last executing test programs:

57.800855584s ago: executing program 0 (id=559):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x20000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x4, 0xf}}, [@TCA_RATE={0x6, 0x5, {0xe, 0xff}}]}, 0x23}, 0x1, 0x0, 0x0, 0x40440c0}, 0x0)

57.57781727s ago: executing program 0 (id=562):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x0)
sendmmsg$inet6(r0, &(0x7f0000000140)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000100)={0x0, 0x0, 0x2}, 0x8)

57.401414236s ago: executing program 0 (id=563):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58)
listen(r1, 0x80)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x56, &(0x7f00000005c0)=ANY=[@ANYRESDEC, @ANYRES32=0x41424344, @ANYRES8=r1, @ANYRES16=r1], 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000170a01020000000000000000000000080900010073797a31015e0000c7310b5c9f93c7796d51ebe61772a89ed117503c7d38da"], 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a000000ff7f0000ff0f00000700000010010000", @ANYRES32, @ANYBLOB="000000000000004a43eaaa000000000000000000ed7bc2f1c5f04f62d1c127f1743d0ac67573b97024b9fd2df857c5ce7f5fe77ebacfbfa1343a55f36ff89afe08c12f5647619fd953c44be3cf1ee2cb8a0f187f51674dfc773bd7bb31933650e856dbcb1d3dc5a8c5c7dc20cd7ac33efce1620cd91a350b767e254d404ec47beadc891623dcdb891ff9f10e23ce97efdc66d9451fe350f36195f38287c4e76377c2eb9b56bc655a061b9f7edf5e24d1ed88e0758949eff4fa227aca352be37f645b7404fef7bcd26851a67ad1fa011d7906319750311d3b4a285f2533327e2a329e7a2429b7006e556c2e45316ca5aae538ab3eb7da1560fcef5de04c680ac24d2da88e56abda6f2c4ce36ea655e9a93422c76aa07d76b4271ac7a05f11af59157137d7fa5439375be395e95560d4b54c25b55ec35ee41dd3bc6831c43c83fb8ba55b1d7780f7eb", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000200"/28], 0x50)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84242, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x8)
sendto$inet6(r3, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='ufshcd_auto_bkops_state\x00', r4, 0x0, 0x100000002}, 0x18)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0x301, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
r5 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_io_uring_setup(0x1e1d, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x4008, r5}, 0x14)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x17, &(0x7f0000000000)=0x37, 0x4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000001000000ec0008809c000080500009804c000080060001000200000008000200ac1414aa0500030002000000060001000200000008000200e00000020500030001000000060001000200000008000200e0000001050003000100000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000200eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db7174c00008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff24000200491bc0be1dc1f88092e741a88b64f6dd9218ad21b44b472e44f1d0807ee6675c24000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6e1400020077673000"/306], 0x138}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)

56.220295437s ago: executing program 0 (id=571):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x358, 0x30, 0xc96f2b0dc02612b1, 0x71bd23, 0x25dfdbff, {}, [{0x344, 0x1, [@m_xt={0x1a8, 0xa, 0x0, 0x0, {{0x7}, {0x160, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x800}, @TCA_IPT_HOOK={0x8, 0x2, 0x3}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_HOOK={0x8, 0x2, 0x4}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_INDEX={0x8, 0x3, 0x4}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_TARG={0xe9, 0x6, {0x6, 'filter\x00', 0xff, 0x809f, "9cdf280c93948f446f8bc73b69e987fa6faf28acc2951dada558c77968d26668911dd50d438deed5c195a55e16b937a88464cfa2af78cb6ea39008ff21c8ea161b5c72c80c837c1a2f5f5fc7279f4e60dacd6133424e80457a746b25be6426d58b16a681c662b90e588352447c69e2558ba949840329ddea7887ecfa31f5935c43a6de161f4f979f0f0c82ab01c8c44887037129a24834097b895e27a435093547d60ef200fac7d800f3e5b96dd281a96cba83912bca7556ba799d5e06f7ff"}}]}, {0x24, 0x6, "0000dc240d80000008002d77ca5389f83ec4b31746c6addf01edfb115465b734"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_csum={0x4c, 0x34, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0xfffffffd, 0x3, 0x8, 0x9}, 0x43}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_sample={0xe4, 0xe, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x7, 0x9, 0x4, 0xff, 0x417}}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x5e}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x8000}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xe4bc}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x1, 0x6, 0x2, 0x1ad}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x52ad}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x3, 0x80e, 0x20000000, 0x20000000, 0x24c462d7}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8000, 0x1, 0x6, 0x7, 0x1}}]}, {0x35, 0x6, "7cdbdb61b7db7cec1766d8df5ca39998faa6a061a0c07bac8bb01d6629b91ed26d7752ed51c3984b12ed7046b0dbbe99f6"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_vlan={0x68, 0x11, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x3, 0x10001, 0x2, 0x5, 0xdbe1}, 0x1}}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x4f01, 0x8001, 0x7, 0x3, 0xfffffff4}, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}, 0x358}, 0x1, 0x0, 0x0, 0x4004000}, 0x50)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/config', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/101, 0x65)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$userio(0xffffff9c, &(0x7f0000000040), 0x80, 0x0)
write$USERIO_CMD_REGISTER(r2, &(0x7f0000000080)={0x0, 0x45}, 0x2)
openat$vcsu(0xffffff9c, &(0x7f00000000c0), 0x8400, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x8804, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socket(0x2d, 0x3, 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, 0x0, 0x0)
mremap(&(0x7f0000064000/0x3000)=nil, 0x3000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r6 = openat(0xffffffffffffff9c, 0x0, 0x20842, 0x4)
write$FUSE_STATFS(r6, 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
read$FUSE(r8, &(0x7f0000001740)={0x2020}, 0x2020)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10)
write(r3, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000001200090002000000", 0x24)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000005c0)={0x0, &(0x7f0000000580)})
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000340))

55.774540064s ago: executing program 0 (id=578):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000740)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000540)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0), &(0x7f0000000180)=[0x0, 0x0], &(0x7f0000000100)=[0x0], 0x3c3c3c3c3c3c415, 0x2, 0x7, 0x0, r1})
r2 = socket(0x2d, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a0b040000000000000000020000005c000480580001800a0001006d617463680000004800028008000240000000001c0003004cb43801b2486e8f58c2052fade1bc2c62cdeb7521cf85f60e0001007374617469737469630000000e000100636f6e6e62797465730000000900010073797a30000000000900020073797a32"], 0xb0}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x100000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
ioctl$TCSETAF(r4, 0x5408, &(0x7f00000001c0)={0xffff, 0x8, 0x0, 0x79, 0x3, "5acf8f53872ebc82"})
r5 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000800)={0xc, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
writev(r4, &(0x7f00000024c0), 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x3}, 0x90)

55.700660518s ago: executing program 0 (id=580):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x1003, 0xf0ff1f00000000)
r0 = syz_open_dev$evdev(&(0x7f00000041c0), 0x3, 0x20000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r1, 0x0, 0x28)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000004200)=0xaae)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c00f2e1a8f980c254ddb1010000000000000000006de7ef554c38d29cb7797706f45bf2217a30a8852a7881aa0613d62c42d582ff0aa2c2d7490765994691b0bb6ad344471bbfd57845becf43198f4b71b70d7c04322f7a6618457b790bc3f355e555c9c9135a1f923fc0a8f676617e4c99f916032e7b6401dfc0460e0e745b607c9e15f544219ac3eb142bed62a5efa05c957f7f692aaf06000077473b4c0051d4ceaad25c4572a7299f674a222ea5eddb021058cfc1509ac77369645a1d40addbb709160646072b38434f4eff7161c3424dd0164ea9c8e39948c658422236347c749ceb4518cc82c2ecd7bd", @ANYRES32=r3, @ANYBLOB="02000000"], 0x1c}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[0x0], 0x1})
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r6}})
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x10000020, 0x8001, 0x4, 0x401, 0x0, 0x4, 0xfa0d, 0xffffffff}, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, &(0x7f0000000040)={0x0, 0x0})

48.739139181s ago: executing program 1 (id=642):
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0xa, 0xb6a, 0xffff8000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x24040084)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000640)="1e35616b0e3c332845a81268ca6996efc87069828e43b9d2d57d5d79da3457b5c008b19ece88f8c0be2d62179a01ffffff7b2dc5f5", 0x35}], 0x1)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000280)={0x0, 0xffffffffffffff6b, &(0x7f0000000000)=[{&(0x7f0000000480)=""/52, 0x34}], 0x1, 0x0, 0xfffffffffffffc54}, 0x4c2103a0)
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='cubic', 0x5)

47.82104612s ago: executing program 1 (id=644):
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$vicodec1(0xffffff9c, &(0x7f0000000500), 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, @ax25={0x3, @null, 0x8}, @llc={0x1a, 0x104, 0x6, 0x1, 0x3, 0x43, @random="b1383a08745d"}, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)='bond0\x00', 0x4, 0x65, 0x1})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6_vti0\x00'})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000950000000000000085000000920000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48882, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000000)=0x200000000)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r6, 0x81044804, &(0x7f0000000400)={0x1, 0x2})
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="000304004000040309108ef7bae4676cad307a560ab1683d6b18f1a479c995511646a27bd9e172838d4bcbf9adc80f3fbe7b50217283ae0ddb7c62cde6a0ca1d4024a174ef6c5f72fb52c640dda33083a8762344b34fa159e78f067162571103b390e99a6ec0feb4037a5fea17b64cdb92b686e941e0bc0d8b2431607f3790a1d3a2a3a0817d077782056dd4a296794d36"], 0x0, 0x0}, 0x0)
write$vhost_msg_v2(r4, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000001900)=""/4096, 0x1000, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r4, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
dup(r2)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r8, 0x0, 0xd}, 0x18)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='oom_adj\x00')
write$cgroup_int(r9, &(0x7f0000000000)=0x1, 0x12)
close_range(r7, 0xffffffffffffffff, 0x0)
r10 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r10, 0x0, 0x486, &(0x7f0000000400), &(0x7f0000000480)=0xc)

45.791278475s ago: executing program 1 (id=651):
r0 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x237, &(0x7f0000000380)={0x0, 0x262e, 0x10100, 0x0, 0x170}, &(0x7f00000002c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
io_uring_enter(r5, 0x708, 0x41e3, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000000680)=<r8=>0x0)
io_pgetevents(r8, 0x2, 0x2, &(0x7f00000000c0)=[{}, {}], &(0x7f0000000700)={0x0, 0x3938700}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0x503, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0xf115}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x40000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000080)={{0x3, 0x3, 0x0, 0x0, 0x3}})
close_range(r9, r9, 0x400000000000000)
r10 = socket$inet_sctp(0x2, 0x5, 0x84)
r11 = socket(0x15, 0x5, 0x0)
bind$inet(r11, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
getsockopt(r11, 0x200000000114, 0x2716, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
setsockopt$inet_sctp_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f0000000000)={0x1, 0x2, 0x6, 0x3, 0x5, 0x83, 0x1, 0x76, 0x8, 0x4, 0x14, 0xd, 0x8b, 0x7}, 0xe)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xdd, &(0x7f0000000080)={@random="1509cf0916fb", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}, @val={@void, {0x8100, 0x1, 0x0, 0x3}}, {@llc_tr={0x11, {@llc={0xd4, 0xfc, 'r\v', "c07027c666823e8cc58053d0540d9e2ba84b6df1c702eabf09b92bb5cc5a637190b7de139eadb8b183f1845f9ff85730a376dc5140d693157c1a097d70f253acb67283bef193a41b11103c57b67c0187a953c73e260d2524c79bf2c06af91ea933b48f75ff95ceb826e5d07d829cd9827536183f1e1cc6e0ddb9688a896314c2516061ddcee56962de7ed6a3d78737f012f21c2fb061274f78900600d251e50d77e79fbdc4d6f1b5c16cacd62095a2a96eb7d12f1ddd6648d1ce5bc9b6599d3a5444fba5def085"}}}}}, 0x0)

45.208921835s ago: executing program 1 (id=654):
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0xa, 0xb6a, 0xffff8000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x24040084)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000640)="1e35616b0e3c332845a81268ca6996efc87069828e43b9d2d57d5d79da3457b5c008b19ece88f8c0be2d62179a01ffffff7b2dc5f5", 0x35}], 0x1)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000280)={0x0, 0xffffffffffffff6b, &(0x7f0000000000)=[{&(0x7f0000000480)=""/52, 0x34}], 0x1, 0x0, 0xfffffffffffffc54}, 0x4c2103a0)
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='cubic', 0x5)

44.307080418s ago: executing program 1 (id=660):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1010000, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x20)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@newsa={0x144, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0x0, 0x0, 0x4e24, 0x3}, {@in6=@empty, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, 0x0, 0x3502, 0x2}, [@algo_auth_trunc={0x4c, 0x14, {{'sha1\x00'}}}, @offload={0xc, 0x1c, {0x0, 0x1}}]}, 0x144}}, 0x0)

44.20108339s ago: executing program 1 (id=661):
socket(0x10, 0x1, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f00000001c0)=""/4096)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000200025a729bd7000fddbdf250a0000cdff00000102000100080006000000000008000d00060000001400110062"], 0x40}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000300)={0xa, 0x4e21, 0xffffffff, @remote, 0x6}, 0x1c)
sendmsg$inet6(r5, &(0x7f0000000440)={&(0x7f0000000000)={0xa, 0x4e24, 0xfff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000200)="21ff7a", 0x3}], 0x1}, 0x40)
shutdown(r5, 0x1)
getsockopt$bt_hci(r5, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
socket$netlink(0x10, 0x3, 0x0)
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)

40.671606935s ago: executing program 32 (id=580):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x1003, 0xf0ff1f00000000)
r0 = syz_open_dev$evdev(&(0x7f00000041c0), 0x3, 0x20000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r1, 0x0, 0x28)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000004200)=0xaae)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c00f2e1a8f980c254ddb1010000000000000000006de7ef554c38d29cb7797706f45bf2217a30a8852a7881aa0613d62c42d582ff0aa2c2d7490765994691b0bb6ad344471bbfd57845becf43198f4b71b70d7c04322f7a6618457b790bc3f355e555c9c9135a1f923fc0a8f676617e4c99f916032e7b6401dfc0460e0e745b607c9e15f544219ac3eb142bed62a5efa05c957f7f692aaf06000077473b4c0051d4ceaad25c4572a7299f674a222ea5eddb021058cfc1509ac77369645a1d40addbb709160646072b38434f4eff7161c3424dd0164ea9c8e39948c658422236347c749ceb4518cc82c2ecd7bd", @ANYRES32=r3, @ANYBLOB="02000000"], 0x1c}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[0x0], 0x1})
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r6}})
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x10000020, 0x8001, 0x4, 0x401, 0x0, 0x4, 0xfa0d, 0xffffffff}, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, &(0x7f0000000040)={0x0, 0x0})

29.156937475s ago: executing program 33 (id=661):
socket(0x10, 0x1, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f00000001c0)=""/4096)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000200025a729bd7000fddbdf250a0000cdff00000102000100080006000000000008000d00060000001400110062"], 0x40}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000300)={0xa, 0x4e21, 0xffffffff, @remote, 0x6}, 0x1c)
sendmsg$inet6(r5, &(0x7f0000000440)={&(0x7f0000000000)={0xa, 0x4e24, 0xfff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000200)="21ff7a", 0x3}], 0x1}, 0x40)
shutdown(r5, 0x1)
getsockopt$bt_hci(r5, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
socket$netlink(0x10, 0x3, 0x0)
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)

9.300308698s ago: executing program 3 (id=882):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0xfe18}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000400)={0x0, 0x1, &(0x7f00000002c0)=[0x0], 0x0, 0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f0000000340)=@loop={'/dev/loop', 0x0}, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='devpts\x00', 0x0, 0x0)
getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f00000001c0))
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r5, &(0x7f0000003980)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_ATTR(r5, &(0x7f0000000240)={0x78, 0x0, r6, {0x2000000007, 0x0, 0x0, {0x0, 0x0, 0x55, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x1ff, 0xa000}}}, 0x78)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}]}, 0x2c}}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r8 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x280, 0x0)
ioctl$SNDCTL_SEQ_TESTMIDI(r8, 0x40045108, &(0x7f0000000380)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r7}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_pktinfo(r9, 0x29000000, 0x8, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$SEG6(&(0x7f00000002c0), r4)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3400ee795355b12cb377414e238bb129a1e6969bc129437eaeecd7bdc4b88b33359f7fae06680d726d5480c85d4b0524d7f530", @ANYRES16=r10, @ANYBLOB="01000000000000000000010000000500050001000000080004000000000005000600000000000800030001000000"], 0x34}}, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c0001800600060088470000200002"], 0x44}, 0x1, 0x0, 0x0, 0x400c0c0}, 0x801)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a31000000fc2cb3a761c937c2c6c8a4f3e1ea4b9000050005000a00000012000300"], 0x4c}}, 0x2)
ioctl$DRM_IOCTL_MODE_GETENCODER(r2, 0xc01464a6, &(0x7f0000000140))
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, 0x0)

9.179262063s ago: executing program 3 (id=885):
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000))
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
unlink(&(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a2010203010902240001000000000904000002923350000905f402ff030000000905ba"], 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, 0x0)
setpgid(0x0, r3)
mount$tmpfs(0x0, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1000810, 0x0)
gettid()
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r0], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x6040000})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004000)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x4}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x4000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x8512}, {0x0, 0x0, 0x0, 0x80000001}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r7, 0x890b, &(0x7f0000000140)={0xfd00, @l2tp={0x2, 0x0, @local, 0x3, 0x1000000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, @ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1}, 0x4fe, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xfd, 0xffffffff})
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x28, 0x32, 0x6dd711a25f4cb68b, 0x200, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x28}}, 0x0)

6.498685242s ago: executing program 2 (id=901):
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$vicodec1(0xffffff9c, &(0x7f0000000500), 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, @ax25={0x3, @null, 0x8}, @llc={0x1a, 0x104, 0x6, 0x1, 0x3, 0x43, @random="b1383a08745d"}, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)='bond0\x00', 0x4, 0x65, 0x1})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6_vti0\x00'})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000950000000000000085000000920000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48882, 0x0)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r4, 0x81044804, &(0x7f0000000400)={0x1, 0x2})

6.090693638s ago: executing program 3 (id=903):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0xaa001)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x10, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000600)={0x0, 0x0, r2, r3, 0x94, 0x8, 0x9, 0x1ff, {0x8, 0x0, 0xffff, 0x41, 0x6, 0x3, 0x6, 0x3, 0x6, 0x3a, 0x4, 0x9, 0xffffffff, 0xff, "e277757ff8f6376a2bea41916e0300000000000000ed88c15fad5fd3d8c7ff15"}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x22}, 0x2)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = socket(0xa, 0x3, 0x3a)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000006b40)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000006c00)=""/4099, 0x1003}, {&(0x7f00000004c0)=""/132, 0x84}, {&(0x7f0000000680)=""/185, 0xb9}, {&(0x7f0000000580)=""/126, 0x7e}], 0x4, &(0x7f0000000780)=""/240, 0xf0}, 0x7}, {{0x0, 0xffffffffffffffee, &(0x7f0000000b00)=[{&(0x7f0000000880)=""/117, 0x75}, {&(0x7f0000000900)=""/95, 0x5f}, {&(0x7f0000001a00)=""/203, 0xcb}, {&(0x7f0000001b00)=""/206, 0xce}, {&(0x7f0000000980)=""/39, 0x27}, {&(0x7f0000000a00)=""/248, 0xf8}], 0x6, &(0x7f0000000b40)=""/179, 0xb3}, 0x94}, {{&(0x7f0000001d00)=@nfc_llcp, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001d80)=""/110, 0x6e}], 0x1, &(0x7f0000000c00)=""/156, 0x9c}, 0x1}, {{0x0, 0x0, &(0x7f0000003100)=[{&(0x7f0000001f00)=""/192, 0xc0}, {&(0x7f0000001fc0)=""/228, 0xe4}, {&(0x7f00000020c0)=""/23, 0x17}, {&(0x7f0000002100)=""/4096, 0x1000}], 0x4, &(0x7f0000003140)=""/227, 0xe3}, 0x7f}, {{&(0x7f0000003240)=@x25={0x9, @remote}, 0x80, &(0x7f0000006580)=[{&(0x7f00000032c0)=""/4096, 0x1000}, {&(0x7f00000042c0)=""/216, 0xd8}, {&(0x7f00000043c0)=""/121, 0x79}, {&(0x7f0000004440)=""/50, 0x32}, {&(0x7f0000004480)=""/34, 0x22}, {&(0x7f00000044c0)=""/4096, 0x1000}, {&(0x7f00000054c0)=""/4096, 0x1000}, {&(0x7f00000064c0)=""/132, 0x84}], 0x8, &(0x7f0000000f40)=""/22, 0x16}, 0xb}, {{&(0x7f0000006600)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000000f00)=[{&(0x7f0000006680)=""/144, 0x90}, {&(0x7f0000006740)=""/223, 0xdf}, {&(0x7f0000006840)=""/236, 0xec}, {&(0x7f0000006940)=""/202, 0xca}, {&(0x7f0000000cc0)=""/191, 0xbf}, {&(0x7f0000000d80)=""/239, 0xef}, {&(0x7f0000000e80)=""/98, 0x62}], 0x7, &(0x7f0000006a80)=""/185, 0xb9}, 0xfffffff8}], 0x6, 0x2, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0xf, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
ioctl$USBDEVFS_ALLOC_STREAMS(r6, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="4a9800000a00000081ec00000486060b830eeaa1144eb44e4c8ac08e6a6eac4a860fdc1851ddab64fe213700008c63f0c84444fdb3d33f1cee37d289ff436030da41bf010000005b3b3b09551036"])
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x7, 0x0, 0xff, "fcff072b00"})
getsockopt$inet_pktinfo(r7, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_xfrm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[], 0x2e0}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c56096c590001040d007000fadb107c0844b9c9", @ANYRES16=r5, @ANYBLOB="900100008ba5072f1c00128009000100626f6e64000000000c00028005001600000000"], 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x200080d1)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x8040)
memfd_secret(0x0)
ppoll(0x0, 0x0, &(0x7f0000000280)={0x77359400}, 0x0, 0x0)

