last executing test programs:

6m10.587756173s ago: executing program 3 (id=1006):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x0)

6m10.517564663s ago: executing program 3 (id=1007):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f00000004c0)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3b}, 0x94)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000200)=0x2)
ftruncate(r1, 0x5)
fcntl$lock(r1, 0x26, &(0x7f0000000380)={0x1, 0x2, 0x5, 0x400007})
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x23)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x1, <r5=>r4})
ioctl$DMA_BUF_SET_NAME_A(r5, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close_range(r2, r3, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r6, &(0x7f0000008840)=[{{&(0x7f0000003ec0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000003c40)=""/64, 0x40}, {&(0x7f0000000580)=""/135, 0x87}], 0x2, &(0x7f0000003d00)=""/240, 0xf0}, 0x4}, {{&(0x7f0000000740)=@phonet, 0x80, &(0x7f00000003c0)=[{&(0x7f00000007c0)=""/95, 0x5f}, {&(0x7f0000000840)=""/232, 0xe8}], 0x2, &(0x7f0000000940)=""/129, 0x81}, 0x3}, {{0x0, 0x0, &(0x7f0000003e40)=[{&(0x7f0000000c40)=""/4094, 0xffe}, {&(0x7f0000000a00)=""/62, 0x3e}, {&(0x7f0000000a40)=""/108, 0x6c}, {&(0x7f0000000ac0)=""/241, 0xf1}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000002c40)=""/4096, 0x1000}, {&(0x7f0000000bc0)=""/56, 0x38}, {&(0x7f0000008900)=""/4108, 0x100c}, {&(0x7f0000003c80)=""/81, 0x51}, {&(0x7f0000000640)=""/223, 0xdf}, {&(0x7f0000003e00)=""/16, 0x10}, {&(0x7f0000009940)=""/4096, 0x1000}], 0xc, &(0x7f0000004d40)=""/244, 0xf4}, 0x53e}, {{&(0x7f0000004e40)=@hci, 0x80, &(0x7f0000006140)=[{&(0x7f0000000240)=""/6, 0x6}, {&(0x7f0000004f00)=""/217, 0xd9}, {&(0x7f0000005000)=""/80, 0x50}, {&(0x7f0000005080)=""/4096, 0x1000}, {&(0x7f0000006080)=""/191, 0xbf}], 0x5, &(0x7f0000006180)=""/212, 0xd4}, 0x7}, {{&(0x7f0000006280)=@pppoe={0x18, 0x0, {0x0, @random}}, 0x80, &(0x7f0000008500)=[{&(0x7f0000006300)=""/4096, 0x1000}, {&(0x7f0000007300)=""/214, 0xd6}, {&(0x7f0000007400)=""/4096, 0x1000}, {&(0x7f0000008400)=""/255, 0xff}], 0x4, &(0x7f0000008540)=""/131, 0x83}, 0x7}, {{&(0x7f0000008600)=@nfc_llcp, 0x80, &(0x7f0000000440)=[{&(0x7f0000008680)=""/141, 0x8d}, {&(0x7f0000008740)=""/64, 0x40}, {&(0x7f0000008780)=""/79, 0x4f}], 0x3}, 0x7fffffff}], 0x6, 0x2, 0x0)

6m9.14664042s ago: executing program 3 (id=1013):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, 0x0, 0x0) (fail_nth: 1)

6m9.146290671s ago: executing program 3 (id=1014):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x182)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
chdir(&(0x7f0000000100)='./file0/../file0/../file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x2040400)
r1 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280))
r2 = eventfd2(0xb0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x7, &(0x7f0000000140)=r2, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x2, 0x2, 0x1)
syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x43}, {[@lsrr={0x83, 0x7, 0xd3, [@multicast2]}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace(0x10, r4)
ptrace$peeksig(0x4209, r4, &(0x7f0000000140)={0x0, 0x0, 0xffffffffffffffd5}, &(0x7f0000000600))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000002100), 0x9, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="0c0006108be3f1a37e9a1b482d7e6ad696330c4370ca253253fba0bb5eac95a47be0b9f327869ce5b55ca6b2a663591c7559e0ec5c7fbcdb4cdc4b00c87f90f62cd17130871e7f7504b52fdf5ef6c5f56dde0ad64bacf43cf946c8a8ab6e28a100beaf89251d6cd18e2aa41a4ee1c61c8bad1846fb78577a8e9d4f4203d8c0516aa6bfff2a5de993a4b2869075f6900b34c9432aa9bb51ac0d04e1cd1ce6730185564121fd52fef16b77e400"/184, @ANYRES64=0x0])
r5 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_G_FMT(r5, 0xc0d05604, &(0x7f0000000200)={0x7, @vbi={0x1, 0x4, 0xdee, 0x30395056, [0x1000008, 0x7], [0x16, 0x1005], 0x2}})
unlink(&(0x7f0000002180)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000005500010000000004fbdbdf2507000000", @ANYRES32=0x0, @ANYBLOB="93256718", @ANYRES32=0x0, @ANYBLOB="01020100e000000200000000000000000000000008000000"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x40044)
socket$inet_udplite(0x2, 0x2, 0x88)

6m9.007645633s ago: executing program 3 (id=1015):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x0)

6m8.84390181s ago: executing program 3 (id=1019):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r0, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r1 = syz_open_dev$radio(&(0x7f0000000040), 0x0, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
ioctl$VIDIOC_G_CTRL(r1, 0xc008561b, &(0x7f0000000100)={0x98f903, 0x1})
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r3, 0x3b87, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x0, 0x0, 0x9})

6m8.696445294s ago: executing program 32 (id=1019):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r0, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r1 = syz_open_dev$radio(&(0x7f0000000040), 0x0, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
ioctl$VIDIOC_G_CTRL(r1, 0xc008561b, &(0x7f0000000100)={0x98f903, 0x1})
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r3, 0x3b87, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x0, 0x0, 0x9})

5m4.80500092s ago: executing program 2 (id=1471):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x11)
mount$tmpfs(0x0, 0x0, &(0x7f0000000480), 0x4014, &(0x7f0000000140)=ANY=[@ANYBLOB="6d706f6c3d62690bbe608ae7a8e257d632a80e6e643a302d", @ANYRESDEC])

5m4.804457316s ago: executing program 2 (id=1472):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616364653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
removexattr(&(0x7f0000000200)='./cgroup\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x19)
ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000800))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000008c0)=[{{&(0x7f0000000400)=@x25, 0x80, &(0x7f0000000740)=[{&(0x7f0000000000)=""/20, 0x14}, {&(0x7f0000000600)=""/1, 0x1}, {&(0x7f0000000640)=""/115, 0x73}, {&(0x7f0000000900)=""/219, 0xdb}, {&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/46, 0x2e}, {&(0x7f0000000700)=""/15, 0xf}, {&(0x7f0000001c40)=""/4096, 0x1000}], 0x8}, 0x1}], 0x1, 0x40010600, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
syz_emit_ethernet(0x36, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaa93aaaaaaaaaaaaaaaa86dd60cb4a48000057c327776a34d45e23415b08a43a00fc000000000000000000000000000700ff0200"], 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000500)={{{@in6=@private0, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @empty}}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f00000007c0)=0xe4)
quotactl_fd$Q_GETNEXTQUOTA(r1, 0xffffffff80000900, r5, &(0x7f0000000480))
pipe(0x0)
timer_create(0x2, &(0x7f00000003c0)={0x0, 0x22, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

5m3.611363995s ago: executing program 2 (id=1483):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000280)={'gre0\x00', &(0x7f0000000200)={'syztnl0\x00', <r4=>0x0, 0x1, 0x20, 0x0, 0x8, {{0x10, 0x4, 0x0, 0x5, 0x40, 0x68, 0x0, 0xa, 0x29, 0x0, @broadcast, @local, {[@timestamp_prespec={0x44, 0x24, 0x8c, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}, {@empty, 0x3}, {@private=0xa010102, 0x81}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}]}, @generic={0x88, 0x7, "2e8b74af85"}]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000300)=0x14)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000380)=0x4)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'syztnl2\x00', &(0x7f00000003c0)={'ip6gre0\x00', <r7=>0x0, 0x29, 0x2, 0x7, 0x9, 0x44, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @local, 0x8, 0x8000, 0x7ccd, 0xfffffffd}})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000480)={@loopback, <r8=>0x0}, &(0x7f00000004c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000540)=0x14)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'sit0\x00', <r11=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000, 0x200, 0xffffffffffffffff, 0x0, '\x00', r11}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000580)={'team0\x00', <r12=>0x0})
r13 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x20000000, 0x25dfdbfd, {0x0, 0x0, 0x0, r14, {0x0, 0x8}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20044081}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000005c0)={@initdev, <r15=>0x0}, &(0x7f0000000600)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000640)={'syztnl0\x00', &(0x7f00000006c0)={'erspan0\x00', <r16=>0x0, 0x8, 0x700, 0x4, 0xfffffe00, {{0xa, 0x4, 0x3, 0x1f, 0x28, 0x64, 0x0, 0x3, 0x2f, 0x0, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@end, @ssrr={0x89, 0xf, 0x9c, [@loopback, @multicast1, @empty]}, @ra={0x94, 0x4}]}}}}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={0x1, 0x58, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r17=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000800)={'team0\x00', <r18=>0x0})
r19 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r19, 0x8933, &(0x7f00000000c0)={'hsr0\x00', <r20=>0x0})
setsockopt$packet_int(r19, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r19, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff0060031200100888fb143488a87f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r20, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000840)=<r21=>0x0, &(0x7f0000000880)=0x4)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001140)={&(0x7f00000011c0)=ANY=[@ANYBLOB='L\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="7802028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e00006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c00040006000807ff070000080001330180000005000e0fe6e900000001035a06000000040081040d000000e57c070303000000ff0ff909060000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r3, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000700000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000f0000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r5, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r6, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000000010038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000500000008000100", @ANYRES32=0x0, @ANYBLOB="3802028040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000000010008000700000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r8, @ANYBLOB="080007000000000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e6365004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000500000008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000600000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r11, @ANYBLOB="080007000000000008000100", @ANYRES32=r12, @ANYBLOB="0400028008000100", @ANYRES32=r14, @ANYBLOB="480102803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r15, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000400000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040007000000080007000000000044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004000200c548000000000900ff10000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r16, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r17, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004002400000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000900000008000100", @ANYRES32=r18, @ANYBLOB="7c0002803c00010024000100656e61626c656400000000000000000000000000030000000000000000000000050003000600000004000400080006004e1451bf091fbc6547f3a1ea00ea6beeadb70aeb85056cf52e6481e7dd761fe6a98a85b7c7907c044fd23a85ce1803a5ecbdb85635dab553b1d3569f185652520a01f854c96c7f72c24b93403ddf0d075a34959e465bfafe2c033e08b9dd5f46ec8d", @ANYRES32=r20, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r21, @ANYBLOB="d800028038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400070000005c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400d9770808060000000500000107000000100004070800000000040b063a000000020002080b00000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400080000000800070000000000"], 0x84c}}, 0x20008020)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000003540)={'wlan0\x00', <r22=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000000040)={0x60, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r22}, @void}}, [@NL80211_ATTR_FRAME={0x44, 0x33, @assoc_resp={{{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x3}, @device_a, @device_a, @initial, {0x7, 0x3}, @value=@ver_80211n={0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}}, 0x1000, 0x59, @random=0x5, @val, @val={0x2d, 0x1a, {0x400, 0x1, 0x3, 0x0, {0x4, 0x8, 0x0, 0x8, 0x0, 0x1, 0x0, 0x3}, 0x801, 0x9, 0x3}}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20040080}, 0x28008004)

5m3.307163638s ago: executing program 2 (id=1484):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
epoll_create1(0x80000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = userfaultfd(0x80001)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000300)={0x44, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000340), 0x11000)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000001780), 0x92000, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES32=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB="21bab3100f174b1db585740efb2c00"])
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0xc7)
mount$nfs(&(0x7f0000000040)='@\a', &(0x7f0000000340)='./file1\x00', 0x0, 0x20887b, 0x0)
mount$nfs(&(0x7f0000000080)='@\a', &(0x7f00000000c0)='./file1\x00', &(0x7f0000000500), 0x20040c1, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x2, 0xe, &(0x7f0000000180)=@raw=[@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x76e}}, @exit, @generic={0xf7, 0x8, 0x5, 0xf7a, 0x7eae}, @map_idx={0x18, 0x8, 0x5, 0x0, 0xc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x11d}], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FS_IOC_GETVERSION(r6, 0xc0145b0e, &(0x7f0000000040))
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
socket$xdp(0x2c, 0x3, 0x0)

5m1.32698113s ago: executing program 2 (id=1501):
socket$igmp6(0xa, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x243014, 0x0)
setpgid(0x0, r0)
creat(&(0x7f00000001c0)='./file0\x00', 0x102) (fail_nth: 2)

5m1.176654351s ago: executing program 2 (id=1502):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000680)=ANY=[@ANYBLOB="f800000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffffda4d00000000000000000000000000000000000000000000000a0000000000000000000000804000000000001000000800000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ac1e01010000000000000000000000000000000000030000000000000000000000000000da05f078eebf5a879d9f81450dc0ff0f077eade9d720f46812e07a37d4283f97846f402c6b826c27eb32ba87993f65f13ad408d755f726ee498bd9b26a520250220f5c43f3a4b262f613bc802fec109aa9630ca51e6c3d3165cfcc1175"], 0xf8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xbc, 0x21, 0x200, 0x0, 0x0, {{@in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e21, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@private=0xa010100, @in6=@remote, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @encap={0x1c, 0x4, {0xfffffffffffffffe, 0x4e24, 0x4e23, @in6=@private1}}]}, 0xbc}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x17, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, r3, 0x12}, 0x10)
sendfile(0xffffffffffffffff, r3, 0x0, 0x8)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x400c011}, 0x2000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000100)=0xfffffffc, 0x0, 0x4)
syz_open_procfs(0x0, 0x0)
r5 = socket$caif_seqpacket(0x25, 0x5, 0x5)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x40000, 0x10, 0xfffffffc, 0x19f}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r5, 0x0})
io_uring_enter(r6, 0x3f70, 0x0, 0x0, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r9, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x1, 0x7, 0x200, 0x0, 0x4800000}}, 0xe4)
sendmmsg(r9, &(0x7f0000000480), 0x2e9, 0x0)

5m0.194233073s ago: executing program 0 (id=1505):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_sock_diag(0x10, 0x3, 0x4)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r3, @ANYRESDEC], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c76657273696f6e3d183eb0ad1e055e5f2c00"])
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x8004, 0x4)

5m0.107021942s ago: executing program 0 (id=1507):
syz_emit_ethernet(0x3a8, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x372, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x11, 0x0, [{0x3, 0xa, "a78ce5400659808000000003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42c60a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "ffffffffffffff8026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x18, 0x1b, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670"}, {0x5, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c764c2d227a83b89483b1084743474677e45e65eb27a5c8d989417019f619f91394c02bcfbbb7d71138537d68f2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "fcc1876d4ec1876d4e6fa3ce2dfdb43a6f022059fe5c2d6b3d9363ed09bd9281c9fe68a3000000006f0000044e43e740e077e1d16212fb"}, {0x5, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1eb91a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d96967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c000000000000000000"}, {0x0, 0x5, "090000000900000036da018dff16e70b8b1400000000e18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

5m0.040584102s ago: executing program 0 (id=1510):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0xc9100120, 0x0, 0x0)

4m59.106791351s ago: executing program 0 (id=1516):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200002000000000000000000000008500000041000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0xe, 0x0, &(0x7f0000000740)="6fd92f5c3fbecb0c72abdb6e3b92", 0x0, 0x1500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

4m59.106622555s ago: executing program 0 (id=1517):
socket$igmp6(0xa, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x243014, 0x0)
setpgid(0x0, r0)
creat(&(0x7f00000001c0)='./file0\x00', 0x102)

4m58.227204897s ago: executing program 0 (id=1521):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x11)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000480), 0x4014, 0x0)

4m45.896749138s ago: executing program 33 (id=1502):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000680)=ANY=[@ANYBLOB="f800000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffffda4d00000000000000000000000000000000000000000000000a0000000000000000000000804000000000001000000800000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ac1e01010000000000000000000000000000000000030000000000000000000000000000da05f078eebf5a879d9f81450dc0ff0f077eade9d720f46812e07a37d4283f97846f402c6b826c27eb32ba87993f65f13ad408d755f726ee498bd9b26a520250220f5c43f3a4b262f613bc802fec109aa9630ca51e6c3d3165cfcc1175"], 0xf8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xbc, 0x21, 0x200, 0x0, 0x0, {{@in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e21, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@private=0xa010100, @in6=@remote, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @encap={0x1c, 0x4, {0xfffffffffffffffe, 0x4e24, 0x4e23, @in6=@private1}}]}, 0xbc}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x17, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, r3, 0x12}, 0x10)
sendfile(0xffffffffffffffff, r3, 0x0, 0x8)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x400c011}, 0x2000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000100)=0xfffffffc, 0x0, 0x4)
syz_open_procfs(0x0, 0x0)
r5 = socket$caif_seqpacket(0x25, 0x5, 0x5)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x40000, 0x10, 0xfffffffc, 0x19f}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r5, 0x0})
io_uring_enter(r6, 0x3f70, 0x0, 0x0, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r9, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x1, 0x7, 0x200, 0x0, 0x4800000}}, 0xe4)
sendmmsg(r9, &(0x7f0000000480), 0x2e9, 0x0)

4m43.227801685s ago: executing program 34 (id=1521):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x11)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000480), 0x4014, 0x0)

1m34.168526405s ago: executing program 6 (id=2480):
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={<r4=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x8f3}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(r3, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @local, 0xb}, r4}}, 0x30)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r3, &(0x7f0000000900)={0x16, 0x98, 0xfa00, {&(0x7f00000008c0), 0x4, r4, 0x10, 0x0, @in={0x2, 0x4e23, @loopback}}}, 0xa0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_proto_private(r7, 0x89e9, &(0x7f00000004c0)="ae87349028fafb5b9258e27a47a2f87a95de6532b5e46275090a69da406e68b2ef3c49247c88e77ab5dd88728df575f3cee80ed87d04958bf3145f5a703a088c60e6723e5424cab2ac0e5b943f960e3f516d6e561b141c83147a9d3a4cc26b6b9d8b800e2f93ef0173fc6561bc998bf7507db0b8db56394a8c26fa121af9df")
sendmsg$key(r7, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x1c)

