: executing program 2 (id=897):
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregset(0x4205, r1, 0x202, &(0x7f00000001c0)={0x0})
syz_usb_disconnect(0xffffffffffffffff)
r2 = openat$vsock(0xffffff9c, &(0x7f0000000000), 0x44002, 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r3, 0x5b02, 0x0)
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r2, 0x21, &(0x7f0000000100)={0x0, 0x583, 0x2042a, 0x2, 0x3d9, 0x0, r2}, 0x1)
read$char_usb(r3, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
fanotify_init(0x4c, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)

599.821909ms ago: executing program 3 (id=898):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_io_uring_setup(0x1370, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000180)=0xf51)
readv(r2, &(0x7f0000000340)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001a00170000000000fb521856aedbdf250900"/32], 0x44}}, 0x0)

300.174505ms ago: executing program 1 (id=899):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRESDEC], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x40f00, 0x6b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x94)
sigaltstack(&(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffed8}, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_delroute={0x24, 0x19, 0x901, 0x70bd27, 0x20, {0x2, 0x18, 0x20, 0x0, 0xff, 0x3, 0xfd, 0x0, 0x100}, [@RTA_DST={0x8, 0x1, @dev}]}, 0x24}, 0x1, 0x0, 0x0, 0x44004080}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x5, 0x0, &(0x7f00000002c0)="00154e0132", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x1cb842, 0x104)
io_setup(0x20fe, &(0x7f0000000540)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r4, 0x0, 0x500, 0x600}])
recvmsg$inet_nvme(r4, &(0x7f0000000600)={&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000400)}], 0x1, &(0x7f0000000500)=""/193, 0xc1}, 0x40012000)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000340)={0x88, 0x1403, 0x1, 0x400, 0x25dfdbff, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth1_to_hsr\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'hsr0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}]}, 0x88}, 0x1, 0x1001100, 0x0, 0x80c9}, 0x20000040)

129.903344ms ago: executing program 0 (id=900):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfb, 0x4000000}, 0xc)
getsockopt$netlink(r1, 0x10e, 0x9, 0x0, &(0x7f0000000040))
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x1c, 0x4}, @ipv4=@icmp={{0x8, 0x4, 0x0, 0x0, 0x3c, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0xb, 0x47, [@rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x39}]}]}}, @dest_unreach={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0x4a)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfb, 0x4000000}, 0xc) (async)
getsockopt$netlink(r1, 0x10e, 0x9, 0x0, &(0x7f0000000040)) (async)
socket$kcm(0x2, 0xa, 0x2) (async)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (async)
write$tun(r0, &(0x7f0000000300)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x1c, 0x4}, @ipv4=@icmp={{0x8, 0x4, 0x0, 0x0, 0x3c, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0xb, 0x47, [@rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x39}]}]}}, @dest_unreach={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0x4a) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0) (async)

0s ago: executing program 0 (id=901):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GDTEFACILITIES(r3, 0x89ea, &(0x7f00000000c0))
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@private1, 0x2, 0x0, 0x0, 0x0, 0x2, 0x20}, {0x4000000000, 0x0, 0x1, 0x4, 0x0, 0xfffffffffffffff8, 0x0, 0x1ff}, {0x0, 0x0, 0x10001, 0xfffffffffffffffc}, 0x1, 0x0, 0x1, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, 0x4d3, 0x32}, 0x0, @in=@remote, 0x0, 0x0, 0x1, 0xb7, 0x3, 0xfffffffe}}, 0xe4)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000040))
r4 = socket$rxrpc(0x21, 0x2, 0x2)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpu.stat\x00', 0x275a, 0x0)
pidfd_send_signal(r5, 0x23, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000000)="bca142dd3401f96279745ab50ec6", 0xe}, {0x0}, {0x0}, {&(0x7f0000000800)="95507ac442e3f29751625a536c6bdf1e1f78d77e474968b768f2e253deaf", 0x1e}, {&(0x7f0000000240)="45591f9060b8982314918f4da7122c78f89b3b68abe986153c15ef5c9409ce55", 0x20}], 0x5)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='minix\x00', 0x221000d, 0x0)
setsockopt$packet_rx_ring(r0, 0x107, 0xd, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000000240)=0x4005, 0x4)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

1326 audit(1780736364.924:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7087 comm="syz.0.326" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  128.969742][   T57] usb 7-1: USB disconnect, device number 5
[  130.266941][ T7112] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  130.268821][ T7112] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  130.271541][ T7112] vhci_hcd vhci_hcd.0: Device attached
[  130.318958][ T7112] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  130.551162][ T5886] usb 42-1: SetAddress Request (18) to port 0
[  130.564772][ T5886] usb 42-1: new SuperSpeed USB device number 18 using vhci_hcd
[  131.706942][ T7113] vhci_hcd: connection reset by peer
[  131.709637][   T13] vhci_hcd vhci_hcd.2: stop threads
[  131.712496][   T13] vhci_hcd vhci_hcd.2: release socket
[  131.714634][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  131.777797][ T7130] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  131.779783][ T7130] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  131.788382][ T7130] vhci_hcd vhci_hcd.0: Device attached
[  131.831370][ T7130] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  132.071694][   T39] usb 38-1: SetAddress Request (6) to port 0
[  132.076876][   T39] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[  132.383644][ T7131] vhci_hcd: connection reset by peer
[  132.386327][ T1243] vhci_hcd vhci_hcd.0: stop threads
[  132.388709][ T1243] vhci_hcd vhci_hcd.0: release socket
[  132.395365][ T1243] vhci_hcd vhci_hcd.0: disconnect device
[  132.402298][ T7137] overlayfs: missing 'lowerdir'
[  132.407246][ T7137] overlayfs: overlapping lowerdir path
[  132.418120][ T7139] No control pipe specified
[  132.472082][ T7137] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  132.482659][ T7137] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  133.125212][ T7149] block nbd0: shutting down sockets
[  133.446180][ T7167] syzkaller1: entered promiscuous mode
[  133.453593][ T7167] syzkaller1: entered allmulticast mode
[  133.832501][ T7194] PKCS7: Unknown OID: [5] (bad)
[  133.835125][ T7194] PKCS7: Only support pkcs7_signedData type
[  134.037082][   T29] usb 6-1: new low-speed USB device number 9 using dummy_hcd
[  134.258501][ T7205] FAULT_INJECTION: forcing a failure.
[  134.258501][ T7205] name failslab, interval 1, probability 0, space 0, times 0
[  134.277140][ T7205] CPU: 3 UID: 0 PID: 7205 Comm: syz.3.355 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  134.277159][ T7205] Tainted: [L]=SOFTLOCKUP
[  134.277162][ T7205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  134.277168][ T7205] Call Trace:
[  134.277173][ T7205]  <TASK>
[  134.277177][ T7205]  dump_stack_lvl+0x100/0x190
[  134.277199][ T7205]  should_fail_ex.cold+0x5/0xa
[  134.277213][ T7205]  should_failslab+0xc2/0x120
[  134.277226][ T7205]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  134.277243][ T7205]  ? ptlock_alloc+0x1f/0x70
[  134.277261][ T7205]  ptlock_alloc+0x1f/0x70
[  134.277276][ T7205]  pte_alloc_one+0x82/0x3d0
[  134.277291][ T7205]  __pte_alloc+0x6d/0x380
[  134.277303][ T7205]  ? __pfx___pte_alloc+0x10/0x10
[  134.277314][ T7205]  ? __lock_acquire+0x4a5/0x2630
[  134.277334][ T7205]  do_anonymous_page+0x13c6/0x2050
[  134.277350][ T7205]  ? __pfx_pgd_none+0x10/0x10
[  134.277369][ T7205]  __handle_mm_fault+0x1d2c/0x2a00
[  134.277387][ T7205]  ? mt_find+0x45e/0x8e0
[  134.277404][ T7205]  ? __pfx___handle_mm_fault+0x10/0x10
[  134.277418][ T7205]  ? __pfx_mt_find+0x10/0x10
[  134.277444][ T7205]  handle_mm_fault+0x37b/0xa30
[  134.277462][ T7205]  __get_user_pages+0x1178/0x32a0
[  134.277479][ T7205]  ? down_read_killable+0x307/0x4b0
[  134.277492][ T7205]  ? __pfx___get_user_pages+0x10/0x10
[  134.277504][ T7205]  ? __gup_longterm_locked+0x109c/0x16f0
[  134.277517][ T7205]  ? __gup_longterm_locked+0x109c/0x16f0
[  134.277533][ T7205]  __gup_longterm_locked+0x87d/0x16f0
[  134.277550][ T7205]  ? __pfx___gup_longterm_locked+0x10/0x10
[  134.277570][ T7205]  gup_fast_fallback+0x16dc/0x2790
[  134.277593][ T7205]  ? __pfx_gup_fast_fallback+0x10/0x10
[  134.277607][ T7205]  ? __mutex_lock+0x26d/0x1b10
[  134.277622][ T7205]  ? pipe_wait_writable+0x4d2/0x570
[  134.277640][ T7205]  get_user_pages_fast+0xa7/0xf0
[  134.277654][ T7205]  ? __pfx_get_user_pages_fast+0x10/0x10
[  134.277667][ T7205]  ? iov_iter_advance+0xac/0x6d0
[  134.277684][ T7205]  __iov_iter_get_pages_alloc+0x8f2/0x1f20
[  134.277702][ T7205]  ? pipe_wait_writable+0x4d2/0x570
[  134.277714][ T7205]  ? pipe_wait_writable+0x468/0x570
[  134.277729][ T7205]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  134.277745][ T7205]  ? __pfx_pipe_wait_writable+0x10/0x10
[  134.277760][ T7205]  ? __pfx_autoremove_wake_function+0x10/0x10
[  134.277779][ T7205]  iov_iter_get_pages2+0xa3/0x100
[  134.277793][ T7205]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[  134.277807][ T7205]  ? wait_for_space+0x2ca/0x3b0
[  134.277826][ T7205]  __do_sys_vmsplice+0x7dd/0x13c0
[  134.277855][ T7205]  ? __pfx___do_sys_vmsplice+0x10/0x10
[  134.277877][ T7205]  ? get_pid_task+0xfc/0x250
[  134.277897][ T7205]  ? get_pid_task+0xfc/0x250
[  134.277916][ T7205]  ? proc_fail_nth_write+0x9f/0x220
[  134.277936][ T7205]  ? find_held_lock+0x2b/0x80
[  134.277948][ T7205]  ? ksys_write+0x190/0x250
[  134.277959][ T7205]  ? ksys_write+0x190/0x250
[  134.277989][ T7205]  ? ksys_write+0x1ac/0x250
[  134.278004][ T7205]  ? __do_fast_syscall_32+0xe7/0x970
[  134.278019][ T7205]  __do_fast_syscall_32+0xe7/0x970
[  134.278034][ T7205]  ? lockdep_hardirqs_on+0x78/0x100
[  134.278050][ T7205]  do_fast_syscall_32+0x32/0x70
[  134.278066][ T7205]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.278079][ T7205] RIP: 0023:0xf7f08f7c
[  134.278088][ T7205] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  134.278098][ T7205] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 000000000000013c
[  134.278108][ T7205] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  134.278114][ T7205] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  134.278120][ T7205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.278125][ T7205] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  134.278131][ T7205] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.278144][ T7205]  </TASK>
[  134.424068][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  134.427533][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  134.430801][   T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  134.434883][   T29] usb 6-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[  134.437674][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.442270][   T29] usb 6-1: config 0 descriptor??
[  134.445209][ T7159] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  134.456178][ T7228] netlink: 'syz.0.356': attribute type 1 has an invalid length.
[  134.474509][ T7228] 8021q: adding VLAN 0 to HW filter on device bond1
[  134.482940][ T7228] macvlan2: entered promiscuous mode
[  134.484608][ T7228] macvlan2: entered allmulticast mode
[  134.486556][ T7228] bond1: entered allmulticast mode
[  134.488154][ T7228] bond1: entered promiscuous mode
[  134.490156][ T7228] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  134.493458][ T7228] team0: Port device macvlan2 added
[  134.503529][ T7228] bond1: (slave ip6gretap1): making interface the new active one
[  134.505900][ T7228] ip6gretap1: entered promiscuous mode
[  134.507949][ T7228] ip6gretap1: entered allmulticast mode
[  134.510574][ T7228] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  135.428171][   T29] usbhid 6-1:0.0: can't add hid device: -71
[  135.431006][   T29] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  135.464719][   T29] usb 6-1: USB disconnect, device number 9
[  135.652628][ T5886] usb 42-1: device descriptor read/8, error -110
[  135.675494][ T7249] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  135.740432][ T7255] ipt_REJECT: TCP_RESET invalid for non-tcp
[  135.773494][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.776533][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.778928][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.781291][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.785886][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.788465][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.790890][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.793897][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.796433][ T7259] netlink: 'syz.3.364': attribute type 3 has an invalid length.
[  135.800498][ T7259] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.364'.
[  136.067878][   T40] kauditd_printk_skb: 38 callbacks suppressed
[  136.067892][   T40] audit: type=1326 audit(1780736372.203:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7272 comm="syz.1.371" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb2f7c code=0x0
[  136.113073][ T5886] usb usb42-port1: attempt power cycle
[  136.127416][ T7274] netlink: 36 bytes leftover after parsing attributes in process `syz.0.369'.
[  136.173287][ T7274] cgroup: none used incorrectly
[  136.571843][ T5530] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  136.692451][ T5886] usb usb42-port1: unable to enumerate USB device
[  136.743861][ T5530] usb 7-1: Using ep0 maxpacket: 16
[  136.750167][ T5530] usb 7-1: config 0 has no interfaces?