5.90064103s ago: executing program 2 (id=906):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r3, 0x0, 0x1}, 0x18)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x8, 0xc, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000b40)={{r6}, &(0x7f0000000ac0), &(0x7f0000000b00)='%+9llu \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r7}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r5, 0x0, 0x1}, 0x18)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

5.170943726s ago: executing program 3 (id=910):
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$vicodec1(0xffffff9c, &(0x7f0000000500), 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={0x0, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, @ax25={0x3, @null, 0x8}, @llc={0x1a, 0x104, 0x6, 0x1, 0x3, 0x43, @random="b1383a08745d"}, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)='bond0\x00', 0x4, 0x65, 0x1})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6_vti0\x00'})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000950000000000000085000000920000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48882, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000000)=0x200000000)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r6, 0x81044804, &(0x7f0000000400)={0x1, 0x2})
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="000304004000040309108ef7bae4676cad307a560ab1683d6b18f1a479c995511646a27bd9e172838d4bcbf9adc80f3fbe7b50217283ae0ddb7c62cde6a0ca1d4024a174ef6c5f72fb52c640dda33083a8762344b34fa159e78f067162571103b390e99a6ec0feb4037a5fea17b64cdb92b686e941e0bc0d8b2431607f3790a1d3a2a3a0817d077782056dd4a296794d36"], 0x0, 0x0}, 0x0)
write$vhost_msg_v2(r4, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000001900)=""/4096, 0x1000, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r4, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
dup(r2)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r8, 0x0, 0xd}, 0x18)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='oom_adj\x00')
close_range(r7, 0xffffffffffffffff, 0x0)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r9, 0x0, 0x486, &(0x7f0000000400), &(0x7f0000000480)=0xc)

5.150548537s ago: executing program 4 (id=911):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, 0x0, 0x0, 0x4000014, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @sack_perm, @timestamp, @sack_perm, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x5b)
connect$vsock_stream(r4, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)

3.750668207s ago: executing program 2 (id=912):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000280)={'veth1_to_bridge\x00', {0x2, 0x4e21, @multicast2}})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x0, &(0x7f0000000200)})
userfaultfd(0x80801)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0x40082104, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2000000, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
recvmsg$inet_nvme(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000000c0)=""/135, 0x87}, {&(0x7f0000000000)=""/19, 0x13}, {&(0x7f0000000180)=""/31, 0x1f}, {&(0x7f00000002c0)=""/97, 0x61}, {&(0x7f0000000340)=""/152, 0x98}, {&(0x7f0000000500)=""/252, 0xfc}, {&(0x7f0000000400)=""/70, 0x46}, {&(0x7f0000000200)=""/16, 0x10}, {&(0x7f0000000600)=""/3, 0x3}, {&(0x7f0000000640)=""/107, 0x6b}], 0xa, &(0x7f0000001440)=""/4096, 0x1000}, 0x40000000)
ioctl$RTC_EPOCH_SET(r4, 0x4004700e, 0x800)
r5 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r5, 0x42, 0x1ff)

2.746042684s ago: executing program 4 (id=914):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x86, 0x6, 0x0, 0x7fff0006}]})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair(0x1e, 0x1, 0x200, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x4, &(0x7f0000000180)={0x80, 0xc7})
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fsmount(0xffffffffffffffff, 0x1, 0x70)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
socket$kcm(0x29, 0x5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNDEL(r4, 0x400442c9, &(0x7f00000001c0)={0xfffffff9, @remote})
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000140)=0x11)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000180)=0xd0)
r5 = socket$kcm(0x29, 0x2, 0x0)
r6 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r6, &(0x7f00000003c0)=[{&(0x7f0000000480)}, {&(0x7f0000000280)="111ec20239e272abb2cedf053d666ab41bdf031bdcaca63b9856f15d16d909ca3d83d93e22b370e9df36dc459b", 0x2d}], 0x2, 0x4000001, 0x0)
sendfile(r5, r6, 0x0, 0x8000fb00)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x8240, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r7, 0x40046207, 0x0)

2.266044524s ago: executing program 5 (id=917):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = syz_io_uring_setup(0x5a19, &(0x7f0000000800)={0x0, 0xd605, 0x40, 0x3, 0x287}, &(0x7f0000000880), &(0x7f00000008c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0500000000000000000003000000400001802c0004001400010002004e23ac1414bb00000000000000001400020002000000ac1e01010000000000000000e5ff01007564703a7b797a3100000000"], 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000080000000017000000400006803c0004"], 0x54}}, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x8, 0x6c033, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000f80)={0x0, 0x0, 0x9}, 0x1)
syz_open_dev$sndctrl(&(0x7f0000000380), 0x1ff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x140, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x12c, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0xe4, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0xa0, 0x6, "c3ed1ece600cb0f425939f8a9ea2b7273b331fbd0a9df4eef98fc62985606f46d4e084d5b16066741abfd5ca0047e7d779be55fd82228005ceb4cb139efc7aec88735896ebff3aa1383fb5e2c7b7f326e9759a0733c3982d378b3730c12d49b6f94dbd7215bf6bd05586282f0c21c29d157d1f11fdca5493880cd38c27e0bd9ef01d33e1d852c6ed6f5fa2248914aa45e7b1537ca59385348dcd537a"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
prlimit64(r4, 0x0, 0x0, &(0x7f00000001c0))
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x4)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x15)
writev(r7, &(0x7f0000000280), 0x0)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEY(r8, 0x110, 0x1, &(0x7f0000000300)='GPL\x00', 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4)

1.810817779s ago: executing program 2 (id=918):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=@newtfilter={0x78, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0xffe0}, {}, {0x8, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x48, 0x2, [@TCA_CGROUP_EMATCHES={0x44, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x34, 0x1, 0x0, 0x0, {{0x7, 0x9, 0x4}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7}]}}]}]}]}}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

1.810258511s ago: executing program 4 (id=919):
r0 = openat(0xffffffffffffff9c, 0x0, 0x64040, 0xd0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000040)=@gcm_128={{0x304}, "bef09ef7b48f82b5", "b521a315dce57d76771a264c3ea5177e", "9a10cb40", "fb8a64337a010651"}, 0x28)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x9)

1.74098999s ago: executing program 4 (id=920):
r0 = socket(0x2, 0x3, 0xff)
sendmmsg$inet(r0, &(0x7f0000000ec0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10, 0x0}}], 0x1, 0x10)

1.740481737s ago: executing program 4 (id=921):
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0xa, 0xb6a, 0xffff8000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x24040084)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000640)="1e35616b0e3c332845a81268ca6996efc87069828e43b9d2d57d5d79da3457b5c008b19ece88f8c0be2d62179a01ffffff7b2dc5f5", 0x35}], 0x1)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000280)={0x0, 0xffffffffffffff6b, &(0x7f0000000000)=[{&(0x7f0000000480)=""/52, 0x34}], 0x1, 0x0, 0xfffffffffffffc54}, 0x4c2103a0)
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='cubic', 0x5)

1.646081943s ago: executing program 2 (id=922):
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0xa, 0xb6a, 0xffff8000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x24040084)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000640)="1e35616b0e3c332845a81268ca6996efc87069828e43b9d2d57d5d79da3457b5c008b19ece88f8c0be2d62179a01ffffff7b2dc5f5", 0x35}], 0x1)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000280)={0x0, 0xffffffffffffff6b, &(0x7f0000000000)=[{&(0x7f0000000480)=""/52, 0x34}], 0x1, 0x0, 0xfffffffffffffc54}, 0x4c2103a0)
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000200)='cubic', 0x5)

1.291111168s ago: executing program 5 (id=923):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x20, &(0x7f0000000200)="df33c9f7b9a60000000000002000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.290606017s ago: executing program 3 (id=924):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0xfe18}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000400)={0x0, 0x1, &(0x7f00000002c0)=[0x0], 0x0, 0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f0000000340)=@loop={'/dev/loop', 0x0}, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='devpts\x00', 0x0, 0x0)
getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f00000001c0))
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r5, &(0x7f0000003980)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_ATTR(r5, &(0x7f0000000240)={0x78, 0x0, r6, {0x2000000007, 0x0, 0x0, {0x0, 0x0, 0x55, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x1ff, 0xa000}}}, 0x78)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}]}, 0x2c}}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r8 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x280, 0x0)
ioctl$SNDCTL_SEQ_TESTMIDI(r8, 0x40045108, &(0x7f0000000380)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r7}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_pktinfo(r9, 0x29000000, 0x8, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$SEG6(&(0x7f00000002c0), r4)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3400ee795355b12cb377414e238bb129a1e6969bc129437eaeecd7bdc4b88b33359f7fae06680d726d5480c85d4b0524d7f530", @ANYRES16=r10, @ANYBLOB="01000000000000000000010000000500050001000000080004000000000005000600000000000800030001000000"], 0x34}}, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c0001800600060088470000200002"], 0x44}, 0x1, 0x0, 0x0, 0x400c0c0}, 0x801)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a31000000fc2cb3a761c937c2c6c8a4f3e1ea4b9000050005000a00000012000300"], 0x4c}}, 0x2)
ioctl$DRM_IOCTL_MODE_GETENCODER(r2, 0xc01464a6, &(0x7f0000000140)={0x0, 0x0, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000001c0)={&(0x7f0000000100)=[0x0], 0x1, r12})

1.290279421s ago: executing program 5 (id=925):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000c80)=[{{&(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000280)="d94c490aeb7c5a80f72eb3f74794b57768a21616ea970c13459bbb207ca83bc70f5605f50de619a3bc4cc5dde8a8a5baee72586bd0b7e24e50a5c5b28d98f89c10d74df604784f402b61576fd219", 0x4e}, {&(0x7f0000000300)="c550fb81f60713f177f8cb5d16ce39e867d0b620e2bb9430af7cace459a5ababd8d3ac77b0d3c293bcf5fa651dacbe0a7aa8ba9fa9a598d6b8da", 0x3a}, {&(0x7f0000000640)="d11a1b78a076ae75e06c487e7f2053c15b48f369f1baff8434540a920c6133dc9be99de30e9fdadff7852adb52751a66f1510d0057866d763294170992fea2855ce600593bacc521c13e11bd9dff96cb7b606e6f367554c587331825a15afd7defefc1b357e0b99ccf99749b7008b54ba0f7afe79cf471d1065ab6d25c278761d7ee02b10dec13f08101be63ff311c0268bb78ceea2361a94e79389e5264ba93e5f995d0802cb6e3a2479ab50555fdfb", 0xb0}, {&(0x7f0000000700)="67ac455c10d3c71e471182d8e5f3bc5f9807b4f17434fa0ffc46879c0c427fd4561f8fc495b461ce6801fb0b97a2e0fb8d5e725a40d0e15e9760f680032edb70bef27029ababdb1bcb6545d14e9bdde6df26e7ef4b6930ecf9945a56ee41a6d8d0c581195f5fdf36b5e718d610188a22e61765fbcc39ac49ae377c4d507e71285dba3e707f66ac00fbefaa8d0213c3169348386b251f5c394b4d652840bd01b74055bc5993aae0936ed78e9fd999bd3ee015064cf61a13295ae08f71590b28d0dfea3562dd18801418", 0xc9}, {&(0x7f0000000540)="7fbd897901cebc97f36895d4d216dbda7670630f1553247561b90983687a4d99456ac325843061e3dfef2245ac082858291edb8752fb18b70827313bc1fbe412518002ddd6c8a8d33be1b9a36af965aa0034cd08a8a2f2314cf52b29c2f38d1b5283ab22ea6c0926d0a8fafd8a887da4465eb1360183", 0x76}], 0x5, 0x0, 0x0, 0x20}}, {{&(0x7f0000000840)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000b80)=[{&(0x7f00000008c0)="2b5f3f8c949244696673cd9e7c6c28cc4677207250572e81452ea44a01f2f39c3847b660695cc65b1bd5f3fb2949fb0931ee4441fa69f6f555c839c01e3dbf4de7e211bef51513a2c916fa5bd97958b703323a00f35e138e2a4ffb218d27309a148b804b24a636bc146c0d42a80bde7ec5145962435b668d74ec68d0cb89d0873b33c988809e67d0b860375d70bd4ac11845379fcbc72068111915a6d9325cfa85266a130847e60705a64819df8ede33b4b487a29bccabc9b030b34830e97aca3979da95988bff9280c682ee367e1694b6e2b24db3", 0xd5}, {&(0x7f00000009c0)="108f830dfc7a0c0ecdb2744ae1984fef4311893ff481b62d3a4efbba7f4234797344f8cd8784f90e86d3fbd31843936356d8d1864a43bce9c69f943a9b90d8cb0672b64d72d28bb790db2c8241b9582a8cddd185458e5065f6791898be01bcbcdc1e04ce6ce83c6c33dd9a205cc6ce3bc6a46317a7fd64a73d334c41aaefa96df9b857a133a93fd9d062921937a8462b653b688643733f9596e0c42d95d2ddb30964eb7e6b06c51cef447b06633e4b111a76002be75ed209f3605226c1cbecccf9f91d3815b113071aabf01833399eae08eab2d3e5ba4863467b407d3d632876795eb170eabf79139591cd07b6b326314030ed3d", 0xf4}, {&(0x7f0000000ac0)="36622ce26f6a6aa2db6cf737e6fd4bd13a0a189cbbd01c0a768e56fa473281aa6df1ada1978f8ea078476d3065c7467dcfe542762cf6403e188cc4c4faab5e4da2e2c2b5b576833df80e560c9f8ff3e6af1a1294c0635e8365e758f6616f5d3e95de6184267fcb42d6ced23c82bb4712bcbe6a5da5c6e277055c01dc211c3612ff943ed895a13c44c11a908f0fccdbd38f067cbfe0d4ee590fe1c757d40d5c768550f1d5e37166298c5a0a866978371077dd4c402e895b", 0xb7}], 0x3, &(0x7f0000000c40)=[@cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0x18, 0x2404c001}}], 0x2, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000600)={0x2, 0x16, 0x3, 0x3, 0x2, 0x0, 0x70bd2d, 0x25dfdbff}, 0x10}}, 0x804)
r4 = dup(r2)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r5, &(0x7f00000003c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r5, &(0x7f0000000080), 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {}, 0x1})
syz_io_uring_setup(0x4850, &(0x7f0000000140)={0x0, 0x171a, 0x80}, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
r6 = socket(0x10, 0x3, 0x9)
setresuid(0xee01, 0xee01, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000d00)={{0x14, 0x3f8}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x2}}], {0x14, 0x3f2, 0x1, 0x0, 0x0, {0x1}}}, 0x3c}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r7 = msgget$private(0x0, 0x6c2)
msgsnd(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x003'], 0x2000, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r8 = socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg(r8, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)="fe", 0x1}], 0x1}}], 0x1, 0x40002)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000040)={'gre0\x00', 0x0, 0x10, 0x8097, 0x4, 0x9, {{0x16, 0x4, 0x1, 0x4, 0x58, 0x64, 0x0, 0x2, 0x4, 0x0, @private=0xa010102, @loopback, {[@generic={0x88, 0x11, "daf2ae7440ccb478f5a4a46fec1ca2"}, @cipso={0x86, 0x10, 0x0, [{0x1, 0x5, "18e8ad"}, {0x2, 0x5, "a82aa4"}]}, @rr={0x7, 0x23, 0x67, [@rand_addr=0x64010102, @broadcast, @empty, @multicast1, @loopback, @local, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}})

1.203212408s ago: executing program 2 (id=926):
r0 = syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x20400)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$cdc_ecm(0x5, 0x77, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x65, 0x1, 0x1, 0x2, 0xe0, 0xc, [{{0x9, 0x4, 0x0, 0xff, 0x3, 0x2, 0x6, 0x0, 0x5, {{0xb, 0x24, 0x6, 0x0, 0x0, "86757f6d2038"}, {0x5, 0x24, 0x0, 0x7f}, {0xd, 0x24, 0xf, 0x1, 0x41b, 0x20, 0x9, 0xb}, [@country_functional={0xc, 0x24, 0x7, 0x3, 0x1, [0xa, 0x0, 0x1]}, @mbim_extended={0x8, 0x24, 0x1c, 0x5, 0x2, 0x59f6}, @dmm={0x7, 0x24, 0x14, 0x40, 0xd74}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0x9, 0x8, 0x7d}}], {{0x9, 0x5, 0x82, 0x2, 0x10, 0x1, 0xff, 0xf7}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0xa, 0x7, 0xff}}}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x4, 0x10, 0xe1, 0x20, 0x3}, 0xc0, &(0x7f00000002c0)={0x5, 0xf, 0xc0, 0x5, [@wireless={0xb, 0x10, 0x1, 0xe, 0x42, 0xff, 0x2, 0xf, 0xff}, @wireless={0xb, 0x10, 0x1, 0xc, 0x14, 0x8, 0x3, 0x40, 0x9}, @wireless={0xb, 0x10, 0x1, 0xc, 0x40, 0x5, 0x7, 0x8, 0xff}, @ptm_cap={0x3}, @generic={0x97, 0x10, 0x2, "5ab6e12df4854c572eab9491dd69c5ca1e28f412d31fd7e05de5f466093c8553ade4580bfa111079c15107d1f722a66ef1ae6fcca319fd55c0dc369f453b637663f52f9b20add3bbc770c15a0c1de9a21b74434075b9b05a7596d9481a0c6311b12c12f811241d70aa303b6dc9919e75a9722e39062b414e499919e63142aded4c2df5fa83c66ef5567f021666f4d12c7fc09351"}]}, 0x2, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xf4ff}}, {0xb7, &(0x7f00000003c0)=@string={0xb7, 0x3, "9f44084f3ee25230fad4795f0ef95b7e983fa13c850de680a9bad0d6587ee9d4309eee46436ad6fed6eb68864bdb6d30cf9ce7c6c68d6c2b8d938944e6a2c141e283d341724a07e348eef02d0c1ed685a604835093a762320b8fbbda54843bfe470ceb8aae103dfd4df7194c929a5946d2d0d466b2ca379393457923767cee4b001455b87093d2f7ce315d4cbc4c49de559aa4a5a708c5b6c2f6fc5a1e204de84b158eebcb83d47f8a1abd44013fdfc8bb07ed7e84"}}]})
syz_usb_ep_write(r0, 0x40, 0xfd, &(0x7f00000004c0)="1ff9baebde7b8c2cf4ac8b638d3d2e311a2382987937af8bf0eaa6704a967ea0b958092226ed084d93ebb4949e5b7394bb9e13f84a0347e373efe39995e27691a5990be362c7bba112d7938e8f33a64e350910eb2761622f32cb9fdebedcd4d4096f29a00611421eaee732cc56a38bd0e4c5b089942be61d31c5fd64d987621eb5e882eb0d6b5e75b90c95d4ce4f3e404cc34c49b2b1a65039a66e0b9a9e875844255f09e14e29b2a420b8cc9abadbe48ea354e14e85298a6e9ec37343d77de59004db0e4bd237016e2af99bee50c06dfec63d218b1eeb094237f0918fe04b289e5e1bf1837d5d80d92813138daaa2d70bec72e0f315032ac09b364203")
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='bridge0\x00', 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
write(r4, &(0x7f00000000c0)="2cd889f035a53e14f3", 0x9)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x54, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x8], 0x0, 0x0, 0x1}}, 0x40)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x4, 0x0, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185)