1m30.27059189s ago: executing program 6 (id=2500):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x3}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000007000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x64}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
sendto$inet6(r0, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r5, &(0x7f00000000c0)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000a80)={0x100000011, @multicast2, 0x4e24, 0x0, 'none\x00', 0x3, 0xb6bc, 0x5b}, 0x2c)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000140)={'bond0\x00', &(0x7f0000000100)=@ethtool_sfeatures={0x3b, 0x1, [{0x400, 0x7}]}})
dup3(r0, r4, 0x0)

1m29.755080964s ago: executing program 6 (id=2505):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x3, 0x4)
pipe2$9p(&(0x7f0000000240), 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0)
pipe2$watch_queue(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r4, 0x19)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0xffffffffffffffff)
r5 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f0000000040)={0x18, &(0x7f00000012c0)=ANY=[@ANYBLOB="400308"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000900)={&(0x7f0000000580)=[{0x9, 0x3a01, 0x0, 0x0}], 0x1})

1m28.175123199s ago: executing program 6 (id=2515):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000900)={0xb5, 0x0, 0x4, 0xffffffffffffffff, 0x1})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x930, 0x2, 0x8032, 0xffffffffffffffff, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='clear_refs\x00')
write$sysctl(r4, &(0x7f0000000280)='5\x00', 0x2)
ioctl$KVM_GET_TSC_KHZ_cpu(r4, 0xaea3)
r5 = syz_open_dev$dri(&(0x7f0000002580), 0xfffffff8, 0x280)
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, {0x0, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, "427f4d05618664ecb7f952ed7667675bc32afc7ebbfea1ddee1e2e520cc38c6a"}})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc2c45512, &(0x7f0000000640)={{0xb, 0x2, 0x81, 0x5, 'syz1\x00', 0x9}, 0x0, [0x37e, 0xe8af, 0x1, 0xcc0, 0xe, 0x101, 0x80, 0xa6da, 0x2, 0x1, 0x9, 0xb, 0x8, 0xfffefff7, 0x8, 0x10, 0x5, 0x4, 0x40f, 0x80, 0x962, 0x2, 0x1, 0x400, 0x7fffffff, 0xbed, 0x80000001, 0x3, 0x70e3, 0xa12, 0x8, 0x10000, 0x7, 0x9, 0x7430, 0x2, 0x2, 0x0, 0x1, 0x3, 0x8, 0x5, 0x8001, 0x8, 0x9, 0x1, 0x1, 0x0, 0xffff1688, 0x2, 0x0, 0x4, 0x9000, 0xe93, 0x4, 0x7ff, 0x7, 0x81, 0x50a, 0x0, 0x6, 0x7ff, 0x1000, 0xffffffff, 0x4, 0x5, 0x7a, 0x2, 0x9, 0x2, 0x3, 0x5, 0x1000ac, 0x7, 0x7, 0x4, 0x8000, 0x9, 0x4, 0x7, 0xd, 0x7, 0x9, 0x0, 0x0, 0x40, 0x6, 0x8000, 0xfff, 0x3, 0x3b9, 0x6, 0x4, 0x4660917f, 0x487d, 0x8000, 0x1, 0x5, 0x3, 0x0, 0x5, 0x4, 0xe, 0x1, 0x7, 0x9, 0xc, 0x4, 0x1, 0x1, 0x3ce, 0xa, 0x8, 0x9, 0x0, 0x6, 0xfffffff7, 0xffffbf90, 0xfffffffd, 0x7, 0x2, 0x0, 0x7, 0xa, 0x809, 0xffffffff, 0x73938332, 0x7763]})
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000600)=@o_path={&(0x7f0000000300)='./file0/../file0\x00', r4, 0x4000, r1}, 0x14)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)
r7 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r8)
sendmsg$IEEE802154_ADD_IFACE(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01020fddc6d5f7dbdf252100000009001f00706879310000000005002000000000000c0005"], 0x34}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)
write$nbd(r7, &(0x7f0000000440)=ANY=[@ANYBLOB="0100070000000000000000000000200082b0cfc4337965941538be02000000000000000000007400a391793ba7f40000000000fdf700000000000000000000023e5afde1216a96ec365e2e6cd53f7b3274557c819377a9a82a1e03193c2a1c1cd35dd45c860f939e5e5d3bab065d4f4e558ae67ff9585204d9a3c11b9289ddfa1d5a34c2087757e5dbd84b677aada92300000000adf44b0cc8e2776a5994fdb18d38623e96fe12f22bec061a63cd49584a90cbe2bf737b783c65b71d794f713bf1978ab59bee2423e940453016407cd28d6e90f17881a562faf5341ecfde6937c3982f29ba67374e7dfa84926c33a6b6ee72837d90abf8c50e718d7bd9f7f50a5a8424b0d89a26df16929d4e7c5756e18b3bfc438cca836ddf8d63e52611783e9b20a7f02f436a5592d45076ddb0731c8f4ba32583696a6f0000e91dac1514931a2897bf9394143aaccfc6adf46dfd45c841c49fff21932ea2a78f9fbe52a19c13a555f20f709c200dcbd65f526b38848010d4c0bb45a2bda76c439e18389d7d05d4ff3ee45e0344647d6f174d31df856295d2567284e260f12d493b961b0d8a3e9e9563"], 0x40)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000017000c00038004000380040001005b4f2349ffd2b43faed262e6fd423777150cdf5322bb524a14828e6e92fc9a6403ec4ee90550eacce3f09e3297bb211a61d9d1171b24c0d21f03ee5c5f7aaa4ddb33e3f18f1c29f25e38db3829240127115c66fe262e8b37729d1bc2d5846baf3493071c4a3dd36cab532d1a21fd58"], 0x38}}, 0x8000)
fcntl$setpipe(r1, 0x407, 0x1)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00', @ANYRES16=r10, @ANYBLOB="20002abd7000fddbdf250800000004000380"], 0x18}, 0x1, 0x0, 0x0, 0x20048840}, 0x4c000)

1m28.04497836s ago: executing program 6 (id=2516):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x48140, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000003c0)={'fl512\x00', [0x4f27, 0x100, 0x2, 0x10, 0x5, 0x6, 0x8, 0x7, 0x7fffffff, 0x104, 0x7, 0x3ff, 0x1, 0x20001, 0x6, 0x101, 0x3, 0x80000000, 0x5, 0x8, 0x89, 0xcaa7, 0x0, 0x3, 0x3, 0xe69, 0x3c, 0xc, 0x10000006, 0x0, 0x36]})

1m27.945016302s ago: executing program 6 (id=2517):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x48e02, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'pim6reg1\x00', 0x5201})
io_setup(0x1, &(0x7f0000000000)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000100)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x22, r2, &(0x7f0000000280)="00fc0500784b32dc6c9eb00fa0d48c", 0xf, 0x85}])
mmap(&(0x7f00008f9000/0x2000)=nil, 0x2000, 0xf, 0x8031, r1, 0x1000)
write$UHID_INPUT2(r1, &(0x7f0000000180)={0xc, {0x2, "20b3"}}, 0x8)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404000c}, 0x40000)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@getqdisc={0x28, 0x26, 0x2, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x8, 0xe}, {0xffff, 0x8}, {0xa, 0x10}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000180))
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)

1m27.854735628s ago: executing program 35 (id=2517):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x48e02, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'pim6reg1\x00', 0x5201})
io_setup(0x1, &(0x7f0000000000)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000100)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x22, r2, &(0x7f0000000280)="00fc0500784b32dc6c9eb00fa0d48c", 0xf, 0x85}])
mmap(&(0x7f00008f9000/0x2000)=nil, 0x2000, 0xf, 0x8031, r1, 0x1000)
write$UHID_INPUT2(r1, &(0x7f0000000180)={0xc, {0x2, "20b3"}}, 0x8)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404000c}, 0x40000)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@getqdisc={0x28, 0x26, 0x2, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x8, 0xe}, {0xffff, 0x8}, {0xa, 0x10}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000180))
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)

6.321648613s ago: executing program 4 (id=3021):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x54dd5e54}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x14, 0x6, 0xff, @remote, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x300}}}}}}}, 0x0)

6.246806835s ago: executing program 4 (id=3022):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='westwood', 0x8)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000ac0))
getsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f00000001c0), &(0x7f0000000340)=0x4)
r3 = dup(r2)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r3})
r4 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000080))
r5 = syz_open_procfs(r4, &(0x7f0000000100)='stack\x00')
pread64(r5, &(0x7f0000000140)=""/15, 0xf, 0x4)
ioctl$sock_x25_SIOCADDRT(r5, 0x890b, &(0x7f0000000240)={@null, 0xd, 'wlan0\x00'})
getsockopt$inet_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f00000000c0))
fchmodat(r3, &(0x7f0000000380)='./file0\x00', 0x0)

6.237944831s ago: executing program 4 (id=3023):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000009c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaa"], 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x200000, 0x4)
getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000000040), &(0x7f00000000c0)=0x30)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r2 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
write$qrtrtun(r2, &(0x7f0000000380)="3af94be9", 0x4)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x31, &(0x7f0000000080)=0x6, 0x4)
getsockopt$inet6_buf(r5, 0x29, 0x6, &(0x7f0000001500)=""/19, &(0x7f0000000240)=0x13)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
r7 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1000}}}, 0x108)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, &(0x7f0000000540)=0xd, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0xf0b, 0x4, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=@gettfilter={0x5c, 0x2e, 0x600, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x6, 0xb}, {0x0, 0xffff}, {0x6, 0x7}}, [{0x8}, {0x8, 0xb, 0x10}, {0x8}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0x7}, {0x8, 0xb, 0xffff}, {0x8, 0xb, 0x80000000}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={&(0x7f0000000000)="dd6b7d0551e51b4240b9b113095ff696794006b305a637e6cc44ca448316a9e8d4f83e666acdb7b95e6cd7f2cea28cc1794a75eafdb2a73c", &(0x7f00000002c0)=""/134, &(0x7f0000000380)="52c30e592a5e72aad7e5244f72010b678324fe37bee1a07ec80986f34b1521f65048655b4942246f9fef8be1509dd950dc8f282d57a619694f31cba413c2f6589b79ea14ca73c84fda6c5eafbd68df244d2fc154e5ae0545a13582f93bc39acd3e0a0ae3c1072266ea7aa984ebb1dc562d931eaef58312fbea135953c964cee910966a5eb335a38f431566fe63ea1215aad4f9c184a47a6d91095d83b5ece0edde18ecdad303e5705d3fc7daa5a7e184c85278ae093e98e186c3c65a9a66553cb9d110422eadbae47e03", &(0x7f0000000480)="f3ebcfc40fee3e400c687427afbfa10c71f8789cf26a7ccc43e17eb80544f6e8c47e984533dfd3ce609f0991ee048a1f2038be4cc15f39120dd755ac2edee41f1b876628bcbfbe51a4511dc2740e6e70ae8390dcfd71dec8b4187caa12f46bef2faa69043297ff0998721c2d5a5f95f218f11be4f789e0f0e42b3ccf78b097d7fc678e156b344f528055f8f5d4bb007638f14ffaa3588595d9cb0d04d4d2cfbc5af9bbc600551d4a0684769a6f27bbb5", 0x8, r2, 0x4}, 0x38)
fsopen(&(0x7f0000000100)='jffs2\x00', 0x0)
r8 = openat$kvm(0x0, &(0x7f0000000140), 0x220800, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40087446, &(0x7f00000007c0)={0x1, &(0x7f0000000080)=[{0x6, 0xd, 0x1, 0x2006}]})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r11, 0x1, 0x0, 0xfffffffe, {{0x8}, {@val={0x8, 0x3, r10}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000080)

6.189994934s ago: executing program 7 (id=3024):
syz_open_dev$video4linux(&(0x7f0000000140), 0x106, 0x40440)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x4, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48ed, 0x0, 0x2, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRES16=r2, @ANYRES32=r0, @ANYBLOB="936a0911d5605efaffe2b86a98fe8956af3609ab28ebd980f59a461dcac15bf47a0c5bbeea942ed4a3b84f09e289a6ea8e204900635937125bb75ad775f943ea85d8c5382b1a60dbf67c75cb7add0bc3e158e4c48d673ddd2cf05635bebe050e7d21d6ddf6b4d0de0ffd694c1821adbd6947961122b4252743116c47260e7098e81b76f3666a1edc3d3003247bb3a338cdb23540cca3f3bdf99a9f0260ec87599b7f8e813e38f56210843b9b63d14c5c0603f207004aae44973f51076149b555703ceb75adfc74ab2987496aa39b4189c5e629c742048037e5636f15c39923b81964f8e6bd8aa9818646695cf0e4f39e4bbae8e8", @ANYRESHEX=r3, @ANYRES32=r2, @ANYRESDEC=r1], &(0x7f0000000340)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000380)=""/186, 0x41100, 0x3e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ptrace$ARCH_GET_UNTAG_MASK(0x1e, 0xffffffffffffffff, &(0x7f0000000040), 0x4001)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r7, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x60, 0x1, {0x1}})
io_uring_enter(r7, 0x3517, 0x173d, 0x42, 0x0, 0x0)

5.283665694s ago: executing program 4 (id=3028):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x3, 0x4)
pipe2$9p(&(0x7f0000000240), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = add_key(&(0x7f0000000000)='id_resolver\x00', 0x0, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0)
pipe2$watch_queue(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r4, 0x19)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0xffffffffffffffff)
r5 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f0000000040)={0x18, &(0x7f00000012c0)=ANY=[@ANYBLOB="400308"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000900)={&(0x7f0000000580)=[{0x9, 0x3a01, 0x0, 0x0}], 0x1})

5.264132897s ago: executing program 7 (id=3029):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000200)={0x77359400}, 0x8)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xb)
socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00006f5000/0x3000)=nil)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000389000/0x4000)=nil)
syz_open_dev$video4linux(0x0, 0xfffffffffffffe00, 0x171cc0)
sendmmsg$unix(r2, 0x0, 0x0, 0x811)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x4000004)
pipe2(&(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
fcntl$setpipe(r4, 0x407, 0x100000)

4.544147776s ago: executing program 5 (id=3031):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20) (async)
r2 = socket$packet(0x11, 0x2, 0x300)
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0) (async)
fchmodat(0xffffffffffffff9c, 0x0, 0x20) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_procfs(r3, &(0x7f0000000040)='smaps\x00') (async)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000) (async)
r7 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r7)
read$FUSE(r6, &(0x7f0000002680)={0x2020}, 0x2020) (async)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
syz_open_dev$tty20(0xc, 0x4, 0x1)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x3ff, 0x8006}, 0x4) (async)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f0000000500)="10030600e0fc020004aa96a13bb1000011000a1189f252ae0dba4c807fca1a0022afc0d5071a204bd318", 0x2a, 0x40800, &(0x7f0000000140)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @local}, 0x14)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x4e20, 0x7, @mcast2}, r1}}, 0x48)

4.395471399s ago: executing program 5 (id=3032):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
sendmmsg$sock(r0, &(0x7f0000000740)=[{{&(0x7f0000000080)=@phonet={0x23, 0x6, 0x0, 0x7}, 0x14, 0x0}}], 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x200, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_PROMISC(r2, 0x6b, 0x2, &(0x7f0000001040), &(0x7f0000001080)=0x4)

4.390920502s ago: executing program 5 (id=3033):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x3}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000007000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
sendto$inet6(r0, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r5, &(0x7f00000000c0)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000a80)={0x100000011, @multicast2, 0x4e24, 0x0, 'none\x00', 0x3, 0xb6bc, 0x5b}, 0x2c)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000140)={'bond0\x00', &(0x7f0000000100)=@ethtool_sfeatures={0x3b, 0x1, [{0x400, 0x7}]}})
dup3(r0, r4, 0x0)

4.357632155s ago: executing program 7 (id=3034):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x5b16, 0x0)

3.667904701s ago: executing program 4 (id=3037):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x5b16, 0x0)

3.431621705s ago: executing program 5 (id=3038):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000002c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x40015b19, 0x0)

2.49993344s ago: executing program 1 (id=3041):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_clone(0x200, &(0x7f0000000200)="2a836846bb3d7a9c08b60965ee17ba21fc34220c54c6eee12c67a83c050c4a38b5a1bfd506c774a0bada4e6d47829c68a8aef0b1c4047eea9e064baa554af77c4efdf9cc2bc6071d9aaaae9f25c95773f4e553f3d33b1ebd4f1dd166b70fc25e235059ea92d1a58752f4e5d18349f4134a69f72fd6ee4c2fbfd23d56879c3dadc6e105856ffd2259564d3daf5a8a9d798d1e478e8d366560d9cc2d48e3acb6f3c811db18a573ddfc5d21494ea6faeaf6ec8ac7bd60601a4e32622aa0adfba1b28350e69cce44d60c848bb8fe7f056f519457b18ae313d6b2a677ad695f022cf15d2f396fa414e90147eeaa9b2a18bb", 0xef, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000300)="faeaced70a6f48da9ed446245788")
capset(&(0x7f0000000340)={0x19980330, r0}, &(0x7f00000003c0)={0xfffffff7, 0x101, 0x2, 0x1, 0x0, 0x53d50850})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, 0x0)
unshare(0x40020000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002b00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000002b40)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r2, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000002b80)={0x30, r3, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r7, @ANYBLOB="0c00990000000000000000000800a0006216000008009f000d000000080026000816"], 0x40}}, 0x200040b4)
sendmsg$NL80211_CMD_START_NAN(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, r3, 0xe910eff5c03c7dc3, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x9}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xb}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xf}, @NL80211_ATTR_BANDS={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x41}, 0x800)

2.126683343s ago: executing program 1 (id=3042):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001100050000000000feffffff07000000", @ANYRES32=r2, @ANYBLOB="003000000000000014001a80100004800c000880"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0) (fail_nth: 3)