[  136.754020][ T5530] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  136.759316][ T5530] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.763002][ T5530] usb 7-1: Product: syz
[  136.764323][ T5530] usb 7-1: Manufacturer: syz
[  136.765798][ T5530] usb 7-1: SerialNumber: syz
[  136.771118][ T5530] usb 7-1: config 0 descriptor??
[  136.871970][ T7289] block nbd3: shutting down sockets
[  136.979538][ T7278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.986694][ T7278] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.171912][   T39] usb 38-1: device descriptor read/8, error -110
[  137.255718][ T5530] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  137.373215][   T57] usb 7-1: USB disconnect, device number 6
[  137.423140][ T1433] ieee802154 phy0 wpan0: encryption failed: -22
[  137.424662][ T5530] usb 6-1: unable to get BOS descriptor or descriptor too short
[  137.426238][ T1433] ieee802154 phy1 wpan1: encryption failed: -22
[  137.431433][ T5530] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.435917][ T5530] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 50, changing to 7
[  137.443050][ T5530] usb 6-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  137.453425][ T5530] usb 6-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40
[  137.456226][ T5530] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.458648][ T5530] usb 6-1: Product: syz
[  137.459972][ T5530] usb 6-1: Manufacturer: syz
[  137.461422][ T5530] usb 6-1: SerialNumber: syz
[  137.563376][   T39] usb usb38-port1: attempt power cycle
[  137.802650][ T5530] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  137.817865][ T5530] snd-usb-audio 6-1:1.1: probe with driver snd-usb-audio failed with error -22
[  138.034721][ T5530] snd-usb-audio 6-1:1.2: probe with driver snd-usb-audio failed with error -22
[  138.053931][ T5530] usb 6-1: USB disconnect, device number 10
[  138.096712][ T5743] udevd[5743]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  138.173812][   T39] usb usb38-port1: unable to enumerate USB device
[  138.690803][ T7323] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  138.697450][ T7323] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  138.707971][ T7323] overlayfs: overlapping lowerdir path
[  138.768451][ T7323] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  138.847323][ T7323] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  139.227315][ T7330] block nbd3: shutting down sockets
[  139.815109][ T7352] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  139.820710][ T7352] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  139.831777][ T7352] overlayfs: overlapping lowerdir path
[  139.890718][ T7352] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  139.898685][ T7352] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  140.062225][   T10] usb 6-1: new low-speed USB device number 11 using dummy_hcd
[  140.099042][ T7357] block nbd3: shutting down sockets
[  140.215210][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  140.219729][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  140.225402][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  140.230380][   T10] usb 6-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[  140.234198][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.239705][   T10] usb 6-1: config 0 descriptor??
[  140.241989][ T7353] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  140.410103][ T7366] block nbd0: shutting down sockets
[  140.654941][ T7372] FAULT_INJECTION: forcing a failure.
[  140.654941][ T7372] name failslab, interval 1, probability 0, space 0, times 0
[  140.659969][ T7372] CPU: 1 UID: 0 PID: 7372 Comm: syz.0.404 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  140.659990][ T7372] Tainted: [L]=SOFTLOCKUP
[  140.659994][ T7372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  140.660000][ T7372] Call Trace:
[  140.660005][ T7372]  <TASK>
[  140.660010][ T7372]  dump_stack_lvl+0x100/0x190
[  140.660033][ T7372]  should_fail_ex.cold+0x5/0xa
[  140.660048][ T7372]  should_failslab+0xc2/0x120
[  140.660061][ T7372]  __kmalloc_cache_noprof+0x7a/0x6f0
[  140.660077][ T7372]  ? __xdp_reg_mem_model+0x134/0x690
[  140.660093][ T7372]  __xdp_reg_mem_model+0x134/0x690
[  140.660107][ T7372]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[  140.660121][ T7372]  ? page_pool_list+0x223/0x2a0
[  140.660133][ T7372]  xdp_reg_mem_model+0x22/0x70
[  140.660146][ T7372]  bpf_test_run_xdp_live+0x1cb/0x760
[  140.660160][ T7372]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  140.660174][ T7372]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  140.660194][ T7372]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  140.660214][ T7372]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  140.660233][ T7372]  ? 0xffffffffa0206480
[  140.660243][ T7372]  ? 0xffffffffa0206480
[  140.660251][ T7372]  ? 0xffffffffa0206480
[  140.660262][ T7372]  bpf_prog_test_run_xdp+0xd7d/0x1670
[  140.660280][ T7372]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  140.660304][ T7372]  ? fput+0x79/0x100
[  140.660324][ T7372]  ? __bpf_prog_get+0x97/0x2a0
[  140.660339][ T7372]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  140.660354][ T7372]  __sys_bpf+0x1725/0x4b90
[  140.660372][ T7372]  ? __pfx___sys_bpf+0x10/0x10
[  140.660384][ T7372]  ? get_pid_task+0x106/0x250
[  140.660405][ T7372]  ? proc_fail_nth_write+0x9f/0x220
[  140.660429][ T7372]  ? find_held_lock+0x2b/0x80
[  140.660449][ T7372]  ? find_held_lock+0x2b/0x80
[  140.660462][ T7372]  ? ksys_write+0x190/0x250
[  140.660478][ T7372]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  140.660498][ T7372]  ? kernel_write+0x683/0x6c0
[  140.660525][ T7372]  ? fput+0x79/0x100
[  140.660547][ T7372]  ? ksys_write+0x1ac/0x250
[  140.660566][ T7372]  __ia32_sys_bpf+0x79/0xf0
[  140.660580][ T7372]  ? lockdep_hardirqs_on+0x78/0x100
[  140.660601][ T7372]  __do_fast_syscall_32+0xe7/0x970
[  140.660624][ T7372]  ? lockdep_hardirqs_on+0x78/0x100
[  140.660650][ T7372]  do_fast_syscall_32+0x32/0x70
[  140.660676][ T7372]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.660695][ T7372] RIP: 0023:0xf7fc7f7c
[  140.660710][ T7372] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  140.660727][ T7372] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  140.660743][ T7372] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000b80
[  140.660754][ T7372] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  140.660764][ T7372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.660773][ T7372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.660783][ T7372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.660806][ T7372]  </TASK>
[  140.705023][ T7362] syz.3.400 (7362): drop_caches: 2
[  140.820057][ T7379] overlayfs: missing 'lowerdir'
[  140.825061][ T7379] overlayfs: overlapping lowerdir path
[  140.893032][ T7379] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  141.032007][ T7379] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  141.137789][ T7387] netlink: 72 bytes leftover after parsing attributes in process `syz.3.410'.
[  141.142622][   T10] usbhid 6-1:0.0: can't add hid device: -71
[  141.145065][   T10] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  141.149944][   T10] usb 6-1: USB disconnect, device number 11
[  141.190808][ T5831] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  141.255771][ T7393] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  141.261541][ T7393] VFS: Can't find a romfs filesystem on dev nullb0.
[  141.261541][ T7393] 
[  141.322756][ T7394] sctp: [Deprecated]: syz.3.413 (pid 7394) Use of int in max_burst socket option deprecated.
[  141.322756][ T7394] Use struct sctp_assoc_value instead
[  141.342466][ T5838] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  141.352404][ T5831] usb 7-1: Using ep0 maxpacket: 8
[  141.356473][ T5831] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.360901][ T5831] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.365202][ T5831] usb 7-1: config 0 interface 0 has no altsetting 0
[  141.367933][ T5831] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  141.371452][ T5831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.377186][ T5831] usb 7-1: config 0 descriptor??
[  141.512395][ T5838] usb 5-1: Using ep0 maxpacket: 8
[  141.515282][ T5838] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  141.517839][ T5838] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  141.520795][ T5838] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  141.523841][ T5838] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  141.526747][ T5838] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  141.530574][ T5838] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  141.533433][ T5838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.740146][ T5838] usb 5-1: usb_control_msg returned -32
[  141.741887][ T5838] usbtmc 5-1:16.0: can't read capabilities
[  141.786360][ T5831] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  141.788512][ T5831] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  141.791215][ T5831] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  141.795967][ T5831] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  141.799630][ T5831] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  141.808054][ T5831] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  141.918985][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[  142.044271][ T7403] netlink: 5204 bytes leftover after parsing attributes in process `syz.2.408'.
[  142.313833][ T5838] usb 7-1: USB disconnect, device number 7
[  142.933790][ T5755] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  142.940188][ T5755] Bluetooth: hci3: Injecting HCI hardware error event
[  142.944695][   T62] Bluetooth: hci3: hardware error 0x00
[  143.298750][ T7419] syz.3.419 (7419): drop_caches: 2
[  143.984457][ T5747] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  144.704376][   T40] audit: type=1326 audit(1780736380.842:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.725480][   T40] audit: type=1326 audit(1780736380.842:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.738332][   T40] audit: type=1326 audit(1780736380.842:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.761419][   T40] audit: type=1326 audit(1780736380.842:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.780682][   T40] audit: type=1326 audit(1780736380.842:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.803268][   T40] audit: type=1326 audit(1780736380.842:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.815738][   T40] audit: type=1326 audit(1780736380.842:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.822191][   T40] audit: type=1326 audit(1780736380.842:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.829130][   T40] audit: type=1326 audit(1780736380.842:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.835804][   T40] audit: type=1326 audit(1780736380.852:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.1.425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  144.866390][ T7444] netlink: 4 bytes leftover after parsing attributes in process `syz.3.427'.
[  145.012815][   T62] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  145.228544][ T7457] overlayfs: missing 'workdir'
[  145.231488][ T7457] overlayfs: overlapping lowerdir path
[  145.294836][ T7457] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  145.306734][ T7457] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  145.618414][ T7465] netlink: 60 bytes leftover after parsing attributes in process `syz.2.434'.
[  145.625684][ T7465] netlink: 60 bytes leftover after parsing attributes in process `syz.2.434'.
[  146.042937][ T5831] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  146.193087][ T5831] usb 6-1: Using ep0 maxpacket: 8
[  146.197005][ T5831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  146.201554][ T5831] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  146.205457][ T5831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.210825][ T5831] usb 6-1: config 0 descriptor??
[  146.342935][ T5886] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  146.417625][ T5831] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  146.500967][ T7480] overlayfs: missing 'workdir'
[  146.504113][ T7480] overlayfs: overlapping lowerdir path
[  146.513065][ T5886] usb 8-1: Using ep0 maxpacket: 32
[  146.516695][ T5886] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  146.519992][ T5886] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  146.523491][ T5886] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  146.527005][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  146.531671][ T5886] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  146.536150][ T5886] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  146.541095][ T5886] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  146.545225][ T5886] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.552398][ T5886] usb 8-1: config 0 descriptor??
[  146.562198][ T7480] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  146.570745][ T7480] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  147.015821][ T7385] usbtmc 5-1:16.0: usb_control_msg returned -110
[  147.021091][ T5886] usblp 8-1:0.0: usblp2: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  147.027550][ T5886] usb 8-1: USB disconnect, device number 9
[  147.034878][ T5831] usb 5-1: USB disconnect, device number 5
[  147.036208][ T5838] usb 6-1: USB disconnect, device number 12
[  147.036668][ T5886] usblp2: removed
[  147.148596][ T7494] syz.0.443 (7494): drop_caches: 2
[  147.343193][ T5886] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  147.493111][ T5886] usb 8-1: Using ep0 maxpacket: 32
[  147.497149][ T5886] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  147.499879][ T5886] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  147.503360][ T5886] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  147.506179][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  147.509179][ T5886] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  147.512126][ T5886] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  147.516916][ T5886] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  147.519883][ T5886] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.524221][ T5886] usb 8-1: config 0 descriptor??
[  147.625094][ T7503] fuse: Bad value for 'rootmode'
[  147.736343][ T5886] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  147.798054][ T7510] overlayfs: missing 'workdir'
[  147.801714][ T7510] overlayfs: overlapping lowerdir path
[  147.887910][ T7510] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  147.926137][ T7510] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  148.073097][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  148.221519][    C3] usblp0: nonzero read bulk status received: -71
[  148.221773][ T5831] usb 8-1: USB disconnect, device number 10
[  148.226422][ T7473] usblp0: error -71 reading from printer
[  148.234793][ T7516] usblp0: error -19 reading from printer
[  148.433222][ T5530] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  148.457348][ T7472] usblp0: removed
[  148.586634][ T5530] usb 6-1: Using ep0 maxpacket: 8
[  148.589801][ T5530] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  148.593630][ T5530] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  148.596826][ T5530] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  148.600043][ T5530] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  148.603262][ T5530] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  148.607116][ T5530] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  148.609837][ T5530] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.933431][ T5530] usb 6-1: usb_control_msg returned -32
[  149.026100][ T5530] usbtmc 6-1:16.0: can't read capabilities
[  149.167072][ T7543] syz.0.456 (7543): drop_caches: 2
[  150.125841][ T7547] loop4: detected capacity change from 0 to 7
[  150.131824][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.134729][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.145541][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.148387][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.155484][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.158287][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.161109][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.164003][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.167722][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.170497][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.173252][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.176064][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.179570][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.182431][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.184997][ T7547] ldm_validate_partition_table(): Disk read failed.
[  150.186963][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.190087][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.195427][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.198264][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.224768][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  150.228060][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  150.258975][ T7547] Dev loop4: unable to read RDB block 0
[  150.279391][ T7547]  loop4: unable to read partition table
[  150.285552][ T7547] loop4: partition table beyond EOD, truncated
[  150.287519][ T7547] loop_reread_partitions: partition scan of loop4 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  150.385094][ T7554] validate_nla: 7 callbacks suppressed
[  150.385106][ T7554] netlink: 'syz.2.461': attribute type 5 has an invalid length.