1.149050809s ago: executing program 3 (id=927):
r0 = syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x20400)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$cdc_ecm(0x5, 0x77, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x65, 0x1, 0x1, 0x2, 0xe0, 0xc, [{{0x9, 0x4, 0x0, 0xff, 0x3, 0x2, 0x6, 0x0, 0x5, {{0xb, 0x24, 0x6, 0x0, 0x0, "86757f6d2038"}, {0x5, 0x24, 0x0, 0x7f}, {0xd, 0x24, 0xf, 0x1, 0x41b, 0x20, 0x9, 0xb}, [@country_functional={0xc, 0x24, 0x7, 0x3, 0x1, [0xa, 0x0, 0x1]}, @mbim_extended={0x8, 0x24, 0x1c, 0x5, 0x2, 0x59f6}, @dmm={0x7, 0x24, 0x14, 0x40, 0xd74}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0x9, 0x8, 0x7d}}], {{0x9, 0x5, 0x82, 0x2, 0x10, 0x1, 0xff, 0xf7}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0xa, 0x7, 0xff}}}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x4, 0x10, 0xe1, 0x20, 0x3}, 0xc0, &(0x7f00000002c0)={0x5, 0xf, 0xc0, 0x5, [@wireless={0xb, 0x10, 0x1, 0xe, 0x42, 0xff, 0x2, 0xf, 0xff}, @wireless={0xb, 0x10, 0x1, 0xc, 0x14, 0x8, 0x3, 0x40, 0x9}, @wireless={0xb, 0x10, 0x1, 0xc, 0x40, 0x5, 0x7, 0x8, 0xff}, @ptm_cap={0x3}, @generic={0x97, 0x10, 0x2, "5ab6e12df4854c572eab9491dd69c5ca1e28f412d31fd7e05de5f466093c8553ade4580bfa111079c15107d1f722a66ef1ae6fcca319fd55c0dc369f453b637663f52f9b20add3bbc770c15a0c1de9a21b74434075b9b05a7596d9481a0c6311b12c12f811241d70aa303b6dc9919e75a9722e39062b414e499919e63142aded4c2df5fa83c66ef5567f021666f4d12c7fc09351"}]}, 0x2, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xf4ff}}, {0xb7, &(0x7f00000003c0)=@string={0xb7, 0x3, "9f44084f3ee25230fad4795f0ef95b7e983fa13c850de680a9bad0d6587ee9d4309eee46436ad6fed6eb68864bdb6d30cf9ce7c6c68d6c2b8d938944e6a2c141e283d341724a07e348eef02d0c1ed685a604835093a762320b8fbbda54843bfe470ceb8aae103dfd4df7194c929a5946d2d0d466b2ca379393457923767cee4b001455b87093d2f7ce315d4cbc4c49de559aa4a5a708c5b6c2f6fc5a1e204de84b158eebcb83d47f8a1abd44013fdfc8bb07ed7e84"}}]})
syz_usb_ep_write(r0, 0x40, 0xfd, &(0x7f00000004c0)="1ff9baebde7b8c2cf4ac8b638d3d2e311a2382987937af8bf0eaa6704a967ea0b958092226ed084d93ebb4949e5b7394bb9e13f84a0347e373efe39995e27691a5990be362c7bba112d7938e8f33a64e350910eb2761622f32cb9fdebedcd4d4096f29a00611421eaee732cc56a38bd0e4c5b089942be61d31c5fd64d987621eb5e882eb0d6b5e75b90c95d4ce4f3e404cc34c49b2b1a65039a66e0b9a9e875844255f09e14e29b2a420b8cc9abadbe48ea354e14e85298a6e9ec37343d77de59004db0e4bd237016e2af99bee50c06dfec63d218b1eeb094237f0918fe04b289e5e1bf1837d5d80d92813138daaa2d70bec72e0f315032ac09b364203")
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='bridge0\x00', 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
write(r4, &(0x7f00000000c0)="2cd889f035a53e14f3", 0x9)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x54, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x8], 0x0, 0x0, 0x1}}, 0x40)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185)

885.472362ms ago: executing program 4 (id=928):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
writev(r2, &(0x7f0000000480)=[{&(0x7f0000000000)="f67804e83b4e100b", 0x8}, {0x0, 0x8}], 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0xc000)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x124, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x24, 0x3, "7339f2f304fdd672bad09dfb040000001d01000001f9580dabf95ddc91967c20"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}]}}}]}, @NFTA_RULE_USERDATA={0xb2, 0x7, 0x1, 0x0, "5b2b4a12bf6769630cf1e45ae805227fc9c4a93a6be43597674382d91a0a588fe1eca0551a3a10902b241e5ec2b55abdea3c68d55f88027be633d9417fe68e5c3cc10734a4de0621497bab4e5f0278ee197653fc0887b2dc8b5780045d026ab48c2877441e17f459b36700bcbf73ece496df7e7bf2b506d6574caec4b290534919811633d6773e4f8ffba2d538d1cde8ea1fdab168312bde074c4a0e09f323850124dce67b17c4f1acbf1b3614a4"}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x14c}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000001a00)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x50)
mmap(&(0x7f00003a7000/0x4000)=nil, 0x4000, 0x0, 0x40010, r3, 0x1000)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffdba)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fsopen(&(0x7f00000003c0)='gfs2meta\x00', 0x1)
getsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000), &(0x7f00000000c0)=0x8)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

392.639505ms ago: executing program 5 (id=929):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', 'trusted:', 0x20, 0x40}, 0x32, 0xfffffffffffffffc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x1f}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val={@val={0x88a8, 0x1, 0x0, 0x4}, {0x8100, 0x7, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010102, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x1}}}}}}, 0x0)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
r6 = dup(r5)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r6, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r6, 0x4010ae74, &(0x7f0000000200)={0x7, 0x9, 0x1})
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3, 0x3c, 0xda18, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x1, 0x0, 0x0, 0x1000, {[@mptcp=@syn={0x1e, 0xc, 0x5, 0x1, 0x10, 0x8000, 0x6}, @exp_fastopen={0xfe, 0x4}, @generic={0x2, 0x2}]}}}}}}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)=@x86={0xfd, 0x7, 0x2, 0x0, 0xc8, 0x3, 0xed, 0xd, 0x52, 0xf6, 0x18, 0x0, 0x0, 0x2, 0x100d, 0x0, 0x8, 0x0, 0x5, '\x00', 0x0, 0x8})

311.066962ms ago: executing program 5 (id=930):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa33"], 0xfdef)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x5, 0x47, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = syz_open_dev$cec(&(0x7f0000003480), 0xffffffffffffffff, 0x80085)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000040)={'\x00\f\x00', 0x0, 0x5, 0x2, 0x0, 0x9, "00000000020000000000002100", "00004702", "0300", "97ad3700", ["fdffffff84a438dfc5d5c010", "d78cb8b0211a83be12ff0bff", "0000efffffffffffbfff00"]})
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000140)={"4497acf4", 0xe66, 0x5, 0x0, 0x3, 0x1000006, 'U\x00', "1010f359", "0725eade", '\'s6O', ["01040000000000005793e8a7", "7f9ce2d2c4f439ff80e1d1c8", "fa0700f22b42a3023be516d1"]})
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300), 0x4)
r4 = dup3(r1, r1, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0xffffffffffffffff, 0x100, 0xf65cd2b3fada388a}, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x10001, 0x0, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5}, 0x50)
r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000580)=@o_path={&(0x7f0000000540)='./file0\x00', 0x0, 0x4000, r0}, 0x14)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000005c0)={{0x1, 0x1, 0x18, <r8=>r2, {0x1}}, './file0\x00'})
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={0x0, 0x6, 0x8}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x3, &(0x7f0000000100)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @exit, @generic={0x1, 0xa, 0x6, 0x0, 0xffffffff}], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0xab, &(0x7f0000000200)=""/171, 0x40f00, 0x22, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000340)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0x0, 0xc, 0x14000, 0x8}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000640)=[0x1, r4, r5, r6, r7, r8, r9, r0], &(0x7f00000006c0)=[{0x5, 0x4, 0x2, 0x4}, {0x5, 0x5, 0xd, 0x1}, {0x5, 0x3, 0xc, 0x7}], 0x10, 0x1}, 0x94)

0s ago: executing program 5 (id=931):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r3, 0x0, 0x1}, 0x18)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x8, 0xc, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000b40)={{r6}, &(0x7f0000000ac0), &(0x7f0000000b00)='%+9llu \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r7}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r5, 0x0, 0x1}, 0x18)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

0s ago: executing program 4 (id=932):
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="20000000f1000000030000000000000000000040"], 0x0)

kernel console output (not intermixed with test programs):