2.05409381s ago: executing program 1 (id=3043):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82187201, &(0x7f00000002c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1b, 0x10, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, {}, {}, [@exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x585, 0x4, &(0x7f0000000640)=""/4, 0x41100, 0x10, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x9, 0x2}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x5, 0x80000001, 0x100}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x5, &(0x7f0000000700)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000740)=[{0x4, 0x4, 0x6}, {0x3, 0x4, 0xa, 0x8}, {0x3, 0x5, 0x6, 0x6}, {0x2, 0x5, 0xf}, {0x2, 0x3, 0xc, 0x5}], 0x10, 0xbdc7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0x1e1, 0x0, &(0x7f0000000880)="b901036000409a941478d76fdf1b9c66c376f63bf000001fffffe100004000632f77fb86dd60017f020001be3e7d2a182fffef7fc0b594c30a5f5081f95a898c81d7e5e8de60252a4f0b7577a9e2d46f0cab179db5000000000003bb247e0f570dfd577ccc831c3b2b4ece0fab49a3ec89293e93dfcba843b611b44a0b4ac5488b4fdaf6cb8fa2a3a600760a5449941a5f944db18225085e28c02664e9040000ae03add356c466fcafa2c754fdda5af5434e859f1b468af864586430027c0fc37c9c36be3af9331ebac8c2937bded05eb1bc8fa1974da5ef65d49dfa5213288f45b46781b26a82d86ef9480d06b5bdcce127fc804bb675374af2c74ecbd11a5971527ca2c57bee81dc621981ed351f2923afc35919c39802b678c98536c12d430bf867faab4f765289ef1d243cd9383ade000000000000000028ace1549af8f2ca5fcb0a2d17608ebea4c713192f6f87d5afdaf61a1f4609b448941a73d85e09da362e74ed5be490f85fca81783fa7c195a1328a311616766d73a698e54a64fdf3c95cf0b6aa683a1c73dcef55f45b302bb0f47399650d7732bc23673712a94b495aea62a97dd2e1671b726cd7b3abc3a2a2e1cad9ad958f3a3a0013f7a9600c97fb69a9b156f757eb011b9b19bd5b196af35bfc694e29bdd16c4c5a328dff6668", 0x0, 0x0, 0x6000000000000000, 0x10c, 0x0, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x4c)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES64=r2, @ANYRES16=r2, @ANYRESOCT=r2, @ANYRES32=r1, @ANYBLOB="14005e80250d05b4b4b8fec70a002527b4b49e58"], 0x30}}, 0x20000050)

1.993509345s ago: executing program 1 (id=3044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x28, 0x3c, 0x107, 0x0, 0xf0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)

1.992478885s ago: executing program 1 (id=3045):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x536e, 0x10000)
ioctl$SCSI_IOCTL_GET_IDLUN(r0, 0x5382, &(0x7f0000000040))
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x93)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, r2)
ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f00000000c0)={<r3=>0x0, 0x5, 0x0, [0x577, 0xffffffffffffff7a, 0x9, 0x3f7000, 0x97], [0xe4, 0x9, 0x9, 0x8, 0x10000, 0x8000000000000001, 0x5, 0x6, 0x4, 0x80000001, 0x9, 0x80, 0xd1, 0x9, 0x9, 0x6, 0x3, 0x0, 0x7fffffff, 0x4, 0x0, 0x9, 0x55, 0x28000000000, 0x7, 0x1ff, 0x9, 0x5, 0x1361, 0x6e6, 0x100000000, 0x2, 0x7, 0x7, 0x1, 0x2, 0x0, 0x3, 0x7b40, 0x7, 0x6, 0x8, 0x9, 0x0, 0xa, 0xff, 0x8, 0x10001, 0x8, 0xb, 0x0, 0x3, 0xffffffffffffffff, 0x526, 0x0, 0x37b3, 0xffff, 0x9b2, 0x8b6, 0x1, 0x0, 0x8001, 0x61b9, 0x5, 0x8, 0x4, 0x6, 0x4, 0x7e80ab89, 0xffffffffffff7fff, 0x7, 0x5, 0x5, 0x0, 0x5, 0xfff, 0x7, 0x0, 0x99, 0x4, 0x0, 0x2, 0x101, 0xfffffffffffffffc, 0x0, 0x9, 0x7fffffff, 0x6, 0x6, 0x7c92, 0x7, 0x9, 0x4c7, 0x400, 0x2, 0x3, 0x6, 0xeb, 0x5, 0x80, 0x48e, 0x0, 0x2, 0x0, 0x8000000000000000, 0x4, 0x8000000000000000, 0x7fff, 0x9, 0x9, 0x2, 0xfffffffffffffe01, 0x10001, 0xfffffffffffffffc, 0x6, 0xfffffffffffffff7, 0x8000000000000000, 0x8, 0x100000000, 0x8000, 0x59]})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000500)={r3, 0x0, 0x4, 0x1})
ioctl$SNDRV_PCM_IOCTL_FORWARD(r1, 0x40044149, &(0x7f0000000900)=0xfff)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect(r4, &(0x7f0000000940)=@qipcrtr={0x2a, 0xffffffff, 0x2}, 0x80)
getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f00000009c0), &(0x7f0000000a40)=0x60)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x54, r5, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "a17d9b2ca37cf52c7647f27257c979d7"}, @NL80211_ATTR_PMKID={0x14, 0x55, "31395e078f57af3c67d6dd15ca8e13f7"}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x37}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x33}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x43}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
setsockopt$inet_int(r1, 0x0, 0x31, &(0x7f0000000c00), 0x4)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000d40)=0xffffffffffffffff, 0x4)
r7 = openat$null(0xffffff9c, &(0x7f0000000e00), 0x40000, 0x0)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000e80)=@o_path={&(0x7f0000000e40)='./file0\x00', 0x0, 0x18, r4}, 0x14)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x1f, 0xa, &(0x7f0000000c40)=@framed={{0x18, 0x0, 0x0, 0x0, 0xcad, 0x0, 0x0, 0x0, 0x2db}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @jmp={0x5, 0x0, 0xa, 0x4, 0x9, 0x6, 0xfffffffffffffff0}, @exit]}, &(0x7f0000000cc0)='GPL\x00', 0x401, 0x13, &(0x7f0000000d00)=""/19, 0x41000, 0x40, '\x00', 0x0, @fallback=0x12, r6, 0x8, &(0x7f0000000d80)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000dc0)={0x3, 0x7, 0x19, 0x1}, 0x10, 0xffffffffffffffff, r1, 0x0, &(0x7f0000000ec0)=[r1, r7, r8, r1], 0x0, 0x10, 0x80000000}, 0x94)
setsockopt$nfc_llcp_NFC_LLCP_RW(r1, 0x118, 0x0, &(0x7f0000000fc0)=0x2, 0x4)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000001000)={0x0, 0x9c, "b1481fb27ee8117384dac5e4077131a729b4e82a49191237888df32206e4489dbc38c1b4cbf82c0b5da55878dc057f6004dd8be809dabab70a0cc8437316b44ce1818b67ee75665b8333268ca58995637e739982a5273dad5250816f824942870a19f8c07da5a008d6624ad372821b54b21f61da7eece79aec554426541a0ca6f6107709e9e114787d83424c092d62aefe99bc45df9aaf096a789d15"}, &(0x7f00000010c0)=0xa4)
ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000001100)={r1, 0x0, 0x3, r1})
ioctl$HDIO_GETGEO(0xffffffffffffffff, 0x301, &(0x7f0000001140))
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000001180))
ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f00000011c0))
open_by_handle_at(r7, &(0x7f0000001200)=@reiserfs_4={0x10, 0x4, {0x5, 0x5034, 0x4}}, 0x200200)
connect$ax25(r1, &(0x7f0000001240)={{0x3, @null, 0x4}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @bcast, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
ioctl$KDSKBSENT(r7, 0x4b49, &(0x7f00000012c0)={0x7f, "d104bbc6e3bbe009869bfb861ffbcf2024ddfe630da9aedd36e581f83354ce52148beff91d417e9dc61d50034feb3762ec71aed60ab83e89c3db4f057299a6b7bb9136f9f63a05fc076abcd3f15bf63f9a835aa43bdbefae8ab1be849f98f4db8ddf7edc879d0324228ad969f02e23df78cd42704b13392d8d2c27ec9e85b89a7d9034498bc42b97f0a5c6ff56a91b7b0789c36705d90cafb5e3039a518a2ab0bdecf0d978cab811cc37f4c2f35e3178e58cbf2f33107ebd498e79bb503fffaf4ca4def19bb98ddab79919e8db8013ffc63b613a067a80e02c7db379ad3a002a366ab46b8b02b6a99d160b5af2785d8341e807df3c6849cbce281e67fd8eeb364cd637d60cea674d1ea38a54fed3244381e8b808a8654648f7fb01570a52225bc6ae7262e2814230835e232e4b83d53ed55ecd7603363a3e1b6bbe58dab1350ad56f8d03882a1a1908afc3e9f1c7decd0cd69ddcef06b10ee6e97f3451759e4348c7e509a3d598358d2561c8ee1736096a5ccf8f0252b39ebc1d6f19c1aadc3c8c47f24de027272d1c1de3f901f7bf0826d007d6e11a4a1c5fda7a61b1c4d43066d6f360b94b913eb7028815e4f60bf911bd75666275a417f931d6c9d94f17bcbda1c20be437c4eaf13972f7838f53eedac29337715041f26c8245b4caf3b5d4a377272692a20f35196f9c159e75cf43290b6eb007859b87274f3c09b162098b"})
openat$snapshot(0xffffff9c, &(0x7f0000001500), 0x20000, 0x0)

1.283234586s ago: executing program 7 (id=3046):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, 0x0, 0x0)
r2 = openat$vicodec0(0xffffff9c, &(0x7f0000001200), 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='ext4_fc_track_inode\x00', r3, 0x0, 0x2}, 0x18)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185647, &(0x7f0000000280)={0xfffffff, 0x9, 0x3d, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x9909d1, 0x200, '\x00', @p_u16=&(0x7f0000000340)}})
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185648, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90d, 0x26, '\x00', @p_u32=&(0x7f0000000100)=0xfffffffe}})
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r4, 0x4001af84, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000003a000701fcfffffffddbdf25027c0000040036800c0001"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc050)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb010018000000000000000006000000010097930200ffffffffffffffff00000b000000002e2e30302e5f00"/56], 0x0, 0x38, 0x0, 0x1, 0x6}, 0x28)
syz_genetlink_get_family_id$smc(&(0x7f0000000380), r0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$kcm(0x11, 0xa, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
socket$nl_route(0x10, 0x3, 0x0)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x3)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
syz_usbip_server_init(0x5)
syz_usbip_server_init(0x0)

1.081992943s ago: executing program 1 (id=3047):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x9)
r1 = getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000300)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', <r3=>0x0, 0x700, 0x1, 0x4, 0x2, {{0x10, 0x4, 0x1, 0x7, 0x40, 0x66, 0x0, 0x64, 0x2f, 0x0, @rand_addr=0x64010101, @empty, {[@timestamp_prespec={0x44, 0xc, 0x55, 0x3, 0x0, [{@loopback, 0x5}]}, @rr={0x7, 0x1f, 0xeb, [@dev={0xac, 0x14, 0x14, 0x17}, @rand_addr=0x64010100, @broadcast, @broadcast, @local, @rand_addr=0x64010100, @multicast1]}]}}}}})
r4 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x0)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000002700)={0x53, 0x0, 0x6, 0x7, @buffer={0x0, 0x19, 0x0}, &(0x7f0000002680)="a0cea1791a1a", 0x0, 0x1000, 0x0, 0x1, 0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001800010000000000010000001d010000150003000000008005030000000000001000000002000000080005000804080808000900", @ANYRES32=r3, @ANYBLOB="d87b73ae4e0b48e2493cc1a414160d39efca392cf02457acec7b3704d400"/46], 0x3c}}, 0x20008030)
sched_setscheduler(r1, 0x0, &(0x7f0000000280)=0x19a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ioctl$TUNGETSNDBUF(r7, 0x800454d3, &(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x33}})
r9 = io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x3040, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS2(r9, 0xf, &(0x7f0000001580)={0x2, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}, {0x0}], 0x0}, 0x20)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f0000000540)={0x60, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x96}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7fff}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x24008844)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x2e, 0x0, 0x0, 0x61]}}, 0x0, 0x2e}, 0x28)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r9, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001ac0)=[{0x0}, {&(0x7f0000001b40)=""/164, 0xa4}], 0x0, 0x2}, 0x20)

603.77589ms ago: executing program 4 (id=3048):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1e00000009000000000001000400000002000000", @ANYRES32, @ANYBLOB="090000000000000000000002000000000000009a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000005000000040000000f00"/28], 0x50)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r0, 0x40045109, &(0x7f0000000080))
bpf$PROG_LOAD(0x4, &(0x7f0000000680)={0x1b, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = inotify_init1(0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000140))
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f0000000040), 0x8)
r3 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r3, 0x4008b100, 0x0)
listen(r2, 0x1)
io_uring_setup(0x43fc, &(0x7f0000000340)={0x0, 0x1414, 0x1000, 0x0, 0x12e})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x75c7c04b07bf3cec}}, 0x18}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20032008}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000006c52390000bd70000cdcdf2500000000b1567dbd3eb94d526b09034713a2685ab630dc49ed77aa64524fd04687a7e71c76eeabcf3c6ee5946cdd72e830f45780f5200c693c3ee574cd194b9cfa449180860f7b8192050b21d7b00b5c83d0df5ccacc57b3ee5f864f5e38cfe3941d1fe1a40918097b1107a46271", @ANYRES32=0x0, @ANYBLOB="000000000080000008001d0010000000"], 0x28}}, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r6, &(0x7f00000000c0)='V', 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)

530.45261ms ago: executing program 7 (id=3049):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x84ff, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="701500003c0007010300000000000000017c0000040042800c0001800600060086dd00004c1502"], 0x1570}, 0x1, 0x0, 0x0, 0x20000000}, 0xc800)

483.717607ms ago: executing program 7 (id=3050):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000580), 0x2000000, &(0x7f0000000040)={[{@mpol={'mpol', 0x3d, {'interleave', '', @void}}}], [{@hash}]})
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x400, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x4, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x97e, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
userfaultfd(0x81000)
ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2271, 0x0)
socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
tkill(r4, 0xb)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

353.096874ms ago: executing program 5 (id=3051):
r0 = epoll_create1(0x0)
r1 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x30000008})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x401, 0x3, 0x0, {0x0, 0x0, 0x0, 0x0, 0x100, 0x8}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}]}, 0x34}}, 0x20004844)
getsockopt$inet_mtu(r2, 0x0, 0xa, 0x0, &(0x7f0000002640))
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0xff}, {0x1, [{@none, 0xca, 0x81, "b86293", 0x5, 0x40, "7777af07bd64378b53ca88284851a4ac64cca2c09b326e76c0adfd3cc760a3f98e63a2a74d6735c55e31bc0d530588d2f80451b574cd195054210eba30f3c656a37648fcc88ed3c8e3b922307f2063d986afbded64718c8753fa3ffa5db89f7463d9efaf4f1007a12044010340f5052967537105458b4955f3f7c2b9410924ba136e427809b86698ec2d0a746450dde4b046ca3cbd11e3c31dd7075e27e78994c8e8f78d8a7fc1c662eab08079af331b69179497e8a8ff35839b027f3eeab978e4b87ed652a94d39d6f92d872c358a38216f1518cff3912db7c15cb2394bb59e14b85d2e554be14a9f53b526a231225f"}]}}}, 0x102)
syz_emit_vhci(0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000040)={0x80002003})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r6 = socket$inet(0x2, 0x810, 0x257)
setsockopt(r6, 0x0, 0x20, &(0x7f0000000000)="c440ed6c", 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ASSOCIATE_RESP(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x14, 0x0, 0x178b86ea1e6b41a3, 0x70bd05, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20000010)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="500000000001030000000000000000039d0500003c0001802c00018014000300fe8000000000000000000000000000aa140004f9ff01000200000000000031dea07740200000000000010c0002800500"], 0x50}}, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
sendmsg$nl_route(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000005200000828bd7000ffdbdf251c080006000080000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004011)
socket$netlink(0x10, 0x3, 0x4)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000170900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x2000c450)
sendmsg$NFT_BATCH(r9, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a010400000000000000000a0000050900020073797a32000000003800048034000180090001007866726d000000002400028005000300000000000800014000000010080004400000000008000240000000000900010073797a31"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
chdir(&(0x7f0000000140)='./bus\x00')

0s ago: executing program 5 (id=3052):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002f40)={0x30, 0x3c, 0x107, 0x6, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x18, 0xa, 0x0, 0x1, [@typed={0x14, 0x10c, 0x0, 0x0, @ipv6=@private2}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) (fail_nth: 10)

kernel console output (not intermixed with test programs):