[  150.685815][ T7559] netlink: 24 bytes leftover after parsing attributes in process `syz.2.462'.
[  150.769683][ T7561] FAULT_INJECTION: forcing a failure.
[  150.769683][ T7561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.774092][ T7561] CPU: 2 UID: 0 PID: 7561 Comm: syz.3.463 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  150.774122][ T7561] Tainted: [L]=SOFTLOCKUP
[  150.774136][ T7561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.774144][ T7561] Call Trace:
[  150.774148][ T7561]  <TASK>
[  150.774153][ T7561]  dump_stack_lvl+0x100/0x190
[  150.774175][ T7561]  should_fail_ex.cold+0x5/0xa
[  150.774190][ T7561]  _copy_to_user+0x32/0xd0
[  150.774206][ T7561]  simple_read_from_buffer+0xcb/0x170
[  150.774225][ T7561]  proc_fail_nth_read+0x1af/0x230
[  150.774242][ T7561]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.774260][ T7561]  ? rw_verify_area+0xce/0x6d0
[  150.774271][ T7561]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.774287][ T7561]  vfs_read+0x1e4/0xb30
[  150.774301][ T7561]  ? __pfx_vfs_read+0x10/0x10
[  150.774311][ T7561]  ? find_held_lock+0x2b/0x80
[  150.774325][ T7561]  ? __fget_files+0x215/0x3d0
[  150.774339][ T7561]  ? __fget_files+0x21f/0x3d0
[  150.774355][ T7561]  ksys_read+0x12a/0x250
[  150.774367][ T7561]  ? __pfx_ksys_read+0x10/0x10
[  150.774379][ T7561]  ? rcu_is_watching+0x12/0xc0
[  150.774391][ T7561]  ? rcu_is_watching+0x12/0xc0
[  150.774405][ T7561]  do_int80_emulation+0x14b/0x720
[  150.774423][ T7561]  asm_int80_emulation+0x1a/0x20
[  150.774433][ T7561] RIP: 0023:0xf71061ab
[  150.774442][ T7561] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  150.774453][ T7561] RSP: 002b:00000000f53844bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  150.774464][ T7561] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f53845d0
[  150.774470][ T7561] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  150.774476][ T7561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  150.774482][ T7561] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  150.774488][ T7561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.774501][ T7561]  </TASK>
[  152.212791][ T7576] syz.2.467 (7576): drop_caches: 2
[  152.685414][ T7587] FAULT_INJECTION: forcing a failure.
[  152.685414][ T7587] name failslab, interval 1, probability 0, space 0, times 0
[  152.689265][ T7587] CPU: 2 UID: 0 PID: 7587 Comm: syz.3.471 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  152.689285][ T7587] Tainted: [L]=SOFTLOCKUP
[  152.689288][ T7587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  152.689295][ T7587] Call Trace:
[  152.689299][ T7587]  <TASK>
[  152.689304][ T7587]  dump_stack_lvl+0x100/0x190
[  152.689327][ T7587]  should_fail_ex.cold+0x5/0xa
[  152.689341][ T7587]  should_failslab+0xc2/0x120
[  152.689354][ T7587]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  152.689371][ T7587]  ? __send_signal_locked+0x155/0x12d0
[  152.689385][ T7587]  __send_signal_locked+0x155/0x12d0
[  152.689397][ T7587]  do_send_specific+0x1e8/0x360
[  152.689411][ T7587]  ? __pfx_do_send_specific+0x10/0x10
[  152.689429][ T7587]  do_rt_tgsigqueueinfo+0xa9/0x100
[  152.689444][ T7587]  __ia32_compat_sys_rt_tgsigqueueinfo+0x13a/0x200
[  152.689461][ T7587]  ? __pfx___ia32_compat_sys_rt_tgsigqueueinfo+0x10/0x10
[  152.689481][ T7587]  ? rcu_is_watching+0x12/0xc0
[  152.689495][ T7587]  __do_fast_syscall_32+0xe7/0x970
[  152.689510][ T7587]  ? lockdep_hardirqs_on+0x78/0x100
[  152.689526][ T7587]  do_fast_syscall_32+0x32/0x70
[  152.689542][ T7587]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  152.689556][ T7587] RIP: 0023:0xf7f08f7c
[  152.689565][ T7587] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  152.689575][ T7587] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 000000000000014f
[  152.689586][ T7587] RAX: ffffffffffffffda RBX: 00000000000001a3 RCX: 00000000000001a4
[  152.689592][ T7587] RDX: 000000000000000b RSI: 0000000080000000 RDI: 0000000000000000
[  152.689599][ T7587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  152.689605][ T7587] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  152.689610][ T7587] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  152.689623][ T7587]  </TASK>
[  152.839826][ T7589] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  152.847956][ T7589] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  152.926987][ T5831] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  153.083759][ T5831] usb 7-1: Using ep0 maxpacket: 8
[  153.087371][ T5831] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.091699][ T5831] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.095784][ T5831] usb 7-1: config 0 interface 0 has no altsetting 0
[  153.099489][ T5831] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  153.102881][ T5831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.113726][ T5831] usb 7-1: config 0 descriptor??
[  153.539794][ T5831] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0
[  153.542216][ T5831] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0
[  153.544527][ T5831] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0
[  153.546758][ T5831] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0
[  153.549048][ T5831] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0
[  153.553637][ T5831] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  153.792543][ T7597] netlink: 5204 bytes leftover after parsing attributes in process `syz.2.472'.
[  154.145626][ T7600] netem: incorrect ge model size
[  154.149221][ T7600] netem: change failed
[  154.174963][ T7519] usbtmc 6-1:16.0: usb_control_msg returned -110
[  154.320051][   T57] usb 6-1: USB disconnect, device number 13
[  155.291492][ T7610] netlink: 28 bytes leftover after parsing attributes in process `syz.3.481'.
[  155.447725][ T7613] syz.0.480 (7613): drop_caches: 2
[  155.716789][ T7616] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  155.750800][ T7616] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  156.205217][ T5530] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  156.415110][ T5530] usb 6-1: Using ep0 maxpacket: 8
[  156.444535][ T5530] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  156.452814][ T5530] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  156.487464][ T5530] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  156.505408][ T5530] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  156.527314][ T5530] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  156.533909][ T5530] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  156.539860][ T5530] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.789505][ T5530] usb 6-1: usb_control_msg returned -32
[  156.799476][ T5530] usbtmc 6-1:16.0: can't read capabilities
[  157.004206][   T57] usb 7-1: USB disconnect, device number 8
[  157.848186][   T29] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  157.951046][ T7699] netlink: 'syz.0.498': attribute type 1 has an invalid length.
[  158.024283][   T29] usb 7-1: Using ep0 maxpacket: 32
[  158.032500][   T29] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  158.037368][ T7673] block nbd3: shutting down sockets
[  158.067940][ T7699] 8021q: adding VLAN 0 to HW filter on device bond2
[  158.080679][   T29] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  158.096663][   T29] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  158.107516][ T7701] bond2: (slave geneve2): making interface the new active one
[  158.110563][   T29] usb 7-1: Product: syz
[  158.115918][ T7701] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  158.127590][   T29] usb 7-1: Manufacturer: syz
[  158.135561][   T29] usb 7-1: SerialNumber: syz
[  158.175605][   T29] usb 7-1: config 0 descriptor??
[  158.186098][ T7686] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  159.164486][   T57] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  159.287835][ T7721] usb usb8: usbfs: process 7721 (syz.3.501) did not claim interface 0 before use
[  159.291043][ T7721] netlink: 16 bytes leftover after parsing attributes in process `syz.3.501'.
[  159.315417][   T57] usb 5-1: Using ep0 maxpacket: 8
[  159.318312][ T5530] usb 7-1: USB disconnect, device number 9
[  159.322868][   T57] usb 5-1: config 1 has an invalid descriptor of length 173, skipping remainder of the config
[  159.329539][   T57] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  159.338313][   T57] usb 5-1: config 1 has no interface number 0
[  159.344563][   T57] usb 5-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0xBC, changing to 0x8C
[  159.349813][   T57] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x8C has an invalid bInterval 93, changing to 7
[  159.354210][   T57] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x8C has invalid maxpacket 9440, setting to 1024
[  159.360342][   T57] usb 5-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[  159.363321][   T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.366407][   T57] usb 5-1: Product: syz
[  159.367771][   T57] usb 5-1: Manufacturer: syz
[  159.369235][   T57] usb 5-1: SerialNumber: syz
[  159.990753][ T5818] usb 5-1: USB disconnect, device number 6
[  160.328534][ T7734] ubi16: attaching mtd0
[  160.331876][ T7734] ubi16: scanning is finished
[  160.333356][ T7734] ubi16: empty MTD device detected
[  160.560028][ T7734] ubi16: attached mtd0 (name "mtdram test device", size 0 MiB)
[  160.562427][ T7734] ubi16: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  160.568612][ T7734] ubi16: min./max. I/O unit sizes: 1/64, sub-page size 1
[  160.572213][ T7734] ubi16: VID header offset: 64 (aligned 64), data offset: 128
[  160.577145][ T7734] ubi16: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  160.583578][ T7734] ubi16: user volume: 0, internal volumes: 1, max. volumes count: 23
[  160.587011][ T7734] ubi16: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2342462139
[  160.590133][ T7734] ubi16: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  160.593276][ T7739] ubi16: background thread "ubi_bgt16d" started, PID 7739
[  161.166656][ T7749] tmpfs: Bad value for 'mpol'
[  161.207628][   T62] block nbd2: Receive control failed (result -32)
[  161.208532][ T7737] block nbd2: shutting down sockets
[  161.473245][   T29] libceph: connect (1)[c::]:6789 error -101
[  161.477812][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  161.500326][ T7754] ceph: No mds server is up or the cluster is laggy
[  162.145316][ T7626] usbtmc 6-1:16.0: usb_control_msg returned -110
[  162.158828][   T57] usb 6-1: USB disconnect, device number 14
[  162.437708][ T7772] syz.2.517 (7772): drop_caches: 2
[  163.114455][ T7780] syz.3.521 (7780): drop_caches: 2
qemu-system-x86_64: warning: 9p: degraded performance: a reasonable high msize should be chosen on client/guest side (chosen msize is <= 8192). See https://wiki.qemu.org/Documentation/9psetup#msize for details.
[  164.543345][ T7804] overlay: ./file0 is not a directory
[  164.585198][ T7804] overlay: ./file1 is not a directory
[  164.635070][   T57] usb 6-1: new low-speed USB device number 15 using dummy_hcd
[  164.806409][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  164.810882][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  164.815338][   T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  164.820648][   T57] usb 6-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[  164.824206][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.829227][   T57] usb 6-1: config 0 descriptor??
[  164.832106][ T7801] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  164.919481][ T7807] syz.2.531 (7807): drop_caches: 2
[  164.946128][ T7809] tipc: Can't bind to reserved service type 0
[  165.294301][   T40] kauditd_printk_skb: 30 callbacks suppressed
[  165.294768][   T40] audit: type=1326 audit(1780736401.419:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.304540][   T40] audit: type=1326 audit(1780736401.419:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.311710][   T40] audit: type=1326 audit(1780736401.419:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.355271][   T40] audit: type=1326 audit(1780736401.419:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.366096][   T40] audit: type=1326 audit(1780736401.419:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.377345][   T40] audit: type=1326 audit(1780736401.419:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.389141][   T40] audit: type=1326 audit(1780736401.449:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.402086][   T40] audit: type=1326 audit(1780736401.449:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.415502][   T40] audit: type=1326 audit(1780736401.529:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.424167][   T40] audit: type=1326 audit(1780736401.529:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.3.530" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f08f7c code=0x7ffc0000
[  165.595663][ T7821] overlayfs: failed to resolve './file2': -2
[  165.604998][   T57] usbhid 6-1:0.0: can't add hid device: -71
[  165.607490][   T57] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  165.622047][   T57] usb 6-1: USB disconnect, device number 15
[  165.630352][ T7821] overlayfs: overlapping lowerdir path
[  165.691623][ T7821] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  165.698985][ T7821] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  165.867654][ T7829] netlink: 20 bytes leftover after parsing attributes in process `syz.3.535'.
[  165.887149][ T7829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  165.995318][ T5530] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  166.125233][   T10] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  166.155248][ T5530] usb 7-1: Using ep0 maxpacket: 8
[  166.161767][ T5530] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.166651][ T5530] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.173835][ T5530] usb 7-1: config 0 interface 0 has no altsetting 0
[  166.178046][ T5530] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  166.189012][ T5530] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.267196][ T5530] usb 7-1: config 0 descriptor??
[  166.280289][   T10] usb 8-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  166.289837][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  166.295513][   T10] usb 8-1: Product: syz
[  166.297200][   T10] usb 8-1: Manufacturer: syz
[  166.299989][   T10] usb 8-1: SerialNumber: syz
[  166.340374][   T10] usb 8-1: config 0 descriptor??
[  166.349454][   T10] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  166.355265][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  166.377154][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  166.383805][   T10] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  166.389832][   T10] usb 8-1: media controller created
[  166.416724][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  166.621908][ T7829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.627788][ T7829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.698554][   T10] cxusb: set interface failed
[  166.708168][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  166.750173][   T10] DVB: Unable to find symbol mt352_attach()
[  166.754908][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  166.757316][   T10] zl10353_read_register: readreg error (reg=127, ret==-121)
[  166.765387][   T10] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  166.799620][ T5530] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  166.802601][ T5530] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  166.805534][ T5530] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  166.808398][ T5530] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  166.811263][ T5530] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  166.813776][ T5530] mcp2221 0003:04D8:00DD.0004: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  166.835522][   T10] rc_core: IR keymap rc-dvico-mce not found
[  166.840261][   T10] Registered IR keymap rc-empty
[  166.846477][   T10] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  166.855742][   T10] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input32
[  166.871032][   T10] dvb-usb: schedule remote query interval to 100 msecs.