prof+0x6d/0x3b0
[  146.554874][ T7867]  ? skb_clone+0x190/0x3f0
[  146.554888][ T7867]  skb_clone+0x190/0x3f0
[  146.554899][ T7867]  netlink_deliver_tap+0xabd/0xd30
[  146.554913][ T7867]  netlink_unicast+0x64c/0x870
[  146.554926][ T7867]  ? __pfx_netlink_unicast+0x10/0x10
[  146.554938][ T7867]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  146.554954][ T7867]  netlink_sendmsg+0x8d1/0xdd0
[  146.554967][ T7867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.554981][ T7867]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  146.555002][ T7867]  ____sys_sendmsg+0xa95/0xc70
[  146.555018][ T7867]  ? __pfx_____sys_sendmsg+0x10/0x10
[  146.555031][ T7867]  ? get_compat_msghdr+0x11a/0x170
[  146.555055][ T7867]  ___sys_sendmsg+0x134/0x1d0
[  146.555066][ T7867]  ? __pfx____sys_sendmsg+0x10/0x10
[  146.555088][ T7867]  ? find_held_lock+0x2b/0x80
[  146.555110][ T7867]  __sys_sendmsg+0x16d/0x220
[  146.555121][ T7867]  ? __pfx___sys_sendmsg+0x10/0x10
[  146.555138][ T7867]  ? rcu_is_watching+0x12/0xc0
[  146.555153][ T7867]  __do_fast_syscall_32+0x7c/0x300
[  146.555166][ T7867]  do_fast_syscall_32+0x32/0x80
[  146.555178][ T7867]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.555192][ T7867] RIP: 0023:0xf707e579
[  146.555201][ T7867] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.555212][ T7867] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  146.555224][ T7867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000600
[  146.555230][ T7867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  146.555237][ T7867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  146.555243][ T7867] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.555249][ T7867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.555262][ T7867]  </TASK>
[  146.555305][ T7867] netlink: 'syz.0.490': attribute type 10 has an invalid length.
[  146.593813][ T7870] netlink: 12 bytes leftover after parsing attributes in process `syz.1.492'.
[  146.656987][ T7867] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.660987][ T7867] team0: Port device bond0 added
[  146.971034][ T7889] fuse: Unknown parameter '���#�
'
[  147.150716][   T40] kauditd_printk_skb: 46 callbacks suppressed
[  147.150730][   T40] audit: type=1326 audit(1759432033.879:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.161830][   T40] audit: type=1326 audit(1759432033.879:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.173693][   T40] audit: type=1326 audit(1759432033.879:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.182232][   T40] audit: type=1326 audit(1759432033.879:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.193248][   T40] audit: type=1326 audit(1759432033.879:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.205916][   T40] audit: type=1326 audit(1759432033.879:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.221736][   T40] audit: type=1326 audit(1759432033.889:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.230437][   T40] audit: type=1326 audit(1759432033.889:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.239435][   T40] audit: type=1326 audit(1759432033.889:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.246324][   T40] audit: type=1326 audit(1759432033.889:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7903 comm="syz.0.503" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e579 code=0x7ffc0000
[  147.649647][ T7916] FAULT_INJECTION: forcing a failure.
[  147.649647][ T7916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.653785][ T7916] CPU: 0 UID: 0 PID: 7916 Comm: syz.3.507 Not tainted syzkaller #0 PREEMPT(full) 
[  147.653800][ T7916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.653807][ T7916] Call Trace:
[  147.653812][ T7916]  <TASK>
[  147.653817][ T7916]  dump_stack_lvl+0x16c/0x1f0
[  147.653854][ T7916]  should_fail_ex+0x512/0x640
[  147.653881][ T7916]  _copy_to_user+0x32/0xd0
[  147.653893][ T7916]  simple_read_from_buffer+0xcb/0x170
[  147.653912][ T7916]  proc_fail_nth_read+0x197/0x240
[  147.653930][ T7916]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  147.653949][ T7916]  ? rw_verify_area+0xcf/0x6c0
[  147.653966][ T7916]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  147.653984][ T7916]  vfs_read+0x1e4/0xcf0
[  147.653997][ T7916]  ? __pfx_vfs_read+0x10/0x10
[  147.654005][ T7916]  ? find_held_lock+0x2b/0x80
[  147.654023][ T7916]  ? __fget_files+0x20e/0x3c0
[  147.654045][ T7916]  ksys_read+0x12a/0x250
[  147.654054][ T7916]  ? __pfx_ksys_read+0x10/0x10
[  147.654064][ T7916]  ? fput+0x9b/0xd0
[  147.654077][ T7916]  ? rcu_is_watching+0x12/0xc0
[  147.654092][ T7916]  __do_fast_syscall_32+0x7c/0x300
[  147.654106][ T7916]  do_fast_syscall_32+0x32/0x80
[  147.654117][ T7916]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.654132][ T7916] RIP: 0023:0xf70ce579
[  147.654141][ T7916] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.654152][ T7916] RSP: 002b:00000000f54be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  147.654163][ T7916] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54be620
[  147.654170][ T7916] RDX: 000000000000000f RSI: 00000000f7465ff4 RDI: 0000000000000000
[  147.654176][ T7916] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  147.654183][ T7916] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  147.654189][ T7916] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.654202][ T7916]  </TASK>
[  147.676553][ T7919] FAULT_INJECTION: forcing a failure.
[  147.676553][ T7919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.744693][ T7919] CPU: 0 UID: 0 PID: 7919 Comm: syz.0.508 Not tainted syzkaller #0 PREEMPT(full) 
[  147.744725][ T7919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.744739][ T7919] Call Trace:
[  147.744749][ T7919]  <TASK>
[  147.744759][ T7919]  dump_stack_lvl+0x16c/0x1f0
[  147.744789][ T7919]  should_fail_ex+0x512/0x640
[  147.744827][ T7919]  _copy_from_user+0x2e/0xd0
[  147.744850][ T7919]  snd_pcm_ioctl_hw_params_compat+0xa5/0x2f0
[  147.744889][ T7919]  snd_pcm_ioctl_compat+0x166/0x850
[  147.744921][ T7919]  ? hook_file_ioctl_common+0x145/0x410
[  147.744947][ T7919]  ? __pfx_snd_pcm_ioctl_compat+0x10/0x10
[  147.744991][ T7919]  ? __fget_files+0x20e/0x3c0
[  147.745029][ T7919]  ? __pfx_snd_pcm_ioctl_compat+0x10/0x10
[  147.745062][ T7919]  __ia32_compat_sys_ioctl+0x242/0x370
[  147.745096][ T7919]  __do_fast_syscall_32+0x7c/0x300
[  147.745123][ T7919]  do_fast_syscall_32+0x32/0x80
[  147.745146][ T7919]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.745174][ T7919] RIP: 0023:0xf707e579
[  147.745192][ T7919] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.745214][ T7919] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  147.745236][ T7919] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c25c4111
[  147.745250][ T7919] RDX: 0000000080000780 RSI: 0000000000000000 RDI: 0000000000000000
[  147.745264][ T7919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.745277][ T7919] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.745290][ T7919] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.745319][ T7919]  </TASK>
[  147.855771][ T7923] netlink: 'syz.0.510': attribute type 1 has an invalid length.
[  147.893911][ T7923] 8021q: adding VLAN 0 to HW filter on device bond2
[  147.899273][ T7923] bond1: (slave bond2): making interface the new active one
[  147.902094][ T7923] bond1: (slave bond2): Enslaving as an active interface with an up link
[  147.907327][ T7923] FAULT_INJECTION: forcing a failure.
[  147.907327][ T7923] name failslab, interval 1, probability 0, space 0, times 0
[  147.912564][ T7923] CPU: 2 UID: 0 PID: 7923 Comm: syz.0.510 Not tainted syzkaller #0 PREEMPT(full) 
[  147.912582][ T7923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.912590][ T7923] Call Trace:
[  147.912595][ T7923]  <TASK>
[  147.912600][ T7923]  dump_stack_lvl+0x16c/0x1f0
[  147.912618][ T7923]  should_fail_ex+0x512/0x640
[  147.912642][ T7923]  should_failslab+0xc2/0x120
[  147.912657][ T7923]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  147.912671][ T7923]  ? skb_clone+0x190/0x3f0
[  147.912686][ T7923]  skb_clone+0x190/0x3f0
[  147.912699][ T7923]  netlink_deliver_tap+0xabd/0xd30
[  147.912716][ T7923]  netlink_unicast+0x64c/0x870
[  147.912731][ T7923]  ? __pfx_netlink_unicast+0x10/0x10
[  147.912745][ T7923]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  147.912768][ T7923]  netlink_sendmsg+0x8d1/0xdd0
[  147.912784][ T7923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.912799][ T7923]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  147.912823][ T7923]  ____sys_sendmsg+0xa95/0xc70
[  147.912842][ T7923]  ? __pfx_____sys_sendmsg+0x10/0x10
[  147.912857][ T7923]  ? get_compat_msghdr+0x11a/0x170
[  147.912886][ T7923]  ___sys_sendmsg+0x134/0x1d0
[  147.912899][ T7923]  ? __pfx____sys_sendmsg+0x10/0x10
[  147.912918][ T7923]  ? find_held_lock+0x2b/0x80
[  147.912942][ T7923]  __sys_sendmsg+0x16d/0x220
[  147.912954][ T7923]  ? __pfx___sys_sendmsg+0x10/0x10
[  147.912972][ T7923]  ? rcu_is_watching+0x12/0xc0
[  147.912988][ T7923]  __do_fast_syscall_32+0x7c/0x300
[  147.913003][ T7923]  do_fast_syscall_32+0x32/0x80
[  147.913015][ T7923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.913031][ T7923] RIP: 0023:0xf707e579
[  147.913040][ T7923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.913053][ T7923] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  147.913065][ T7923] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000000
[  147.913072][ T7923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  147.913079][ T7923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.913086][ T7923] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.913092][ T7923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.913107][ T7923]  </TASK>
[  147.916769][ T7923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.510'.
[  148.021965][ T7923] bond1: entered promiscuous mode
[  148.024485][ T7923] bond2: entered promiscuous mode
[  148.027178][ T7923] bond1: entered allmulticast mode
[  148.029919][ T7923] bond2: entered allmulticast mode
[  148.032930][ T7923] 8021q: adding VLAN 0 to HW filter on device bond1
[  148.110975][ T7937] netlink: 'syz.3.515': attribute type 1 has an invalid length.
[  148.117923][ T7940] fuse: Bad value for 'group_id'
[  148.128262][ T7940] fuse: Bad value for 'group_id'
[  148.147423][ T7937] 8021q: adding VLAN 0 to HW filter on device bond2
[  148.153955][ T7937] bond1: (slave bond2): making interface the new active one
[  148.157658][ T7937] bond1: (slave bond2): Enslaving as an active interface with an up link
[  148.168076][ T7937] netlink: 28 bytes leftover after parsing attributes in process `syz.3.515'.
[  148.172607][ T7937] bond1: entered promiscuous mode
[  148.174266][ T7937] bond2: entered promiscuous mode
[  148.176305][ T7937] bond1: entered allmulticast mode
[  148.178068][ T7937] bond2: entered allmulticast mode
[  148.180389][ T7937] 8021q: adding VLAN 0 to HW filter on device bond1
[  148.543371][ T7968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.524'.
[  148.667093][ T7973] netlink: 'syz.3.526': attribute type 1 has an invalid length.
[  148.703993][ T7973] netlink: 28 bytes leftover after parsing attributes in process `syz.3.526'.
[  149.060047][ T7993] FAULT_INJECTION: forcing a failure.
[  149.060047][ T7993] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.064267][ T7993] CPU: 2 UID: 0 PID: 7993 Comm: syz.3.532 Not tainted syzkaller #0 PREEMPT(full) 
[  149.064283][ T7993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.064290][ T7993] Call Trace:
[  149.064295][ T7993]  <TASK>
[  149.064301][ T7993]  dump_stack_lvl+0x16c/0x1f0
[  149.064340][ T7993]  should_fail_ex+0x512/0x640
[  149.064368][ T7993]  _copy_to_iter+0x463/0x1710
[  149.064382][ T7993]  ? __kmalloc_noprof+0x223/0x510
[  149.064393][ T7993]  ? __pfx__copy_to_iter+0x10/0x10
[  149.064405][ T7993]  ? __skb_recv_datagram+0x1b2/0x220
[  149.064423][ T7993]  ? __pfx___skb_recv_datagram+0x10/0x10
[  149.064445][ T7993]  simple_copy_to_iter+0x46/0x90
[  149.064467][ T7993]  __skb_datagram_iter+0x129/0x900
[  149.064488][ T7993]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  149.064514][ T7993]  ? skb_recv_datagram+0x88/0xc0
[  149.064541][ T7993]  skb_copy_datagram_iter+0x40/0x50
[  149.064565][ T7993]  netlink_recvmsg+0x27e/0xa90
[  149.064583][ T7993]  ? __pfx_netlink_recvmsg+0x10/0x10
[  149.064599][ T7993]  ? rcu_is_watching+0x12/0xc0
[  149.064621][ T7993]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  149.064651][ T7993]  sock_recvmsg+0x1f6/0x250
[  149.064674][ T7993]  ____sys_recvmsg+0x218/0x6b0
[  149.064698][ T7993]  ? __pfx_____sys_recvmsg+0x10/0x10
[  149.064718][ T7993]  ? import_iovec+0x86/0xb0
[  149.064743][ T7993]  ? __lock_acquire+0x62e/0x1ce0
[  149.064774][ T7993]  ___sys_recvmsg+0x114/0x1a0
[  149.064792][ T7993]  ? __pfx____sys_recvmsg+0x10/0x10
[  149.064820][ T7993]  ? find_held_lock+0x2b/0x80
[  149.064856][ T7993]  do_recvmmsg+0x55d/0x750
[  149.064877][ T7993]  ? __pfx_do_recvmmsg+0x10/0x10
[  149.064891][ T7993]  ? find_held_lock+0x2b/0x80
[  149.064909][ T7993]  ? __might_fault+0xe3/0x190
[  149.064925][ T7993]  ? __might_fault+0x13b/0x190
[  149.064953][ T7993]  ? __pfx_get_old_timespec32+0x10/0x10
[  149.064979][ T7993]  ? __fget_files+0x20e/0x3c0
[  149.065009][ T7993]  __sys_recvmmsg+0x110/0x280
[  149.065027][ T7993]  ? __pfx___sys_recvmmsg+0x10/0x10
[  149.065047][ T7993]  ? __pfx_ksys_write+0x10/0x10
[  149.065067][ T7993]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  149.065086][ T7993]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.065102][ T7993]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  149.065121][ T7993]  __do_fast_syscall_32+0x7c/0x300
[  149.065142][ T7993]  do_fast_syscall_32+0x32/0x80
[  149.065160][ T7993]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.065182][ T7993] RIP: 0023:0xf70ce579
[  149.065196][ T7993] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.065214][ T7993] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  149.065231][ T7993] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800037c0
[  149.065243][ T7993] RDX: 00000000000003b4 RSI: 0000000000000000 RDI: 0000000080003700
[  149.065253][ T7993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.065263][ T7993] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.065273][ T7993] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.065296][ T7993]  </TASK>
[  149.184820][  T838] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  149.339815][  T838] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.342007][  T838] usb 5-1: New USB device found, idVendor=04b4, idProduct=ed81, bcdDevice= 0.00
[  149.344943][  T838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.351241][  T838] usb 5-1: config 0 descriptor??
[  149.478661][ T8006] FAULT_INJECTION: forcing a failure.
[  149.478661][ T8006] name failslab, interval 1, probability 0, space 0, times 0
[  149.482696][ T8006] CPU: 3 UID: 0 PID: 8006 Comm: syz.1.536 Not tainted syzkaller #0 PREEMPT(full) 
[  149.482712][ T8006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.482719][ T8006] Call Trace:
[  149.482724][ T8006]  <TASK>
[  149.482729][ T8006]  dump_stack_lvl+0x16c/0x1f0
[  149.482758][ T8006]  should_fail_ex+0x512/0x640
[  149.482779][ T8006]  should_failslab+0xc2/0x120
[  149.482796][ T8006]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  149.482809][ T8006]  ? skb_clone+0x190/0x3f0
[  149.482822][ T8006]  skb_clone+0x190/0x3f0
[  149.482833][ T8006]  netlink_deliver_tap+0xabd/0xd30
[  149.482848][ T8006]  netlink_unicast+0x64c/0x870
[  149.482862][ T8006]  ? __pfx_netlink_unicast+0x10/0x10
[  149.482873][ T8006]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  149.482889][ T8006]  netlink_sendmsg+0x8d1/0xdd0
[  149.482903][ T8006]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.482916][ T8006]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  149.482936][ T8006]  sock_write_iter+0x566/0x610
[  149.482951][ T8006]  ? __pfx_sock_write_iter+0x10/0x10
[  149.482971][ T8006]  ? __lock_acquire+0x62e/0x1ce0
[  149.482987][ T8006]  ? copy_compat_iovec_from_user+0x145/0x190
[  149.483007][ T8006]  do_iter_readv_writev+0x662/0x9e0
[  149.483026][ T8006]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  149.483045][ T8006]  ? bpf_lsm_file_permission+0x9/0x10
[  149.483058][ T8006]  ? security_file_permission+0x71/0x210
[  149.483073][ T8006]  ? rw_verify_area+0xcf/0x6c0
[  149.483090][ T8006]  vfs_writev+0x35f/0xde0
[  149.483111][ T8006]  ? __pfx_vfs_writev+0x10/0x10
[  149.483128][ T8006]  ? find_held_lock+0x2b/0x80
[  149.483149][ T8006]  ? __fget_files+0x20e/0x3c0
[  149.483165][ T8006]  ? __fget_files+0x170/0x3c0
[  149.483184][ T8006]  ? do_writev+0x28c/0x340
[  149.483200][ T8006]  do_writev+0x28c/0x340
[  149.483217][ T8006]  ? __pfx_do_writev+0x10/0x10
[  149.483234][ T8006]  ? rcu_is_watching+0x12/0xc0
[  149.483249][ T8006]  __do_fast_syscall_32+0x7c/0x300
[  149.483262][ T8006]  do_fast_syscall_32+0x32/0x80
[  149.483274][ T8006]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.483287][ T8006] RIP: 0023:0xf702e579
[  149.483297][ T8006] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.483307][ T8006] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  149.483318][ T8006] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  149.483324][ T8006] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  149.483330][ T8006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.483336][ T8006] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.483343][ T8006] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.483356][ T8006]  </TASK>
[  149.791995][ T7981] input: syz1 as /devices/virtual/input/input9
[  149.827004][  T838] usbhid 5-1:0.0: can't add hid device: -71
[  149.830995][  T838] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  149.834964][  T838] usb 5-1: USB disconnect, device number 11
[  149.879187][ T8023] FAULT_INJECTION: forcing a failure.
[  149.879187][ T8023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.884191][ T8023] CPU: 2 UID: 0 PID: 8023 Comm: syz.2.541 Not tainted syzkaller #0 PREEMPT(full) 
[  149.884208][ T8023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.884215][ T8023] Call Trace:
[  149.884220][ T8023]  <TASK>
[  149.884225][ T8023]  dump_stack_lvl+0x16c/0x1f0
[  149.884242][ T8023]  should_fail_ex+0x512/0x640
[  149.884260][ T8023]  ? page_copy_sane+0xcd/0x2d0
[  149.884278][ T8023]  copy_folio_from_iter_atomic+0x36f/0x1ac0
[  149.884294][ T8023]  ? simple_xattr_get+0x179/0x1d0
[  149.884309][ T8023]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  149.884321][ T8023]  ? shmem_write_begin+0x176/0x300
[  149.884333][ T8023]  ? __pfx_shmem_write_begin+0x10/0x10
[  149.884345][ T8023]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  149.884364][ T8023]  generic_perform_write+0x221/0x900
[  149.884387][ T8023]  ? __pfx_generic_perform_write+0x10/0x10
[  149.884405][ T8023]  ? inode_needs_update_time.part.0+0x191/0x270
[  149.884421][ T8023]  shmem_file_write_iter+0x10e/0x140
[  149.884436][ T8023]  vfs_write+0x7d0/0x11d0
[  149.884447][ T8023]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  149.884462][ T8023]  ? __pfx_vfs_write+0x10/0x10
[  149.884472][ T8023]  ? find_held_lock+0x2b/0x80
[  149.884494][ T8023]  ksys_write+0x12a/0x250
[  149.884504][ T8023]  ? __pfx_ksys_write+0x10/0x10
[  149.884516][ T8023]  ? rcu_is_watching+0x12/0xc0
[  149.884531][ T8023]  __do_fast_syscall_32+0x7c/0x300
[  149.884547][ T8023]  do_fast_syscall_32+0x32/0x80
[  149.884564][ T8023]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.884583][ T8023] RIP: 0023:0xf70ce579
[  149.884596][ T8023] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.884611][ T8023] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  149.884642][ T8023] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000040
[  149.884655][ T8023] RDX: 000000000208e24b RSI: 0000000000000000 RDI: 0000000000000000
[  149.884664][ T8023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.884674][ T8023] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.884683][ T8023] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.884704][ T8023]  </TASK>
[  149.967223][ T8024] loop5: detected capacity change from 0 to 1095
[  150.123332][ T8030] FAULT_INJECTION: forcing a failure.
[  150.123332][ T8030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.129856][ T8030] CPU: 1 UID: 0 PID: 8030 Comm: syz.3.545 Not tainted syzkaller #0 PREEMPT(full) 
[  150.129888][ T8030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.129898][ T8030] Call Trace:
[  150.129905][ T8030]  <TASK>
[  150.129911][ T8030]  dump_stack_lvl+0x16c/0x1f0
[  150.129933][ T8030]  should_fail_ex+0x512/0x640
[  150.129961][ T8030]  _copy_from_user+0x2e/0xd0
[  150.129978][ T8030]  memdup_user+0x6b/0xe0
[  150.129995][ T8030]  kvm_arch_vcpu_ioctl+0xf3f/0x52d0
[  150.130021][ T8030]  ? is_bpf_text_address+0x94/0x1a0
[  150.130045][ T8030]  ? kernel_text_address+0x8d/0x100
[  150.130066][ T8030]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  150.130097][ T8030]  ? __lock_acquire+0xb97/0x1ce0
[  150.130125][ T8030]  ? kasan_save_stack+0x42/0x60
[  150.130143][ T8030]  ? __mutex_trylock_common+0xe9/0x250
[  150.130168][ T8030]  ? __pfx___mutex_trylock_common+0x10/0x10
[  150.130192][ T8030]  ? __pfx___might_resched+0x10/0x10
[  150.130212][ T8030]  ? rcu_is_watching+0x12/0xc0
[  150.130232][ T8030]  ? trace_contention_end+0xdd/0x130
[  150.130256][ T8030]  ? __mutex_lock+0x1c5/0x1060
[  150.130279][ T8030]  ? __pfx___mutex_lock+0x10/0x10
[  150.130305][ T8030]  ? kasan_quarantine_put+0x10a/0x240
[  150.130333][ T8030]  ? kvm_vcpu_ioctl+0x1235/0x1690
[  150.130354][ T8030]  kvm_vcpu_ioctl+0x1235/0x1690
[  150.130379][ T8030]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  150.130401][ T8030]  ? tomoyo_path_number_perm+0x18d/0x580
[  150.130421][ T8030]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  150.130447][ T8030]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  150.130482][ T8030]  ? do_vfs_ioctl+0x128/0x14f0
[  150.130504][ T8030]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  150.130534][ T8030]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  150.130558][ T8030]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  150.130580][ T8030]  ? __fget_files+0x20e/0x3c0
[  150.130608][ T8030]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  150.130632][ T8030]  __ia32_compat_sys_ioctl+0x242/0x370
[  150.130655][ T8030]  __do_fast_syscall_32+0x7c/0x300
[  150.130674][ T8030]  do_fast_syscall_32+0x32/0x80
[  150.130691][ T8030]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  150.130711][ T8030] RIP: 0023:0xf70ce579
[  150.130724][ T8030] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  150.130741][ T8030] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  150.130757][ T8030] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004008ae89
[  150.130767][ T8030] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  150.130777][ T8030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  150.130786][ T8030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  150.130796][ T8030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.130817][ T8030]  </TASK>
[  150.476770][ T8047] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  150.590596][ T4652] usb 8-1: new full-speed USB device number 13 using dummy_hcd
[  150.678368][ T1325] usb 40-1: device descriptor read/8, error -110
[  150.723585][ T8059] netlink: 12 bytes leftover after parsing attributes in process `syz.2.556'.
[  150.851585][ T4652] usb 8-1: config 0 has no interfaces?
[  151.068819][ T1325] usb usb40-port1: unable to enumerate USB device
[  151.411638][ T4652] usb 8-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  151.448298][ T1325] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  151.479651][ T4652] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.483663][ T4652] usb 8-1: Product: syz
[  151.485257][ T4652] usb 8-1: Manufacturer: syz
[  151.486922][ T4652] usb 8-1: SerialNumber: syz
[  151.491444][ T4652] usb 8-1: config 0 descriptor??
[  151.599803][ T1325] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  151.603640][ T1325] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  151.608267][ T1325] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  151.612332][ T1325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.619333][ T8076] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  151.623801][ T1325] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  151.703177][ T1325] usb 8-1: USB disconnect, device number 13