 04/01/2014
[  595.541777][T15591] Call Trace:
[  595.541785][T15591]  <TASK>
[  595.541793][T15591]  dump_stack_lvl+0x16c/0x1f0
[  595.541819][T15591]  should_fail_ex+0x512/0x640
[  595.541841][T15591]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  595.541866][T15591]  should_failslab+0xc2/0x120
[  595.541893][T15591]  kmem_cache_alloc_node_noprof+0x78/0x770
[  595.541915][T15591]  ? __alloc_skb+0x2b2/0x380
[  595.541939][T15591]  ? __alloc_skb+0x2b2/0x380
[  595.541954][T15591]  __alloc_skb+0x2b2/0x380
[  595.541972][T15591]  ? __pfx___alloc_skb+0x10/0x10
[  595.541990][T15591]  ? genl_rcv_msg+0x4d0/0x800
[  595.542013][T15591]  ? genl_rcv_msg+0x4bb/0x800
[  595.542044][T15591]  netlink_ack+0x15d/0xb80
[  595.542076][T15591]  netlink_rcv_skb+0x332/0x420
[  595.542097][T15591]  ? __pfx_genl_rcv_msg+0x10/0x10
[  595.542122][T15591]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  595.542154][T15591]  ? netlink_deliver_tap+0x1ae/0xd30
[  595.542178][T15591]  genl_rcv+0x28/0x40
[  595.542214][T15591]  netlink_unicast+0x5a7/0x870
[  595.542240][T15591]  ? __pfx_netlink_unicast+0x10/0x10
[  595.542262][T15591]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  595.542293][T15591]  netlink_sendmsg+0x8c8/0xdd0
[  595.542320][T15591]  ? __pfx_netlink_sendmsg+0x10/0x10
[  595.542345][T15591]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  595.542373][T15591]  ____sys_sendmsg+0xa95/0xc70
[  595.542414][T15591]  ? __pfx_____sys_sendmsg+0x10/0x10
[  595.542437][T15591]  ? get_compat_msghdr+0x11a/0x170
[  595.542467][T15591]  ___sys_sendmsg+0x134/0x1d0
[  595.542488][T15591]  ? __pfx____sys_sendmsg+0x10/0x10
[  595.542521][T15591]  ? find_held_lock+0x2b/0x80
[  595.542561][T15591]  __sys_sendmsg+0x16d/0x220
[  595.542581][T15591]  ? __pfx___sys_sendmsg+0x10/0x10
[  595.542612][T15591]  ? rcu_is_watching+0x12/0xc0
[  595.542638][T15591]  __do_fast_syscall_32+0x7c/0x300
[  595.542666][T15591]  do_fast_syscall_32+0x32/0x80
[  595.542685][T15591]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  595.542707][T15591] RIP: 0023:0xf70be579
[  595.542721][T15591] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  595.542738][T15591] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  595.542756][T15591] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  595.542767][T15591] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  595.542778][T15591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  595.542788][T15591] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  595.542798][T15591] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  595.542821][T15591]  </TASK>
[  595.621606][  T839] mcp2221 0003:04D8:00DD.0035: unknown main item tag 0x0
[  595.651642][  T839] mcp2221 0003:04D8:00DD.0035: unknown main item tag 0x0
[  595.654865][  T839] mcp2221 0003:04D8:00DD.0035: unknown main item tag 0x0
[  595.657324][  T839] mcp2221 0003:04D8:00DD.0035: unknown main item tag 0x0
[  595.660801][  T839] mcp2221 0003:04D8:00DD.0035: unknown main item tag 0x0
[  595.665527][  T839] mcp2221 0003:04D8:00DD.0035: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  595.692658][ T1324] usb 52-1: SetAddress Request (2) to port 0
[  595.695136][ T1324] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd
[  595.720601][T15602] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  595.770763][T15587] vhci_hcd: connection reset by peer
[  595.774372][ T1254] vhci_hcd: stop threads
[  595.776137][ T1254] vhci_hcd: release socket
[  595.778068][ T1254] vhci_hcd: disconnect device
[  595.819594][  T839] usb 9-1: USB disconnect, device number 15
[  596.842291][T10626] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  596.992522][T10626] usb 10-1: Using ep0 maxpacket: 8
[  597.007625][T10626] usb 10-1: config 0 interface 0 has no altsetting 0
[  597.010536][T10626] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  597.015085][T10626] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.026804][T10626] usb 10-1: config 0 descriptor??
[  597.275714][T15642] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2611'.
[  597.456812][T10626] mcp2221 0003:04D8:00DD.0036: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  597.542364][  T838] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  597.663609][T10626] usb 10-1: USB disconnect, device number 15
[  597.712342][  T838] usb 12-1: Using ep0 maxpacket: 8
[  597.717413][  T838] usb 12-1: config 0 interface 0 has no altsetting 0
[  597.719779][  T838] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  597.723846][  T838] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.733139][  T838] usb 12-1: config 0 descriptor??
[  598.075707][T15666] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2621'.
[  598.140769][  T838] mcp2221 0003:04D8:00DD.0037: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0
[  598.362534][   T34] usb 12-1: USB disconnect, device number 2
[  598.366425][T10626] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  598.387560][T15674] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  598.390911][T15674] FAULT_INJECTION: forcing a failure.
[  598.390911][T15674] name failslab, interval 1, probability 0, space 0, times 0
[  598.397057][T15674] CPU: 1 UID: 0 PID: 15674 Comm: syz.4.2624 Not tainted syzkaller #0 PREEMPT(full) 
[  598.397071][T15674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  598.397079][T15674] Call Trace:
[  598.397083][T15674]  <TASK>
[  598.397087][T15674]  dump_stack_lvl+0x16c/0x1f0
[  598.397103][T15674]  should_fail_ex+0x512/0x640
[  598.397116][T15674]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  598.397131][T15674]  should_failslab+0xc2/0x120
[  598.397148][T15674]  kmem_cache_alloc_node_noprof+0x78/0x770
[  598.397160][T15674]  ? __alloc_skb+0x2b2/0x380
[  598.397173][T15674]  ? __alloc_skb+0x2b2/0x380
[  598.397182][T15674]  __alloc_skb+0x2b2/0x380
[  598.397192][T15674]  ? __pfx___alloc_skb+0x10/0x10
[  598.397202][T15674]  ? genl_rcv_msg+0x4d0/0x800
[  598.397217][T15674]  ? genl_rcv_msg+0x4bb/0x800
[  598.397234][T15674]  netlink_ack+0x15d/0xb80
[  598.397250][T15674]  netlink_rcv_skb+0x332/0x420
[  598.397263][T15674]  ? __pfx_genl_rcv_msg+0x10/0x10
[  598.397278][T15674]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  598.397295][T15674]  ? netlink_deliver_tap+0x1ae/0xd30
[  598.397307][T15674]  ? is_vmalloc_addr+0x86/0xa0
[  598.397320][T15674]  genl_rcv+0x28/0x40
[  598.397332][T15674]  netlink_unicast+0x5a7/0x870
[  598.397346][T15674]  ? __pfx_netlink_unicast+0x10/0x10
[  598.397358][T15674]  ? __asan_memset+0x23/0x50
[  598.397369][T15674]  ? __build_skb_around+0x278/0x3b0
[  598.397385][T15674]  ? is_vmalloc_addr+0x86/0xa0
[  598.397398][T15674]  netlink_sendmsg+0x8c8/0xdd0
[  598.397417][T15674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  598.397431][T15674]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  598.397446][T15674]  ____sys_sendmsg+0xa95/0xc70
[  598.397462][T15674]  ? __pfx_____sys_sendmsg+0x10/0x10
[  598.397476][T15674]  ? get_compat_msghdr+0x11a/0x170
[  598.397493][T15674]  ___sys_sendmsg+0x134/0x1d0
[  598.397505][T15674]  ? __pfx____sys_sendmsg+0x10/0x10
[  598.397523][T15674]  ? find_held_lock+0x2b/0x80
[  598.397545][T15674]  __sys_sendmsg+0x16d/0x220
[  598.397557][T15674]  ? __pfx___sys_sendmsg+0x10/0x10
[  598.397574][T15674]  ? rcu_is_watching+0x12/0xc0
[  598.397589][T15674]  __do_fast_syscall_32+0x7c/0x300
[  598.397603][T15674]  do_fast_syscall_32+0x32/0x80
[  598.397614][T15674]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  598.397629][T15674] RIP: 0023:0xf7f76579
[  598.397638][T15674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  598.397649][T15674] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  598.397659][T15674] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  598.397666][T15674] RDX: 000000000000c800 RSI: 0000000000000000 RDI: 0000000000000000
[  598.397672][T15674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  598.397678][T15674] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  598.397684][T15674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  598.397697][T15674]  </TASK>
[  598.554963][T10626] usb 6-1: config 0 interface 0 has no altsetting 0
[  598.559229][T10626] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  598.563497][T10626] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  598.566428][T10626] usb 6-1: Product: syz
[  598.567907][T10626] usb 6-1: Manufacturer: syz
[  598.569539][T10626] usb 6-1: SerialNumber: syz
[  598.573472][T10626] usb 6-1: config 0 descriptor??
[  598.580289][T10626] usb 6-1: selecting invalid altsetting 0
[  598.742473][ T6089] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  598.790530][ T6013] usb 6-1: USB disconnect, device number 30
[  598.903859][ T6089] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  598.906904][ T6089] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  598.910135][ T6089] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  598.916513][ T6089] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  598.919399][ T6089] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.922052][ T6089] usb 10-1: Product: syz
[  598.923988][ T6089] usb 10-1: Manufacturer: syz
[  598.925695][ T6089] usb 10-1: SerialNumber: syz
[  598.930854][ T6089] hub 10-1:1.0: bad descriptor, ignoring hub
[  598.933277][ T6089] hub 10-1:1.0: probe with driver hub failed with error -5
[  599.148538][ T6089] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  599.340044][T15690] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2630'.
[  599.472725][  T839] usb 10-1: USB disconnect, device number 16
[  599.479451][  T839] usblp0: removed
[  599.622323][T10626] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  599.812325][T10626] usb 6-1: Using ep0 maxpacket: 8
[  599.815584][T10626] usb 6-1: config 0 interface 0 has no altsetting 0
[  599.817979][T10626] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  599.821351][T10626] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.830923][T10626] usb 6-1: config 0 descriptor??
[  600.282851][T10626] hid_parser_main: 10 callbacks suppressed
[  600.282865][T10626] mcp2221 0003:04D8:00DD.0038: unknown main item tag 0x0
[  600.287727][T10626] mcp2221 0003:04D8:00DD.0038: unknown main item tag 0x0
[  600.290197][T10626] mcp2221 0003:04D8:00DD.0038: unknown main item tag 0x0
[  600.292922][T10626] mcp2221 0003:04D8:00DD.0038: unknown main item tag 0x0
[  600.295306][T10626] mcp2221 0003:04D8:00DD.0038: unknown main item tag 0x0
[  600.299238][T10626] mcp2221 0003:04D8:00DD.0038: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  600.446592][  T839] usb 6-1: USB disconnect, device number 31
[  600.552501][   T34] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  600.722291][   T34] usb 12-1: Using ep0 maxpacket: 8
[  600.722709][ T1324] usb 52-1: device descriptor read/8, error -110
[  600.725364][   T34] usb 12-1: config 0 interface 0 has no altsetting 0
[  600.728419][   T34] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  600.731552][   T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.736134][   T34] usb 12-1: config 0 descriptor??
[  600.974691][T15725] openvswitch: netlink: Actions may not be safe on all matching packets
[  600.988660][T15728] FAULT_INJECTION: forcing a failure.
[  600.988660][T15728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  600.993897][T15728] CPU: 0 UID: 0 PID: 15728 Comm: syz.4.2640 Not tainted syzkaller #0 PREEMPT(full) 
[  600.993916][T15728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  600.993925][T15728] Call Trace:
[  600.993930][T15728]  <TASK>
[  600.993935][T15728]  dump_stack_lvl+0x16c/0x1f0
[  600.993954][T15728]  should_fail_ex+0x512/0x640
[  600.993972][T15728]  _copy_from_user+0x2e/0xd0
[  600.993989][T15728]  bpf_test_init.isra.0+0xce/0x130
[  600.994012][T15728]  bpf_prog_test_run_skb+0x261/0x2290
[  600.994028][T15728]  ? __fget_files+0x204/0x3c0
[  600.994045][T15728]  ? __fget_files+0x20e/0x3c0
[  600.994059][T15728]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  600.994075][T15728]  ? fput+0x9b/0xd0
[  600.994096][T15728]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  600.994110][T15728]  __sys_bpf+0x1035/0x4980
[  600.994129][T15728]  ? __pfx___sys_bpf+0x10/0x10
[  600.994143][T15728]  ? find_held_lock+0x2b/0x80
[  600.994163][T15728]  ? find_held_lock+0x2b/0x80
[  600.994182][T15728]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  600.994205][T15728]  ? fput+0x9b/0xd0
[  600.994223][T15728]  ? ksys_write+0x1ac/0x250
[  600.994239][T15728]  ? __pfx_ksys_write+0x10/0x10
[  600.994257][T15728]  __ia32_sys_bpf+0x76/0xe0
[  600.994272][T15728]  __do_fast_syscall_32+0x7c/0x300
[  600.994285][T15728]  do_fast_syscall_32+0x32/0x80
[  600.994297][T15728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  600.994310][T15728] RIP: 0023:0xf7f76579
[  600.994319][T15728] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  600.994330][T15728] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  600.994340][T15728] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  600.994347][T15728] RDX: 000000000000002c RSI: 0000000000000000 RDI: 0000000000000000
[  600.994359][T15728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  600.994365][T15728] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  600.994371][T15728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  600.994384][T15728]  </TASK>
[  601.001790][T15730] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2641'.
[  601.114795][ T1324] usb usb52-port1: attempt power cycle
[  601.147773][   T34] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0
[  601.150283][   T34] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0
[  601.154916][   T34] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0
[  601.159518][   T34] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0
[  601.162038][   T34] mcp2221 0003:04D8:00DD.0039: unknown main item tag 0x0
[  601.165531][   T34] mcp2221 0003:04D8:00DD.0039: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0
[  601.345756][ T6089] usb 12-1: USB disconnect, device number 3
[  601.500675][T15758] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  601.503169][T15758] UDF-fs: Scanning with blocksize 2048 failed
[  601.505791][T15758] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  601.508095][T15758] UDF-fs: Scanning with blocksize 4096 failed
[  601.683258][ T1324] usb usb52-port1: unable to enumerate USB device
[  601.899585][T15769] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2651'.
[  602.262876][T15785] comedi comedi0: Minor 3 could not be opened
[  602.459821][T15789] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  602.463293][T15789] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  602.468080][T15789] vhci_hcd vhci_hcd.0: Device attached
[  602.479656][   T40] kauditd_printk_skb: 315 callbacks suppressed
[  602.479704][   T40] audit: type=1800 audit(1759534388.518:927): pid=15789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2657" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  602.762293][  T839] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  602.762339][   T24] usb 48-1: SetAddress Request (2) to port 0
[  602.766848][   T24] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  602.942618][  T839] usb 9-1: Using ep0 maxpacket: 8
[  602.946021][  T839] usb 9-1: config 0 interface 0 has no altsetting 0
[  602.948525][  T839] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  602.952413][  T839] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.960585][  T839] usb 9-1: config 0 descriptor??
[  603.068836][T15790] vhci_hcd: connection reset by peer
[  603.071590][ T1254] vhci_hcd: stop threads
[  603.073450][ T1254] vhci_hcd: release socket
[  603.076772][ T1254] vhci_hcd: disconnect device
[  603.362625][ T1324] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  603.372691][  T839] mcp2221 0003:04D8:00DD.003A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  603.514192][ T1324] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  603.517489][ T1324] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  603.520500][ T1324] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  603.527179][ T1324] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  603.530614][ T1324] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.533382][ T1324] usb 6-1: Product: syz
[  603.534761][ T1324] usb 6-1: Manufacturer: syz
[  603.536284][ T1324] usb 6-1: SerialNumber: syz
[  603.541084][ T1324] hub 6-1:1.0: bad descriptor, ignoring hub
[  603.543417][ T1324] hub 6-1:1.0: probe with driver hub failed with error -5
[  603.571652][ T6013] usb 9-1: USB disconnect, device number 16
[  603.647812][T15805] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2662'.
[  603.749735][ T1324] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 32 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  603.773021][T15812] input: syz1 as /devices/virtual/input/input28
[  604.064199][ T1324] usb 6-1: USB disconnect, device number 32
[  604.068522][ T1324] usblp0: removed
[  605.495204][T15848] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2674'.
[  605.782325][ T6013] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  605.942611][ T6013] usb 12-1: Using ep0 maxpacket: 8
[  605.952402][ T6013] usb 12-1: config 0 interface 0 has no altsetting 0
[  605.955072][T15857] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  605.955650][ T6013] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  605.955677][ T6013] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.960187][T15856] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  605.966944][ T6013] usb 12-1: config 0 descriptor??
[  605.977655][T15856] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  606.240697][T15867] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2683'.
[  606.283809][T15872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2684'.
[  606.292422][   T34] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  606.319257][T15875] FAULT_INJECTION: forcing a failure.
[  606.319257][T15875] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  606.325136][T15875] CPU: 3 UID: 0 PID: 15875 Comm: syz.5.2685 Not tainted syzkaller #0 PREEMPT(full) 
[  606.325167][T15875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  606.325202][T15875] Call Trace:
[  606.325211][T15875]  <TASK>
[  606.325220][T15875]  dump_stack_lvl+0x16c/0x1f0
[  606.325249][T15875]  should_fail_ex+0x512/0x640
[  606.325276][T15875]  strncpy_from_user+0x3b/0x2e0
[  606.325303][T15875]  bpf_prog_load+0x1df8/0x2850
[  606.325333][T15875]  ? __pfx_bpf_prog_load+0x10/0x10
[  606.325354][T15875]  ? __lock_acquire+0xb97/0x1ce0
[  606.325418][T15875]  __sys_bpf+0x3e72/0x4980
[  606.325446][T15875]  ? __pfx___sys_bpf+0x10/0x10
[  606.325468][T15875]  ? find_held_lock+0x2b/0x80
[  606.325500][T15875]  ? find_held_lock+0x2b/0x80
[  606.325544][T15875]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  606.325585][T15875]  ? fput+0x9b/0xd0
[  606.325615][T15875]  ? ksys_write+0x1ac/0x250
[  606.325640][T15875]  ? __pfx_ksys_write+0x10/0x10
[  606.325671][T15875]  __ia32_sys_bpf+0x76/0xe0
[  606.325697][T15875]  __do_fast_syscall_32+0x7c/0x300
[  606.325724][T15875]  do_fast_syscall_32+0x32/0x80
[  606.325747][T15875]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  606.325773][T15875] RIP: 0023:0xf70be579
[  606.325792][T15875] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  606.325812][T15875] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  606.325832][T15875] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000880
[  606.325845][T15875] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  606.325857][T15875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  606.325869][T15875] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  606.325881][T15875] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  606.325908][T15875]  </TASK>
[  606.383117][ T6013] hid_parser_main: 5 callbacks suppressed
[  606.383136][ T6013] mcp2221 0003:04D8:00DD.003B: unknown main item tag 0x0
[  606.405602][ T6013] mcp2221 0003:04D8:00DD.003B: unknown main item tag 0x0
[  606.407949][ T6013] mcp2221 0003:04D8:00DD.003B: unknown main item tag 0x0
[  606.410145][ T6013] mcp2221 0003:04D8:00DD.003B: unknown main item tag 0x0
[  606.412770][ T6013] mcp2221 0003:04D8:00DD.003B: unknown main item tag 0x0
[  606.415802][ T6013] mcp2221 0003:04D8:00DD.003B: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0
[  606.463642][   T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  606.466732][   T34] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  606.469835][   T34] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  606.476593][   T34] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  606.479447][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.482525][   T34] usb 6-1: Product: syz
[  606.484243][   T34] usb 6-1: Manufacturer: syz
[  606.485836][   T34] usb 6-1: SerialNumber: syz
[  606.493101][   T34] hub 6-1:1.0: bad descriptor, ignoring hub
[  606.495006][   T34] hub 6-1:1.0: probe with driver hub failed with error -5
[  606.582719][ T7301] usb 12-1: USB disconnect, device number 4
[  606.694719][   T34] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 33 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  606.992653][  T838] usb 6-1: USB disconnect, device number 33
[  606.996711][  T838] usblp0: removed
[  607.187780][T15895] FAULT_INJECTION: forcing a failure.