[  166.873380][   T10] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  166.879793][   T10] usb 8-1: USB disconnect, device number 11
[  166.898737][ T7836] 8021q: adding VLAN 0 to HW filter on device macsec1
[  166.903490][ T5838] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  166.929608][ T7840] mmap: syz.1.539 (7840) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  166.955066][ T7840] loop5: detected capacity change from 0 to 7
[  166.978851][ T7824] dvb-usb: bulk message failed: -22 (5/0)
[  166.995430][ T7842] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[  167.012784][ T7842] tmpfs: Bad value for 'mpol'
[  167.058425][ T7845] netlink: 5204 bytes leftover after parsing attributes in process `syz.2.533'.
[  167.165624][ T7847] syz.1.541 (7847): drop_caches: 2
[  167.876391][ T7852] ceph: No mds server is up or the cluster is laggy
[  167.881303][   T29] libceph: connect (1)[c::]:6789 error -101
[  167.890707][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  168.315783][ T5530] usb 7-1: reset high-speed USB device number 10 using dummy_hcd
[  168.355882][ T7864] block nbd1: shutting down sockets
[  168.773105][   T10] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  169.428721][ T7875] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.431524][ T7875] 8021q: adding VLAN 0 to HW filter on device team0
[  169.435884][ T7875] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.566790][   T57] usb 7-1: USB disconnect, device number 10
[  169.570327][ T7876] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  169.574646][ T7876] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  169.611085][ T7880] bond1: option mode: unable to set because the bond device has slaves
[  169.636282][ T7882] FAULT_INJECTION: forcing a failure.
[  169.636282][ T7882] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.642400][ T7880] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  169.649673][ T7882] CPU: 0 UID: 0 PID: 7882 Comm: syz.3.550 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  169.649691][ T7882] Tainted: [L]=SOFTLOCKUP
[  169.649695][ T7882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  169.649701][ T7882] Call Trace:
[  169.649705][ T7882]  <TASK>
[  169.649709][ T7882]  dump_stack_lvl+0x100/0x190
[  169.649730][ T7882]  should_fail_ex.cold+0x5/0xa
[  169.649744][ T7882]  _copy_from_user+0x2e/0xd0
[  169.649760][ T7882]  __sys_bpf+0x243/0x4b90
[  169.649773][ T7882]  ? __pfx___sys_bpf+0x10/0x10
[  169.649782][ T7882]  ? get_pid_task+0x106/0x250
[  169.649797][ T7882]  ? proc_fail_nth_write+0x9f/0x220
[  169.649817][ T7882]  ? find_held_lock+0x2b/0x80
[  169.649833][ T7882]  ? find_held_lock+0x2b/0x80
[  169.649846][ T7882]  ? ksys_write+0x190/0x250
[  169.649860][ T7882]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  169.649876][ T7882]  ? kernel_write+0x683/0x6c0
[  169.649895][ T7882]  ? fput+0x79/0x100
[  169.649909][ T7882]  ? ksys_write+0x1ac/0x250
[  169.649922][ T7882]  __ia32_sys_bpf+0x79/0xf0
[  169.649932][ T7882]  ? lockdep_hardirqs_on+0x78/0x100
[  169.649947][ T7882]  __do_fast_syscall_32+0xe7/0x970
[  169.649962][ T7882]  ? lockdep_hardirqs_on+0x78/0x100
[  169.649978][ T7882]  do_fast_syscall_32+0x32/0x70
[  169.649998][ T7882]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  169.650013][ T7882] RIP: 0023:0xf7f08f7c
[  169.650022][ T7882] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  169.650032][ T7882] RSP: 002b:00000000f53c650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  169.650043][ T7882] RAX: ffffffffffffffda RBX: 0000000000000023 RCX: 0000000080000040
[  169.650050][ T7882] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
[  169.650055][ T7882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  169.650061][ T7882] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  169.650067][ T7882] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  169.650080][ T7882]  </TASK>
[  169.796533][ T7880] bond1: (slave macvlan2): Enslaving as an active interface with a down link
[  170.708242][   T62] block nbd3: Receive control failed (result -32)
[  170.713056][ T7893] block nbd3: shutting down sockets
[  170.792616][   T62] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  171.275797][ T5818] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  171.305749][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  171.305826][   T40] audit: type=1326 audit(1780736407.429:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.377594][   T40] audit: type=1326 audit(1780736407.429:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.384170][   T40] audit: type=1326 audit(1780736407.439:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.393368][   T40] audit: type=1326 audit(1780736407.439:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.410390][   T40] audit: type=1326 audit(1780736407.439:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.424398][   T40] audit: type=1326 audit(1780736407.439:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.435969][   T40] audit: type=1326 audit(1780736407.519:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.445760][   T40] audit: type=1326 audit(1780736407.519:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.1.558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  171.468334][ T5818] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  171.472364][ T5818] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  171.476342][ T5818] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  171.481699][   T40] audit: type=1326 audit(1780736407.609:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm="syz.3.560" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f08f7c code=0x0
[  171.490067][ T5818] usb 7-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[  171.496162][ T5818] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.503992][ T5818] usb 7-1: config 0 descriptor??
[  171.509288][ T7910] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  172.154511][ T7935] syzkaller0: entered promiscuous mode
[  172.156347][ T7935] syzkaller0: entered allmulticast mode
[  172.310903][ T7938] ubi: mtd0 is already attached to ubi16
[  173.158310][ T7940] overlayfs: missing 'lowerdir'
[  173.164712][ T5818] usbhid 7-1:0.0: can't add hid device: -71
[  173.167991][ T5818] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  173.179260][ T5818] usb 7-1: USB disconnect, device number 11
[  173.225473][ T7940] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  173.387963][ T7942] overlay: ./file0 is not a directory
[  173.399686][ T7942] overlay: ./file1 is not a directory
[  173.873757][ T7943] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  173.929597][ T7955] netlink: 8 bytes leftover after parsing attributes in process `syz.3.567'.
[  173.966896][ T7959] syzkaller0: entered promiscuous mode
[  173.968705][ T7959] syzkaller0: entered allmulticast mode
[  174.062681][ T7963] overlayfs: missing 'lowerdir'
[  174.123544][ T7963] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  174.130549][ T7963] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  174.304376][ T7974] netlink: 5204 bytes leftover after parsing attributes in process `syz.1.574'.
[  174.307334][ T7974] nbd: must specify a device to reconfigure
[  174.407755][ T7979] overlay: Unknown parameter '/'
[  174.466061][ T7979] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  174.475831][ T7979] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  174.561000][ T5755] block nbd2: Receive control failed (result -32)
[  174.569996][ T7949] block nbd2: shutting down sockets
[  174.917915][ T7985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.577'.
[  175.336211][ T5745] Bluetooth: hci0: command 0x0406 tx timeout
[  175.339224][ T5747] Bluetooth: hci1: command 0x0406 tx timeout
[  175.468820][ T7988] tipc: New replicast peer: 255.255.255.255
[  175.483314][ T7988] tipc: Enabled bearer <udp:syz2>, priority 10
[  175.557270][ T7995] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  175.667777][ T8003] netlink: 52 bytes leftover after parsing attributes in process `syz.2.583'.
[  175.670594][ T8003] netlink: 52 bytes leftover after parsing attributes in process `syz.2.583'.
[  175.673522][ T8003] netlink: 52 bytes leftover after parsing attributes in process `syz.2.583'.
[  175.806251][    T9] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  175.928677][ T8008] fuse: Bad value for 'user_id'
[  175.930567][ T8008] fuse: Bad value for 'user_id'
[  175.976645][    T9] usb 8-1: Using ep0 maxpacket: 32
[  175.998181][    T9] usb 8-1: unable to get BOS descriptor or descriptor too short
[  176.017634][    T9] usb 8-1: config 14 has an invalid interface number: 57 but max is 1
[  176.021113][    T9] usb 8-1: config 14 has an invalid interface number: 228 but max is 1
[  176.024028][    T9] usb 8-1: config 14 has no interface number 0
[  176.026048][    T9] usb 8-1: config 14 has no interface number 1
[  176.028433][    T9] usb 8-1: config 14 interface 228 altsetting 5 has a duplicate endpoint with address 0x8, skipping
[  176.031794][    T9] usb 8-1: config 14 interface 228 altsetting 5 has an endpoint descriptor with address 0xD1, changing to 0x81
[  176.035356][    T9] usb 8-1: config 14 interface 228 altsetting 5 endpoint 0x81 has an invalid bInterval 109, changing to 10
[  176.039067][    T9] usb 8-1: config 14 interface 228 altsetting 5 endpoint 0x81 has invalid maxpacket 57993, setting to 1024
[  176.042666][    T9] usb 8-1: config 14 interface 228 altsetting 5 endpoint 0x9 has an invalid bInterval 122, changing to 10
[  176.046144][    T9] usb 8-1: config 14 interface 228 altsetting 5 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  176.050233][    T9] usb 8-1: config 14 interface 57 has no altsetting 0
[  176.052376][    T9] usb 8-1: config 14 interface 228 has no altsetting 0
[  176.073431][    T9] usb 8-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=78.13
[  176.076488][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.088141][    T9] usb 8-1: Product: syz
[  176.097704][    T9] usb 8-1: Manufacturer: syz
[  176.099186][    T9] usb 8-1: SerialNumber: syz
[  176.488164][ T7094] tipc: Node number set to 2985414474
[  176.528856][ T8018] syzkaller0: entered promiscuous mode
[  176.529173][    T9] legousbtower 8-1:14.57: interrupt endpoints not found
[  176.530662][ T8018] syzkaller0: entered allmulticast mode
[  176.600501][   T29] IPVS: starting estimator thread 0...
[  176.686892][ T8024] IPVS: using max 43 ests per chain, 103200 per kthread
[  176.873544][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.877050][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.880278][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.883421][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.887299][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.890632][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.893288][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.895805][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.899560][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.902879][ T8039] netlink: 'syz.1.595': attribute type 3 has an invalid length.
[  176.932859][    T9] legousbtower 8-1:14.228: LEGO USB Tower firmware version is 0.0 build 0
[  176.937422][   T62] Bluetooth: hci2: command 0x0406 tx timeout
[  176.939860][ T8039] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.595'.
[  176.952267][    T9] legousbtower 8-1:14.228: LEGO USB Tower #-160 now attached to major 180 minor 0
[  177.583086][   T40] audit: type=1804 audit(1780736413.708:544): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.582" name="/newroot/178/bus/file0" dev="overlay" ino=72877867 res=1 errno=0
[  177.981497][ T8052] syzkaller0: entered promiscuous mode
[  177.983328][ T8052] syzkaller0: entered allmulticast mode
[  178.308703][ T8060] binder: Unknown parameter 'defcontext'
[  178.768708][ T8069] FAULT_INJECTION: forcing a failure.
[  178.768708][ T8069] name failslab, interval 1, probability 0, space 0, times 0
[  178.772571][ T8069] CPU: 1 UID: 0 PID: 8069 Comm: syz.1.603 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  178.772588][ T8069] Tainted: [L]=SOFTLOCKUP
[  178.772592][ T8069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  178.772599][ T8069] Call Trace:
[  178.772603][ T8069]  <TASK>
[  178.772608][ T8069]  dump_stack_lvl+0x100/0x190
[  178.772629][ T8069]  should_fail_ex.cold+0x5/0xa
[  178.772643][ T8069]  ? tomoyo_realpath_from_path+0xb6/0x690
[  178.772659][ T8069]  should_failslab+0xc2/0x120
[  178.772673][ T8069]  __kmalloc_noprof+0xe0/0x850
[  178.772689][ T8069]  ? kfree+0x1dd/0x6c0
[  178.772705][ T8069]  tomoyo_realpath_from_path+0xb6/0x690
[  178.772723][ T8069]  tomoyo_path_number_perm+0x23c/0x580
[  178.772736][ T8069]  ? tomoyo_path_number_perm+0x22e/0x580
[  178.772750][ T8069]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  178.772763][ T8069]  ? get_pid_task+0x106/0x250
[  178.772789][ T8069]  ? find_held_lock+0x2b/0x80
[  178.772802][ T8069]  ? __fget_files+0x215/0x3d0
[  178.772814][ T8069]  ? hook_file_ioctl_common+0x149/0x410
[  178.772827][ T8069]  ? __fget_files+0x215/0x3d0
[  178.772840][ T8069]  ? __fget_files+0x21f/0x3d0
[  178.772855][ T8069]  security_file_ioctl_compat+0xd3/0x230
[  178.772869][ T8069]  __ia32_compat_sys_ioctl+0xc2/0x360
[  178.772882][ T8069]  __do_fast_syscall_32+0xe7/0x970
[  178.772898][ T8069]  ? lockdep_hardirqs_on+0x78/0x100
[  178.772914][ T8069]  do_fast_syscall_32+0x32/0x70
[  178.772930][ T8069]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.772944][ T8069] RIP: 0023:0xf7fb2f7c
[  178.772952][ T8069] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  178.772962][ T8069] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  178.772974][ T8069] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  178.772980][ T8069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  178.772986][ T8069] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.772992][ T8069] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  178.772998][ T8069] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.773011][ T8069]  </TASK>
[  178.773016][ T8069] ERROR: Out of memory at tomoyo_realpath_from_path.