[  151.844472][ T8083] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  151.845245][ T6224] usb 5-1: USB disconnect, device number 12
[  151.846513][ T8083] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  151.846619][ T8083] vhci_hcd vhci_hcd.0: Device attached
[  151.855114][ T8085] vhci_hcd: connection closed
[  151.856286][ T1137] vhci_hcd: stop threads
[  151.860955][ T1137] vhci_hcd: release socket
[  151.862738][ T1137] vhci_hcd: disconnect device
[  152.241561][ T8093] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  152.243663][ T8093] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  152.246670][ T8093] vhci_hcd vhci_hcd.0: Device attached
[  152.419613][ T8106] syzkaller1: entered promiscuous mode
[  152.421595][ T8106] syzkaller1: entered allmulticast mode
[  152.513157][ T8111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.571'.
[  152.568363][ T5870] usb 42-1: SetAddress Request (18) to port 0
[  152.571012][ T5870] usb 42-1: new SuperSpeed USB device number 18 using vhci_hcd
[  152.865233][ T8094] vhci_hcd: connection reset by peer
[  152.868921][   T13] vhci_hcd: stop threads
[  152.870492][   T13] vhci_hcd: release socket
[  152.872077][   T13] vhci_hcd: disconnect device
[  153.216467][ T8134] netlink: 'syz.3.581': attribute type 21 has an invalid length.
[  153.220468][ T8134] netlink: 'syz.3.581': attribute type 1 has an invalid length.
[  153.276439][ T8135] netlink: 40 bytes leftover after parsing attributes in process `syz.3.581'.
[  153.473830][ T8140] netlink: 4 bytes leftover after parsing attributes in process `syz.2.583'.
[  153.487997][ T8140] macvtap1: entered promiscuous mode
[  153.490757][ T8140] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  153.495560][ T8140] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  153.540751][ T8142] CUSE: unknown device info "�
"
[  153.543199][ T8142] CUSE: zero length info key specified
[  153.620181][ T8144] comedi comedi3: pcl812: I/O port conflict (0x4f27,16)
[  154.038997][ T4652] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  154.144398][ T8164] netlink: 4 bytes leftover after parsing attributes in process `syz.3.592'.
[  154.152094][ T8164] macvtap1: entered promiscuous mode
[  154.153832][ T8164] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  154.157911][ T8164] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  154.188447][ T4652] usb 7-1: Using ep0 maxpacket: 16
[  154.198310][ T4652] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.200774][ T8166] CUSE: unknown device info "�
"
[  154.201959][ T4652] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  154.204368][ T8166] CUSE: zero length info key specified
[  154.208733][ T4652] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  154.213752][ T4652] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.217776][ T4652] usb 7-1: config 0 descriptor??
[  154.499026][ T8184] FAULT_INJECTION: forcing a failure.
[  154.499026][ T8184] name failslab, interval 1, probability 0, space 0, times 0
[  154.504507][ T8184] CPU: 3 UID: 0 PID: 8184 Comm: syz.3.601 Not tainted syzkaller #0 PREEMPT(full) 
[  154.504523][ T8184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.504530][ T8184] Call Trace:
[  154.504534][ T8184]  <TASK>
[  154.504539][ T8184]  dump_stack_lvl+0x16c/0x1f0
[  154.504556][ T8184]  should_fail_ex+0x512/0x640
[  154.504576][ T8184]  should_failslab+0xc2/0x120
[  154.504589][ T8184]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  154.504600][ T8184]  ? rcu_is_watching+0x12/0xc0
[  154.504613][ T8184]  ? __alloc_skb+0x2b2/0x380
[  154.504634][ T8184]  __alloc_skb+0x2b2/0x380
[  154.504650][ T8184]  ? __pfx___alloc_skb+0x10/0x10
[  154.504677][ T8184]  ? sctp_bind_addrs_to_raw+0x2c9/0x3e0
[  154.504699][ T8184]  _sctp_make_chunk+0x51/0x270
[  154.504720][ T8184]  sctp_make_control+0x2f/0x2d0
[  154.504735][ T8184]  sctp_make_init+0x6f0/0xdc0
[  154.504754][ T8184]  ? __asan_memcpy+0x3c/0x60
[  154.504769][ T8184]  ? __pfx_sctp_make_init+0x10/0x10
[  154.504784][ T8184]  ? sctp_v6_get_dst+0x7db/0x2050
[  154.504797][ T8184]  ? find_held_lock+0x2b/0x80
[  154.504813][ T8184]  ? sctp_sm_lookup_event+0x15b/0x570
[  154.504828][ T8184]  ? __pfx_sctp_sm_lookup_event+0x10/0x10
[  154.504845][ T8184]  sctp_sf_do_prm_asoc+0xbf/0x360
[  154.504858][ T8184]  ? __pfx_sctp_pname+0x10/0x10
[  154.504872][ T8184]  sctp_do_sm+0x181/0x5c80
[  154.504887][ T8184]  ? find_held_lock+0x2b/0x80
[  154.504898][ T8184]  ? sctp_ulpevent_notify_peer_addr_change+0xf1/0xc00
[  154.504911][ T8184]  ? sctp_ulpevent_notify_peer_addr_change+0xf1/0xc00
[  154.504924][ T8184]  ? __pfx_sctp_do_sm+0x10/0x10
[  154.504953][ T8184]  ? sctp_connect_new_asoc+0x41e/0x770
[  154.504969][ T8184]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  154.504986][ T8184]  ? register_lock_class+0x41/0x4c0
[  154.505012][ T8184]  sctp_primitive_ASSOCIATE+0x9c/0xd0
[  154.505033][ T8184]  __sctp_connect+0xa08/0xc60
[  154.505055][ T8184]  ? __pfx___sctp_connect+0x10/0x10
[  154.505077][ T8184]  __sctp_setsockopt_connectx+0xfc/0x170
[  154.505092][ T8184]  sctp_setsockopt+0x1c42/0xb870
[  154.505105][ T8184]  ? ksys_write+0x190/0x250
[  154.505118][ T8184]  ? __pfx_sctp_setsockopt+0x10/0x10
[  154.505131][ T8184]  ? find_held_lock+0x2b/0x80
[  154.505144][ T8184]  ? aa_sock_opt_perm+0xfd/0x1c0
[  154.505160][ T8184]  ? sock_common_setsockopt+0x2e/0xf0
[  154.505174][ T8184]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  154.505188][ T8184]  do_sock_setsockopt+0xf3/0x1d0
[  154.505203][ T8184]  __sys_setsockopt+0x120/0x1a0
[  154.505223][ T8184]  __ia32_sys_setsockopt+0xbc/0x160
[  154.505240][ T8184]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.505251][ T8184]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  154.505263][ T8184]  __do_fast_syscall_32+0x7c/0x300
[  154.505276][ T8184]  do_fast_syscall_32+0x32/0x80
[  154.505287][ T8184]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.505398][ T8184] RIP: 0023:0xf70ce579
[  154.505409][ T8184] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  154.505422][ T8184] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  154.505434][ T8184] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[  154.505442][ T8184] RDX: 000000000000006b RSI: 0000000080000000 RDI: 000000000000001c
[  154.505449][ T8184] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.505456][ T8184] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  154.505463][ T8184] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.505478][ T8184]  </TASK>
[  154.624641][ T8150] fuse: Bad value for 'fd'
[  154.624735][    C3] vkms_vblank_simulate: vblank timer overrun
[  154.792817][ T4652] usbhid 7-1:0.0: can't add hid device: -71
[  154.795278][ T1142] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.795413][ T4652] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  154.801421][ T1142] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.806486][ T4652] usb 7-1: USB disconnect, device number 8
[  154.808414][ T1142] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.814057][ T1142] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.835817][ T8192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.603'.
[  154.842915][ T8192] macvtap1: entered promiscuous mode
[  154.845560][ T8192] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  154.853128][ T8192] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  154.893272][ T8193] CUSE: unknown device info "�
"
[  154.894924][ T8193] CUSE: zero length info key specified
[  154.985716][ T8197] netlink: 132 bytes leftover after parsing attributes in process `syz.1.605'.
[  155.040077][ T8203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.608'.
[  155.045520][ T8203] netlink: 'syz.1.608': attribute type 14 has an invalid length.
[  155.165777][ T8214] netlink: 4 bytes leftover after parsing attributes in process `syz.1.612'.
[  155.174696][ T8214] macvtap1: entered promiscuous mode
[  155.176727][ T8214] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  155.183110][ T8214] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  155.219373][ T8218] CUSE: unknown device info "�
"
[  155.221069][ T8218] CUSE: zero length info key specified
[  155.221345][ T8216] 8021q: adding VLAN 0 to HW filter on device bond5
[  155.240627][ T8216] bond5: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  155.281054][ T8220] netlink: 'syz.1.614': attribute type 21 has an invalid length.
[  155.283332][ T8220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.614'.
[  155.781136][   T40] kauditd_printk_skb: 123 callbacks suppressed
[  155.781149][   T40] audit: type=1800 audit(1759432042.519:192): pid=8237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.617" name="bus" dev="overlay" ino=862 res=0 errno=0
[  156.520074][ T8261] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  156.523029][ T8261] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  156.527036][ T8261] vhci_hcd vhci_hcd.0: Device attached
[  156.798629][  T838] usb 40-1: SetAddress Request (22) to port 0
[  156.801322][  T838] usb 40-1: new SuperSpeed USB device number 22 using vhci_hcd
[  156.819796][ T8263] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  156.819975][ T8262] vhci_hcd: connection closed
[  156.823890][   T68] vhci_hcd: stop threads
[  156.828437][   T68] vhci_hcd: release socket
[  156.831004][   T68] vhci_hcd: disconnect device
[  157.444538][ T8274] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  157.446662][ T8274] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  157.450677][ T8274] vhci_hcd vhci_hcd.0: Device attached
[  157.453439][ T8278] usbip_core: unknown command
[  157.455121][ T8278] vhci_hcd: unknown pdu 0
[  157.456598][ T8278] usbip_core: unknown command
[  157.459029][ T1142] vhci_hcd: stop threads
[  157.460941][ T1142] vhci_hcd: release socket
[  157.461488][ T8276] __nla_validate_parse: 1 callbacks suppressed
[  157.461507][ T8276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.627'.
[  157.463231][ T1142] vhci_hcd: disconnect device
[  157.466338][ T8274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.627'.
[  157.628299][ T5870] usb 42-1: device descriptor read/8, error -110
[  158.018719][ T5870] usb usb42-port1: attempt power cycle
[  158.028496][ T4652] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  158.179996][ T4652] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  158.183413][ T4652] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  158.186894][ T4652] usb 8-1: config 0 interface 0 has no altsetting 0
[  158.193029][ T4652] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  158.196781][ T4652] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  158.200500][ T4652] usb 8-1: Product: syz
[  158.201902][ T4652] usb 8-1: Manufacturer: syz
[  158.203429][ T4652] usb 8-1: SerialNumber: syz
[  158.206883][ T4652] usb 8-1: config 0 descriptor??
[  158.210946][ T4652] hub 8-1:0.0: bad descriptor, ignoring hub
[  158.213347][ T4652] hub 8-1:0.0: probe with driver hub failed with error -5
[  158.219247][ T4652] usb 8-1: selecting invalid altsetting 0
[  158.599075][ T5870] usb usb42-port1: unable to enumerate USB device
[  159.533725][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.639'.
[  159.543379][ T8353] macvtap1: entered promiscuous mode
[  159.545628][ T8353] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  159.552049][ T8353] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  159.594608][ T8356] CUSE: unknown device info "�
"
[  159.596684][ T8356] CUSE: zero length info key specified
[  160.747092][ T8369] netlink: 'syz.1.644': attribute type 39 has an invalid length.
[  160.838612][ T1325] usb 8-1: USB disconnect, device number 14
[  161.048323][ T4652] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  161.148104][ T8379] FAULT_INJECTION: forcing a failure.
[  161.148104][ T8379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.152400][ T8379] CPU: 3 UID: 0 PID: 8379 Comm: syz.2.648 Not tainted syzkaller #0 PREEMPT(full) 
[  161.152415][ T8379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.152422][ T8379] Call Trace:
[  161.152426][ T8379]  <TASK>
[  161.152431][ T8379]  dump_stack_lvl+0x16c/0x1f0
[  161.152460][ T8379]  should_fail_ex+0x512/0x640
[  161.152480][ T8379]  _copy_from_user+0x2e/0xd0
[  161.152491][ T8379]  bpf_test_init.isra.0+0xce/0x130
[  161.152511][ T8379]  bpf_prog_test_run_xdp+0x556/0x1670
[  161.152525][ T8379]  ? __fget_files+0x204/0x3c0
[  161.152543][ T8379]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  161.152554][ T8379]  ? __might_fault+0x80/0x190
[  161.152568][ T8379]  ? fput+0x9b/0xd0
[  161.152581][ T8379]  ? __bpf_prog_get+0x97/0x2a0
[  161.152596][ T8379]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  161.152607][ T8379]  __sys_bpf+0x1032/0x4980
[  161.152621][ T8379]  ? __pfx___sys_bpf+0x10/0x10
[  161.152631][ T8379]  ? find_held_lock+0x2b/0x80
[  161.152647][ T8379]  ? find_held_lock+0x2b/0x80
[  161.152662][ T8379]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  161.152682][ T8379]  ? fput+0x9b/0xd0
[  161.152694][ T8379]  ? ksys_write+0x1ac/0x250
[  161.152706][ T8379]  ? __pfx_ksys_write+0x10/0x10
[  161.152718][ T8379]  __ia32_sys_bpf+0x76/0xe0
[  161.152731][ T8379]  __do_fast_syscall_32+0x7c/0x300
[  161.152744][ T8379]  do_fast_syscall_32+0x32/0x80
[  161.152755][ T8379]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  161.152769][ T8379] RIP: 0023:0xf70ce579
[  161.152778][ T8379] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  161.152789][ T8379] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  161.152800][ T8379] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800008c0
[  161.152807][ T8379] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  161.152813][ T8379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  161.152819][ T8379] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  161.152825][ T8379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  161.152839][ T8379]  </TASK>
[  161.199664][ T4652] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  161.246353][ T8384] netlink: 4 bytes leftover after parsing attributes in process `syz.3.650'.
[  161.249392][ T4652] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.254621][ T8384] macvtap1: entered promiscuous mode
[  161.255081][ T4652] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.257217][ T8384] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  161.261724][ T4652] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  161.268966][ T4652] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  161.275708][ T8384] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  161.278300][ T4652] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  161.280953][ T4652] usb 6-1: Manufacturer: syz
[  161.290758][ T4652] usb 6-1: config 0 descriptor??
[  161.310417][ T8386] CUSE: unknown device info "�
"
[  161.312203][ T8386] CUSE: zero length info key specified
[  161.707920][ T4652] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  161.716064][ T4652] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  161.868741][  T838] usb 40-1: device descriptor read/8, error -110
[  162.240537][ T8370] syz.1.644 (8370): /proc/8370/oom_adj is deprecated, please use /proc/8370/oom_score_adj instead.
[  162.247609][ T6036] usb 6-1: USB disconnect, device number 11
[  162.269058][  T838] usb usb40-port1: attempt power cycle
[  162.831486][  T838] usb usb40-port1: unable to enumerate USB device
[  162.938006][ T8399] vlan2: entered promiscuous mode
[  162.940339][ T8399] hsr0: entered promiscuous mode
[  163.028257][ T1325] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  163.180227][ T1325] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  163.183517][ T1325] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  163.186629][ T1325] usb 8-1: config 0 interface 0 has no altsetting 0
[  163.190982][ T1325] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  163.196707][ T1325] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  163.203148][ T1325] usb 8-1: Product: syz
[  163.204509][ T1325] usb 8-1: Manufacturer: syz
[  163.206002][ T1325] usb 8-1: SerialNumber: syz
[  163.213807][ T1325] usb 8-1: config 0 descriptor??
[  163.219456][ T1325] hub 8-1:0.0: bad descriptor, ignoring hub
[  163.221763][ T1325] hub 8-1:0.0: probe with driver hub failed with error -5
[  163.227003][ T1325] usb 8-1: selecting invalid altsetting 0
[  163.888872][ T8412] netlink: 'syz.2.657': attribute type 10 has an invalid length.
[  163.951798][ T8414] netlink: 28 bytes leftover after parsing attributes in process `syz.2.658'.
[  164.401451][ T8422] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  164.404536][ T8422] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  164.418321][ T8422] vhci_hcd vhci_hcd.0: Device attached
[  164.688337][  T838] usb 42-1: SetAddress Request (22) to port 0
[  164.690589][  T838] usb 42-1: new SuperSpeed USB device number 22 using vhci_hcd
[  164.724616][ T8423] vhci_hcd: connection reset by peer
[  164.727518][   T60] vhci_hcd: stop threads
[  164.730355][   T60] vhci_hcd: release socket
[  164.732853][   T60] vhci_hcd: disconnect device
[  165.840244][ T1325] usb 8-1: USB disconnect, device number 15
[  165.944967][ T8432] bond1: (slave bond2): Releasing backup interface
[  165.947205][ T8432] bond2: left promiscuous mode
[  165.949725][ T8432] bond2: left allmulticast mode
[  165.954989][ T8432] bond5: (slave ip6gretap1): Releasing backup interface
[  166.112610][ T8440] random: crng reseeded on system resumption
[  166.468304][ T1325] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  166.619971][ T1325] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.623800][ T1325] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  166.627747][ T1325] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  166.632301][ T1325] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.637368][ T1325] usb 7-1: config 0 descriptor??
[  166.649824][ T1325] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  166.651987][ T1325] dvb-usb: bulk message failed: -22 (3/0)
[  166.656074][ T1325] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  166.661763][ T1325] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  166.664456][ T1325] usb 7-1: media controller created
[  166.668877][ T1325] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  166.679368][ T1325] dvb-usb: bulk message failed: -22 (6/0)
[  166.682375][ T1325] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  166.693918][ T1325] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input10
[  166.700406][ T1325] dvb-usb: schedule remote query interval to 150 msecs.
[  166.703054][ T1325] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  166.855697][ T8442] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.861846][ T1325] dvb-usb: bulk message failed: -22 (1/0)
[  166.866191][ T1325] dvb-usb: error while querying for an remote control event.
[  166.873328][ T8442] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  167.028565][ T1325] dvb-usb: bulk message failed: -22 (1/0)
[  167.033575][ T1325] dvb-usb: error while querying for an remote control event.
[  167.097692][ T8446] netlink: 4 bytes leftover after parsing attributes in process `syz.3.669'.
[  167.187841][ T6019] usb 7-1: USB disconnect, device number 9
[  167.204214][ T6019] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  167.834227][ T8450] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  168.121992][ T5962] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  168.128051][ T5962] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  168.132785][ T5962] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  168.135945][ T5962] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  168.138782][ T5962] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  168.198356][ T8466] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  168.200825][ T8466] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  168.204277][ T8466] vhci_hcd vhci_hcd.0: Device attached
[  168.274632][ T8462] chnl_net:caif_netlink_parms(): no params data found
[  168.516706][ T8481] FAULT_INJECTION: forcing a failure.
[  168.516706][ T8481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.521535][ T8481] CPU: 3 UID: 0 PID: 8481 Comm: syz.2.675 Not tainted syzkaller #0 PREEMPT(full) 
[  168.521551][ T8481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.521558][ T8481] Call Trace:
[  168.521562][ T8481]  <TASK>
[  168.521567][ T8481]  dump_stack_lvl+0x16c/0x1f0
[  168.521585][ T8481]  should_fail_ex+0x512/0x640
[  168.521609][ T8481]  _copy_to_user+0x32/0xd0
[  168.521621][ T8481]  simple_read_from_buffer+0xcb/0x170
[  168.521639][ T8481]  proc_fail_nth_read+0x197/0x240
[  168.521658][ T8481]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.521676][ T8481]  ? rw_verify_area+0xcf/0x6c0
[  168.521693][ T8481]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.521710][ T8481]  vfs_read+0x1e4/0xcf0
[  168.521723][ T8481]  ? __pfx_vfs_read+0x10/0x10
[  168.521732][ T8481]  ? find_held_lock+0x2b/0x80
[  168.521749][ T8481]  ? __fget_files+0x20e/0x3c0
[  168.521770][ T8481]  ksys_read+0x12a/0x250
[  168.521780][ T8481]  ? __pfx_ksys_read+0x10/0x10
[  168.521791][ T8481]  ? rcu_is_watching+0x12/0xc0
[  168.521806][ T8481]  __do_fast_syscall_32+0x7c/0x300
[  168.521819][ T8481]  do_fast_syscall_32+0x32/0x80
[  168.521831][ T8481]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.521845][ T8481] RIP: 0023:0xf70ce579
[  168.521854][ T8481] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  168.521865][ T8481] RSP: 002b:00000000f549d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  168.521877][ T8481] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f549d620
[  168.521883][ T8481] RDX: 000000000000000f RSI: 00000000f7465ff4 RDI: 0000000000000000
[  168.521890][ T8481] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  168.521896][ T8481] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  168.521902][ T8481] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.521915][ T8481]  </TASK>
[  168.528590][ T1325] usb 44-1: SetAddress Request (23) to port 0
[  168.608257][ T1325] usb 44-1: new SuperSpeed USB device number 23 using vhci_hcd
[  168.660721][ T8462] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.663111][ T8462] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.665574][ T8462] bridge_slave_0: entered allmulticast mode
[  168.679683][ T8462] bridge_slave_0: entered promiscuous mode
[  168.691435][ T8462] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.693961][ T8462] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.709698][ T8462] bridge_slave_1: entered allmulticast mode
[  168.712622][ T8462] bridge_slave_1: entered promiscuous mode
[  168.760944][ T8462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.766635][ T8462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.782637][ T8467] vhci_hcd: connection reset by peer
[  168.784503][   T13] vhci_hcd: stop threads
[  168.785935][   T13] vhci_hcd: release socket
[  168.787386][   T13] vhci_hcd: disconnect device
[  168.882158][ T8462] team0: Port device team_slave_0 added
[  168.886208][ T8462] team0: Port device team_slave_1 added
[  168.924734][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.928367][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.937758][ T8462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.942771][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.945365][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.954703][ T8462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.013303][ T8462] hsr_slave_0: entered promiscuous mode
[  169.015956][ T8462] hsr_slave_1: entered promiscuous mode
[  169.164593][ T8462] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  169.170130][ T8462] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  169.176015][ T8462] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  169.182530][ T8462] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  169.233348][ T8462] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.245221][ T8462] 8021q: adding VLAN 0 to HW filter on device team0
[  169.257347][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.260122][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.265667][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.267946][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.450131][ T8462] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.658115][ T8462] veth0_vlan: entered promiscuous mode
[  169.666150][ T8462] veth1_vlan: entered promiscuous mode
[  169.693034][ T8462] veth0_macvtap: entered promiscuous mode
[  169.699894][ T8462] veth1_macvtap: entered promiscuous mode