[  607.187780][T15895] name failslab, interval 1, probability 0, space 0, times 0
[  607.191897][T15895] CPU: 3 UID: 0 PID: 15895 Comm: syz.7.2690 Not tainted syzkaller #0 PREEMPT(full) 
[  607.191913][T15895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  607.191920][T15895] Call Trace:
[  607.191925][T15895]  <TASK>
[  607.191930][T15895]  dump_stack_lvl+0x16c/0x1f0
[  607.191947][T15895]  should_fail_ex+0x512/0x640
[  607.191972][T15895]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  607.191990][T15895]  should_failslab+0xc2/0x120
[  607.192008][T15895]  kmem_cache_alloc_node_noprof+0x78/0x770
[  607.192021][T15895]  ? __alloc_skb+0x2b2/0x380
[  607.192035][T15895]  ? __alloc_skb+0x2b2/0x380
[  607.192045][T15895]  __alloc_skb+0x2b2/0x380
[  607.192056][T15895]  ? __pfx___alloc_skb+0x10/0x10
[  607.192065][T15895]  ? do_raw_spin_lock+0x12c/0x2b0
[  607.192079][T15895]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  607.192095][T15895]  sock_wmalloc+0xd4/0x120
[  607.192114][T15895]  l2tp_ip_sendmsg+0x1b6/0x1980
[  607.192134][T15895]  ? __pfx_l2tp_ip_sendmsg+0x10/0x10
[  607.192152][T15895]  inet_sendmsg+0x11c/0x140
[  607.192171][T15895]  ____sys_sendmsg+0x973/0xc70
[  607.192198][T15895]  ? __pfx_____sys_sendmsg+0x10/0x10
[  607.192216][T15895]  ? get_compat_msghdr+0x11a/0x170
[  607.192230][T15895]  ? __pfx__kstrtoull+0x10/0x10
[  607.192250][T15895]  ___sys_sendmsg+0x134/0x1d0
[  607.192263][T15895]  ? __pfx____sys_sendmsg+0x10/0x10
[  607.192289][T15895]  ? __pfx___might_resched+0x10/0x10
[  607.192312][T15895]  __sys_sendmmsg+0x2f9/0x420
[  607.192326][T15895]  ? __pfx___sys_sendmmsg+0x10/0x10
[  607.192343][T15895]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  607.192362][T15895]  ? fput+0x9b/0xd0
[  607.192379][T15895]  ? ksys_write+0x1ac/0x250
[  607.192391][T15895]  ? __pfx_ksys_write+0x10/0x10
[  607.192408][T15895]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  607.192420][T15895]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  607.192433][T15895]  __do_fast_syscall_32+0x7c/0x300
[  607.192447][T15895]  do_fast_syscall_32+0x32/0x80
[  607.192459][T15895]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  607.192473][T15895] RIP: 0023:0xf701e579
[  607.192483][T15895] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  607.192494][T15895] RSP: 002b:00000000f53ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  607.192505][T15895] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000900
[  607.192512][T15895] RDX: 00000000040000cf RSI: 0000000000000000 RDI: 0000000000000000
[  607.192519][T15895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  607.192525][T15895] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  607.192532][T15895] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  607.192546][T15895]  </TASK>
[  607.324223][T15900] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2692'.
[  607.657198][T15912] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2695'.
[  607.853338][   T24] usb 48-1: device descriptor read/8, error -110
[  607.962365][T15926] comedi comedi0: Minor 3 could not be opened
[  608.267090][   T24] usb usb48-port1: attempt power cycle
[  608.682403][ T1324] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  608.776443][T15946] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2704'.
[  608.836129][   T24] usb usb48-port1: unable to enumerate USB device
[  608.862316][ T1324] usb 6-1: Using ep0 maxpacket: 8
[  608.866280][ T1324] usb 6-1: config 0 interface 0 has no altsetting 0
[  608.869331][ T1324] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  608.872719][ T1324] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.876981][ T1324] usb 6-1: config 0 descriptor??
[  609.284785][ T1324] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[  609.287716][ T1324] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[  609.290409][ T1324] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[  609.293029][ T1324] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[  609.295393][ T1324] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[  609.298173][ T1324] mcp2221 0003:04D8:00DD.003C: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  609.485915][   T34] usb 6-1: USB disconnect, device number 34
[  609.585107][T15968] openvswitch: netlink: ct_state flags 00000781 unsupported
[  609.618243][T15971] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2713'.
[  609.706213][T15979] bond1: peer notification delay (512) is not a multiple of miimon (5), value rounded to 510 ms
[  609.719147][T15979] bond1 (unregistering): Released all slaves
[  609.905173][T15986] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  609.907732][T15986] UDF-fs: Scanning with blocksize 2048 failed
[  609.910820][T15986] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  609.913741][T15986] UDF-fs: Scanning with blocksize 4096 failed
[  610.363402][T15994] netlink: 5 bytes leftover after parsing attributes in process `syz.5.2722'.
[  610.367039][T15994] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  610.398334][T15997] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2723'.
[  610.942264][ T6032] usb 12-1: new full-speed USB device number 5 using dummy_hcd
[  611.113838][ T6032] usb 12-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  611.117158][ T6032] usb 12-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  611.212502][ T6032] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  611.217923][ T6032] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.289421][ T6032] usbtmc 12-1:16.0: bulk endpoints not found
[  611.599922][T16034] netlink: 5380 bytes leftover after parsing attributes in process `syz.1.2734'.
[  611.605050][T16034] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  611.832314][ T6032] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  611.967714][T16037] netlink: 'syz.1.2735': attribute type 1 has an invalid length.
[  612.012698][ T6032] usb 9-1: Using ep0 maxpacket: 16
[  612.017604][ T6032] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  612.020579][ T6032] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  612.023668][ T6032] usb 9-1: Product: syz
[  612.025456][ T6032] usb 9-1: Manufacturer: syz
[  612.027600][ T6032] usb 9-1: SerialNumber: syz
[  612.031740][ T6032] usb 9-1: config 0 descriptor??
[  612.037091][ T6032] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[  612.042166][ T6032] usb 9-1: Detected FT-X
[  612.238594][ T6032] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  612.318261][T16045] FAULT_INJECTION: forcing a failure.
[  612.318261][T16045] name failslab, interval 1, probability 0, space 0, times 0
[  612.322398][T16045] CPU: 3 UID: 0 PID: 16045 Comm: syz.5.2737 Not tainted syzkaller #0 PREEMPT(full) 
[  612.322415][T16045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  612.322422][T16045] Call Trace:
[  612.322426][T16045]  <TASK>
[  612.322431][T16045]  dump_stack_lvl+0x16c/0x1f0
[  612.322447][T16045]  should_fail_ex+0x512/0x640
[  612.322461][T16045]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  612.322478][T16045]  should_failslab+0xc2/0x120
[  612.322495][T16045]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  612.322510][T16045]  ? ovs_nla_get_match+0x589/0x1700
[  612.322524][T16045]  ? __pfx_ovs_key_from_nlattrs+0x10/0x10
[  612.322540][T16045]  ? kmemdup_noprof+0x29/0x60
[  612.322553][T16045]  kmemdup_noprof+0x29/0x60
[  612.322566][T16045]  ovs_nla_get_match+0x589/0x1700
[  612.322582][T16045]  ? genl_rcv+0x28/0x40
[  612.322596][T16045]  ? __pfx_ovs_nla_get_match+0x10/0x10
[  612.322609][T16045]  ? ___sys_sendmsg+0x134/0x1d0
[  612.322620][T16045]  ? __sys_sendmsg+0x16d/0x220
[  612.322630][T16045]  ? __do_fast_syscall_32+0x7c/0x300
[  612.322642][T16045]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  612.322670][T16045]  ? __asan_memset+0x23/0x50
[  612.322684][T16045]  ovs_flow_cmd_new+0x305/0xe30
[  612.322704][T16045]  ? kasan_save_stack+0x42/0x60
[  612.322717][T16045]  ? kasan_save_stack+0x33/0x60
[  612.322731][T16045]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  612.322747][T16045]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  612.322763][T16045]  ? genl_rcv_msg+0x55c/0x800
[  612.322776][T16045]  ? netlink_rcv_skb+0x158/0x420
[  612.322787][T16045]  ? genl_rcv+0x28/0x40
[  612.322800][T16045]  ? ___sys_sendmsg+0x134/0x1d0
[  612.322810][T16045]  ? __sys_sendmsg+0x16d/0x220
[  612.322820][T16045]  ? __do_fast_syscall_32+0x7c/0x300
[  612.322831][T16045]  ? do_fast_syscall_32+0x32/0x80
[  612.322842][T16045]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  612.322877][T16045]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  612.322892][T16045]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  612.322910][T16045]  genl_family_rcv_msg_doit+0x209/0x2f0
[  612.322926][T16045]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  612.322946][T16045]  ? bpf_lsm_capable+0x9/0x10
[  612.322961][T16045]  ? security_capable+0x7e/0x260
[  612.322975][T16045]  ? ns_capable+0xd7/0x110
[  612.322990][T16045]  genl_rcv_msg+0x55c/0x800
[  612.323006][T16045]  ? __pfx_genl_rcv_msg+0x10/0x10
[  612.323021][T16045]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  612.323043][T16045]  netlink_rcv_skb+0x158/0x420
[  612.323056][T16045]  ? __pfx_genl_rcv_msg+0x10/0x10
[  612.323071][T16045]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  612.323089][T16045]  ? netlink_deliver_tap+0x1ae/0xd30
[  612.323103][T16045]  genl_rcv+0x28/0x40
[  612.323115][T16045]  netlink_unicast+0x5a7/0x870
[  612.323129][T16045]  ? __pfx_netlink_unicast+0x10/0x10
[  612.323141][T16045]  ? __asan_memset+0x23/0x50
[  612.323153][T16045]  ? __build_skb_around+0x278/0x3b0
[  612.323169][T16045]  ? is_vmalloc_addr+0x86/0xa0
[  612.323183][T16045]  netlink_sendmsg+0x8c8/0xdd0
[  612.323198][T16045]  ? __pfx_netlink_sendmsg+0x10/0x10
[  612.323212][T16045]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  612.323228][T16045]  ____sys_sendmsg+0xa95/0xc70
[  612.323244][T16045]  ? __pfx_____sys_sendmsg+0x10/0x10
[  612.323259][T16045]  ? get_compat_msghdr+0x11a/0x170
[  612.323277][T16045]  ___sys_sendmsg+0x134/0x1d0
[  612.323294][T16045]  ? __pfx____sys_sendmsg+0x10/0x10
[  612.323312][T16045]  ? find_held_lock+0x2b/0x80
[  612.323335][T16045]  __sys_sendmsg+0x16d/0x220
[  612.323347][T16045]  ? __pfx___sys_sendmsg+0x10/0x10
[  612.323364][T16045]  ? rcu_is_watching+0x12/0xc0
[  612.323381][T16045]  __do_fast_syscall_32+0x7c/0x300
[  612.323394][T16045]  do_fast_syscall_32+0x32/0x80
[  612.323406][T16045]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  612.323419][T16045] RIP: 0023:0xf70be579
[  612.323428][T16045] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  612.323439][T16045] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  612.323450][T16045] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  612.323457][T16045] RDX: 000000000000c800 RSI: 0000000000000000 RDI: 0000000000000000
[  612.323463][T16045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  612.323469][T16045] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  612.323475][T16045] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  612.323489][T16045]  </TASK>
[  612.646093][ T6032] ftdi_sio 9-1:0.0: GPIO initialisation failed: -71
[  612.775555][ T6032] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  612.802657][ T6032] usb 9-1: USB disconnect, device number 17
[  612.808103][ T6032] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  612.823106][ T6032] ftdi_sio 9-1:0.0: device disconnected
[  613.720088][  T839] usb 12-1: USB disconnect, device number 5
[  614.062433][ T6032] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  614.212849][ T6032] usb 6-1: Using ep0 maxpacket: 8
[  614.220541][ T6032] usb 6-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[  614.225432][ T6032] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  614.230069][ T6032] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  614.236628][ T6032] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  614.240892][ T6032] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.258054][ T6032] hub 6-1:1.0: bad descriptor, ignoring hub
[  614.261786][ T6032] hub 6-1:1.0: probe with driver hub failed with error -5
[  614.265448][ T6032] cdc_wdm 6-1:1.0: skipping garbage
[  614.267760][ T6032] cdc_wdm 6-1:1.0: skipping garbage
[  614.270094][ T6032] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  614.572432][ T1324] usb 6-1: USB disconnect, device number 35
[  614.831797][T16087] FAULT_INJECTION: forcing a failure.
[  614.831797][T16087] name failslab, interval 1, probability 0, space 0, times 0
[  614.837096][T16087] CPU: 3 UID: 0 PID: 16087 Comm: syz.7.2750 Not tainted syzkaller #0 PREEMPT(full) 
[  614.837112][T16087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  614.837119][T16087] Call Trace:
[  614.837124][T16087]  <TASK>
[  614.837129][T16087]  dump_stack_lvl+0x16c/0x1f0
[  614.837145][T16087]  should_fail_ex+0x512/0x640
[  614.837159][T16087]  ? fs_reclaim_acquire+0xae/0x150
[  614.837176][T16087]  should_failslab+0xc2/0x120
[  614.837238][T16087]  kmem_cache_alloc_noprof+0x75/0x6e0
[  614.837261][T16087]  ? __pfx_map_id_range_down+0x10/0x10
[  614.837273][T16087]  ? security_inode_alloc+0x3b/0x2b0
[  614.837300][T16087]  ? security_inode_alloc+0x3b/0x2b0
[  614.837315][T16087]  security_inode_alloc+0x3b/0x2b0
[  614.837329][T16087]  inode_init_always_gfp+0xce4/0x1030
[  614.837344][T16087]  alloc_inode+0x86/0x240
[  614.837362][T16087]  new_inode+0x22/0x1c0
[  614.837379][T16087]  __debugfs_create_file+0x11c/0x6b0
[  614.837397][T16087]  debugfs_create_file_full+0x41/0x60
[  614.837413][T16087]  ? __pfx_bond_setup+0x10/0x10
[  614.837429][T16087]  ref_tracker_dir_debugfs+0x19d/0x290
[  614.837444][T16087]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  614.837469][T16087]  ? alloc_netdev_mqs+0xd7/0x1550
[  614.837481][T16087]  ? lockdep_init_map_type+0x5c/0x280
[  614.837502][T16087]  alloc_netdev_mqs+0x314/0x1550
[  614.837517][T16087]  rtnl_create_link+0xc08/0xf90
[  614.837533][T16087]  rtnl_newlink+0xb69/0x2000
[  614.837550][T16087]  ? __pfx_rtnl_newlink+0x10/0x10
[  614.837574][T16087]  ? rcu_is_watching+0x12/0xc0
[  614.837592][T16087]  ? find_held_lock+0x2b/0x80
[  614.837604][T16087]  ? __pfx_rtnl_newlink+0x10/0x10
[  614.837615][T16087]  ? __pfx_rtnl_newlink+0x10/0x10
[  614.837627][T16087]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  614.837640][T16087]  ? __pfx_rtnl_newlink+0x10/0x10
[  614.837653][T16087]  rtnetlink_rcv_msg+0x95e/0xe90
[  614.837666][T16087]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  614.837682][T16087]  ? ref_tracker_free+0x37c/0x830
[  614.837697][T16087]  netlink_rcv_skb+0x158/0x420
[  614.837710][T16087]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  614.837728][T16087]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  614.837748][T16087]  ? netlink_deliver_tap+0x1ae/0xd30
[  614.837763][T16087]  netlink_unicast+0x5a7/0x870
[  614.837778][T16087]  ? __pfx_netlink_unicast+0x10/0x10
[  614.837790][T16087]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  614.837807][T16087]  netlink_sendmsg+0x8c8/0xdd0
[  614.837822][T16087]  ? __pfx_netlink_sendmsg+0x10/0x10
[  614.837836][T16087]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  614.837851][T16087]  ____sys_sendmsg+0xa95/0xc70
[  614.837868][T16087]  ? __pfx_____sys_sendmsg+0x10/0x10
[  614.837882][T16087]  ? get_compat_msghdr+0x11a/0x170
[  614.837900][T16087]  ___sys_sendmsg+0x134/0x1d0
[  614.837913][T16087]  ? __pfx____sys_sendmsg+0x10/0x10
[  614.837931][T16087]  ? find_held_lock+0x2b/0x80
[  614.837952][T16087]  __sys_sendmsg+0x16d/0x220
[  614.837965][T16087]  ? __pfx___sys_sendmsg+0x10/0x10
[  614.837982][T16087]  ? rcu_is_watching+0x12/0xc0
[  614.837998][T16087]  __do_fast_syscall_32+0x7c/0x300
[  614.838011][T16087]  do_fast_syscall_32+0x32/0x80
[  614.838023][T16087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  614.838037][T16087] RIP: 0023:0xf701e579
[  614.838047][T16087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  614.838057][T16087] RSP: 002b:00000000f540e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  614.838069][T16087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  614.838076][T16087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  614.838082][T16087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  614.838088][T16087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  614.838095][T16087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  614.838108][T16087]  </TASK>
[  614.838173][T16087] debugfs: out of free dentries, can not create file 'netdev@ffff888043b90610'
[  615.022939][T16093] FAULT_INJECTION: forcing a failure.
[  615.022939][T16093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  615.027135][T16093] CPU: 3 UID: 0 PID: 16093 Comm: syz.1.2753 Not tainted syzkaller #0 PREEMPT(full) 
[  615.027150][T16093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  615.027157][T16093] Call Trace:
[  615.027162][T16093]  <TASK>
[  615.027166][T16093]  dump_stack_lvl+0x16c/0x1f0
[  615.027182][T16093]  should_fail_ex+0x512/0x640
[  615.027197][T16093]  _copy_from_iter+0x29f/0x1720
[  615.027214][T16093]  ? __pfx__copy_from_iter+0x10/0x10
[  615.027227][T16093]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  615.027248][T16093]  copy_page_from_iter+0xde/0x180
[  615.027270][T16093]  tun_build_skb.constprop.0+0x2e8/0x1510
[  615.027287][T16093]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  615.027301][T16093]  ? __lock_acquire+0x62e/0x1ce0
[  615.027326][T16093]  tun_get_user+0x149c/0x3cc0
[  615.027343][T16093]  ? __pfx_tun_get_user+0x10/0x10
[  615.027355][T16093]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  615.027373][T16093]  ? find_held_lock+0x2b/0x80
[  615.027386][T16093]  ? tun_get+0x191/0x370
[  615.027398][T16093]  tun_chr_write_iter+0xdc/0x210
[  615.027410][T16093]  vfs_write+0x7d0/0x11d0
[  615.027424][T16093]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  615.027437][T16093]  ? __pfx_vfs_write+0x10/0x10
[  615.027448][T16093]  ? find_held_lock+0x2b/0x80
[  615.027471][T16093]  ksys_write+0x12a/0x250
[  615.027484][T16093]  ? __pfx_ksys_write+0x10/0x10
[  615.027499][T16093]  ? rcu_is_watching+0x12/0xc0
[  615.027515][T16093]  __do_fast_syscall_32+0x7c/0x300
[  615.027528][T16093]  do_fast_syscall_32+0x32/0x80
[  615.027539][T16093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  615.027553][T16093] RIP: 0023:0xf702e579
[  615.027563][T16093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  615.027573][T16093] RSP: 002b:00000000f541e520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  615.027584][T16093] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000240
[  615.027591][T16093] RDX: 0000000000000068 RSI: 00000000f73c5ff4 RDI: 0000000000000000
[  615.027597][T16093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.027603][T16093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  615.027610][T16093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.027622][T16093]  </TASK>
[  615.092402][ T1324] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  615.262286][ T1324] usb 10-1: Using ep0 maxpacket: 8
[  615.262502][ T7301] usb 12-1: new full-speed USB device number 6 using dummy_hcd
[  615.266314][ T1324] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  615.269409][ T1324] usb 10-1: config 0 has no interface number 0
[  615.271358][ T1324] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  615.275195][ T1324] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  615.279128][ T1324] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  615.282640][ T1324] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  615.286374][ T1324] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  615.289390][ T1324] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.294797][ T1324] usb 10-1: config 0 descriptor??
[  615.303914][ T1324] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  615.389181][T16100] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2756'.
[  615.413867][ T7301] usb 12-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  615.417002][ T7301] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  615.420882][ T7301] usb 12-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  615.426553][ T7301] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  615.431373][ T7301] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.438571][ T7301] usbtmc 12-1:16.0: bulk endpoints not found
[  615.507668][T16088] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  615.510215][T16104] syzkaller0: entered allmulticast mode
[  615.521553][   T40] audit: type=1326 audit(1759534401.558:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16103 comm="syz.1.2758" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x0
[  615.584029][ T7301] usb 10-1: USB disconnect, device number 17
[  615.589153][ T7301] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[  615.714448][T16110] netlink: zone id is out of range
[  615.718310][T16110] netlink: zone id is out of range
[  615.720620][T16110] netlink: zone id is out of range
[  615.723196][T16110] netlink: zone id is out of range
[  615.725358][T16110] netlink: zone id is out of range
[  615.727486][T16110] netlink: zone id is out of range
[  615.729654][T16110] netlink: zone id is out of range
[  615.732302][T16110] netlink: zone id is out of range
[  615.734830][T16110] netlink: zone id is out of range