[  178.801161][ T7094] usb 8-1: USB disconnect, device number 12
[  178.853132][ T7094] legousbtower 8-1:14.228: LEGO USB Tower #-160 now disconnected
[  178.973433][ T8072] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  178.979852][ T8072] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  179.004844][ T5755] block nbd2: Receive control failed (result -32)
[  179.008147][ T8057] block nbd2: shutting down sockets
[  179.142105][ T8080] IPVS: Error connecting to the multicast addr
[  180.228204][ T8097] fuse: Unknown parameter 'd'
[  180.275925][ T8098] netlink: 14476 bytes leftover after parsing attributes in process `syz.0.609'.
[  180.926048][ T8111] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  180.945769][ T8111] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  181.020530][   T40] audit: type=1804 audit(1780736417.128:545): pid=8115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.615" name="bus" dev="ramfs" ino=19588 res=1 errno=0
[  181.038539][   T40] audit: type=1804 audit(1780736417.138:546): pid=8115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.615" name="bus" dev="ramfs" ino=19588 res=1 errno=0
[  182.021740][   T40] audit: type=1800 audit(1780736418.147:547): pid=8120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.617" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  182.288104][ T8136] comedi comedi3: comedi_config --init_data is deprecated
[  182.542665][ T8129] syz.0.621 (8129) used greatest stack depth: 18936 bytes left
[  182.655328][ T8154] openvswitch: netlink: Flow key attr not present in new flow.
[  182.663986][   T40] audit: type=1326 audit(1780736418.787:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.674810][   T40] audit: type=1326 audit(1780736418.807:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.685121][   T40] audit: type=1326 audit(1780736418.807:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.699798][   T40] audit: type=1326 audit(1780736418.807:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.722582][   T40] audit: type=1326 audit(1780736418.817:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.757108][   T40] audit: type=1326 audit(1780736418.817:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.757150][   T40] audit: type=1326 audit(1780736418.817:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.757192][   T40] audit: type=1326 audit(1780736418.817:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.757225][   T40] audit: type=1326 audit(1780736418.857:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.757258][   T40] audit: type=1326 audit(1780736418.857:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8152 comm="syz.0.626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  182.819771][ T5755] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  182.819804][ T5755] CPU: 2 UID: 0 PID: 5755 Comm: kworker/u33:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  182.819827][ T5755] Tainted: [L]=SOFTLOCKUP
[  182.819832][ T5755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  182.819840][ T5755] Workqueue: hci1 hci_rx_work
[  182.819860][ T5755] Call Trace:
[  182.819864][ T5755]  <TASK>
[  182.819868][ T5755]  dump_stack_lvl+0x100/0x190
[  182.819889][ T5755]  sysfs_warn_dup.cold+0x1c/0x28
[  182.819905][ T5755]  sysfs_create_dir_ns+0x24b/0x2b0
[  182.819919][ T5755]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  182.819930][ T5755]  ? find_held_lock+0x2b/0x80
[  182.819945][ T5755]  ? kobject_add_internal+0x25f/0x930
[  182.819958][ T5755]  ? kobject_add_internal+0x25f/0x930
[  182.819971][ T5755]  ? do_raw_spin_unlock+0x145/0x1e0
[  182.819985][ T5755]  kobject_add_internal+0x2c8/0x930
[  182.819998][ T5755]  kobject_add+0x16a/0x1e0
[  182.820008][ T5755]  ? __pfx_kobject_add+0x10/0x10
[  182.820018][ T5755]  ? class_to_subsys+0x10f/0x150
[  182.820034][ T5755]  ? kobject_put+0xb9/0x640
[  182.820050][ T5755]  ? _raw_spin_unlock+0x28/0x50
[  182.820069][ T5755]  device_add+0x294/0x1950
[  182.820081][ T5755]  ? __pfx_dev_set_name+0x10/0x10
[  182.820095][ T5755]  ? __pfx_device_add+0x10/0x10
[  182.820106][ T5755]  ? mgmt_send_event_skb+0x2fb/0x460
[  182.820124][ T5755]  hci_conn_add_sysfs+0x1a3/0x260
[  182.820143][ T5755]  le_conn_complete_evt+0x11eb/0x1f60
[  182.820163][ T5755]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  182.820180][ T5755]  hci_le_conn_complete_evt+0x23c/0x3a0
[  182.820195][ T5755]  ? skb_pull_data+0x15f/0x1e0
[  182.820211][ T5755]  hci_le_meta_evt+0x34a/0x5f0
[  182.820225][ T5755]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  182.820241][ T5755]  hci_event_packet+0x51c/0xcd0
[  182.820255][ T5755]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  182.820270][ T5755]  ? __pfx_hci_event_packet+0x10/0x10
[  182.820285][ T5755]  ? kcov_remote_start+0x374/0x660
[  182.820299][ T5755]  ? lockdep_hardirqs_on+0x78/0x100
[  182.820317][ T5755]  hci_rx_work+0x451/0xfc0
[  182.820333][ T5755]  process_one_work+0xa0e/0x1980
[  182.820350][ T5755]  ? __pfx_process_one_work+0x10/0x10
[  182.820364][ T5755]  ? __pfx_hci_rx_work+0x10/0x10
[  182.820379][ T5755]  worker_thread+0x5ef/0xe50
[  182.820394][ T5755]  ? kthread+0x13a/0x450
[  182.820408][ T5755]  ? __pfx_worker_thread+0x10/0x10
[  182.820417][ T5755]  kthread+0x370/0x450
[  182.820432][ T5755]  ? __pfx_kthread+0x10/0x10
[  182.820449][ T5755]  ret_from_fork+0x72b/0xd50
[  182.820461][ T5755]  ? __pfx_ret_from_fork+0x10/0x10
[  182.820473][ T5755]  ? __switch_to+0x800/0x1100
[  182.820487][ T5755]  ? __pfx_kthread+0x10/0x10
[  182.820504][ T5755]  ret_from_fork_asm+0x1a/0x30
[  182.820524][ T5755]  </TASK>
[  182.820536][ T5755] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  182.820555][ T5755] Bluetooth: hci1: failed to register connection device
[  182.978801][ T5818] IPVS: starting estimator thread 0...
[  183.067176][ T8158] IPVS: using max 29 ests per chain, 69600 per kthread
[  184.395552][ T8182] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  184.400741][ T8182] block device autoloading is deprecated and will be removed.
[  184.583609][ T8186] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  184.585675][ T8186] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  184.593934][ T8186] vhci_hcd vhci_hcd.0: Device attached
[  184.632558][ T8186] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  184.859039][   T29] usb 40-1: SetAddress Request (10) to port 0
[  184.865902][   T29] usb 40-1: new SuperSpeed USB device number 10 using vhci_hcd
[  185.151913][ T8187] vhci_hcd: connection reset by peer
[  185.155653][ T6587] vhci_hcd vhci_hcd.1: stop threads
[  185.158604][ T6587] vhci_hcd vhci_hcd.1: release socket
[  185.163062][ T6587] vhci_hcd vhci_hcd.1: disconnect device
[  185.627670][ T8210] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  185.627670][ T8210] �U�e�[���%#s'
[  185.824590][ T8215] overlayfs: failed lookup in lower (newroot/188, name='file0', err=-40): overlapping layers
[  186.173320][ T8212] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  187.111177][ T8224] FAULT_INJECTION: forcing a failure.
[  187.111177][ T8224] name failslab, interval 1, probability 0, space 0, times 0
[  187.115057][ T8224] CPU: 3 UID: 0 PID: 8224 Comm: syz.0.643 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  187.115075][ T8224] Tainted: [L]=SOFTLOCKUP
[  187.115079][ T8224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  187.115085][ T8224] Call Trace:
[  187.115089][ T8224]  <TASK>
[  187.115094][ T8224]  dump_stack_lvl+0x100/0x190
[  187.115115][ T8224]  should_fail_ex.cold+0x5/0xa
[  187.115129][ T8224]  should_failslab+0xc2/0x120
[  187.115142][ T8224]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  187.115160][ T8224]  ? __alloc_skb+0x140/0x710
[  187.115172][ T8224]  __alloc_skb+0x140/0x710
[  187.115181][ T8224]  ? __alloc_skb+0x5b7/0x710
[  187.115190][ T8224]  ? __pfx___alloc_skb+0x10/0x10
[  187.115199][ T8224]  ? __lock_acquire+0x4a5/0x2630
[  187.115219][ T8224]  tcf_action_add+0x230/0x5c0
[  187.115238][ T8224]  ? __pfx_tcf_action_add+0x10/0x10
[  187.115260][ T8224]  ? is_bpf_text_address+0x8a/0x1a0
[  187.115287][ T8224]  ? __nla_parse+0x40/0x60
[  187.115301][ T8224]  tc_ctl_action+0x2e3/0x470
[  187.115318][ T8224]  ? __pfx_tc_ctl_action+0x10/0x10
[  187.115339][ T8224]  ? __pfx_tc_ctl_action+0x10/0x10
[  187.115356][ T8224]  rtnetlink_rcv_msg+0x3c9/0xe90
[  187.115370][ T8224]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  187.115401][ T8224]  ? __lock_acquire+0x4a5/0x2630
[  187.115420][ T8224]  netlink_rcv_skb+0x159/0x420
[  187.115435][ T8224]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  187.115447][ T8224]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  187.115466][ T8224]  ? netlink_deliver_tap+0x1ae/0xcc0
[  187.115482][ T8224]  netlink_unicast+0x585/0x850
[  187.115498][ T8224]  ? __pfx_netlink_unicast+0x10/0x10
[  187.115516][ T8224]  netlink_sendmsg+0x8b0/0xda0
[  187.115532][ T8224]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.115548][ T8224]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  187.115561][ T8224]  ____sys_sendmsg+0x9e1/0xb70
[  187.115574][ T8224]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.115589][ T8224]  ? __pfx_____sys_sendmsg+0x10/0x10
[  187.115609][ T8224]  ___sys_sendmsg+0x190/0x1e0
[  187.115624][ T8224]  ? __pfx____sys_sendmsg+0x10/0x10
[  187.115645][ T8224]  ? find_held_lock+0x2b/0x80
[  187.115666][ T8224]  __sys_sendmsg+0x170/0x220
[  187.115678][ T8224]  ? __pfx___sys_sendmsg+0x10/0x10
[  187.115687][ T8224]  ? __fget_files+0x21f/0x3d0
[  187.115704][ T8224]  ? ksys_write+0x1ac/0x250
[  187.115717][ T8224]  ? rcu_is_watching+0x12/0xc0
[  187.115734][ T8224]  __do_fast_syscall_32+0xe7/0x970
[  187.115751][ T8224]  ? lockdep_hardirqs_on+0x78/0x100
[  187.115767][ T8224]  do_fast_syscall_32+0x32/0x70
[  187.115783][ T8224]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.115797][ T8224] RIP: 0023:0xf7fc7f7c
[  187.115806][ T8224] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  187.115816][ T8224] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  187.115827][ T8224] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  187.115834][ T8224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  187.115839][ T8224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  187.115845][ T8224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  187.115851][ T8224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.115865][ T8224]  </TASK>
[  187.456358][ T8236] netlink: 32 bytes leftover after parsing attributes in process `syz.2.649'.
[  187.563314][ T8238] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  187.604950][ T8238] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  187.627640][ T7094] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  187.636241][ T8247] netlink: 20 bytes leftover after parsing attributes in process `syz.2.653'.
[  187.792823][ T7094] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  187.800749][ T7094] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  187.805145][ T7094] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  187.808989][ T7094] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  187.813223][ T7094] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  187.816076][ T7094] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.820149][ T7094] usb 6-1: config 0 descriptor??
[  188.070342][ T8258] validate_nla: 13 callbacks suppressed
[  188.070362][ T8258] netlink: 'syz.0.657': attribute type 4 has an invalid length.
[  188.283925][   T40] kauditd_printk_skb: 106 callbacks suppressed
[  188.283936][   T40] audit: type=1326 audit(1780736424.407:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.298136][   T40] audit: type=1326 audit(1780736424.427:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.309776][   T40] audit: type=1326 audit(1780736424.427:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.316431][   T40] audit: type=1326 audit(1780736424.427:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.323203][   T40] audit: type=1326 audit(1780736424.437:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.330631][   T40] audit: type=1326 audit(1780736424.437:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.341473][   T40] audit: type=1326 audit(1780736424.437:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.352003][   T40] audit: type=1326 audit(1780736424.437:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.361340][   T40] audit: type=1326 audit(1780736424.437:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.369233][   T40] audit: type=1326 audit(1780736424.437:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz.1.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f7c code=0x7ffc0000
[  188.370328][ T8267] netlink: 20 bytes leftover after parsing attributes in process `syz.2.660'.
[  188.375415][ T8230] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  188.414159][ T8230] evm: overlay not supported
[  188.414232][ T8267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  188.467318][ T7094] usbhid 6-1:0.0: can't add hid device: -71
[  188.470627][ T7094] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  188.478715][ T7094] usb 6-1: USB disconnect, device number 16
[  188.585114][ T8269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.591356][ T8269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.677593][   T57] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  188.830057][ T5886] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  188.832242][   T57] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  188.834710][   T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  188.840861][   T57] usb 7-1: Product: syz
[  188.842181][   T57] usb 7-1: Manufacturer: syz
[  188.843594][   T57] usb 7-1: SerialNumber: syz
[  188.846227][   T57] usb 7-1: config 0 descriptor??