[  169.712900][ T8462] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.721936][ T8462] batman_adv: batadv0: Interface activated: batadv_slave_1
[  169.735987][ T1142] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.740928][ T1142] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.744506][ T1142] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.748419][ T5870] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[  169.752919][ T1142] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.791459][  T838] usb 42-1: device descriptor read/8, error -110
[  169.812270][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.815524][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.839765][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.843113][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.886589][ T8513] netlink: 4 bytes leftover after parsing attributes in process `syz.4.672'.
[  169.894634][ T8513] mac80211_hwsim hwsim12 wlan1: entered promiscuous mode
[  169.897236][ T8513] macvtap1: entered promiscuous mode
[  169.902331][ T8513] mac80211_hwsim hwsim12 wlan1: left promiscuous mode
[  169.920864][ T5870] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  169.926579][ T5870] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  169.930899][ T5870] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  169.934623][ T5870] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.940369][ T5870] usb 8-1: config 0 descriptor??
[  169.956217][ T5870] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  169.958020][ T8516] CUSE: unknown device info "�
"
[  169.962959][ T8516] CUSE: zero length info key specified
[  169.965743][ T5870] dvb-usb: bulk message failed: -22 (3/0)
[  169.978734][ T5870] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  169.982623][ T5870] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  169.985758][ T5870] usb 8-1: media controller created
[  169.986483][ T8513] netlink: 28 bytes leftover after parsing attributes in process `syz.4.672'.
[  169.992481][ T5870] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  170.009393][ T5870] dvb-usb: bulk message failed: -22 (6/0)
[  170.013839][ T5870] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  170.030668][ T5870] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input11
[  170.040142][ T5870] dvb-usb: schedule remote query interval to 150 msecs.
[  170.041032][ T8517] random: crng reseeded on system resumption
[  170.043382][ T5870] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  170.092036][ T8519] bridge_slave_0: left allmulticast mode
[  170.093953][ T8519] bridge_slave_0: left promiscuous mode
[  170.095874][ T8519] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.100483][ T8519] bridge_slave_1: left allmulticast mode
[  170.102315][ T8519] bridge_slave_1: left promiscuous mode
[  170.104194][ T8519] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.112526][ T8519] bond0: (slave bond_slave_0): Releasing backup interface
[  170.117964][ T8519] bond0: (slave bond_slave_1): Releasing backup interface
[  170.127436][ T8519] team0: Port device team_slave_0 removed
[  170.132753][ T8519] team0: Port device team_slave_1 removed
[  170.135101][ T8519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.137402][ T8519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.142377][ T8519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.145501][ T8519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.190708][ T5957] Bluetooth: hci4: command tx timeout
[  170.198667][ T5870] dvb-usb: bulk message failed: -22 (1/0)
[  170.200628][ T5870] dvb-usb: error while querying for an remote control event.
[  170.208558][ T8504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.216113][ T8504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.368260][ T5870] dvb-usb: bulk message failed: -22 (1/0)
[  170.370380][ T5870] dvb-usb: error while querying for an remote control event.
[  170.435232][ T5870] usb 8-1: USB disconnect, device number 16
[  170.460896][ T5870] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  170.618284][  T838] usb usb42-port1: attempt power cycle
[  171.048693][ T6036] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  171.328242][ T6036] usb 9-1: Using ep0 maxpacket: 16
[  171.429003][  T838] usb usb42-port1: unable to enumerate USB device
[  171.915895][ T6036] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  171.919428][ T6036] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  171.922641][ T6036] usb 9-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  171.929298][ T6036] usb 9-1: config 0 interface 0 has no altsetting 0
[  171.941036][ T6036] usb 9-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  171.944059][ T6036] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.946606][ T6036] usb 9-1: Product: syz
[  171.948056][ T6036] usb 9-1: Manufacturer: syz
[  171.949875][ T6036] usb 9-1: SerialNumber: syz
[  171.957496][ T6036] usb 9-1: config 0 descriptor??
[  172.053782][ T8541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.688'.
[  172.157393][ T8551] FAULT_INJECTION: forcing a failure.
[  172.157393][ T8551] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.162924][ T8551] CPU: 2 UID: 0 PID: 8551 Comm: syz.3.692 Not tainted syzkaller #0 PREEMPT(full) 
[  172.162943][ T8551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.162951][ T8551] Call Trace:
[  172.162957][ T8551]  <TASK>
[  172.162963][ T8551]  dump_stack_lvl+0x16c/0x1f0
[  172.162982][ T8551]  should_fail_ex+0x512/0x640
[  172.163005][ T8551]  _copy_to_user+0x32/0xd0
[  172.163018][ T8551]  simple_read_from_buffer+0xcb/0x170
[  172.163038][ T8551]  proc_fail_nth_read+0x197/0x240
[  172.163059][ T8551]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.163079][ T8551]  ? rw_verify_area+0xcf/0x6c0
[  172.163097][ T8551]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.163116][ T8551]  vfs_read+0x1e4/0xcf0
[  172.163131][ T8551]  ? __pfx_vfs_read+0x10/0x10
[  172.163141][ T8551]  ? find_held_lock+0x2b/0x80
[  172.163159][ T8551]  ? __fget_files+0x20e/0x3c0
[  172.163182][ T8551]  ksys_read+0x12a/0x250
[  172.163193][ T8551]  ? __pfx_ksys_read+0x10/0x10
[  172.163205][ T8551]  ? rcu_is_watching+0x12/0xc0
[  172.163221][ T8551]  __do_fast_syscall_32+0x7c/0x300
[  172.163236][ T8551]  do_fast_syscall_32+0x32/0x80
[  172.163249][ T8551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  172.163264][ T8551] RIP: 0023:0xf70ce579
[  172.163274][ T8551] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  172.163287][ T8551] RSP: 002b:00000000f54be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  172.163298][ T8551] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f54be620
[  172.163306][ T8551] RDX: 000000000000000f RSI: 00000000f7465ff4 RDI: 0000000000000000
[  172.163312][ T8551] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  172.163319][ T8551] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  172.163326][ T8551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  172.163340][ T8551]  </TASK>
[  172.176913][ T6036] usb 9-1: Can not set alternate setting to 1, error: -71
[  172.244514][ T6036] synaptics_usb 9-1:0.0: probe with driver synaptics_usb failed with error -71
[  172.255323][ T6036] usb 9-1: USB disconnect, device number 2
[  172.268254][ T5957] Bluetooth: hci4: command tx timeout
[  172.372801][ T8554] random: crng reseeded on system resumption
[  173.708705][ T1325] usb 44-1: device descriptor read/8, error -110
[  174.099094][ T1325] usb usb44-port1: attempt power cycle
[  174.358321][ T5957] Bluetooth: hci4: command tx timeout
[  174.472139][ T8580] random: crng reseeded on system resumption
[  175.192709][ T8587] sp0: Synchronizing with TNC
[  175.272562][ T1325] usb usb44-port1: unable to enumerate USB device
[  175.316488][ T8590] netlink: 4 bytes leftover after parsing attributes in process `syz.4.704'.
[  175.336010][ T8590] mac80211_hwsim hwsim12 wlan1: entered promiscuous mode
[  175.339804][ T8590] macvtap1: entered promiscuous mode
[  175.344051][ T8590] mac80211_hwsim hwsim12 wlan1: left promiscuous mode
[  175.371738][ T8595] CUSE: unknown device info "�
"
[  175.374449][ T8595] CUSE: zero length info key specified
[  175.393821][ T8595] netlink: 28 bytes leftover after parsing attributes in process `syz.4.704'.
[  175.698227][ T1325] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  176.138251][ T1325] usb 7-1: Using ep0 maxpacket: 16
[  176.143020][ T1325] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.147310][ T1325] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  176.151438][ T1325] usb 7-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  176.156915][ T1325] usb 7-1: config 0 interface 0 has no altsetting 0
[  176.163391][ T1325] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  176.167269][ T1325] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.170700][ T1325] usb 7-1: Product: syz
[  176.172542][ T1325] usb 7-1: Manufacturer: syz
[  176.174561][ T1325] usb 7-1: SerialNumber: syz
[  176.178955][ T1325] usb 7-1: config 0 descriptor??
[  176.305895][ T8613] netlink: 'syz.4.713': attribute type 10 has an invalid length.
[  176.323478][ T8613] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  176.332438][ T8613] netlink: 28 bytes leftover after parsing attributes in process `syz.4.713'.
[  176.415686][ T1325] usb 7-1: Can not set alternate setting to 1, error: -71
[  176.418104][ T1325] synaptics_usb 7-1:0.0: probe with driver synaptics_usb failed with error -71
[  176.425943][ T1325] usb 7-1: USB disconnect, device number 10
[  176.428550][ T5957] Bluetooth: hci4: command tx timeout
[  176.541917][ T8621] sp0: Synchronizing with TNC
[  177.267021][ T8658] netlink: 'syz.4.726': attribute type 39 has an invalid length.
[  177.558275][ T6413] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  177.715308][ T6413] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  177.719529][ T6413] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.723303][ T6413] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.727257][ T6413] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  177.734940][ T6413] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  177.739197][ T6413] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  177.742823][ T6413] usb 9-1: Manufacturer: syz
[  177.752443][ T6413] usb 9-1: config 0 descriptor??
[  178.166263][ T6413] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  178.173169][ T6413] appleir 0003:05AC:8243.0006: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  178.691416][ T5870] usb 9-1: USB disconnect, device number 3
[  179.447445][ T8681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.733'.
[  179.455216][ T8681] macvtap1: entered promiscuous mode
[  179.457576][ T8681] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  179.462769][ T8681] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  179.505836][ T8682] CUSE: unknown device info "�
"
[  179.507992][ T8682] CUSE: zero length info key specified
[  179.533399][ T8681] netlink: 28 bytes leftover after parsing attributes in process `syz.2.733'.
[  179.582112][ T5962] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  179.592202][ T5962] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  179.596467][ T5962] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  179.606936][ T5962] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  179.618543][ T5962] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  179.726477][ T8695] netlink: 'syz.2.739': attribute type 39 has an invalid length.
[  179.816368][ T8683] chnl_net:caif_netlink_parms(): no params data found
[  179.889610][ T8703] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  179.892270][ T8703] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  179.898472][ T8703] vhci_hcd vhci_hcd.0: Device attached
[  179.902469][ T8683] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.905419][ T8683] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.908603][ T8683] bridge_slave_0: entered allmulticast mode
[  179.911327][ T8683] bridge_slave_0: entered promiscuous mode
[  179.915140][ T8683] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.917697][ T8683] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.920794][ T8683] bridge_slave_1: entered allmulticast mode
[  179.925135][ T8683] bridge_slave_1: entered promiscuous mode
[  180.027741][ T8683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  180.029426][ T6413] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  180.033290][ T8683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.128312][ T8683] team0: Port device team_slave_0 added
[  180.132329][ T8683] team0: Port device team_slave_1 added
[  180.195651][ T6413] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  180.202472][ T6413] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.206041][ T6413] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.212878][ T8709] netlink: 161716 bytes leftover after parsing attributes in process `syz.3.740'.
[  180.216822][ T8709] netlink: zone id is out of range
[  180.219658][ T8709] netlink: zone id is out of range
[  180.221805][ T8709] netlink: zone id is out of range
[  180.224132][ T8709] netlink: zone id is out of range
[  180.224239][ T6413] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  180.228433][ T1325] usb 46-1: SetAddress Request (2) to port 0
[  180.228464][ T8709] netlink: zone id is out of range
[  180.228489][ T8709] netlink: zone id is out of range
[  180.228496][ T8709] netlink: zone id is out of range
[  180.228503][ T8709] netlink: zone id is out of range
[  180.228510][ T8709] netlink: zone id is out of range
[  180.228517][ T8709] netlink: zone id is out of range
[  180.245945][ T1325] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  180.250608][ T6413] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  180.254446][ T6413] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  180.257390][ T6413] usb 7-1: Manufacturer: syz
[  180.268300][ T8704] vhci_hcd: connection closed
[  180.270107][ T8705] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  180.275207][ T1144] vhci_hcd: stop threads
[  180.275878][ T6413] usb 7-1: config 0 descriptor??
[  180.277421][ T1144] vhci_hcd: release socket
[  180.278659][ T8683] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.278672][ T8683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.278691][ T8683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.280500][ T8683] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.291393][ T1144] vhci_hcd: disconnect device
[  180.298604][ T8683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.307626][ T8683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  180.439411][ T8683] hsr_slave_0: entered promiscuous mode
[  180.442647][ T8683] hsr_slave_1: entered promiscuous mode
[  180.445473][ T8683] debugfs: 'hsr0' already exists in 'hsr'
[  180.447421][ T8683] Cannot create hsr debugfs directory
[  180.637344][ T8683] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  180.643277][ T8683] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  180.647996][ T8683] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  180.655325][ T8683] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  180.704924][ T6413] appleir 0003:05AC:8243.0007: unknown main item tag 0x0
[  180.713207][ T6413] appleir 0003:05AC:8243.0007: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  180.719749][ T8683] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.724173][ T8727] IPVS: Unknown mcast interface: pim6reg
[  180.739632][ T8683] 8021q: adding VLAN 0 to HW filter on device team0
[  180.751250][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.754836][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.768909][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.771225][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.976914][ T8683] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.129808][ T5870] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  181.189826][ T8683] veth0_vlan: entered promiscuous mode
[  181.197282][ T8683] veth1_vlan: entered promiscuous mode
[  181.215978][ T8683] veth0_macvtap: entered promiscuous mode
[  181.223055][ T8683] veth1_macvtap: entered promiscuous mode
[  181.227886][  T838] usb 7-1: USB disconnect, device number 11
[  181.236587][ T8683] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.248927][ T8683] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.259817][ T1144] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.263771][ T1144] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.268417][ T1144] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.272315][ T1144] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.278363][ T5870] usb 9-1: Using ep0 maxpacket: 16
[  181.283424][ T5870] usb 9-1: config 1 interface 0 altsetting 61 endpoint 0x1 has invalid wMaxPacketSize 0
[  181.287322][ T5870] usb 9-1: config 1 interface 0 altsetting 61 bulk endpoint 0x1 has invalid maxpacket 0
[  181.291671][ T5870] usb 9-1: config 1 interface 0 altsetting 61 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  181.297255][ T5870] usb 9-1: config 1 interface 0 has no altsetting 0
[  181.306635][ T5870] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  181.312025][ T5870] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.315422][ T5870] usb 9-1: Product: syz
[  181.317211][ T5870] usb 9-1: Manufacturer: syz
[  181.319602][ T5870] usb 9-1: SerialNumber: syz
[  181.321460][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.325427][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.339410][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.342796][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.709808][ T5962] Bluetooth: hci5: command tx timeout
[  181.842464][ T8764] netlink: 161716 bytes leftover after parsing attributes in process `syz.2.750'.
[  182.466418][ T8771] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  182.468883][ T8771] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  182.494713][ T8771] vhci_hcd vhci_hcd.0: Device attached
[  182.778691][ T3245] usb 44-1: SetAddress Request (27) to port 0
[  182.780652][ T3245] usb 44-1: new SuperSpeed USB device number 27 using vhci_hcd
[  182.850827][ T8780] tipc: Started in network mode
[  182.853185][ T8780] tipc: Node identity 4a953698dcc9, cluster identity 4711
[  182.856180][ T8780] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  182.861853][ T8780] syzkaller0: entered promiscuous mode
[  182.863641][ T8780] syzkaller0: entered allmulticast mode
[  182.929948][ T8776] vhci_hcd: connection reset by peer
[  182.935307][   T68] vhci_hcd: stop threads
[  182.936805][   T68] vhci_hcd: release socket
[  182.939235][   T68] vhci_hcd: disconnect device
[  183.172223][ T8783] tipc: Resetting bearer <eth:syzkaller0>
[  183.204992][ T8779] tipc: Resetting bearer <eth:syzkaller0>
[  183.213460][ T8779] tipc: Disabling bearer <eth:syzkaller0>
[  183.414897][ T8789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.757'.
[  183.422782][ T8789] macvtap1: entered promiscuous mode
[  183.424465][ T8789] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  183.430170][ T8789] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  183.469298][ T8790] CUSE: unknown device info "�
"
[  183.471118][ T8790] CUSE: zero length info key specified
[  183.480677][ T8790] netlink: 28 bytes leftover after parsing attributes in process `syz.2.757'.
[  183.533792][ T8792] netlink: 'syz.2.758': attribute type 39 has an invalid length.
[  183.778604][    T9] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  183.788387][ T5962] Bluetooth: hci5: command tx timeout
[  183.904312][ T5870] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 61 proto 1 vid 0x0525 pid 0xA4A8
[  183.915302][ T5870] usb 9-1: USB disconnect, device number 4
[  183.922154][ T5870] usblp0: removed
[  183.943205][    T9] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  183.947558][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.952261][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.956895][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  183.964560][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  183.968302][    T9] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  183.971439][    T9] usb 7-1: Manufacturer: syz
[  183.975803][    T9] usb 7-1: config 0 descriptor??
[  184.389786][    T9] appleir 0003:05AC:8243.0008: unknown main item tag 0x0
[  184.399413][    T9] appleir 0003:05AC:8243.0008: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  184.902150][   T54] usb 7-1: USB disconnect, device number 12
[  185.116717][ T8819] FAULT_INJECTION: forcing a failure.
[  185.116717][ T8819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.123353][ T8819] CPU: 3 UID: 0 PID: 8819 Comm: syz.4.767 Not tainted syzkaller #0 PREEMPT(full) 
[  185.123376][ T8819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.123386][ T8819] Call Trace:
[  185.123392][ T8819]  <TASK>
[  185.123398][ T8819]  dump_stack_lvl+0x16c/0x1f0
[  185.123420][ T8819]  should_fail_ex+0x512/0x640
[  185.123455][ T8819]  _copy_from_user+0x2e/0xd0
[  185.123470][ T8819]  ? __pfx_binder_ioctl+0x10/0x10
[  185.123486][ T8819]  binder_ioctl+0x362/0x71f0
[  185.123507][ T8819]  ? find_held_lock+0x2b/0x80
[  185.123527][ T8819]  ? tomoyo_path_number_perm+0x295/0x580
[  185.123549][ T8819]  ? tomoyo_path_number_perm+0x18d/0x580
[  185.123568][ T8819]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  185.123586][ T8819]  ? __pfx_binder_ioctl+0x10/0x10
[  185.123606][ T8819]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.123624][ T8819]  ? do_vfs_ioctl+0x128/0x14f0
[  185.123646][ T8819]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  185.123673][ T8819]  ? find_held_lock+0x2b/0x80
[  185.123690][ T8819]  ? hook_file_ioctl_common+0x145/0x410
[  185.123714][ T8819]  ? __fget_files+0x20e/0x3c0
[  185.123737][ T8819]  ? __pfx_binder_ioctl+0x10/0x10
[  185.123756][ T8819]  compat_ptr_ioctl+0x6e/0xa0
[  185.123775][ T8819]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  185.123795][ T8819]  __ia32_compat_sys_ioctl+0x242/0x370
[  185.123819][ T8819]  __do_fast_syscall_32+0x7c/0x300
[  185.123836][ T8819]  do_fast_syscall_32+0x32/0x80
[  185.123850][ T8819]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  185.123871][ T8819] RIP: 0023:0xf702e579
[  185.123884][ T8819] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  185.123902][ T8819] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  185.123919][ T8819] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000004018620d
[  185.123929][ T8819] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  185.123938][ T8819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  185.123947][ T8819] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  185.123955][ T8819] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  185.123973][ T8819]  </TASK>
[  185.123980][ T8819] binder: 8818:8819 ioctl 4018620d 80000100 returned -22
[  185.186944][ T8809] syz.3.763 (8809): drop_caches: 1
[  185.187779][ T8806] syz.3.763 (8806): drop_caches: 1
[  185.300803][ T8806] syz.3.763 (8806): drop_caches: 1
[  185.318382][ T1325] usb 46-1: device descriptor read/8, error -110
[  185.627936][ T8836] overlayfs: failed to resolve './file1': -2
[  185.728782][ T1325] usb usb46-port1: attempt power cycle
[  185.868312][ T5962] Bluetooth: hci5: command tx timeout
[  185.979661][ T8847] netlink: 'syz.2.776': attribute type 39 has an invalid length.
[  186.403025][   T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  186.410021][ T1325] usb usb46-port1: unable to enumerate USB device
[  186.550119][   T10] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  186.555192][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.562523][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.566480][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  186.573259][   T10] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  186.577076][   T10] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  186.580339][   T10] usb 7-1: Manufacturer: syz
[  186.586645][   T10] usb 7-1: config 0 descriptor??
[  186.999981][   T10] usbhid 7-1:0.0: can't add hid device: -71
[  187.002353][   T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  187.008025][   T10] usb 7-1: USB disconnect, device number 13
[  187.201390][ T8874] FAULT_INJECTION: forcing a failure.
[  187.201390][ T8874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.207962][ T8874] CPU: 1 UID: 0 PID: 8874 Comm: syz.5.786 Not tainted syzkaller #0 PREEMPT(full) 
[  187.207978][ T8874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.207985][ T8874] Call Trace:
[  187.207989][ T8874]  <TASK>