[  616.032370][ T1324] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  616.182401][ T1324] usb 10-1: Using ep0 maxpacket: 8
[  616.185735][ T1324] usb 10-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[  616.189547][ T1324] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  616.193133][ T1324] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  616.197580][ T1324] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  616.200979][ T1324] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.207179][ T1324] hub 10-1:1.0: bad descriptor, ignoring hub
[  616.209316][ T1324] hub 10-1:1.0: probe with driver hub failed with error -5
[  616.213258][ T1324] cdc_wdm 10-1:1.0: skipping garbage
[  616.215303][ T1324] cdc_wdm 10-1:1.0: skipping garbage
[  616.217058][ T1324] cdc_wdm 10-1:1.0: probe with driver cdc_wdm failed with error -22
[  616.344835][T16119] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  616.348143][T16119] UDF-fs: Scanning with blocksize 2048 failed
[  616.354574][T16119] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  616.357098][T16119] UDF-fs: Scanning with blocksize 4096 failed
[  616.513419][ T1324] usb 10-1: USB disconnect, device number 18
[  618.041094][T15439] usb 12-1: USB disconnect, device number 6
[  618.625380][ T7301] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  618.772425][ T7301] usb 9-1: Using ep0 maxpacket: 8
[  618.779611][ T7301] usb 9-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[  618.785175][T16155] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  618.785426][ T7301] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  618.788499][T16155] UDF-fs: Scanning with blocksize 2048 failed
[  618.791347][ T7301] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  618.791377][ T7301] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  618.791390][ T7301] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.810357][T16155] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  618.813155][ T7301] hub 9-1:1.0: bad descriptor, ignoring hub
[  618.814016][T16155] UDF-fs: Scanning with blocksize 4096 failed
[  618.815586][ T7301] hub 9-1:1.0: probe with driver hub failed with error -5
[  618.815868][ T7301] cdc_wdm 9-1:1.0: skipping garbage
[  618.830207][ T7301] cdc_wdm 9-1:1.0: skipping garbage
[  618.832884][ T7301] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22
[  619.113334][   T34] usb 9-1: USB disconnect, device number 18
[  619.472438][ T6013] usb 12-1: new full-speed USB device number 7 using dummy_hcd
[  619.664088][ T6013] usb 12-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  619.668331][ T6013] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  619.672066][ T6013] usb 12-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  619.677168][ T6013] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  619.680978][ T6013] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.688720][ T6013] usbtmc 12-1:16.0: bulk endpoints not found
[  620.032352][ T7301] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  620.194628][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  620.198713][ T7301] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  620.202122][ T7301] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  620.205334][ T7301] usb 10-1: Product: syz
[  620.206696][ T7301] usb 10-1: Manufacturer: syz
[  620.208268][ T7301] usb 10-1: SerialNumber: syz
[  620.211004][ T7301] usb 10-1: config 0 descriptor??
[  620.216622][ T7301] usb 10-1: selecting invalid altsetting 0
[  620.441206][ T7301] usb 10-1: USB disconnect, device number 19
[  621.259507][T16202] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2789'.
[  621.322291][ T6032] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  621.494091][ T6032] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  621.497786][ T6032] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  621.501231][ T6032] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  621.509680][ T6032] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  621.515715][ T6032] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.519822][ T6032] usb 6-1: Product: syz
[  621.521710][ T6032] usb 6-1: Manufacturer: syz
[  621.523664][ T6032] usb 6-1: SerialNumber: syz
[  621.526342][  T839] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  621.533643][ T6032] hub 6-1:1.0: bad descriptor, ignoring hub
[  621.536185][ T6032] hub 6-1:1.0: probe with driver hub failed with error -5
[  621.682417][  T839] usb 10-1: Using ep0 maxpacket: 8
[  621.686016][  T839] usb 10-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[  621.689790][  T839] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  621.694129][  T839] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  621.699308][  T839] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  621.702624][  T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.710255][  T839] hub 10-1:1.0: bad descriptor, ignoring hub
[  621.712435][  T839] hub 10-1:1.0: probe with driver hub failed with error -5
[  621.715537][  T839] cdc_wdm 10-1:1.0: skipping garbage
[  621.717570][  T839] cdc_wdm 10-1:1.0: skipping garbage
[  621.719774][  T839] cdc_wdm 10-1:1.0: probe with driver cdc_wdm failed with error -22
[  621.772963][ T6032] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 36 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  622.122762][   T34] usb 10-1: USB disconnect, device number 20
[  622.257753][T15439] usb 12-1: USB disconnect, device number 7
[  622.779451][ T6032] usb 6-1: USB disconnect, device number 36
[  622.795823][ T6032] usblp0: removed
[  623.558183][T16230] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  623.562567][T16230] UDF-fs: Scanning with blocksize 2048 failed
[  623.566477][T16230] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  623.569789][T16230] UDF-fs: Scanning with blocksize 4096 failed
[  623.936984][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  624.112331][ T6032] usb 6-1: new full-speed USB device number 37 using dummy_hcd
[  624.284009][ T6032] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  624.289111][ T6032] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  624.294182][ T6032] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  624.302113][ T6032] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  624.307224][ T6032] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.315147][ T6032] usbtmc 6-1:16.0: bulk endpoints not found
[  624.532358][ T6013] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  624.702420][ T6013] usb 9-1: Using ep0 maxpacket: 8
[  624.707678][ T6013] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  624.711895][ T6013] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  624.716356][ T6013] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  624.720510][ T6013] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  624.726450][ T6013] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  624.730669][ T6013] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.940506][ T6013] usb 9-1: GET_CAPABILITIES returned 0
[  624.942733][ T6013] usbtmc 9-1:16.0: can't read capabilities
[  625.143337][T16247] usbtmc 9-1:16.0: usbtmc488_ioctl_trigger returned -90
[  625.146046][ T6032] usb 9-1: USB disconnect, device number 19
[  625.172469][T15439] usb 12-1: new high-speed USB device number 8 using dummy_hcd
[  625.285060][T16260] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration
[  625.322347][T15439] usb 12-1: Using ep0 maxpacket: 8
[  625.325941][T15439] usb 12-1: config 0 interface 0 has no altsetting 0
[  625.328530][T15439] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  625.332027][T15439] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  625.339069][T15439] usb 12-1: config 0 descriptor??
[  625.654903][T16269] tmpfs: Bad value for 'mpol'
[  625.760467][T15439] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[  625.767434][T15439] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[  625.769966][T15439] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[  625.772169][T15439] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[  625.774510][T15439] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[  625.777595][T15439] mcp2221 0003:04D8:00DD.003D: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0
[  625.978059][T15439] usb 12-1: USB disconnect, device number 8
[  626.302328][ T6032] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  626.463083][ T6032] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  626.469374][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.473446][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.477581][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.488373][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.491745][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.495986][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.499284][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.504109][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.518567][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.523193][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.529881][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.534560][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.552809][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.569758][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.573370][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.576473][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.624161][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.627953][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.653497][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.656609][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.660335][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.664336][ T6032] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  626.668979][ T6032] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  626.676657][ T6032] usb 9-1: config 0 interface 0 has no altsetting 0
[  626.705319][ T6032] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  626.709351][ T6032] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  626.713505][ T6032] usb 9-1: Product: syz
[  626.715378][ T6032] usb 9-1: Manufacturer: syz
[  626.717262][ T6032] usb 9-1: SerialNumber: syz
[  626.721164][ T6032] usb 9-1: config 0 descriptor??
[  626.732559][ T6032] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  626.901805][   T34] usb 6-1: USB disconnect, device number 37
[  626.981910][T16292] syzkaller0: entered allmulticast mode
[  626.990005][    C1] usb 9-1: yurex_control_callback - control failed: -71
[  626.996809][ T6032] usb 9-1: USB disconnect, device number 20
[  627.002872][T16292] net_ratelimit: 11 callbacks suppressed
[  627.002882][T16292] syzkaller0: mtu less than device minimum
[  627.005915][ T6032] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  627.312351][   T34] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  627.418520][T16299] tmpfs: Bad value for 'mpol'
[  627.464817][   T34] usb 6-1: Using ep0 maxpacket: 8
[  627.475688][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  627.480269][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  627.485213][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  627.489160][   T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  627.494834][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  627.498920][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.724014][   T34] usb 6-1: GET_CAPABILITIES returned 0
[  627.725799][   T34] usbtmc 6-1:16.0: can't read capabilities
[  627.949496][T16297] usbtmc 6-1:16.0: usbtmc488_ioctl_trigger returned -90
[  627.962819][   T34] usb 6-1: USB disconnect, device number 38
[  628.792471][T16317] usb usb5: usbfs: process 16317 (syz.7.2824) did not claim interface 0 before use
[  629.432485][ T6032] usb 9-1: new full-speed USB device number 21 using dummy_hcd
[  629.633195][ T6032] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  629.636511][ T6032] usb 9-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  629.640104][ T6032] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  629.644798][ T6032] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  629.647881][ T6032] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.662928][ T6032] usbtmc 9-1:16.0: bulk endpoints not found
[  629.728428][T16334] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  629.731071][T16334] UDF-fs: Scanning with blocksize 2048 failed
[  629.734534][T16334] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  629.737334][T16334] UDF-fs: Scanning with blocksize 4096 failed
[  630.482361][ T7301] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  630.622312][   T34] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  630.632825][ T7301] usb 10-1: too many configurations: 9, using maximum allowed: 8
[  630.636085][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.639239][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.643370][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.647350][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.650173][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.653829][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.656731][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.659776][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.663905][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.666875][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.669862][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.673378][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.677732][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.680883][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.684926][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.688077][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.690869][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.694446][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.698273][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.701502][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.704943][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.709447][ T7301] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  630.712322][ T7301] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  630.715741][ T7301] usb 10-1: config 0 interface 0 has no altsetting 0
[  630.719608][ T7301] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  630.722871][ T7301] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  630.725656][ T7301] usb 10-1: Product: syz
[  630.727181][ T7301] usb 10-1: Manufacturer: syz
[  630.728743][ T7301] usb 10-1: SerialNumber: syz
[  630.731573][ T7301] usb 10-1: config 0 descriptor??
[  630.737596][ T7301] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0
[  630.772247][   T34] usb 6-1: Using ep0 maxpacket: 8
[  630.775573][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  630.778964][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  630.782471][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  630.785603][   T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  630.789733][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  630.792711][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.007740][   T34] usb 6-1: GET_CAPABILITIES returned 0
[  631.009653][   T34] usbtmc 6-1:16.0: can't read capabilities
[  631.056462][    C3] usb 10-1: yurex_control_callback - control failed: -71
[  631.059945][   T34] usb 10-1: USB disconnect, device number 21
[  631.063095][   T34] yurex 10-1:0.0: USB YUREX #0 now disconnected
[  631.214924][T15439] usb 6-1: USB disconnect, device number 39
[  631.542335][ T6032] usb 12-1: new high-speed USB device number 9 using dummy_hcd
[  631.702305][ T6032] usb 12-1: Using ep0 maxpacket: 8
[  631.706251][ T6032] usb 12-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[  631.710439][ T6032] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  631.714158][ T6032] usb 12-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  631.719432][ T6032] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  631.723312][ T6032] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.733350][ T6032] hub 12-1:1.0: bad descriptor, ignoring hub
[  631.735611][ T6032] hub 12-1:1.0: probe with driver hub failed with error -5
[  631.738831][ T6032] cdc_wdm 12-1:1.0: skipping garbage
[  631.740844][ T6032] cdc_wdm 12-1:1.0: skipping garbage
[  631.742506][ T6032] cdc_wdm 12-1:1.0: probe with driver cdc_wdm failed with error -22
[  631.996792][T16358] rdma_rxe: rxe_newlink: failed to add syz_tun
[  632.035177][T16360] tmpfs: Unknown parameter '18446744073709551615'
[  632.042743][   T34] usb 12-1: USB disconnect, device number 9
[  632.189514][T15439] usb 9-1: USB disconnect, device number 21
[  632.792363][   T34] usb 12-1: new high-speed USB device number 10 using dummy_hcd
[  632.942429][   T34] usb 12-1: Using ep0 maxpacket: 8
[  632.947204][   T34] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  632.951353][   T34] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  632.954301][   T34] usb 12-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  632.958480][   T34] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  632.961391][   T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.967563][   T34] hub 12-1:1.0: bad descriptor, ignoring hub
[  632.969540][   T34] hub 12-1:1.0: probe with driver hub failed with error -5
[  632.973124][   T34] cdc_wdm 12-1:1.0: skipping garbage
[  632.975803][   T34] cdc_wdm 12-1:1.0: skipping garbage
[  632.978116][   T34] cdc_wdm 12-1:1.0: skipping garbage
[  632.980370][   T34] cdc_wdm 12-1:1.0: probe with driver cdc_wdm failed with error -22
[  633.273270][   T24] usb 12-1: USB disconnect, device number 10
[  633.332565][ T6013] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  633.482402][ T6013] usb 9-1: Using ep0 maxpacket: 8
[  633.487785][ T6013] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  633.492493][ T6013] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  633.496784][ T6013] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  633.500370][ T6013] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  633.505250][ T6013] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  633.508127][ T6013] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.716491][ T6013] usb 9-1: GET_CAPABILITIES returned 0
[  633.718278][ T6013] usbtmc 9-1:16.0: can't read capabilities
[  633.917756][  T839] usb 9-1: USB disconnect, device number 22
[  633.982390][ T6013] usb 12-1: new high-speed USB device number 11 using dummy_hcd
[  634.132459][ T6013] usb 12-1: Using ep0 maxpacket: 8
[  634.135971][ T6013] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  634.139188][ T6013] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  634.142738][ T6013] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  634.146311][ T6013] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  634.151806][ T6013] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  634.155097][ T6013] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.364967][ T6013] usb 12-1: GET_CAPABILITIES returned 0
[  634.367038][ T6013] usbtmc 12-1:16.0: can't read capabilities
[  634.563473][T16401] tmpfs: Unknown parameter '18446744073709551615'
[  634.571799][ T6013] usb 12-1: USB disconnect, device number 11
[  634.842362][  T839] usb 6-1: new full-speed USB device number 40 using dummy_hcd
[  635.022992][  T839] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  635.026879][  T839] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  635.030610][  T839] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  635.035219][  T839] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  635.038328][  T839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.048319][  T839] usbtmc 6-1:16.0: bulk endpoints not found
[  636.212382][ T6013] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  636.362359][ T6013] usb 9-1: Using ep0 maxpacket: 8
[  636.365901][ T6013] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  636.369252][ T6013] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  636.373518][ T6013] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  636.377112][ T6013] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  636.381148][ T6013] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  636.384197][ T6013] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  636.493681][T16425] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  636.496541][T16425] UDF-fs: Scanning with blocksize 2048 failed
[  636.500415][T16425] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  636.503372][T16425] UDF-fs: Scanning with blocksize 4096 failed
[  636.596294][ T6013] usb 9-1: GET_CAPABILITIES returned 0
[  636.598731][ T6013] usbtmc 9-1:16.0: can't read capabilities
[  636.604112][T16427] tmpfs: Unknown parameter '18446744073709551615'
[  636.803812][   T34] usb 9-1: USB disconnect, device number 23
[  637.452359][T15439] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  637.608372][   T34] usb 6-1: USB disconnect, device number 40
[  637.702507][T15439] usb 10-1: Using ep0 maxpacket: 8
[  637.706581][T16446] openvswitch: netlink: Message has 5380 unknown bytes.