[  188.852169][   T57] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  188.854526][   T57] dvb-usb: bulk message failed: -22 (2/0)
[  188.858576][   T57] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  188.861694][   T57] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  188.864031][   T57] usb 7-1: media controller created
[  188.871064][   T57] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  188.937703][   T62] Bluetooth: hci1: command 0x0406 tx timeout
[  188.952190][ T8276] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  188.958245][ T8276] block device autoloading is deprecated and will be removed.
[  188.989337][ T5886] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  188.994137][ T5886] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  188.998471][ T5886] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  189.002417][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.012857][ T8270] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  189.020172][ T5886] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  189.143986][ T8267] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.153924][ T8267] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.164234][   T57] cxusb: set interface failed
[  189.166885][   T57] dvb-usb: bulk message failed: -22 (1/0)
[  189.191249][   T57] DVB: Unable to find symbol mt352_attach()
[  189.193629][   T57] dvb-usb: bulk message failed: -22 (5/0)
[  189.203934][   T57] zl10353_read_register: readreg error (reg=127, ret==-121)
[  189.206881][   T57] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  189.287818][   T57] rc_core: IR keymap rc-dvico-mce not found
[  189.291667][   T57] Registered IR keymap rc-empty
[  189.307725][   T57] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  189.347406][   T57] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input34
[  189.362316][ T7094] usb 5-1: USB disconnect, device number 7
[  189.394257][ T8282] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  189.415928][   T57] dvb-usb: schedule remote query interval to 100 msecs.
[  189.417508][ T8282] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  189.422104][   T57] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  189.454513][   T57] usb 7-1: USB disconnect, device number 12
[  189.684663][   T57] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  189.897915][   T29] usb 40-1: device descriptor read/8, error -110
[  190.807977][ T8309] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  190.817206][ T8309] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  190.878022][ T8313] nfs: Unknown parameter 'DW'
[  190.880102][ T8313] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  191.060196][   T29] usb usb40-port1: attempt power cycle
[  191.110769][ T8316] netlink: 240 bytes leftover after parsing attributes in process `syz.0.675'.
[  191.114739][ T8316] netlink: 240 bytes leftover after parsing attributes in process `syz.0.675'.
[  191.251982][ T8325] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  191.254364][ T8325] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  191.258948][ T8325] vhci_hcd vhci_hcd.0: Device attached
[  191.259572][ T1158] wlan1: Trigger new scan to find an IBSS to join
[  191.497951][   T10] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  191.629863][ T8336] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  191.635514][ T8336] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  191.651066][   T29] usb usb40-port1: unable to enumerate USB device
[  191.830623][ T8346] program syz.1.685 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  191.841803][ T8346] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  191.983550][ T8343] block nbd3: shutting down sockets
[  192.074994][ T8328] vhci_hcd: connection closed
[  192.076366][ T1243] vhci_hcd vhci_hcd.2: stop threads
[  192.086259][ T1243] vhci_hcd vhci_hcd.2: release socket
[  192.089393][ T1243] vhci_hcd vhci_hcd.2: disconnect device
[  192.089905][   T10] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  192.192618][   T10] usb 41-1: enqueue for inactive port 0
[  192.258275][   T10] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  192.468016][ T7094] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[  192.598070][ T7094] usb 6-1: device descriptor read/64, error -71
[  192.975049][ T7094] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[  193.492841][ T8374] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  193.495542][ T8374] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  193.504123][ T8374] vhci_hcd vhci_hcd.0: Device attached
[  193.588197][ T7094] usb 6-1: device descriptor read/64, error -71
[  193.712264][ T7094] usb usb6-port1: attempt power cycle
[  193.748977][   T29] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  194.048183][ T7094] usb 6-1: new low-speed USB device number 19 using dummy_hcd
[  194.069527][ T7094] usb 6-1: device descriptor read/8, error -71
[  194.110001][ T8376] vhci_hcd: connection reset by peer
[  194.117327][ T1163] vhci_hcd vhci_hcd.3: stop threads
[  194.119071][ T1163] vhci_hcd vhci_hcd.3: release socket
[  194.121023][ T1163] vhci_hcd vhci_hcd.3: disconnect device
[  194.218488][   T72] wlan1: Trigger new scan to find an IBSS to join
[  194.308263][ T7094] usb 6-1: new low-speed USB device number 20 using dummy_hcd
[  194.328945][ T7094] usb 6-1: device descriptor read/8, error -71
[  194.355774][ T8391] syzkaller0: entered promiscuous mode
[  194.357641][ T8391] syzkaller0: entered allmulticast mode
[  194.360840][   T72] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.438509][ T7094] usb usb6-port1: unable to enumerate USB device
[  194.928290][ T8405] FAULT_INJECTION: forcing a failure.
[  194.928290][ T8405] name failslab, interval 1, probability 0, space 0, times 0
[  194.934153][ T8405] CPU: 3 UID: 0 PID: 8405 Comm: syz.0.702 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  194.934184][ T8405] Tainted: [L]=SOFTLOCKUP
[  194.934190][ T8405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  194.934201][ T8405] Call Trace:
[  194.934208][ T8405]  <TASK>
[  194.934216][ T8405]  dump_stack_lvl+0x100/0x190
[  194.934253][ T8405]  should_fail_ex.cold+0x5/0xa
[  194.934277][ T8405]  should_failslab+0xc2/0x120
[  194.934300][ T8405]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  194.934329][ T8405]  ? __alloc_skb+0x140/0x710
[  194.934344][ T8405]  ? __alloc_skb+0x5b7/0x710
[  194.934364][ T8405]  __alloc_skb+0x140/0x710
[  194.934379][ T8405]  ? __alloc_skb+0x5b7/0x710
[  194.934394][ T8405]  ? __pfx___alloc_skb+0x10/0x10
[  194.934419][ T8405]  netlink_alloc_large_skb+0x69/0x150
[  194.934446][ T8405]  netlink_sendmsg+0x680/0xda0
[  194.934475][ T8405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.934503][ T8405]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  194.934526][ T8405]  ____sys_sendmsg+0x9e1/0xb70
[  194.934549][ T8405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.934574][ T8405]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.934610][ T8405]  ___sys_sendmsg+0x190/0x1e0
[  194.934636][ T8405]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.934671][ T8405]  ? find_held_lock+0x2b/0x80
[  194.934718][ T8405]  __sys_sendmsg+0x170/0x220
[  194.934738][ T8405]  ? __pfx___sys_sendmsg+0x10/0x10
[  194.934755][ T8405]  ? __fget_files+0x21f/0x3d0
[  194.934785][ T8405]  ? ksys_write+0x1ac/0x250
[  194.934807][ T8405]  ? rcu_is_watching+0x12/0xc0
[  194.934829][ T8405]  __do_fast_syscall_32+0xe7/0x970
[  194.934854][ T8405]  ? lockdep_hardirqs_on+0x78/0x100
[  194.934878][ T8405]  do_fast_syscall_32+0x32/0x70
[  194.934902][ T8405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  194.934923][ T8405] RIP: 0023:0xf7fc7f7c
[  194.934938][ T8405] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  194.934955][ T8405] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  194.934973][ T8405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  194.934984][ T8405] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  194.934994][ T8405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  194.935004][ T8405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  194.935014][ T8405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  194.935039][ T8405]  </TASK>
[  195.046238][ T8406] syz.2.701 (8406): drop_caches: 2
[  195.065541][ T8400] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  196.173724][ T8424] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  196.192313][ T8424] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  196.457201][ T8442] netlink: 20 bytes leftover after parsing attributes in process `syz.1.716'.
[  197.256165][ T8461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.719'.
[  197.268356][ T8462] comedi comedi3: c6xdigio: I/O port conflict (0x3c4,3)
[  197.338624][ T1163] wlan1: Trigger new scan to find an IBSS to join
[  197.471495][ T8451] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  197.947041][ T8473] xt_CT: You must specify a L4 protocol and not use inversions on it
[  198.079213][ T8474] netlink: 'syz.0.721': attribute type 10 has an invalid length.
[  198.848873][   T29] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  198.859934][ T1433] ieee802154 phy0 wpan0: encryption failed: -22
[  198.862063][ T1433] ieee802154 phy1 wpan1: encryption failed: -22
[  199.293742][ T8484] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  199.500651][ T1158] wlan1: Creating new IBSS network, BSSID ea:8d:9e:8d:3a:c0
[  200.925309][ T8485] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  200.956625][ T8490] : entered promiscuous mode
[  201.457866][ T8500] block nbd0: shutting down sockets
[  201.648446][ T8511] 9pnet_virtio: no channels available for device syz
[  201.656094][ T8511] 9pnet_virtio: no channels available for device syz
[  201.672886][ T8511] 9pnet_virtio: no channels available for device syz
[  201.678433][ T8511] 9pnet_virtio: no channels available for device syz
[  201.688080][ T8511] 9pnet_virtio: no channels available for device syz
[  201.702668][ T8511] 9pnet_virtio: no channels available for device syz
[  201.711244][ T8511] 9pnet_virtio: no channels available for device syz
[  201.720394][ T8511] 9pnet_virtio: no channels available for device syz
[  201.727277][ T8511] 9pnet_virtio: no channels available for device syz
[  201.735153][ T8511] 9pnet_virtio: no channels available for device syz
[  201.742647][ T8511] 9pnet_virtio: no channels available for device syz
[  201.751048][ T8511] 9pnet_virtio: no channels available for device syz
[  201.758306][ T8511] 9pnet_virtio: no channels available for device syz
[  201.766306][ T8511] 9pnet_virtio: no channels available for device syz
[  201.774578][ T8511] 9pnet_virtio: no channels available for device syz
[  201.782538][ T8511] 9pnet_virtio: no channels available for device syz
[  201.789482][ T8511] 9pnet_virtio: no channels available for device syz
[  201.798444][ T8511] 9pnet_virtio: no channels available for device syz
[  201.806500][ T8511] 9pnet_virtio: no channels available for device syz
[  201.815564][ T8511] 9pnet_virtio: no channels available for device syz
[  201.823551][ T8511] 9pnet_virtio: no channels available for device syz
[  201.829908][ T8511] 9pnet_virtio: no channels available for device syz
[  201.835991][ T8511] 9pnet_virtio: no channels available for device syz
[  201.842862][ T8511] 9pnet_virtio: no channels available for device syz
[  201.849778][ T8511] 9pnet_virtio: no channels available for device syz
[  201.854415][ T8511] 9pnet_virtio: no channels available for device syz
[  201.856944][ T8511] 9pnet_virtio: no channels available for device syz
[  201.859472][ T8511] 9pnet_virtio: no channels available for device syz
[  201.861769][ T8511] 9pnet_virtio: no channels available for device syz
[  201.864130][ T8511] 9pnet_virtio: no channels available for device syz
[  201.866557][ T8511] 9pnet_virtio: no channels available for device syz
[  201.869035][ T8511] 9pnet_virtio: no channels available for device syz
[  202.450576][ T8525] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  202.455671][ T8525] overlayfs: overlapping lowerdir path
[  202.602834][ T8526] syz.0.732 (8526): drop_caches: 2
[  202.611160][ T8519] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  202.896885][ T8528] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  202.899470][ T8528] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  202.973769][ T8528] vhci_hcd vhci_hcd.0: Device attached
[  203.111654][ T8528] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  203.249226][ T1341] usb 44-1: SetAddress Request (10) to port 0
[  203.251251][ T1341] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd
[  203.936198][ T8519] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  204.105798][ T8541] IPVS: Error connecting to the multicast addr
[  204.193220][ T8529] vhci_hcd: connection reset by peer
[  204.195954][   T72] vhci_hcd vhci_hcd.3: stop threads
[  204.198238][   T72] vhci_hcd vhci_hcd.3: release socket
[  204.201519][   T72] vhci_hcd vhci_hcd.3: disconnect device
[  204.407219][ T8548] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.741'.
[  204.581496][ T8554] ipip0: entered allmulticast mode
[  204.607626][ T8554] netlink: 4 bytes leftover after parsing attributes in process `syz.1.742'.
[  204.936864][   T40] kauditd_printk_skb: 70 callbacks suppressed
[  204.936876][   T40] audit: type=1800 audit(1780736441.055:744): pid=8565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.746" name="bus" dev="overlay" ino=958 res=0 errno=0
[  205.033461][ T8567] syzkaller0: entered promiscuous mode
[  205.035215][ T8567] syzkaller0: entered allmulticast mode
[  205.054806][ T8567] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  205.059043][ T8566] tipc: Resetting bearer <eth:syzkaller0>
[  205.080449][ T8566] tipc: Disabling bearer <eth:syzkaller0>
[  205.643254][ T8580] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.799809][ T8580] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.923221][ T8580] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.068226][ T8580] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.223338][ T8584] trusted_key: encrypted_key: insufficient parameters specified
[  206.231289][ T8584] trusted_key: encrypted_key: insufficient parameters specified
[  206.263291][   T72] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.377287][   T60] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.503944][   T60] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.513464][   T60] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.622035][ T8611] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (eth1-tx-0)
[  207.651975][ T8614] netlink: 52 bytes leftover after parsing attributes in process `syz.1.761'.
[  207.658279][ T8614] netlink: 6 bytes leftover after parsing attributes in process `syz.1.761'.
[  208.143982][ T8620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.763'.
[  208.299715][ T1341] usb 44-1: device descriptor read/8, error -110
[  208.390157][ T8630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'.
[  208.421252][ T8630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'.
[  208.433466][ T8630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'.
[  208.448766][ T8630] netlink: 104 bytes leftover after parsing attributes in process `syz.2.765'.
[  208.452729][ T8630] netlink: 104 bytes leftover after parsing attributes in process `syz.2.765'.