[  187.207994][ T8874]  dump_stack_lvl+0x16c/0x1f0
[  187.208010][ T8874]  should_fail_ex+0x512/0x640
[  187.208031][ T8874]  _copy_from_user+0x2e/0xd0
[  187.208042][ T8874]  kstrtouint_from_user+0xd6/0x1d0
[  187.208057][ T8874]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  187.208069][ T8874]  ? __lock_acquire+0xb97/0x1ce0
[  187.208092][ T8874]  proc_fail_nth_write+0x83/0x220
[  187.208103][ T8874]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  187.208117][ T8874]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  187.208140][ T8874]  vfs_write+0x29d/0x11d0
[  187.208155][ T8874]  ? __pfx_vfs_write+0x10/0x10
[  187.208164][ T8874]  ? find_held_lock+0x2b/0x80
[  187.208180][ T8874]  ? __fget_files+0x20e/0x3c0
[  187.208201][ T8874]  ksys_write+0x12a/0x250
[  187.208211][ T8874]  ? __pfx_ksys_write+0x10/0x10
[  187.208223][ T8874]  ? rcu_is_watching+0x12/0xc0
[  187.208238][ T8874]  __do_fast_syscall_32+0x7c/0x300
[  187.208252][ T8874]  do_fast_syscall_32+0x32/0x80
[  187.208264][ T8874]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.208278][ T8874] RIP: 0023:0xf70ce579
[  187.208287][ T8874] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.208299][ T8874] RSP: 002b:00000000f54be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  187.208310][ T8874] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54be620
[  187.208317][ T8874] RDX: 0000000000000001 RSI: 00000000f7465ff4 RDI: 0000000000000000
[  187.208323][ T8874] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  187.208329][ T8874] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.208335][ T8874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.208349][ T8874]  </TASK>
[  187.306458][ T8880] Unsupported ieee802154 address type: 0
[  187.418850][ T8883] net_ratelimit: 110 callbacks suppressed
[  187.418862][ T8883] openvswitch: netlink: IP tunnel dst address not specified
[  187.525913][ T8883] Unknown options in mask b7f2
[  187.868474][ T3245] usb 44-1: device descriptor read/8, error -110
[  187.928311][ T6019] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  187.949498][ T5962] Bluetooth: hci5: command tx timeout
[  188.095023][ T6019] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  188.098504][ T6019] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  188.102510][ T6019] usb 8-1: config 0 interface 0 has no altsetting 0
[  188.108670][ T6019] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  188.113692][ T6019] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  188.132005][ T6019] usb 8-1: Product: syz
[  188.134489][ T6019] usb 8-1: Manufacturer: syz
[  188.136772][ T6019] usb 8-1: SerialNumber: syz
[  188.147321][ T6019] usb 8-1: config 0 descriptor??
[  188.152320][ T6019] hub 8-1:0.0: bad descriptor, ignoring hub
[  188.154827][ T6019] hub 8-1:0.0: probe with driver hub failed with error -5
[  188.170256][ T6019] usb 8-1: selecting invalid altsetting 0
[  188.269276][ T3245] usb usb44-port1: attempt power cycle
[  188.666137][ T8907] syz.5.797 (8907): drop_caches: 1
[  188.697762][ T8907] syz.5.797 (8907): drop_caches: 1
[  188.699145][ T8911] netlink: 'syz.2.798': attribute type 39 has an invalid length.
[  188.729485][ T8909] syz.5.797 (8909): drop_caches: 1
[  188.839038][ T3245] usb usb44-port1: unable to enumerate USB device
[  188.958242][ T6413] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  189.113550][ T8928] FAULT_INJECTION: forcing a failure.
[  189.113550][ T8928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.118058][ T8928] CPU: 1 UID: 0 PID: 8928 Comm: syz.4.804 Not tainted syzkaller #0 PREEMPT(full) 
[  189.118075][ T8928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  189.118082][ T8928] Call Trace:
[  189.118087][ T8928]  <TASK>
[  189.118093][ T8928]  dump_stack_lvl+0x16c/0x1f0
[  189.118110][ T8928]  should_fail_ex+0x512/0x640
[  189.118143][ T8928]  _copy_to_user+0x32/0xd0
[  189.118162][ T8928]  simple_read_from_buffer+0xcb/0x170
[  189.118181][ T8928]  proc_fail_nth_read+0x197/0x240
[  189.118200][ T8928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.118218][ T8928]  ? rw_verify_area+0xcf/0x6c0
[  189.118235][ T8928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.118252][ T8928]  vfs_read+0x1e4/0xcf0
[  189.118265][ T8928]  ? __pfx_vfs_read+0x10/0x10
[  189.118274][ T8928]  ? find_held_lock+0x2b/0x80
[  189.118290][ T8928]  ? __fget_files+0x20e/0x3c0
[  189.118311][ T8928]  ksys_read+0x12a/0x250
[  189.118321][ T8928]  ? __pfx_ksys_read+0x10/0x10
[  189.118332][ T8928]  ? rcu_is_watching+0x12/0xc0
[  189.118351][ T8928]  __do_fast_syscall_32+0x7c/0x300
[  189.118365][ T8928]  do_fast_syscall_32+0x32/0x80
[  189.118376][ T8928]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  189.118390][ T8928] RIP: 0023:0xf702e579
[  189.118399][ T8928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.118410][ T8928] RSP: 002b:00000000f541e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  189.118421][ T8928] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f541e620
[  189.118428][ T8928] RDX: 000000000000000f RSI: 00000000f73c5ff4 RDI: 0000000000000000
[  189.118435][ T8928] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  189.118441][ T8928] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  189.118448][ T8928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.118461][ T8928]  </TASK>
[  189.121142][ T6413] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  189.855139][ T6413] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.859956][ T6413] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.864473][ T6413] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  189.869772][ T8938] netlink: 4 bytes leftover after parsing attributes in process `syz.5.808'.
[  189.871258][ T6413] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  189.876586][ T6413] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  189.878050][ T8938] mac80211_hwsim hwsim14 wlan1: entered promiscuous mode
[  189.879282][ T6413] usb 7-1: Manufacturer: syz
[  189.881612][ T8938] macvtap1: entered promiscuous mode
[  189.885079][ T6413] usb 7-1: config 0 descriptor??
[  189.889867][ T8938] mac80211_hwsim hwsim14 wlan1: left promiscuous mode
[  189.926311][ T8939] CUSE: unknown device info "�
"
[  189.927924][ T8939] CUSE: zero length info key specified
[  189.937780][ T8939] netlink: 28 bytes leftover after parsing attributes in process `syz.5.808'.
[  190.016143][ T8943] FAULT_INJECTION: forcing a failure.
[  190.016143][ T8943] name failslab, interval 1, probability 0, space 0, times 0
[  190.022084][ T8943] CPU: 1 UID: 0 PID: 8943 Comm: syz.5.810 Not tainted syzkaller #0 PREEMPT(full) 
[  190.022101][ T8943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.022108][ T8943] Call Trace:
[  190.022112][ T8943]  <TASK>
[  190.022117][ T8943]  dump_stack_lvl+0x16c/0x1f0
[  190.022147][ T8943]  should_fail_ex+0x512/0x640
[  190.022165][ T8943]  ? fs_reclaim_acquire+0xae/0x150
[  190.022180][ T8943]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  190.022196][ T8943]  should_failslab+0xc2/0x120
[  190.022208][ T8943]  __kmalloc_noprof+0xd2/0x510
[  190.022222][ T8943]  tomoyo_realpath_from_path+0xc2/0x6e0
[  190.022238][ T8943]  ? tomoyo_profile+0x47/0x60
[  190.022255][ T8943]  tomoyo_path_perm+0x274/0x460
[  190.022266][ T8943]  ? tomoyo_path_perm+0x260/0x460
[  190.022278][ T8943]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  190.022306][ T8943]  ? do_raw_spin_lock+0x12c/0x2b0
[  190.022323][ T8943]  tomoyo_path_rmdir+0x91/0xe0
[  190.022338][ T8943]  ? __pfx_tomoyo_path_rmdir+0x10/0x10
[  190.022360][ T8943]  security_path_rmdir+0x145/0x2b0
[  190.022372][ T8943]  do_rmdir+0x27b/0x3c0
[  190.022383][ T8943]  ? __pfx_do_rmdir+0x10/0x10
[  190.022394][ T8943]  ? strncpy_from_user+0x203/0x2e0
[  190.022412][ T8943]  ? getname_flags.part.0+0x1c5/0x550
[  190.022425][ T8943]  ? __pfx_ksys_write+0x10/0x10
[  190.022438][ T8943]  __ia32_sys_unlinkat+0xef/0x130
[  190.022450][ T8943]  __do_fast_syscall_32+0x7c/0x300
[  190.022464][ T8943]  do_fast_syscall_32+0x32/0x80
[  190.022475][ T8943]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.022489][ T8943] RIP: 0023:0xf70ce579
[  190.022499][ T8943] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.022509][ T8943] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 000000000000012d
[  190.022520][ T8943] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[  190.022527][ T8943] RDX: 0000000000000200 RSI: 0000000000000000 RDI: 0000000000000000
[  190.022533][ T8943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.022540][ T8943] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.022546][ T8943] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.022559][ T8943]  </TASK>
[  190.022591][ T8943] ERROR: Out of memory at tomoyo_realpath_from_path.
[  190.294027][ T6413] usbhid 7-1:0.0: can't add hid device: -71
[  190.296051][ T6413] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  190.302116][ T6413] usb 7-1: USB disconnect, device number 14
[  190.748725][ T5870] usb 8-1: USB disconnect, device number 17
[  191.001000][ T8964] usb usb4: usbfs: process 8964 (syz.3.818) did not claim interface 0 before use
[  191.162741][  T838] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  191.328344][  T838] usb 7-1: Using ep0 maxpacket: 16
[  191.332229][  T838] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  191.340944][  T838] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  191.344770][  T838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.348461][  T838] usb 7-1: Product: syz
[  191.350242][  T838] usb 7-1: Manufacturer: syz
[  191.352216][  T838] usb 7-1: SerialNumber: syz
[  191.357811][ T8972] vivid-001: disconnect
[  191.364883][  T838] usb 7-1: config 0 descriptor??
[  191.369006][  T838] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  191.371932][  T838] em28xx 7-1:0.0: DVB interface 0 found: bulk
[  191.460225][ T8973] netlink: 24 bytes leftover after parsing attributes in process `syz.3.818'.
[  191.478544][ T8977] netlink: 'syz.4.822': attribute type 39 has an invalid length.
[  191.728411][ T6037] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  191.830192][  T838] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  191.889487][ T6037] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  191.894000][ T6037] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.894313][  T838] em28xx 7-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  191.897512][ T6037] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.897531][ T6037] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  191.898884][ T6037] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  191.902799][  T838] em28xx 7-1:0.0: board has no eeprom
[  191.905925][ T6037] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  191.920938][ T6037] usb 9-1: Manufacturer: syz
[  191.927763][ T6037] usb 9-1: config 0 descriptor??
[  191.978314][  T838] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  191.980831][  T838] em28xx 7-1:0.0: dvb set to bulk mode.
[  191.983418][ T6413] em28xx 7-1:0.0: Binding DVB extension
[  191.999695][  T838] usb 7-1: USB disconnect, device number 15
[  192.002347][  T838] em28xx 7-1:0.0: Disconnecting em28xx
[  192.043045][ T6413] em28xx 7-1:0.0: Registering input extension
[  192.047858][  T838] em28xx 7-1:0.0: Closing input extension
[  192.063397][  T838] em28xx 7-1:0.0: Freeing device
[  192.130962][ T8970] vivid-001: reconnect
[  192.336476][ T6037] usbhid 9-1:0.0: can't add hid device: -71
[  192.349139][ T6037] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  192.359197][ T6037] usb 9-1: USB disconnect, device number 5
[  192.570769][ T8995] netlink: 24 bytes leftover after parsing attributes in process `syz.2.829'.
[  193.034734][ T9008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.834'.
[  193.043001][ T9008] CUSE: unknown device info "�
"
[  193.044930][ T9008] CUSE: zero length info key specified
[  193.054164][ T9008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.834'.
[  193.382645][ T9015] fuse: Bad value for 'fd'
[  193.420174][ T9015] 9pnet: Could not find request transport: xen
[  193.428867][ T9015] tmpfs: Unknown parameter '"]���^H��~/�}quota'
[  193.434104][   T40] audit: type=1326 audit(1759432080.169:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.441062][   T40] audit: type=1326 audit(1759432080.169:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.447876][   T40] audit: type=1326 audit(1759432080.169:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.457356][   T40] audit: type=1326 audit(1759432080.169:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.465342][   T40] audit: type=1326 audit(1759432080.169:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.473025][   T40] audit: type=1326 audit(1759432080.169:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.481962][   T40] audit: type=1326 audit(1759432080.169:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.490036][   T40] audit: type=1326 audit(1759432080.169:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.497382][   T40] audit: type=1326 audit(1759432080.169:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.505370][   T40] audit: type=1326 audit(1759432080.169:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.3.837" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  193.628615][ T9028] FAULT_INJECTION: forcing a failure.
[  193.628615][ T9028] name failslab, interval 1, probability 0, space 0, times 0
[  193.632544][ T9028] CPU: 2 UID: 0 PID: 9028 Comm: syz.5.841 Not tainted syzkaller #0 PREEMPT(full) 
[  193.632560][ T9028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.632567][ T9028] Call Trace:
[  193.632571][ T9028]  <TASK>
[  193.632576][ T9028]  dump_stack_lvl+0x16c/0x1f0
[  193.632593][ T9028]  should_fail_ex+0x512/0x640
[  193.632611][ T9028]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  193.632629][ T9028]  should_failslab+0xc2/0x120
[  193.632643][ T9028]  __kmalloc_cache_noprof+0x6a/0x3e0
[  193.632659][ T9028]  ? __xa_alloc_cyclic+0x1f3/0x340
[  193.632672][ T9028]  ? __xdp_reg_mem_model+0x134/0x680
[  193.632688][ T9028]  __xdp_reg_mem_model+0x134/0x680
[  193.632701][ T9028]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[  193.632716][ T9028]  ? page_pool_list+0x1ca/0x240
[  193.632733][ T9028]  xdp_reg_mem_model+0x22/0x70
[  193.632746][ T9028]  bpf_test_run_xdp_live+0x1c7/0x500
[  193.632765][ T9028]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  193.632782][ T9028]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  193.632795][ T9028]  ? find_held_lock+0x2b/0x80
[  193.632811][ T9028]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  193.632838][ T9028]  ? bpf_dispatcher_xdp+0x800/0x1000
[  193.632849][ T9028]  ? bpf_dispatcher_xdp+0x800/0x1000
[  193.632857][ T9028]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[  193.632878][ T9028]  bpf_prog_test_run_xdp+0x87e/0x1670
[  193.632892][ T9028]  ? __fget_files+0x204/0x3c0
[  193.632909][ T9028]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  193.632921][ T9028]  ? __might_fault+0x80/0x190
[  193.632955][ T9028]  ? fput+0x9b/0xd0
[  193.632973][ T9028]  ? __bpf_prog_get+0x97/0x2a0
[  193.632995][ T9028]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  193.633010][ T9028]  __sys_bpf+0x1032/0x4980
[  193.633024][ T9028]  ? __pfx___sys_bpf+0x10/0x10
[  193.633035][ T9028]  ? find_held_lock+0x2b/0x80
[  193.633049][ T9028]  ? find_held_lock+0x2b/0x80
[  193.633064][ T9028]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  193.633082][ T9028]  ? fput+0x9b/0xd0
[  193.633095][ T9028]  ? ksys_write+0x1ac/0x250
[  193.633105][ T9028]  ? __pfx_ksys_write+0x10/0x10
[  193.633117][ T9028]  __ia32_sys_bpf+0x76/0xe0
[  193.633129][ T9028]  __do_fast_syscall_32+0x7c/0x300
[  193.633142][ T9028]  do_fast_syscall_32+0x32/0x80
[  193.633153][ T9028]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.633168][ T9028] RIP: 0023:0xf70ce579
[  193.633177][ T9028] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.633188][ T9028] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  193.633198][ T9028] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000000
[  193.633205][ T9028] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  193.633211][ T9028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.633217][ T9028] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  193.633224][ T9028] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.633236][ T9028]  </TASK>
[  193.701876][ T9032] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'.
[  193.742695][ T9032] macvtap1: entered promiscuous mode
[  193.744504][ T9032] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  193.749198][ T9032] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  193.761961][ T9037] CUSE: unknown device info "�
"
[  193.763622][ T9037] CUSE: zero length info key specified
[  193.769341][ T9037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.844'.
[  193.871340][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  193.873699][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  193.992330][ T9049] netlink: 'syz.2.849': attribute type 39 has an invalid length.
[  194.248297][  T838] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  194.364561][ T9062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.854'.
[  194.375195][ T9062] CUSE: unknown device info "�
"
[  194.377340][ T9062] CUSE: zero length info key specified
[  194.383989][ T9062] netlink: 28 bytes leftover after parsing attributes in process `syz.4.854'.
[  194.419253][  T838] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  194.423329][  T838] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.427485][  T838] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.438300][  T838] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  194.443652][  T838] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  194.447659][  T838] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  194.451371][  T838] usb 7-1: Manufacturer: syz
[  194.456915][  T838] usb 7-1: config 0 descriptor??
[  194.462933][ T9066] usb usb8: usbfs: interface 0 claimed by hub while 'syz.5.856' resets device
[  194.902102][  T838] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  194.918357][  T838] appleir 0003:05AC:8243.0009: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  195.473035][ T9086] netlink: 'syz.3.861': attribute type 39 has an invalid length.
[  195.567406][ T9092] FAULT_INJECTION: forcing a failure.
[  195.567406][ T9092] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.572004][ T9092] CPU: 0 UID: 0 PID: 9092 Comm: syz.4.863 Not tainted syzkaller #0 PREEMPT(full) 
[  195.572021][ T9092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.572028][ T9092] Call Trace:
[  195.572033][ T9092]  <TASK>
[  195.572037][ T9092]  dump_stack_lvl+0x16c/0x1f0
[  195.572053][ T9092]  should_fail_ex+0x512/0x640
[  195.572074][ T9092]  _copy_to_user+0x32/0xd0
[  195.572086][ T9092]  simple_read_from_buffer+0xcb/0x170
[  195.572105][ T9092]  proc_fail_nth_read+0x197/0x240
[  195.572124][ T9092]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  195.572157][ T9092]  ? rw_verify_area+0xcf/0x6c0
[  195.572174][ T9092]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  195.572192][ T9092]  vfs_read+0x1e4/0xcf0
[  195.572206][ T9092]  ? __pfx_vfs_read+0x10/0x10
[  195.572215][ T9092]  ? find_held_lock+0x2b/0x80
[  195.572232][ T9092]  ? __fget_files+0x20e/0x3c0
[  195.572254][ T9092]  ksys_read+0x12a/0x250
[  195.572264][ T9092]  ? __pfx_ksys_read+0x10/0x10
[  195.572276][ T9092]  ? rcu_is_watching+0x12/0xc0
[  195.572296][ T9092]  __do_fast_syscall_32+0x7c/0x300
[  195.572310][ T9092]  do_fast_syscall_32+0x32/0x80
[  195.572322][ T9092]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  195.572337][ T9092] RIP: 0023:0xf702e579
[  195.572346][ T9092] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  195.572358][ T9092] RSP: 002b:00000000f541e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  195.572369][ T9092] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f541e620
[  195.572376][ T9092] RDX: 000000000000000f RSI: 00000000f73c5ff4 RDI: 0000000000000000
[  195.572382][ T9092] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  195.572389][ T9092] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  195.572395][ T9092] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  195.572409][ T9092]  </TASK>
[  195.667469][ T9094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.864'.
[  195.676647][ T9094] CUSE: unknown device info "�
"
[  195.678493][ T9094] CUSE: zero length info key specified
[  195.685440][ T9094] netlink: 28 bytes leftover after parsing attributes in process `syz.4.864'.
[  195.778275][    T9] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  195.941239][    T9] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  195.945077][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.949036][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.952776][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  195.959987][    T9] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  195.963679][    T9] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  195.966346][    T9] usb 8-1: Manufacturer: syz
[  195.969654][    T9] usb 8-1: config 0 descriptor??
[  195.979673][ T9100] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  195.982734][ T9100] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  195.986520][ T9100] vhci_hcd vhci_hcd.0: Device attached
[  196.258447][  T838] usb 46-1: SetAddress Request (6) to port 0
[  196.260618][  T838] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  196.308485][ T9101] vhci_hcd: connection reset by peer
[  196.310803][ T1142] vhci_hcd: stop threads
[  196.312600][ T1142] vhci_hcd: release socket
[  196.314531][ T1142] vhci_hcd: disconnect device
[  196.448642][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  196.451572][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  196.458431][    T9] usb 8-1: USB disconnect, device number 18
[  196.990432][ T9114] netlink: 12 bytes leftover after parsing attributes in process `syz.3.871'.
[  197.054477][ T9118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.873'.
[  197.065474][ T9118] macvtap1: entered promiscuous mode
[  197.067659][ T9118] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  197.073861][ T9118] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  197.111282][ T9119] CUSE: unknown device info "�
"
[  197.113506][ T9119] CUSE: zero length info key specified
[  197.122178][ T9119] netlink: 28 bytes leftover after parsing attributes in process `syz.3.873'.
[  197.189117][   T10] usb 7-1: reset high-speed USB device number 16 using dummy_hcd
[  197.235288][ T9123] netlink: 'syz.3.875': attribute type 39 has an invalid length.
[  197.349686][   T10] usb 7-1: device firmware changed
[  197.355149][ T5870] usb 7-1: USB disconnect, device number 16
[  197.385016][ T9125] netlink: 'syz.4.876': attribute type 8 has an invalid length.
[  197.387788][ T9125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.876'.
[  197.489564][ T5870] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  197.490838][ T9126] bond0: (slave wlan1): Releasing backup interface
[  197.498503][ T6036] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  197.542743][ T9127] team0: Mode changed to "loadbalance"
[  197.631874][ T9126] netlink: 'syz.4.876': attribute type 10 has an invalid length.
[  197.637277][ T9126] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.641490][ T5870] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  197.644448][ T5870] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  197.647814][ T5870] usb 7-1: config 0 interface 0 has no altsetting 0
[  197.650423][ T9126] team0: Port device bond0 added
[  197.653401][ T5870] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  197.657858][ T5870] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  197.661256][ T5870] usb 7-1: Product: syz
[  197.662768][ T5870] usb 7-1: Manufacturer: syz
[  197.664090][ T6036] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  197.664269][ T5870] usb 7-1: SerialNumber: syz
[  197.668531][ T9126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.876'.
[  197.671351][ T6036] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.675349][ T5870] usb 7-1: config 0 descriptor??
[  197.678610][ T6036] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.681667][ T5870] hub 7-1:0.0: bad descriptor, ignoring hub
[  197.683682][ T6036] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  197.685905][ T5870] hub 7-1:0.0: probe with driver hub failed with error -5