[  637.711073][T16446] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  637.718062][T15439] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  637.724692][T15439] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  637.728311][T15439] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  637.732119][T15439] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  637.738897][T15439] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  637.741984][T15439] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.981527][T15439] usb 10-1: GET_CAPABILITIES returned 0
[  637.992709][T15439] usbtmc 10-1:16.0: can't read capabilities
[  638.182769][ T7301] usb 10-1: USB disconnect, device number 22
[  638.392382][   T34] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[  638.553976][   T34] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  638.564462][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.567410][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.570990][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.583951][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.586830][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.591338][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.595040][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.599341][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.604088][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.607823][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.611193][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.615154][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.618163][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.621034][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.624975][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.628727][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.633152][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.636558][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.639474][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.643867][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.647110][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.651606][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  638.655086][   T34] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  638.658305][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  638.662039][   T34] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  638.665047][   T34] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  638.667815][   T34] usb 9-1: Product: syz
[  638.669172][   T34] usb 9-1: Manufacturer: syz
[  638.670707][   T34] usb 9-1: SerialNumber: syz
[  638.674173][   T34] usb 9-1: config 0 descriptor??
[  638.680747][   T34] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  638.885060][  T839] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  638.932315][    C3] usb 9-1: yurex_control_callback - control failed: -71
[  638.937407][   T34] usb 9-1: USB disconnect, device number 24
[  638.943186][   T34] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  638.952399][ T6032] usb 10-1: new full-speed USB device number 23 using dummy_hcd
[  639.032392][  T839] usb 6-1: Using ep0 maxpacket: 8
[  639.035441][  T839] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  639.038913][  T839] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  639.042497][  T839] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  639.045858][  T839] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  639.050699][  T839] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  639.054590][  T839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.125026][ T6032] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  639.128480][ T6032] usb 10-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  639.132982][ T6032] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  639.137234][ T6032] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  639.140245][ T6032] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.150072][ T6032] usbtmc 10-1:16.0: bulk endpoints not found
[  639.264732][  T839] usb 6-1: GET_CAPABILITIES returned 0
[  639.266697][  T839] usbtmc 6-1:16.0: can't read capabilities
[  639.471446][ T6089] usb 6-1: USB disconnect, device number 41
[  639.552406][T15439] usb 12-1: new high-speed USB device number 12 using dummy_hcd
[  639.712472][T15439] usb 12-1: Using ep0 maxpacket: 16
[  639.717401][T15439] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  639.723645][T15439] usb 12-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  639.727924][T15439] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.732098][T15439] usb 12-1: Product: syz
[  639.734183][T15439] usb 12-1: Manufacturer: syz
[  639.736108][T15439] usb 12-1: SerialNumber: syz
[  639.740239][T15439] usb 12-1: config 0 descriptor??
[  639.747390][T15439] em28xx 12-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  639.751536][T15439] em28xx 12-1:0.0: DVB interface 0 found: bulk
[  640.360123][T15439] em28xx 12-1:0.0: unknown em28xx chip ID (0)
[  640.773977][T15439] em28xx 12-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  640.781841][T15439] em28xx 12-1:0.0: board has no eeprom
[  640.848100][T16483] netlink: 'syz.4.2874': attribute type 1 has an invalid length.
[  641.552484][ T6089] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  641.702507][ T6089] usb 6-1: Using ep0 maxpacket: 8
[  641.705828][ T6089] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  641.709228][ T6089] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  641.712807][ T6089] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  641.717704][ T6089] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  641.723263][ T6089] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  641.726894][ T6089] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.727592][   T34] usb 10-1: USB disconnect, device number 23
[  641.844165][T16467] em28xx 12-1:0.0: reading from i2c device at 0x8 failed (error=-5)
[  641.902288][T15439] em28xx 12-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  641.905033][T15439] em28xx 12-1:0.0: dvb set to bulk mode.
[  641.907808][   T24] em28xx 12-1:0.0: Binding DVB extension
[  641.918143][T15439] usb 12-1: USB disconnect, device number 12
[  641.925035][T15439] em28xx 12-1:0.0: Disconnecting em28xx
[  641.939684][ T6089] usb 6-1: GET_CAPABILITIES returned 0
[  641.941590][ T6089] usbtmc 6-1:16.0: can't read capabilities
[  641.944037][   T24] em28xx 12-1:0.0: Registering input extension
[  641.947828][T15439] em28xx 12-1:0.0: Closing input extension
[  641.965684][T15439] em28xx 12-1:0.0: Freeing device
[  642.092349][   T34] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[  642.141950][  T839] usb 6-1: USB disconnect, device number 42
[  642.242358][   T34] usb 10-1: Using ep0 maxpacket: 8
[  642.247240][   T34] usb 10-1: config 0 interface 0 has no altsetting 0
[  642.250044][   T34] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  642.254360][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.259861][   T34] usb 10-1: config 0 descriptor??
[  642.672439][   T34] mcp2221 0003:04D8:00DD.003E: unknown main item tag 0x0
[  642.674661][   T34] mcp2221 0003:04D8:00DD.003E: unknown main item tag 0x0
[  642.676850][   T34] mcp2221 0003:04D8:00DD.003E: unknown main item tag 0x0
[  642.679277][   T34] mcp2221 0003:04D8:00DD.003E: unknown main item tag 0x0
[  642.681495][   T34] mcp2221 0003:04D8:00DD.003E: unknown main item tag 0x0
[  642.684191][   T34] mcp2221 0003:04D8:00DD.003E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  642.887902][ T6089] usb 10-1: USB disconnect, device number 24
[  643.136181][T16513] syz1: rxe_newlink: already configured on syz_tun
[  643.693640][T16535] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  643.703647][T16535] UDF-fs: Scanning with blocksize 2048 failed
[  643.716933][T16535] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  643.722780][T16535] UDF-fs: Scanning with blocksize 4096 failed
[  645.170541][T16562] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  645.472613][   T24] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  645.622400][   T24] usb 6-1: Using ep0 maxpacket: 8
[  645.642395][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  645.652539][   T24] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  645.655639][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.673547][   T24] usb 6-1: config 0 descriptor??
[  646.082751][   T24] mcp2221 0003:04D8:00DD.003F: unknown main item tag 0x0
[  646.085770][   T24] mcp2221 0003:04D8:00DD.003F: unknown main item tag 0x0
[  646.089567][   T24] mcp2221 0003:04D8:00DD.003F: unknown main item tag 0x0
[  646.091991][   T24] mcp2221 0003:04D8:00DD.003F: unknown main item tag 0x0
[  646.094638][   T24] mcp2221 0003:04D8:00DD.003F: unknown main item tag 0x0
[  646.097442][   T24] mcp2221 0003:04D8:00DD.003F: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  646.195138][T16577] tmpfs: Bad value for 'mpol'
[  646.293607][ T6013] usb 6-1: USB disconnect, device number 43
[  647.475031][T16593] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  647.477863][T16593] UDF-fs: Scanning with blocksize 2048 failed
[  647.481101][T16593] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  647.483986][T16593] UDF-fs: Scanning with blocksize 4096 failed
[  647.542578][   T34] usb 12-1: new high-speed USB device number 13 using dummy_hcd
[  647.661351][ T7301] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[  647.692883][   T34] usb 12-1: Using ep0 maxpacket: 8
[  647.696971][   T34] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  647.701837][   T34] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  647.706792][   T34] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  647.711165][   T34] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  647.717454][   T34] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  647.720872][   T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.842336][ T7301] usb 9-1: Using ep0 maxpacket: 8
[  647.851853][ T7301] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  647.855599][ T7301] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  647.859097][ T7301] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  647.862465][ T7301] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  647.866600][ T7301] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  647.869657][ T7301] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.891836][T16601] rdma_rxe: rxe_newlink: failed to add syz_tun
[  647.933430][   T34] usb 12-1: usb_control_msg returned -71
[  647.935351][   T34] usbtmc 12-1:16.0: can't read capabilities
[  647.952769][   T34] usb 12-1: USB disconnect, device number 13
[  648.124616][ T7301] usb 9-1: usb_control_msg returned -71
[  648.126973][ T7301] usbtmc 9-1:16.0: can't read capabilities
[  648.137094][ T7301] usb 9-1: USB disconnect, device number 25
[  648.467586][T16615] tmpfs: Bad value for 'mpol'
[  648.902434][ T7301] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[  649.052373][ T7301] usb 9-1: Using ep0 maxpacket: 8
[  649.056256][ T7301] usb 9-1: config 0 interface 0 has no altsetting 0
[  649.059886][ T7301] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  649.065165][ T7301] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.071120][ T7301] usb 9-1: config 0 descriptor??
[  649.483992][ T7301] mcp2221 0003:04D8:00DD.0040: unknown main item tag 0x0
[  649.486300][ T7301] mcp2221 0003:04D8:00DD.0040: unknown main item tag 0x0
[  649.488640][ T7301] mcp2221 0003:04D8:00DD.0040: unknown main item tag 0x0
[  649.491074][ T7301] mcp2221 0003:04D8:00DD.0040: unknown main item tag 0x0
[  649.493697][ T7301] mcp2221 0003:04D8:00DD.0040: unknown main item tag 0x0
[  649.496519][ T7301] mcp2221 0003:04D8:00DD.0040: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  649.685488][   T24] usb 9-1: USB disconnect, device number 26
[  650.223980][T16641] tmpfs: Bad value for 'mpol'
[  650.242370][  T839] usb 12-1: new high-speed USB device number 14 using dummy_hcd
[  650.392457][  T839] usb 12-1: Using ep0 maxpacket: 8
[  650.396215][  T839] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  650.400880][  T839] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  650.404666][  T839] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  650.409210][  T839] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  650.414257][  T839] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  650.417775][  T839] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  650.429260][  T839] hub 12-1:1.0: bad descriptor, ignoring hub
[  650.431483][  T839] hub 12-1:1.0: probe with driver hub failed with error -5
[  650.435152][  T839] cdc_wdm 12-1:1.0: skipping garbage
[  650.437372][  T839] cdc_wdm 12-1:1.0: skipping garbage
[  650.440318][  T839] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  650.443023][  T839] cdc_wdm 12-1:1.0: Unknown control protocol
[  650.732332][  T839] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  650.902308][  T839] usb 10-1: Using ep0 maxpacket: 8
[  650.902347][ T6089] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[  650.902586][   T34] usb 12-1: USB disconnect, device number 14
[  650.905247][  T839] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  650.912021][  T839] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  650.915219][  T839] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  650.918203][  T839] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  650.922724][  T839] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  650.925893][  T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.052547][ T6089] usb 9-1: Using ep0 maxpacket: 8
[  651.056534][ T6089] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  651.061170][ T6089] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  651.064976][ T6089] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  651.069583][ T6089] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  651.074187][ T6089] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  651.078554][ T6089] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.090246][ T6089] hub 9-1:1.0: bad descriptor, ignoring hub
[  651.093427][ T6089] hub 9-1:1.0: probe with driver hub failed with error -5
[  651.098091][ T6089] cdc_wdm 9-1:1.0: skipping garbage
[  651.100409][ T6089] cdc_wdm 9-1:1.0: skipping garbage
[  651.103391][ T6089] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  651.105787][ T6089] cdc_wdm 9-1:1.0: Unknown control protocol
[  651.305059][  T839] usb 10-1: usb_control_msg returned -71
[  651.306934][  T839] usbtmc 10-1:16.0: can't read capabilities
[  651.418944][  T839] usb 10-1: USB disconnect, device number 25
[  651.525006][T12044] usb 9-1: USB disconnect, device number 27
[  652.311383][T16674] syz_tun: entered allmulticast mode
[  652.318585][T16673] syz_tun: left allmulticast mode
[  652.548641][T16679] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  652.551196][T16679] UDF-fs: Scanning with blocksize 2048 failed
[  652.554236][T16679] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  652.557057][T16679] UDF-fs: Scanning with blocksize 4096 failed
[  652.700767][T16684] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  653.494336][T16697] binder: 16696:16697 ioctl c0306201 80000540 returned -22
[  653.497466][T16697] netlink: 129704 bytes leftover after parsing attributes in process `syz.5.2934'.
[  653.602453][   T34] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  653.732093][T16702] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  653.735193][T16702] UDF-fs: Scanning with blocksize 2048 failed
[  653.738087][T16702] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  653.740416][T16702] UDF-fs: Scanning with blocksize 4096 failed
[  653.762444][   T34] usb 6-1: Using ep0 maxpacket: 8
[  653.766599][   T34] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  653.770241][   T34] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  653.773344][   T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  653.777199][   T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  653.780884][   T34] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  653.784044][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.790858][   T34] hub 6-1:1.0: bad descriptor, ignoring hub
[  653.793129][   T34] hub 6-1:1.0: probe with driver hub failed with error -5
[  653.795949][   T34] cdc_wdm 6-1:1.0: skipping garbage
[  653.797625][   T34] cdc_wdm 6-1:1.0: skipping garbage
[  653.800508][   T34] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  653.802865][   T34] cdc_wdm 6-1:1.0: Unknown control protocol
[  654.293013][ T6013] usb 6-1: USB disconnect, device number 44
[  654.382393][T15439] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[  654.498826][T16715] FAULT_INJECTION: forcing a failure.
[  654.498826][T16715] name failslab, interval 1, probability 0, space 0, times 0
[  654.504336][T16715] CPU: 0 UID: 0 PID: 16715 Comm: syz.5.2942 Not tainted syzkaller #0 PREEMPT(full) 
[  654.504362][T16715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  654.504373][T16715] Call Trace:
[  654.504380][T16715]  <TASK>
[  654.504388][T16715]  dump_stack_lvl+0x16c/0x1f0
[  654.504413][T16715]  should_fail_ex+0x512/0x640
[  654.504457][T16715]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  654.504485][T16715]  should_failslab+0xc2/0x120
[  654.504510][T16715]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  654.504533][T16715]  ? ovs_nla_get_match+0x589/0x1700
[  654.504552][T16715]  ? __pfx_ovs_key_from_nlattrs+0x10/0x10
[  654.504577][T16715]  ? kmemdup_noprof+0x29/0x60
[  654.504596][T16715]  kmemdup_noprof+0x29/0x60
[  654.504617][T16715]  ovs_nla_get_match+0x589/0x1700
[  654.504642][T16715]  ? genl_rcv+0x28/0x40
[  654.504663][T16715]  ? __pfx_ovs_nla_get_match+0x10/0x10
[  654.504682][T16715]  ? ___sys_sendmsg+0x134/0x1d0
[  654.504698][T16715]  ? __sys_sendmsg+0x16d/0x220
[  654.504715][T16715]  ? __do_fast_syscall_32+0x7c/0x300
[  654.504734][T16715]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  654.504785][T16715]  ? __asan_memset+0x23/0x50
[  654.504807][T16715]  ovs_flow_cmd_new+0x305/0xe30
[  654.504834][T16715]  ? kasan_save_stack+0x42/0x60
[  654.504854][T16715]  ? kasan_save_stack+0x33/0x60
[  654.504873][T16715]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  654.504896][T16715]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  654.504920][T16715]  ? genl_rcv_msg+0x55c/0x800
[  654.504940][T16715]  ? netlink_rcv_skb+0x158/0x420
[  654.504958][T16715]  ? genl_rcv+0x28/0x40
[  654.504978][T16715]  ? ___sys_sendmsg+0x134/0x1d0
[  654.504994][T16715]  ? __sys_sendmsg+0x16d/0x220
[  654.505010][T16715]  ? __do_fast_syscall_32+0x7c/0x300
[  654.505028][T16715]  ? do_fast_syscall_32+0x32/0x80
[  654.505044][T16715]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  654.505106][T16715]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  654.505135][T16715]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  654.505164][T16715]  genl_family_rcv_msg_doit+0x209/0x2f0
[  654.505188][T16715]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  654.505219][T16715]  ? bpf_lsm_capable+0x9/0x10
[  654.505243][T16715]  ? security_capable+0x7e/0x260
[  654.505263][T16715]  ? ns_capable+0xd7/0x110
[  654.505287][T16715]  genl_rcv_msg+0x55c/0x800
[  654.505312][T16715]  ? __pfx_genl_rcv_msg+0x10/0x10
[  654.505334][T16715]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  654.505369][T16715]  netlink_rcv_skb+0x158/0x420
[  654.505389][T16715]  ? __pfx_genl_rcv_msg+0x10/0x10
[  654.505412][T16715]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  654.505442][T16715]  ? netlink_deliver_tap+0x1ae/0xd30
[  654.505465][T16715]  genl_rcv+0x28/0x40
[  654.505484][T16715]  netlink_unicast+0x5a7/0x870
[  654.505507][T16715]  ? __pfx_netlink_unicast+0x10/0x10
[  654.505524][T16715]  ? __asan_memset+0x23/0x50
[  654.505542][T16715]  ? __build_skb_around+0x278/0x3b0
[  654.505566][T16715]  ? is_vmalloc_addr+0x86/0xa0
[  654.505585][T16715]  netlink_sendmsg+0x8c8/0xdd0
[  654.505606][T16715]  ? __pfx_netlink_sendmsg+0x10/0x10
[  654.505629][T16715]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  654.505651][T16715]  ____sys_sendmsg+0xa95/0xc70
[  654.505677][T16715]  ? __pfx_____sys_sendmsg+0x10/0x10
[  654.505699][T16715]  ? get_compat_msghdr+0x11a/0x170
[  654.505729][T16715]  ___sys_sendmsg+0x134/0x1d0
[  654.505751][T16715]  ? __pfx____sys_sendmsg+0x10/0x10
[  654.505783][T16715]  ? find_held_lock+0x2b/0x80
[  654.505823][T16715]  __sys_sendmsg+0x16d/0x220
[  654.505843][T16715]  ? __pfx___sys_sendmsg+0x10/0x10
[  654.505874][T16715]  ? rcu_is_watching+0x12/0xc0
[  654.505899][T16715]  __do_fast_syscall_32+0x7c/0x300
[  654.505920][T16715]  do_fast_syscall_32+0x32/0x80
[  654.505941][T16715]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  654.505963][T16715] RIP: 0023:0xf70be579
[  654.505979][T16715] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  654.505998][T16715] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  654.506017][T16715] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  654.506030][T16715] RDX: 000000000000c800 RSI: 0000000000000000 RDI: 0000000000000000
[  654.506041][T16715] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  654.506052][T16715] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  654.506063][T16715] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  654.506089][T16715]  </TASK>
[  654.542728][T15439] usb 9-1: Using ep0 maxpacket: 8
[  654.690983][T15439] usb 9-1: config 0 interface 0 has no altsetting 0
[  654.693580][T15439] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  654.696467][T15439] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.697768][T15439] usb 9-1: config 0 descriptor??