[  208.464739][ T5838] libceph: connect (1)[c::]:6789 error -101
[  208.466980][ T5838] libceph: mon0 (1)[c::]:6789 connect error
[  208.469466][ T5838] libceph: connect (1)[c::]:6789 error -101
[  208.471682][ T5838] libceph: mon0 (1)[c::]:6789 connect error
[  208.513483][ T8626] ceph: No mds server is up or the cluster is laggy
[  208.690780][ T1341] usb usb44-port1: attempt power cycle
[  208.731051][ T8635] syz.2.766 (8635): drop_caches: 2
[  208.893275][ T8640] netlink: 'syz.3.767': attribute type 1 has an invalid length.
[  209.352595][ T8648] xfrm1: entered allmulticast mode
[  209.449501][ T8649] iso9660: Unknown parameter 'GPL'
[  209.501545][ T1341] usb usb44-port1: unable to enumerate USB device
[  209.733669][ T8653] syzkaller0: entered promiscuous mode
[  209.735826][ T8653] syzkaller0: entered allmulticast mode
[  209.798774][ T8658] netlink: 'syz.1.773': attribute type 10 has an invalid length.
[  209.803235][ T8658] netlink: 40 bytes leftover after parsing attributes in process `syz.1.773'.
[  209.908943][ T8658] team0: Port device geneve1 added
[  209.980519][ T8664] netlink: 40 bytes leftover after parsing attributes in process `syz.3.775'.
[  210.031508][ T8663] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  210.037287][ T8663] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  210.165802][ T8676] overlayfs: missing 'lowerdir'
[  210.573840][ T8691] NILFS (loop1): device size too small
[  211.333771][ T8718] FAULT_INJECTION: forcing a failure.
[  211.333771][ T8718] name failslab, interval 1, probability 0, space 0, times 0
[  211.337802][ T8718] CPU: 3 UID: 0 PID: 8718 Comm: syz.1.790 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  211.337820][ T8718] Tainted: [L]=SOFTLOCKUP
[  211.337824][ T8718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  211.337831][ T8718] Call Trace:
[  211.337836][ T8718]  <TASK>
[  211.337841][ T8718]  dump_stack_lvl+0x100/0x190
[  211.337863][ T8718]  should_fail_ex.cold+0x5/0xa
[  211.337905][ T8718]  should_failslab+0xc2/0x120
[  211.337919][ T8718]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  211.337936][ T8718]  ? __alloc_skb+0x140/0x710
[  211.337946][ T8718]  ? __alloc_skb+0x5b7/0x710
[  211.337957][ T8718]  __alloc_skb+0x140/0x710
[  211.337965][ T8718]  ? __alloc_skb+0x5b7/0x710
[  211.337974][ T8718]  ? __pfx___alloc_skb+0x10/0x10
[  211.337987][ T8718]  netlink_alloc_large_skb+0x69/0x150
[  211.338003][ T8718]  netlink_sendmsg+0x680/0xda0
[  211.338019][ T8718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.338035][ T8718]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  211.338048][ T8718]  ____sys_sendmsg+0x9e1/0xb70
[  211.338062][ T8718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.338077][ T8718]  ? __pfx_____sys_sendmsg+0x10/0x10
[  211.338097][ T8718]  ___sys_sendmsg+0x190/0x1e0
[  211.338112][ T8718]  ? __pfx____sys_sendmsg+0x10/0x10
[  211.338133][ T8718]  ? find_held_lock+0x2b/0x80
[  211.338155][ T8718]  __sys_sendmsg+0x170/0x220
[  211.338167][ T8718]  ? __pfx___sys_sendmsg+0x10/0x10
[  211.338176][ T8718]  ? __fget_files+0x21f/0x3d0
[  211.338192][ T8718]  ? ksys_write+0x1ac/0x250
[  211.338206][ T8718]  ? rcu_is_watching+0x12/0xc0
[  211.338219][ T8718]  __do_fast_syscall_32+0xe7/0x970
[  211.338235][ T8718]  ? lockdep_hardirqs_on+0x78/0x100
[  211.338251][ T8718]  do_fast_syscall_32+0x32/0x70
[  211.338267][ T8718]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.338282][ T8718] RIP: 0023:0xf7fb2f7c
[  211.338295][ T8718] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  211.338310][ T8718] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  211.338328][ T8718] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  211.338338][ T8718] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  211.338349][ T8718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.338358][ T8718] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  211.338369][ T8718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.338392][ T8718]  </TASK>
[  211.650044][ T8733] xt_bpf: check failed: parse error
[  212.520099][   T72] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.525765][   T72] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.535680][   T72] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.544951][ T8760] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  212.551231][ T1243] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.561404][ T8760] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  212.593057][ T8766] loop4: detected capacity change from 0 to 524287936
[  213.079542][ T8788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.812'.
[  213.085375][ T8788] netlink: 8 bytes leftover after parsing attributes in process `syz.2.812'.
[  213.139133][ T8792] syzkaller0: entered promiscuous mode
[  213.141959][ T8792] syzkaller0: entered allmulticast mode
[  213.237203][ T8794] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 401070c9, magic 70 != 6b]
[  213.243105][ T8794] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  213.543990][ T8815] IPv6: NLM_F_CREATE should be specified when creating new route
[  213.869754][ T8830] netlink: 64 bytes leftover after parsing attributes in process `syz.3.824'.
[  213.877431][ T8830] netlink: 64 bytes leftover after parsing attributes in process `syz.3.824'.
[  214.478644][ T8846] XFS (nullb0): Invalid superblock magic number
[  214.884074][ T8864] syz.1.834 (8864): drop_caches: 2
[  215.019086][ T8872] syz_tun: entered allmulticast mode
[  215.060574][ T8877] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  215.062377][ T8866] x_tables: duplicate underflow at hook 1
[  215.062660][ T8877] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  215.069474][ T8866] hub 8-0:1.0: USB hub found
[  215.071994][ T8866] hub 8-0:1.0: 1 port detected
[  215.086200][ T8877] vhci_hcd vhci_hcd.0: Device attached
[  215.219001][ T8880] vhci_hcd: connection closed
[  215.219240][   T72] vhci_hcd vhci_hcd.0: stop threads
[  215.225453][   T72] vhci_hcd vhci_hcd.0: release socket
[  215.230627][   T72] vhci_hcd vhci_hcd.0: disconnect device
[  215.264712][ T7094] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  215.271725][ T8897] devpts: Bad value for 'max'
[  215.398125][ T8899] syz.3.845 (8899): drop_caches: 2
[  215.569040][ T8905] fuse: Bad value for 'fd'
[  215.573945][ T8905] overlayfs: failed lookup in lower (newroot/242, name='file0', err=-40): overlapping layers
[  215.581244][ T8905] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  215.972334][   T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  216.110631][   T10] usb 5-1: device descriptor read/64, error -71
[  216.146653][ T8922] SET target dimension over the limit!
[  216.350479][   T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  216.480466][   T10] usb 5-1: device descriptor read/64, error -71
[  216.591416][   T10] usb usb5-port1: attempt power cycle
[  216.950954][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  216.961927][   T40] audit: type=1326 audit(1780736453.084:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  216.968889][   T40] audit: type=1326 audit(1780736453.084:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  216.971303][   T10] usb 5-1: device descriptor read/8, error -71
[  216.978399][   T40] audit: type=1326 audit(1780736453.084:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  216.985529][   T40] audit: type=1326 audit(1780736453.084:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  216.993506][   T40] audit: type=1326 audit(1780736453.084:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  217.000820][   T40] audit: type=1326 audit(1780736453.084:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  217.008710][   T40] audit: type=1326 audit(1780736453.084:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  217.017201][   T40] audit: type=1326 audit(1780736453.084:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  217.024099][   T40] audit: type=1326 audit(1780736453.084:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  217.031614][   T40] audit: type=1326 audit(1780736453.094:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8932 comm="syz.2.854" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb3f7c code=0x7ffc0000
[  217.198588][ T8943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.858'.
[  217.220969][   T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  217.251084][   T10] usb 5-1: device descriptor read/8, error -71
[  217.380546][   T10] usb usb5-port1: unable to enumerate USB device
[  217.644423][ T8956] block nbd1: shutting down sockets
[  217.780851][ T8964] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.865'.
[  218.187644][ T8969] lo speed is unknown, defaulting to 1000
[  218.191693][ T8969] lo speed is unknown, defaulting to 1000
[  218.194721][ T8969] lo speed is unknown, defaulting to 1000
[  218.200256][ T8969] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  218.206094][ T8969] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  218.212260][ T8969] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  218.219521][ T8969] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  218.230157][ T8969] lo speed is unknown, defaulting to 1000
[  218.233013][ T8969] lo speed is unknown, defaulting to 1000
[  218.237653][ T8969] lo speed is unknown, defaulting to 1000
[  218.240389][ T8969] lo speed is unknown, defaulting to 1000
[  218.390446][ T8972] syz.2.868 (8972): drop_caches: 2
[  218.392494][ T8972] syz.2.868 (8972): drop_caches: 2
[  218.619804][ T8975] netlink: 8 bytes leftover after parsing attributes in process `syz.3.869'.
[  218.741492][ T8983] binder: 8976:8983 ioctl 40789440 800003c0 returned -22
[  218.799771][ T8983] binder: 8976:8983 ioctl 40406f06 80000000 returned -22
[  218.889548][ T8987] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.871'.
[  220.418130][ T9008] loop4: detected capacity change from 0 to 7
[  220.425263][    C0] blk_print_req_error: 10 callbacks suppressed
[  220.425282][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.430976][    C0] buffer_io_error: 10 callbacks suppressed
[  220.430986][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.436233][    C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.439231][    C0] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.442085][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.445510][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.448594][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.451529][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.454255][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.457252][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.460117][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.463042][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.465657][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.468506][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.471105][ T9008] ldm_validate_partition_table(): Disk read failed.
[  220.473716][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.476652][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.479230][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.482179][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.484713][    C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.487582][    C1] Buffer I/O error on dev loop4, logical block 0, async page read
[  220.490210][ T9008] Dev loop4: unable to read RDB block 0
[  220.492745][ T9008]  loop4: unable to read partition table
[  220.495724][ T9008] loop4: partition table beyond EOD, truncated
[  220.498896][ T9008] loop_reread_partitions: partition scan of loop4 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  220.518735][ T9008] blktrace: Concurrent blktraces are not allowed on loop4
[  222.770631][ T8994] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  223.718244][ T9056] netlink: 96 bytes leftover after parsing attributes in process `syz.3.895'.
[  223.766386][ T9059] FAULT_INJECTION: forcing a failure.