[  197.691618][ T6036] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  197.694629][ T5870] usb 7-1: selecting invalid altsetting 0
[  197.697945][ T6036] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  197.697960][ T6036] usb 8-1: Manufacturer: syz
[  197.699208][ T6036] usb 8-1: config 0 descriptor??
[  197.814897][ T9126] team0 (unregistering): Port device bond0 removed
[  198.123058][ T6036] appleir 0003:05AC:8243.000A: unknown main item tag 0x0
[  198.128408][ T6036] appleir 0003:05AC:8243.000A: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  198.201012][ T9133] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  198.203204][ T9133] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  198.215428][ T9133] vhci_hcd vhci_hcd.0: Device attached
[  198.499142][ T9134] vhci_hcd: connection closed
[  198.499382][ T1213] vhci_hcd: stop threads
[  198.504085][ T1213] vhci_hcd: release socket
[  198.510013][ T1213] vhci_hcd: disconnect device
[  198.723774][ T5870] usb 8-1: USB disconnect, device number 19
[  198.762211][ T9144] netlink: 'syz.4.879': attribute type 39 has an invalid length.
[  199.283839][ T9150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.882'.
[  199.290779][ T9150] macvtap1: entered promiscuous mode
[  199.292575][ T9150] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  199.297216][ T9150] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  199.340140][ T9155] CUSE: unknown device info "�
"
[  199.341917][ T9155] CUSE: zero length info key specified
[  199.347545][ T9155] netlink: 28 bytes leftover after parsing attributes in process `syz.3.882'.
[  199.748636][ T5870] usb 7-1: USB disconnect, device number 17
[  199.768330][ T6037] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  199.920554][ T6037] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84
[  199.924460][ T6037] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1023
[  199.927592][ T6037] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  199.931499][ T6037] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  199.937548][ T6037] usb 8-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  199.940687][ T6037] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.944107][ T6037] usb 8-1: Product: syz
[  199.945556][ T6037] usb 8-1: Manufacturer: syz
[  199.947085][ T6037] usb 8-1: SerialNumber: syz
[  199.950467][ T6037] usb 8-1: config 0 descriptor??
[  199.953350][ T9163] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  199.957837][ T6037] usb 8-1: ucan: probing device on interface #0
[  199.960899][ T6037] usb 8-1: ucan: invalid endpoint configuration
[  199.963503][ T6037] usb 8-1: ucan: probe failed; try to update the device firmware
[  200.380791][ T9176] netlink: 'syz.5.889': attribute type 39 has an invalid length.
[  200.625971][ T9179] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  200.628227][ T9179] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  200.631286][ T9179] vhci_hcd vhci_hcd.0: Device attached
[  200.678343][ T6037] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  200.762502][ T9186] netlink: 'syz.2.891': attribute type 39 has an invalid length.
[  200.850209][ T6037] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  200.854694][ T6037] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.858824][ T6037] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.861794][ T6037] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  200.866770][ T6037] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  200.872069][ T6037] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  200.875072][ T6037] usb 10-1: Manufacturer: syz
[  200.879623][ T6037] usb 10-1: config 0 descriptor??
[  200.958166][ T9180] vhci_hcd: connection closed
[  200.958469][   T46] vhci_hcd: stop threads
[  200.962418][   T46] vhci_hcd: release socket
[  200.964979][   T46] vhci_hcd: disconnect device
[  201.293035][ T6037] appleir 0003:05AC:8243.000B: unknown main item tag 0x0
[  201.301373][ T6037] appleir 0003:05AC:8243.000B: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[  201.308478][  T838] usb 46-1: device descriptor read/8, error -110
[  201.577141][ T9205] MPI: mpi too large (130952 bits)
[  201.631455][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.2.896'.
[  201.668718][ T9207] loop2: detected capacity change from 0 to 7
[  201.681327][ T9207] Dev loop2: unable to read RDB block 7
[  201.686638][ T9207]  loop2: unable to read partition table
[  201.689030][ T9207] loop2: partition table beyond EOD, truncated
[  201.691289][ T9207] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  201.702217][  T838] usb usb46-port1: attempt power cycle
[  201.814167][ T4652] usb 10-1: USB disconnect, device number 2
[  201.907210][ T5363] Dev loop2: unable to read RDB block 7
[  201.909250][ T5363]  loop2: unable to read partition table
[  201.911202][ T5363] loop2: partition table beyond EOD, truncated
[  201.934391][ T5363] Dev loop2: unable to read RDB block 7
[  201.936730][ T5363]  loop2: unable to read partition table
[  201.938901][ T5363] loop2: partition table beyond EOD, truncated
[  202.085293][ T5363] Dev loop2: unable to read RDB block 7
[  202.087464][ T5363]  loop2: unable to read partition table
[  202.089833][ T5363] loop2: partition table beyond EOD, truncated
[  202.105833][ T9217] netlink: 'syz.2.901': attribute type 39 has an invalid length.
[  202.289716][  T838] usb usb46-port1: unable to enumerate USB device
[  202.348462][ T9219] netlink: 'syz.5.902': attribute type 8 has an invalid length.
[  202.350943][ T9219] netlink: 8 bytes leftover after parsing attributes in process `syz.5.902'.
[  202.422082][ T6036] usb 8-1: USB disconnect, device number 20
[  202.422815][ T9220] bridge_slave_0: left allmulticast mode
[  202.426758][ T9220] bridge_slave_0: left promiscuous mode
[  202.429045][ T9220] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.441591][ T9220] bridge_slave_1: left allmulticast mode
[  202.443592][ T9220] bridge_slave_1: left promiscuous mode
[  202.445717][ T9220] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.459003][ T9220] bond0: (slave bond_slave_0): Releasing backup interface
[  202.521517][ T9220] bond0: (slave bond_slave_1): Releasing backup interface
[  202.525901][ T9226] netlink: 'syz.5.902': attribute type 10 has an invalid length.
[  202.540902][ T9220] team0: Port device team_slave_0 removed
[  202.559191][ T9220] team0: Port device team_slave_1 removed
[  202.562599][ T9220] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.565055][ T9222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.903'.
[  202.568463][ T9222] netlink: 24 bytes leftover after parsing attributes in process `syz.3.903'.
[  202.577951][ T9220] batman_adv: batadv0: Removing interface: batadv_slave_0
[  202.593054][ T9220] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.596018][ T9220] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.604260][ T9229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.905'.
[  202.604509][ T9230] netlink: 4 bytes leftover after parsing attributes in process `syz.5.902'.
[  202.637178][ T9223] team0: Mode changed to "loadbalance"
[  202.654514][ T9226] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.657878][ T9226] team0: Port device bond0 added
[  202.669965][ T9233] CUSE: unknown device info "�
"
[  202.671862][ T9233] CUSE: zero length info key specified
[  202.674489][ T9229] macvtap1: entered promiscuous mode
[  202.677071][ T9229] mac80211_hwsim hwsim12 wlan1: entered promiscuous mode
[  202.682511][ T9233] netlink: 28 bytes leftover after parsing attributes in process `syz.4.905'.
[  202.752514][ T9229] mac80211_hwsim hwsim12 wlan1: left promiscuous mode
[  202.963690][ T9230] team0 (unregistering): Port device bond0 removed
[  203.192690][ T9239] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  203.194922][ T9239] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  203.201300][ T9239] vhci_hcd vhci_hcd.0: Device attached
[  203.420702][ T9247] netlink: 'syz.3.910': attribute type 39 has an invalid length.
[  203.691139][ T9240] vhci_hcd: connection closed
[  203.691947][   T13] vhci_hcd: stop threads
[  203.694761][   T13] vhci_hcd: release socket
[  203.697958][   T13] vhci_hcd: disconnect device
[  203.708332][ T6037] usb 42-1: enqueue for inactive port 0
[  203.908229][ T6036] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  204.208970][ T6037] usb usb42-port1: attempt power cycle
[  204.682744][ T6036] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  204.686351][ T6036] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.785527][ T6037] usb usb42-port1: unable to enumerate USB device
[  205.760099][ T6036] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.763243][ T6036] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  205.770553][ T6036] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  205.773970][ T6036] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  205.776444][ T6036] usb 8-1: Manufacturer: syz
[  205.779291][ T6036] usb 8-1: config 0 descriptor??
[  205.863793][ T9258] netlink: 4 bytes leftover after parsing attributes in process `syz.5.915'.
[  205.870786][ T9258] mac80211_hwsim hwsim14 wlan1: entered promiscuous mode
[  205.873368][ T9258] macvtap1: entered promiscuous mode
[  205.877413][ T9258] mac80211_hwsim hwsim14 wlan1: left promiscuous mode
[  205.918944][ T9260] CUSE: unknown device info "�
"
[  205.920670][ T9260] CUSE: zero length info key specified
[  205.927025][ T9260] netlink: 28 bytes leftover after parsing attributes in process `syz.5.915'.
[  206.185120][ T6036] appleir 0003:05AC:8243.000C: unknown main item tag 0x0
[  206.191372][ T6036] appleir 0003:05AC:8243.000C: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  206.345248][ T9268] netlink: 16 bytes leftover after parsing attributes in process `syz.5.917'.
[  206.703139][  T838] usb 8-1: USB disconnect, device number 21
[  207.277861][ T9289] netlink: 4 bytes leftover after parsing attributes in process `syz.3.924'.
[  207.287607][ T9289] macvtap1: entered promiscuous mode
[  207.289987][ T9289] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  207.294856][ T9289] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  207.338622][ T9292] CUSE: unknown device info "�
"
[  207.340465][ T9292] CUSE: zero length info key specified
[  207.345732][ T9292] netlink: 28 bytes leftover after parsing attributes in process `syz.3.924'.
[  207.430160][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.432745][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.435114][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.437451][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.441000][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.444189][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.446594][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.449456][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.452502][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.455498][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  207.463139][   T10] hid-generic 0000:0000:0000.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  207.490676][ T9299] fido_id[9299]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  207.638262][ T6037] usb 8-1: new full-speed USB device number 22 using dummy_hcd
[  207.643681][   T53] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  207.811499][   T53] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  207.815554][   T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  207.819389][ T6037] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  207.823465][   T53] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  207.827043][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.830680][ T6037] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  207.835138][ T6037] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  207.839516][   T53] usb 7-1: config 0 descriptor??
[  207.841728][ T6037] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.847843][   T53] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  207.851519][ T6037] usb 8-1: config 0 descriptor??
[  207.854330][   T53] dvb-usb: bulk message failed: -22 (3/0)
[  207.861380][ T6037] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  207.864588][   T53] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  207.867831][ T6037] dvb-usb: bulk message failed: -22 (3/0)
[  207.870908][   T53] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  207.873439][   T53] usb 7-1: media controller created
[  207.878545][ T6037] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  207.882375][   T53] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  207.887334][ T6037] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  207.891639][ T6037] usb 8-1: media controller created
[  207.894544][   T53] dvb-usb: bulk message failed: -22 (6/0)
[  207.898315][ T6037] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  207.901687][   T53] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  207.906410][   T53] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input14
[  207.915920][ T6037] dvb-usb: bulk message failed: -22 (6/0)
[  207.918556][ T6037] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  207.923679][   T53] dvb-usb: schedule remote query interval to 150 msecs.
[  207.926225][   T53] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  207.931335][ T6037] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input15
[  207.938394][ T6037] dvb-usb: schedule remote query interval to 150 msecs.
[  207.940574][ T6037] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  208.051939][ T9295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.055983][ T9295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.061953][ T9297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.065135][ T9297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.078302][ T6037] dvb-usb: bulk message failed: -22 (1/0)
[  208.081571][ T6037] dvb-usb: error while querying for an remote control event.
[  208.099163][ T6037] dvb-usb: bulk message failed: -22 (1/0)
[  208.101085][ T6037] dvb-usb: error while querying for an remote control event.
[  208.194119][ T9308] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  208.231039][   T10] usb 8-1: USB disconnect, device number 22
[  208.238366][ T6037] dvb-usb: bulk message failed: -22 (1/0)
[  208.240336][ T6037] dvb-usb: error while querying for an remote control event.
[  208.251303][   T10] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  208.261135][ T6037] usb 7-1: USB disconnect, device number 18
[  208.271316][ T6037] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  208.787725][ T9317] ------------[ cut here ]------------
[  208.790013][ T9317] WARNING: CPU: 3 PID: 9317 at fs/nsfs.c:493 nsfs_fh_to_dentry+0x9de/0xe10
[  208.792985][ T9317] Modules linked in:
[  208.794787][ T9317] CPU: 3 UID: 0 PID: 9317 Comm: syz.4.932 Not tainted syzkaller #0 PREEMPT(full) 
[  208.798402][ T9317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.803035][ T9317] RIP: 0010:nsfs_fh_to_dentry+0x9de/0xe10
[  208.804959][ T9317] Code: 50 51 ff e9 63 fe ff ff e8 9f 5a 75 ff 90 0f 0b 90 e9 7b f8 ff ff e8 91 5a 75 ff 90 0f 0b 90 e9 ce f8 ff ff e8 83 5a 75 ff 90 <0f> 0b 90 e9 32 f9 ff ff e8 75 5a 75 ff 49 8d 7d 10 48 b8 00 00 00
[  208.812277][ T9317] RSP: 0018:ffffc90003dd7b18 EFLAGS: 00010283
[  208.814237][ T9317] RAX: 0000000000000086 RBX: 0000000000000000 RCX: ffffc90004281000
[  208.816840][ T9317] RDX: 0000000000080000 RSI: ffffffff82452e2d RDI: 0000000000000004
[  208.819538][ T9317] RBP: ffff8880674e1988 R08: 0000000000000004 R09: 00000000effffff9
[  208.822046][ T9317] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff920007baf64
[  208.824634][ T9317] R13: ffffffff9acff158 R14: 00000000effffff9 R15: 0000000000000003
[  208.827093][ T9317] FS:  0000000000000000(0000) GS:ffff888097f66000(0063) knlGS:00000000f541eb40
[  208.830278][ T9317] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  208.832739][ T9317] CR2: 0000000080000000 CR3: 000000004fc52000 CR4: 0000000000352ef0
[  208.835459][ T9317] Call Trace:
[  208.836607][ T9317]  <TASK>
[  208.837775][ T9317]  ? do_handle_open+0x564/0xc90
[  208.839763][ T9317]  ? __pfx_nsfs_fh_to_dentry+0x10/0x10
[  208.841866][ T9317]  ? __kasan_kmalloc+0xaa/0xb0
[  208.843405][ T9317]  ? __kmalloc_noprof+0x223/0x510
[  208.845126][ T9317]  ? do_handle_open+0x564/0xc90
[  208.846654][ T9317]  ? __do_fast_syscall_32+0x7c/0x300
[  208.848386][ T9317]  ? do_fast_syscall_32+0x32/0x80
[  208.849995][ T9317]  exportfs_decode_fh_raw+0x164/0x7d0
[  208.851779][ T9317]  ? __pfx_vfs_dentry_acceptable+0x10/0x10
[  208.853684][ T9317]  ? __pfx_nsfs_fh_to_dentry+0x10/0x10
[  208.855555][ T9317]  ? __pfx_exportfs_decode_fh_raw+0x10/0x10
[  208.858059][ T9317]  do_handle_open+0x702/0xc90
[  208.859987][ T9317]  ? __pfx_do_handle_open+0x10/0x10
[  208.861868][ T9317]  ? xfd_validate_state+0x61/0x180
[  208.863652][ T9317]  ? __do_fast_syscall_32+0x7c/0x300
[  208.865300][ T9317]  __do_fast_syscall_32+0x7c/0x300
[  208.866946][ T9317]  do_fast_syscall_32+0x32/0x80
[  208.868698][ T9317]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.870629][ T9317] RIP: 0023:0xf702e579
[  208.872035][ T9317] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.878218][ T9317] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[  208.881187][ T9317] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  208.883978][ T9317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  208.886659][ T9317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.889188][ T9317] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  208.891753][ T9317] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.893814][ T9318] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  208.894303][ T9317]  </TASK>
[  208.897149][ T9318] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  208.898265][ T9317] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  208.898277][ T9317] CPU: 3 UID: 0 PID: 9317 Comm: syz.4.932 Not tainted syzkaller #0 PREEMPT(full) 
[  208.898292][ T9317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.898300][ T9317] Call Trace:
[  208.898306][ T9317]  <TASK>
[  208.898313][ T9317]  dump_stack_lvl+0x3d/0x1f0
[  208.898330][ T9317]  vpanic+0x6e8/0x7a0
[  208.898351][ T9317]  ? __pfx_vpanic+0x10/0x10
[  208.898374][ T9317]  ? nsfs_fh_to_dentry+0x9de/0xe10
[  208.898395][ T9317]  panic+0xca/0xd0
[  208.898414][ T9317]  ? __pfx_panic+0x10/0x10
[  208.898438][ T9317]  check_panic_on_warn+0xab/0xb0
[  208.898459][ T9317]  __warn+0xf6/0x3c0
[  208.898470][ T9317]  ? nsfs_fh_to_dentry+0x9de/0xe10
[  208.898490][ T9317]  report_bug+0x3c3/0x580
[  208.898508][ T9317]  ? nsfs_fh_to_dentry+0x9de/0xe10
[  208.898528][ T9317]  handle_bug+0x184/0x210
[  208.898542][ T9317]  exc_invalid_op+0x17/0x50
[  208.898555][ T9317]  asm_exc_invalid_op+0x1a/0x20
[  208.898567][ T9317] RIP: 0010:nsfs_fh_to_dentry+0x9de/0xe10
[  208.898587][ T9317] Code: 50 51 ff e9 63 fe ff ff e8 9f 5a 75 ff 90 0f 0b 90 e9 7b f8 ff ff e8 91 5a 75 ff 90 0f 0b 90 e9 ce f8 ff ff e8 83 5a 75 ff 90 <0f> 0b 90 e9 32 f9 ff ff e8 75 5a 75 ff 49 8d 7d 10 48 b8 00 00 00
[  208.898599][ T9317] RSP: 0018:ffffc90003dd7b18 EFLAGS: 00010283
[  208.898609][ T9317] RAX: 0000000000000086 RBX: 0000000000000000 RCX: ffffc90004281000
[  208.898617][ T9317] RDX: 0000000000080000 RSI: ffffffff82452e2d RDI: 0000000000000004
[  208.898625][ T9317] RBP: ffff8880674e1988 R08: 0000000000000004 R09: 00000000effffff9
[  208.898632][ T9317] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff920007baf64
[  208.898642][ T9317] R13: ffffffff9acff158 R14: 00000000effffff9 R15: 0000000000000003
[  208.898660][ T9317]  ? nsfs_fh_to_dentry+0x9dd/0xe10
[  208.898689][ T9317]  ? nsfs_fh_to_dentry+0x9dd/0xe10
[  208.898714][ T9317]  ? do_handle_open+0x564/0xc90
[  208.898742][ T9317]  ? __pfx_nsfs_fh_to_dentry+0x10/0x10
[  208.898769][ T9317]  ? __kasan_kmalloc+0xaa/0xb0
[  208.898787][ T9317]  ? __kmalloc_noprof+0x223/0x510
[  208.898805][ T9317]  ? do_handle_open+0x564/0xc90
[  208.898832][ T9317]  ? __do_fast_syscall_32+0x7c/0x300
[  208.898853][ T9317]  ? do_fast_syscall_32+0x32/0x80
[  208.898885][ T9317]  exportfs_decode_fh_raw+0x164/0x7d0
[  208.898917][ T9317]  ? __pfx_vfs_dentry_acceptable+0x10/0x10
[  208.898952][ T9317]  ? __pfx_nsfs_fh_to_dentry+0x10/0x10
[  208.898984][ T9317]  ? __pfx_exportfs_decode_fh_raw+0x10/0x10
[  208.899050][ T9317]  do_handle_open+0x702/0xc90
[  208.899083][ T9317]  ? __pfx_do_handle_open+0x10/0x10
[  208.899117][ T9317]  ? xfd_validate_state+0x61/0x180
[  208.899165][ T9317]  ? __do_fast_syscall_32+0x7c/0x300
[  208.899189][ T9317]  __do_fast_syscall_32+0x7c/0x300
[  208.899211][ T9317]  do_fast_syscall_32+0x32/0x80
[  208.899226][ T9317]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.899243][ T9317] RIP: 0023:0xf702e579
[  208.899254][ T9317] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.899266][ T9317] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[  208.899279][ T9317] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  208.899287][ T9317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  208.899295][ T9317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.899302][ T9317] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  208.899310][ T9317] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.899325][ T9317]  </TASK>
[  209.020181][ T9317] Kernel Offset: disabled
[  209.021559][ T9317] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:08:15  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000000 RBX=ffffc9000336f218 RCX=ffffc90003370000 RDX=1ffff9200066ddfc
RSI=ffffc9000336f1f0 RDI=ffffc9000336efe0 RBP=0000000000000000 RSP=ffffc9000336ef68
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000012b0b
R12=ffffc9000336f028 R13=ffffc9000336efd8 R14=ffffc9000336f218 R15=ffffc9000336f00c
RIP=ffffffff816a5b80 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097c66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000030ff4ffc CR3=0000000054d13000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08eebf0 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88804473d430 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8e1c3440 RDI=ffff88804473d430 RBP=ffffffff8e1c3440 RSP=ffffc9002696f740
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff88804473c900 R13=ffff88804473d430 R14=00000000ffffffff R15=0000000000000000
RIP=ffffffff8b4d73f7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fde409c9c80 ffffffff 00c00000
GS =0000 ffff888097d66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000057a154c0 CR3=0000000022cf1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000005000001 Opmask01=0000000000000001 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc510d8a9b 00007ffc510d8a9b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc510d8fa0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc510d8fa0 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63007325 203a726f72726520 64656e7275746572 2072657672657300
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40514b4a46005600 051f574a57574005 41404b5750514057 0557405357405600
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 796c6c7566737365 6363757320302e32 4253552031542063 65747241203a6273
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 79726f7463657269 6420726f20656c69 662068637573206f 4e203a27726f7470
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6972637365645f74 726f7065722f6469 68752f6373696d2f 6c6175747269762f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 736563697665642f 7379732f27207461 20726f7470697263 7365642074726f70
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6572206e65706f20 6f742064656c6961 46203a5d39393239 5b64695f6f646966
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000374091 RBX=0000000000000002 RCX=ffffffff8b4d7fb9 RDX=0000000000000000
RSI=ffffffff8d9c2638 RDI=ffffffff8bd00dc0 RBP=ffffed1003adc920 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed10056c6655 R10=ffff88802b6332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801d6e4900 R14=ffffffff9060a290 R15=0000000000000000
RIP=ffffffff8b4d6aff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097e66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000562d2498a000 CR3=0000000062c78000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851d3355 RDI=ffffffff9ab52140 RBP=ffffffff9ab52100 RSP=ffffc90003dd74b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000061 R14=ffffffff9ab52100 R15=ffffffff851d32f0
RIP=ffffffff851d337f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097f66000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080000000 CR3=000000004fc52000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000