[  223.766386][ T9059] name failslab, interval 1, probability 0, space 0, times 0
[  223.771523][ T9059] CPU: 1 UID: 0 PID: 9059 Comm: syz.2.894 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  223.771553][ T9059] Tainted: [L]=SOFTLOCKUP
[  223.771556][ T9059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  223.771563][ T9059] Call Trace:
[  223.771567][ T9059]  <TASK>
[  223.771572][ T9059]  dump_stack_lvl+0x100/0x190
[  223.771601][ T9059]  should_fail_ex.cold+0x5/0xa
[  223.771615][ T9059]  should_failslab+0xc2/0x120
[  223.771628][ T9059]  __kmalloc_cache_noprof+0x7a/0x6f0
[  223.771644][ T9059]  ? __inet_diag_dump_start+0x8e/0x8f0
[  223.771665][ T9059]  __inet_diag_dump_start+0x8e/0x8f0
[  223.771685][ T9059]  __netlink_dump_start+0x60e/0x990
[  223.771702][ T9059]  inet_diag_handler_cmd+0x282/0x2e0
[  223.771716][ T9059]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  223.771729][ T9059]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  223.771741][ T9059]  ? __pfx_inet_diag_dump+0x10/0x10
[  223.771754][ T9059]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  223.771768][ T9059]  ? sock_diag_lock_handler+0x10f/0x2e0
[  223.771789][ T9059]  sock_diag_rcv_msg+0x431/0x7a0
[  223.771807][ T9059]  netlink_rcv_skb+0x159/0x420
[  223.771821][ T9059]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  223.771839][ T9059]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.771862][ T9059]  netlink_unicast+0x585/0x850
[  223.771878][ T9059]  ? __pfx_netlink_unicast+0x10/0x10
[  223.771896][ T9059]  netlink_sendmsg+0x8b0/0xda0
[  223.771913][ T9059]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.771928][ T9059]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  223.771948][ T9059]  sock_write_iter+0x524/0x5a0
[  223.771962][ T9059]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.771976][ T9059]  ? __pfx_sock_write_iter+0x10/0x10
[  223.771999][ T9059]  do_iter_readv_writev+0x6ee/0x920
[  223.772012][ T9059]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  223.772025][ T9059]  ? bpf_lsm_file_permission+0x9/0x10
[  223.772035][ T9059]  ? security_file_permission+0x76/0x210
[  223.772050][ T9059]  ? rw_verify_area+0xce/0x6d0
[  223.772061][ T9059]  vfs_writev+0x360/0xe10
[  223.772076][ T9059]  ? __pfx_vfs_writev+0x10/0x10
[  223.772087][ T9059]  ? __schedule+0x325e/0x67a0
[  223.772105][ T9059]  ? __schedule+0x325e/0x67a0
[  223.772127][ T9059]  ? __fget_files+0x21f/0x3d0
[  223.772143][ T9059]  ? do_writev+0x28a/0x340
[  223.772153][ T9059]  do_writev+0x28a/0x340
[  223.772164][ T9059]  ? __pfx_do_writev+0x10/0x10
[  223.772176][ T9059]  ? exit_to_user_mode_loop+0xf3/0x670
[  223.772193][ T9059]  ? rcu_is_watching+0x12/0xc0
[  223.772205][ T9059]  ? rcu_is_watching+0x12/0xc0
[  223.772218][ T9059]  __do_fast_syscall_32+0xe7/0x970
[  223.772234][ T9059]  ? lockdep_hardirqs_on+0x78/0x100
[  223.772250][ T9059]  do_fast_syscall_32+0x32/0x70
[  223.772266][ T9059]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.772280][ T9059] RIP: 0023:0xf7fb3f7c
[  223.772289][ T9059] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  223.772299][ T9059] RSP: 002b:00000000f545550c EFLAGS: 00000292 ORIG_RAX: 0000000000000092
[  223.772309][ T9059] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000280
[  223.772316][ T9059] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  223.772322][ T9059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.772328][ T9059] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  223.772334][ T9059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.772347][ T9059]  </TASK>
[  224.341730][   T57] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  224.491921][   T57] usb 7-1: Using ep0 maxpacket: 8
[  224.495299][   T57] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  224.497941][   T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  224.500979][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  224.504066][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  224.507488][   T57] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  224.512152][   T57] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  224.515033][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.721612][   T57] usb 7-1: usb_control_msg returned -32
[  224.723373][   T57] usbtmc 7-1:16.0: can't read capabilities
[  224.775937][   T40] kauditd_printk_skb: 77 callbacks suppressed
[  224.775950][   T40] audit: type=1326 audit(1780736460.893:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.788648][   T40] audit: type=1326 audit(1780736460.893:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.798526][   T40] audit: type=1326 audit(1780736460.893:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.807780][   T40] audit: type=1326 audit(1780736460.893:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.816670][   T40] audit: type=1326 audit(1780736460.893:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.825472][   T40] audit: type=1326 audit(1780736460.893:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.834435][   T40] audit: type=1326 audit(1780736460.893:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.853566][   T40] audit: type=1326 audit(1780736460.893:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.863558][   T40] audit: type=1326 audit(1780736460.893:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  224.872777][   T40] audit: type=1326 audit(1780736460.903:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f7c code=0x7ffc0000
[  225.550759][ T9083] MINIX-fs: blocksize too small for device
[  225.558504][ T9085] infiniband syz1: set active
[  225.560765][ T9085] infiniband syz1: added veth1_vlan
[  225.647610][ T9085] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  225.650663][ T9085] infiniband syz1: Couldn't open port 1
[  225.654627][ T9085] smbdirect: ib_dev[syz1]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  225.658710][ T9085] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  225.664784][ T9085] smbdirect: ib_dev[syz1]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  225.690565][ T9085] RDS/IB: syz1: added
[  225.692684][ T9085] smc: adding ib device syz1 with port count 1
[  225.694786][ T9085] smc:    ib device syz1 port 1 has no pnetid
[  225.702590][ T9085] smc: removing ib device syz1
[  225.785845][ T9085] smbdirect: ib_dev[syz1] removed
[  225.861244][ T9085] ------------[ cut here ]------------
[  225.863164][ T9085] !xa_empty(&pool->xa)
[  225.863172][ T9085] WARNING: drivers/infiniband/sw/rxe/rxe_pool.c:116 at rxe_pool_cleanup+0x46/0x60, CPU#1: syz.1.899/9085
[  225.867881][ T9085] Modules linked in:
[  225.869398][ T9085] CPU: 1 UID: 0 PID: 9085 Comm: syz.1.899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  225.872684][ T9085] Tainted: [L]=SOFTLOCKUP
[  225.874010][ T9085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  225.877230][ T9085] RIP: 0010:rxe_pool_cleanup+0x46/0x60
[  225.879353][ T9085] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 29 48 83 bb 80 00 00 00 00 75 0b e8 d6 ee 52 f9 5b e9 d0 0f d5 02 e8 cb ee 52 f9 90 <0f> 0b 90 e8 c2 ee 52 f9 5b e9 bc 0f d5 02 e8 37 dc bf f9 eb d0 0f
[  225.886739][ T9085] RSP: 0018:ffffc9000632f0e0 EFLAGS: 00010246
[  225.888680][ T9085] RAX: 0000000000080000 RBX: ffff88805f7e5398 RCX: ffffc90028666000
[  225.891092][ T9085] RDX: 0000000000080000 RSI: ffffffff88b50cd5 RDI: ffff88805f7e5418
[  225.894190][ T9085] RBP: ffffffff88b368c0 R08: 0000000000000005 R09: 0000000000000000
[  225.897544][ T9085] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffffc9000632f610
[  225.900701][ T9085] R13: 0000000000000000 R14: ffff88806a5ec000 R15: ffffc9000632f5f0
[  225.903909][ T9085] FS:  0000000000000000(0000) GS:ffff88809728e000(0063) knlGS:00000000f5434b40
[  225.906917][ T9085] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  225.909615][ T9085] CR2: 0000000080000300 CR3: 00000000256b6000 CR4: 0000000000352ef0
[  225.912457][ T9085] Call Trace:
[  225.913771][ T9085]  <TASK>
[  225.915044][ T9085]  rxe_dealloc+0x25/0xc0
[  225.916802][ T9085]  ib_dealloc_device+0x49/0x230
[  225.918588][ T9085]  rxe_net_add+0xc1/0xf0
[  225.919984][ T9085]  rxe_newlink+0x9c/0x160
[  225.921777][ T9085]  nldev_newlink+0x3b0/0x620
[  225.923767][ T9085]  ? __pfx_nldev_newlink+0x10/0x10
[  225.925456][ T9085]  ? __pfx___might_resched+0x10/0x10
[  225.927101][ T9085]  ? security_capable+0x80/0x260
[  225.929110][ T9085]  ? ns_capable+0xd2/0xf0
[  225.930950][ T9085]  ? __pfx_nldev_newlink+0x10/0x10
[  225.932828][ T9085]  rdma_nl_rcv_msg+0x392/0x6f0
[  225.934611][ T9085]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  225.936788][ T9085]  ? __lock_acquire+0x4a5/0x2630
[  225.938780][ T9085]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  225.941510][ T9085]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  225.944430][ T9085]  ? netlink_deliver_tap+0x1ae/0xcc0
[  225.946574][ T9085]  netlink_unicast+0x585/0x850
[  225.948524][ T9085]  ? __pfx_netlink_unicast+0x10/0x10
[  225.950649][ T9085]  netlink_sendmsg+0x8b0/0xda0
[  225.952658][ T9085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.954788][ T9085]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  225.957068][ T9085]  ____sys_sendmsg+0x9e1/0xb70
[  225.958992][ T9085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.961110][ T9085]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.963435][ T9085]  ? __pfx___futex_wait+0x10/0x10
[  225.965601][ T9085]  ? __pfx_futex_wake_mark+0x10/0x10
[  225.967883][ T9085]  ___sys_sendmsg+0x190/0x1e0
[  225.969872][ T9085]  ? __pfx____sys_sendmsg+0x10/0x10
[  225.972092][ T9085]  ? find_held_lock+0x2b/0x80
[  225.974013][ T9085]  __sys_sendmsg+0x170/0x220
[  225.975870][ T9085]  ? __pfx___sys_sendmsg+0x10/0x10
[  225.977925][ T9085]  ? rcu_is_watching+0x12/0xc0
[  225.980068][ T9085]  __do_fast_syscall_32+0xe7/0x970
[  225.982560][ T9085]  do_fast_syscall_32+0x32/0x70
[  225.984730][ T9085]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  225.987343][ T9085] RIP: 0023:0xf7fb2f7c
[  225.988983][ T9085] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  225.996713][ T9085] RSP: 002b:00000000f543450c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  226.000786][ T9085] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000800002c0
[  226.004297][ T9085] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  226.007459][ T9085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.010615][ T9085] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  226.013582][ T9085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.016806][ T9085]  </TASK>
[  226.018101][ T9085] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  226.020829][ T9085] CPU: 1 UID: 0 PID: 9085 Comm: syz.1.899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  226.024581][ T9085] Tainted: [L]=SOFTLOCKUP
[  226.026323][ T9085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  226.030474][ T9085] Call Trace:
[  226.031964][ T9085]  <TASK>
[  226.033300][ T9085]  dump_stack_lvl+0x100/0x190
[  226.035439][ T9085]  vpanic+0x552/0x970
[  226.037036][ T9085]  ? __pfx_vpanic+0x10/0x10
[  226.038880][ T9085]  panic+0xd1/0xe0
[  226.040394][ T9085]  ? __pfx_panic+0x10/0x10
[  226.042220][ T9085]  check_panic_on_warn.cold+0x19/0x34
[  226.044355][ T9085]  ? rxe_pool_cleanup+0x46/0x60
[  226.046315][ T9085]  __warn.cold+0x191/0x328
[  226.048113][ T9085]  __report_bug+0x296/0x3d0
[  226.049971][ T9085]  ? rxe_pool_cleanup+0x46/0x60
[  226.051955][ T9085]  ? __pfx___report_bug+0x10/0x10
[  226.053986][ T9085]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  226.056249][ T9085]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  226.058583][ T9085]  ? rxe_pool_cleanup+0x46/0x60
[  226.060527][ T9085]  report_bug+0xb2/0x220
[  226.062269][ T9085]  ? rxe_pool_cleanup+0x46/0x60
[  226.064223][ T9085]  handle_bug+0x16a/0x2a0
[  226.065994][ T9085]  exc_invalid_op+0x17/0x50
[  226.067820][ T9085]  asm_exc_invalid_op+0x1a/0x20
[  226.069852][ T9085] RIP: 0010:rxe_pool_cleanup+0x46/0x60
[  226.072232][ T9085] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 29 48 83 bb 80 00 00 00 00 75 0b e8 d6 ee 52 f9 5b e9 d0 0f d5 02 e8 cb ee 52 f9 90 <0f> 0b 90 e8 c2 ee 52 f9 5b e9 bc 0f d5 02 e8 37 dc bf f9 eb d0 0f
[  226.080184][ T9085] RSP: 0018:ffffc9000632f0e0 EFLAGS: 00010246
[  226.082611][ T9085] RAX: 0000000000080000 RBX: ffff88805f7e5398 RCX: ffffc90028666000
[  226.085730][ T9085] RDX: 0000000000080000 RSI: ffffffff88b50cd5 RDI: ffff88805f7e5418
[  226.088946][ T9085] RBP: ffffffff88b368c0 R08: 0000000000000005 R09: 0000000000000000
[  226.092290][ T9085] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffffc9000632f610
[  226.095538][ T9085] R13: 0000000000000000 R14: ffff88806a5ec000 R15: ffffc9000632f5f0
[  226.098581][ T9085]  ? __pfx_rxe_dealloc+0x10/0x10
[  226.100570][ T9085]  ? rxe_pool_cleanup+0x45/0x60
[  226.102575][ T9085]  rxe_dealloc+0x25/0xc0
[  226.104284][ T9085]  ib_dealloc_device+0x49/0x230
[  226.105886][ T9085]  rxe_net_add+0xc1/0xf0
[  226.107222][ T9085]  rxe_newlink+0x9c/0x160
[  226.109005][ T9085]  nldev_newlink+0x3b0/0x620
[  226.111035][ T9085]  ? __pfx_nldev_newlink+0x10/0x10
[  226.113226][ T9085]  ? __pfx___might_resched+0x10/0x10
[  226.115363][ T9085]  ? security_capable+0x80/0x260
[  226.117272][ T9085]  ? ns_capable+0xd2/0xf0
[  226.118941][ T9085]  ? __pfx_nldev_newlink+0x10/0x10
[  226.121083][ T9085]  rdma_nl_rcv_msg+0x392/0x6f0
[  226.123037][ T9085]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  226.125122][ T9085]  ? __lock_acquire+0x4a5/0x2630
[  226.127132][ T9085]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  226.129638][ T9085]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  226.132418][ T9085]  ? netlink_deliver_tap+0x1ae/0xcc0
[  226.134431][ T9085]  netlink_unicast+0x585/0x850
[  226.136416][ T9085]  ? __pfx_netlink_unicast+0x10/0x10
[  226.138596][ T9085]  netlink_sendmsg+0x8b0/0xda0
[  226.140524][ T9085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.142698][ T9085]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  226.144896][ T9085]  ____sys_sendmsg+0x9e1/0xb70
[  226.146713][ T9085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.148359][ T9085]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.150364][ T9085]  ? __pfx___futex_wait+0x10/0x10
[  226.152281][ T9085]  ? __pfx_futex_wake_mark+0x10/0x10
[  226.154289][ T9085]  ___sys_sendmsg+0x190/0x1e0
[  226.156079][ T9085]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.158085][ T9085]  ? find_held_lock+0x2b/0x80
[  226.159938][ T9085]  __sys_sendmsg+0x170/0x220
[  226.161742][ T9085]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.163595][ T9085]  ? rcu_is_watching+0x12/0xc0
[  226.164998][ T9085]  __do_fast_syscall_32+0xe7/0x970
[  226.166831][ T9085]  do_fast_syscall_32+0x32/0x70
[  226.168843][ T9085]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.170878][ T9085] RIP: 0023:0xf7fb2f7c
[  226.172543][ T9085] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  226.179104][ T9085] RSP: 002b:00000000f543450c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  226.182137][ T9085] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000800002c0
[  226.184496][ T9085] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  226.187460][ T9085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.190172][ T9085] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  226.193124][ T9085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.196081][ T9085]  </TASK>
[  226.197781][ T9085] Kernel Offset: disabled
[  226.199503][ T9085] Rebooting in 86400 seconds..