[  654.806696][T16729] FAULT_INJECTION: forcing a failure.
[  654.806696][T16729] name failslab, interval 1, probability 0, space 0, times 0
[  654.811284][T16729] CPU: 2 UID: 0 PID: 16729 Comm: syz.7.2946 Not tainted syzkaller #0 PREEMPT(full) 
[  654.811300][T16729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  654.811317][T16729] Call Trace:
[  654.811323][T16729]  <TASK>
[  654.811328][T16729]  dump_stack_lvl+0x16c/0x1f0
[  654.811344][T16729]  should_fail_ex+0x512/0x640
[  654.811358][T16729]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  654.811376][T16729]  should_failslab+0xc2/0x120
[  654.811392][T16729]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  654.811407][T16729]  ? ovs_nla_get_match+0x589/0x1700
[  654.811421][T16729]  ? __pfx_ovs_key_from_nlattrs+0x10/0x10
[  654.811437][T16729]  ? kmemdup_noprof+0x29/0x60
[  654.811450][T16729]  kmemdup_noprof+0x29/0x60
[  654.811462][T16729]  ovs_nla_get_match+0x589/0x1700
[  654.811478][T16729]  ? genl_rcv+0x28/0x40
[  654.811491][T16729]  ? __pfx_ovs_nla_get_match+0x10/0x10
[  654.811503][T16729]  ? ___sys_sendmsg+0x134/0x1d0
[  654.811514][T16729]  ? __sys_sendmsg+0x16d/0x220
[  654.811523][T16729]  ? __do_fast_syscall_32+0x7c/0x300
[  654.811535][T16729]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  654.811565][T16729]  ? __asan_memset+0x23/0x50
[  654.811579][T16729]  ovs_flow_cmd_new+0x305/0xe30
[  654.811599][T16729]  ? kasan_save_stack+0x42/0x60
[  654.811612][T16729]  ? kasan_save_stack+0x33/0x60
[  654.811625][T16729]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  654.811650][T16729]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  654.811665][T16729]  ? genl_rcv_msg+0x55c/0x800
[  654.811678][T16729]  ? netlink_rcv_skb+0x158/0x420
[  654.811689][T16729]  ? genl_rcv+0x28/0x40
[  654.811701][T16729]  ? ___sys_sendmsg+0x134/0x1d0
[  654.811711][T16729]  ? __sys_sendmsg+0x16d/0x220
[  654.811721][T16729]  ? __do_fast_syscall_32+0x7c/0x300
[  654.811732][T16729]  ? do_fast_syscall_32+0x32/0x80
[  654.811742][T16729]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  654.811779][T16729]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  654.811794][T16729]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  654.811821][T16729]  genl_family_rcv_msg_doit+0x209/0x2f0
[  654.811837][T16729]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  654.811857][T16729]  ? bpf_lsm_capable+0x9/0x10
[  654.811872][T16729]  ? security_capable+0x7e/0x260
[  654.811886][T16729]  ? ns_capable+0xd7/0x110
[  654.811901][T16729]  genl_rcv_msg+0x55c/0x800
[  654.811916][T16729]  ? __pfx_genl_rcv_msg+0x10/0x10
[  654.811931][T16729]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  654.811953][T16729]  netlink_rcv_skb+0x158/0x420
[  654.811965][T16729]  ? __pfx_genl_rcv_msg+0x10/0x10
[  654.811980][T16729]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  654.811999][T16729]  ? netlink_deliver_tap+0x1ae/0xd30
[  654.812013][T16729]  genl_rcv+0x28/0x40
[  654.812025][T16729]  netlink_unicast+0x5a7/0x870
[  654.812039][T16729]  ? __pfx_netlink_unicast+0x10/0x10
[  654.812051][T16729]  ? __asan_memset+0x23/0x50
[  654.812062][T16729]  ? __build_skb_around+0x278/0x3b0
[  654.812078][T16729]  ? is_vmalloc_addr+0x86/0xa0
[  654.812092][T16729]  netlink_sendmsg+0x8c8/0xdd0
[  654.812107][T16729]  ? __pfx_netlink_sendmsg+0x10/0x10
[  654.812121][T16729]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  654.812136][T16729]  ____sys_sendmsg+0xa95/0xc70
[  654.812152][T16729]  ? __pfx_____sys_sendmsg+0x10/0x10
[  654.812165][T16729]  ? get_compat_msghdr+0x11a/0x170
[  654.812183][T16729]  ___sys_sendmsg+0x134/0x1d0
[  654.812195][T16729]  ? __pfx____sys_sendmsg+0x10/0x10
[  654.812214][T16729]  ? find_held_lock+0x2b/0x80
[  654.812236][T16729]  __sys_sendmsg+0x16d/0x220
[  654.812248][T16729]  ? __pfx___sys_sendmsg+0x10/0x10
[  654.812266][T16729]  ? rcu_is_watching+0x12/0xc0
[  654.812281][T16729]  __do_fast_syscall_32+0x7c/0x300
[  654.812294][T16729]  do_fast_syscall_32+0x32/0x80
[  654.812305][T16729]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  654.812318][T16729] RIP: 0023:0xf701e579
[  654.812327][T16729] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  654.812338][T16729] RSP: 002b:00000000f540e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  654.812349][T16729] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  654.812355][T16729] RDX: 000000000000c800 RSI: 0000000000000000 RDI: 0000000000000000
[  654.812361][T16729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  654.812367][T16729] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  654.812373][T16729] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  654.812387][T16729]  </TASK>
[  654.987200][    C2] hpet: Lost 10 RTC interrupts
[  655.202133][T15439] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0
[  655.205619][T15439] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0
[  655.208037][T15439] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0
[  655.210338][T15439] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0
[  655.213252][T15439] mcp2221 0003:04D8:00DD.0041: unknown main item tag 0x0
[  655.217492][T15439] mcp2221 0003:04D8:00DD.0041: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  655.407651][ T6013] usb 9-1: USB disconnect, device number 28
[  655.842002][T16743] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  655.844746][T16743] UDF-fs: Scanning with blocksize 2048 failed
[  655.847951][T16743] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  655.850388][T16743] UDF-fs: Scanning with blocksize 4096 failed
[  656.166801][T16749] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  656.169315][T16749] UDF-fs: Scanning with blocksize 2048 failed
[  656.174119][T16749] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  656.176985][T16749] UDF-fs: Scanning with blocksize 4096 failed
[  656.422255][T16754] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2954'.
[  656.475273][T16758] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  657.860818][T16792] netlink: zone id is out of range
[  657.864310][T16792] netlink: del zone limit has 8 unknown bytes
[  658.126041][T16799] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  658.128893][T16799] UDF-fs: Scanning with blocksize 2048 failed
[  658.133678][T16799] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  658.136703][T16799] UDF-fs: Scanning with blocksize 4096 failed
[  658.442332][   T24] usb 12-1: new high-speed USB device number 15 using dummy_hcd
[  658.613043][   T24] usb 12-1: too many configurations: 9, using maximum allowed: 8
[  658.616499][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.619497][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.623744][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.626711][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.629714][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.633738][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.637368][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.640429][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.644115][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.647069][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.650004][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.653990][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.656842][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.659645][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.668509][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.677936][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.681283][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.685382][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.690794][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.694786][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.698823][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.702401][   T24] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9
[  658.705266][   T24] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  658.708972][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  658.712822][   T24] usb 12-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  658.716321][   T24] usb 12-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  658.719297][   T24] usb 12-1: Product: syz
[  658.720838][   T24] usb 12-1: Manufacturer: syz
[  658.722677][   T24] usb 12-1: SerialNumber: syz
[  658.725726][   T24] usb 12-1: config 0 descriptor??
[  658.730614][   T24] yurex 12-1:0.0: USB YUREX device now attached to Yurex #0
[  658.885094][T16817] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  658.973881][T16824] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  658.977220][T16824] overlayfs: missing 'lowerdir'
[  658.998054][T16827] fuse: Bad value for 'fd'
[  659.000319][    C2] usb 12-1: yurex_control_callback - control failed: -71
[  659.000588][ T6013] usb 12-1: USB disconnect, device number 15
[  659.011389][ T6013] yurex 12-1:0.0: USB YUREX #0 now disconnected
[  659.205102][T16832] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2977'.
[  659.974992][T16838] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  659.977428][T16838] UDF-fs: Scanning with blocksize 2048 failed
[  659.980501][T16838] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  659.982960][T16838] UDF-fs: Scanning with blocksize 4096 failed
[  660.356562][T16852] netlink: 'syz.1.2983': attribute type 8 has an invalid length.
[  660.627451][T16862] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  660.662540][T16862] bridge_slave_0: left allmulticast mode
[  660.664399][T16862] bridge_slave_0: left promiscuous mode
[  660.666602][T16862] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.671324][T16862] bridge_slave_1: left allmulticast mode
[  660.673427][T16862] bridge_slave_1: left promiscuous mode
[  660.675416][T16862] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.683675][T16862] bond0: (slave bond_slave_0): Releasing backup interface
[  660.690912][T16862] bond0: (slave bond_slave_1): Releasing backup interface
[  660.702798][T16862] team0: Port device team_slave_0 removed
[  660.708952][T16862] team0: Port device team_slave_1 removed
[  660.712102][T16862] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  660.731898][T16864] team0: Mode changed to "loadbalance"
[  661.012405][T12044] usb 12-1: new full-speed USB device number 16 using dummy_hcd
[  661.032337][  T839] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[  661.174849][T12044] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  661.178984][T12044] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  661.185434][T12044] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  661.188514][  T839] usb 10-1: Using ep0 maxpacket: 8
[  661.190259][T12044] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.196739][  T839] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  661.200255][  T839] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  661.203596][  T839] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  661.207437][  T839] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  661.210960][  T839] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  661.213946][  T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.226592][  T839] hub 10-1:1.0: bad descriptor, ignoring hub
[  661.228599][  T839] hub 10-1:1.0: probe with driver hub failed with error -5
[  661.231217][  T839] cdc_wdm 10-1:1.0: skipping garbage
[  661.233065][  T839] cdc_wdm 10-1:1.0: skipping garbage
[  661.237512][  T839] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  661.239658][  T839] cdc_wdm 10-1:1.0: Unknown control protocol
[  661.410758][T12044] usb 12-1: usb_control_msg returned -32
[  661.412912][T12044] usbtmc 12-1:16.0: can't read capabilities
[  661.712443][ T6013] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  661.716110][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  661.717052][  T839] usb 10-1: USB disconnect, device number 26
[  661.718512][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  661.723016][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  661.872319][ T6013] usb 6-1: Using ep0 maxpacket: 32
[  661.876707][ T6013] usb 6-1: config 0 has no interfaces?
[  661.879049][ T6013] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  661.883235][ T6013] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.890217][ T6013] usb 6-1: config 0 descriptor??
[  662.099934][   T24] usb 6-1: USB disconnect, device number 45
[  662.447477][T16888] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  662.450472][T16888] UDF-fs: Scanning with blocksize 2048 failed
[  662.454057][T16888] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  662.456934][T16888] UDF-fs: Scanning with blocksize 4096 failed
[  663.462306][T12044] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  663.592282][T12044] usb 10-1: device descriptor read/64, error -71
[  663.782384][ T7301] usb 12-1: USB disconnect, device number 16
[  663.832392][T12044] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  663.972442][T12044] usb 10-1: device descriptor read/64, error -71
[  664.083747][T12044] usb usb10-port1: attempt power cycle
[  664.160458][T16922] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3005'.
[  664.166317][T16922] openvswitch: netlink: Missing key (keys=40, expected=80)
[  664.174481][T16924] netlink: zone id is out of range
[  664.176876][T16924] netlink: del zone limit has 8 unknown bytes
[  664.464760][T12044] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  664.562975][T12044] usb 10-1: device descriptor read/8, error -71
[  664.622532][T16937] netlink: 6 bytes leftover after parsing attributes in process `syz.7.3011'.
[  664.627017][T16937] netlink: 96 bytes leftover after parsing attributes in process `syz.7.3011'.
[  664.636630][T16938] input: syz1 as /devices/virtual/input/input30
[  664.822368][T12044] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  664.843150][T12044] usb 10-1: device descriptor read/8, error -71
[  664.856879][T16942] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  664.859821][T16942] UDF-fs: Scanning with blocksize 2048 failed
[  664.865225][T16942] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  664.868295][T16942] UDF-fs: Scanning with blocksize 4096 failed
[  664.962751][T12044] usb usb10-port1: unable to enumerate USB device
[  665.116215][T16948] netlink: 'syz.4.3014': attribute type 2 has an invalid length.
[  665.129592][T16948] : entered promiscuous mode
[  665.189364][T16952] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  665.502455][T12044] usb 6-1: new full-speed USB device number 46 using dummy_hcd
[  665.644761][T16958] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3019'.
[  665.684201][T12044] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  665.687985][T12044] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  665.693273][T12044] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  665.696762][T12044] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.778863][T16960] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3020'.
[  665.783697][T16960] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3020'.
[  665.957240][T12044] usb 6-1: usb_control_msg returned -32
[  665.959543][T12044] usbtmc 6-1:16.0: can't read capabilities
[  666.324581][T16983] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  666.517583][T16986] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  666.519998][T16986] UDF-fs: Scanning with blocksize 2048 failed
[  666.523027][T16986] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  666.525383][T16986] UDF-fs: Scanning with blocksize 4096 failed
[  666.972446][   T34] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[  667.122312][   T34] usb 9-1: Using ep0 maxpacket: 8
[  667.125710][   T34] usb 9-1: config 0 interface 0 has no altsetting 0
[  667.128025][   T34] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  667.130968][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.135112][   T34] usb 9-1: config 0 descriptor??
[  667.267486][T16995] FAULT_INJECTION: forcing a failure.
[  667.267486][T16995] name failslab, interval 1, probability 0, space 0, times 0
[  667.271525][T16995] CPU: 3 UID: 0 PID: 16995 Comm: syz.5.3030 Not tainted syzkaller #0 PREEMPT(full) 
[  667.271541][T16995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  667.271549][T16995] Call Trace:
[  667.271554][T16995]  <TASK>
[  667.271559][T16995]  dump_stack_lvl+0x16c/0x1f0
[  667.271575][T16995]  should_fail_ex+0x512/0x640
[  667.271588][T16995]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  667.271618][T16995]  should_failslab+0xc2/0x120
[  667.271634][T16995]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  667.271649][T16995]  ? ovs_nla_get_match+0x589/0x1700
[  667.271662][T16995]  ? __pfx_ovs_key_from_nlattrs+0x10/0x10
[  667.271678][T16995]  ? kmemdup_noprof+0x29/0x60
[  667.271697][T16995]  kmemdup_noprof+0x29/0x60
[  667.271710][T16995]  ovs_nla_get_match+0x589/0x1700
[  667.271725][T16995]  ? genl_rcv+0x28/0x40
[  667.271740][T16995]  ? __pfx_ovs_nla_get_match+0x10/0x10
[  667.271752][T16995]  ? ___sys_sendmsg+0x134/0x1d0
[  667.271763][T16995]  ? __sys_sendmsg+0x16d/0x220
[  667.271773][T16995]  ? __do_fast_syscall_32+0x7c/0x300
[  667.271785][T16995]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  667.271828][T16995]  ? __asan_memset+0x23/0x50
[  667.271842][T16995]  ovs_flow_cmd_new+0x305/0xe30
[  667.271861][T16995]  ? kasan_save_stack+0x42/0x60
[  667.271874][T16995]  ? kasan_save_stack+0x33/0x60
[  667.271887][T16995]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  667.271903][T16995]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  667.271918][T16995]  ? genl_rcv_msg+0x55c/0x800
[  667.271931][T16995]  ? netlink_rcv_skb+0x158/0x420
[  667.271942][T16995]  ? genl_rcv+0x28/0x40
[  667.271955][T16995]  ? ___sys_sendmsg+0x134/0x1d0
[  667.271964][T16995]  ? __sys_sendmsg+0x16d/0x220
[  667.271975][T16995]  ? __do_fast_syscall_32+0x7c/0x300
[  667.271985][T16995]  ? do_fast_syscall_32+0x32/0x80
[  667.271995][T16995]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  667.272032][T16995]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  667.272047][T16995]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  667.272065][T16995]  genl_family_rcv_msg_doit+0x209/0x2f0
[  667.272080][T16995]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  667.272100][T16995]  ? bpf_lsm_capable+0x9/0x10
[  667.272115][T16995]  ? security_capable+0x7e/0x260
[  667.272128][T16995]  ? ns_capable+0xd7/0x110
[  667.272144][T16995]  genl_rcv_msg+0x55c/0x800
[  667.272159][T16995]  ? __pfx_genl_rcv_msg+0x10/0x10
[  667.272174][T16995]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  667.272196][T16995]  netlink_rcv_skb+0x158/0x420
[  667.272208][T16995]  ? __pfx_genl_rcv_msg+0x10/0x10
[  667.272223][T16995]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  667.272241][T16995]  ? netlink_deliver_tap+0x1ae/0xd30
[  667.272255][T16995]  genl_rcv+0x28/0x40
[  667.272267][T16995]  netlink_unicast+0x5a7/0x870
[  667.272282][T16995]  ? __pfx_netlink_unicast+0x10/0x10
[  667.272293][T16995]  ? __asan_memset+0x23/0x50
[  667.272321][T16995]  ? __build_skb_around+0x278/0x3b0
[  667.272340][T16995]  ? is_vmalloc_addr+0x86/0xa0
[  667.272353][T16995]  netlink_sendmsg+0x8c8/0xdd0
[  667.272368][T16995]  ? __pfx_netlink_sendmsg+0x10/0x10
[  667.272382][T16995]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  667.272398][T16995]  ____sys_sendmsg+0xa95/0xc70
[  667.272414][T16995]  ? __pfx_____sys_sendmsg+0x10/0x10
[  667.272428][T16995]  ? get_compat_msghdr+0x11a/0x170
[  667.272446][T16995]  ___sys_sendmsg+0x134/0x1d0
[  667.272459][T16995]  ? __pfx____sys_sendmsg+0x10/0x10
[  667.272478][T16995]  ? find_held_lock+0x2b/0x80
[  667.272500][T16995]  __sys_sendmsg+0x16d/0x220
[  667.272512][T16995]  ? __pfx___sys_sendmsg+0x10/0x10
[  667.272530][T16995]  ? rcu_is_watching+0x12/0xc0
[  667.272546][T16995]  __do_fast_syscall_32+0x7c/0x300
[  667.272559][T16995]  do_fast_syscall_32+0x32/0x80
[  667.272570][T16995]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  667.272583][T16995] RIP: 0023:0xf70be579
[  667.272593][T16995] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  667.272604][T16995] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  667.272615][T16995] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  667.272621][T16995] RDX: 000000000000c800 RSI: 0000000000000000 RDI: 0000000000000000
[  667.272627][T16995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  667.272633][T16995] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  667.272639][T16995] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  667.272653][T16995]  </TASK>
[  667.628754][   T34] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0
[  667.631022][   T34] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0
[  667.638083][   T34] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0
[  667.641589][   T34] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0
[  667.644701][   T34] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0
[  667.647735][   T34] mcp2221 0003:04D8:00DD.0042: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  667.821779][T15439] usb 9-1: USB disconnect, device number 29
[  667.932381][ T6013] usb 12-1: new high-speed USB device number 17 using dummy_hcd
[  668.062313][ T6013] usb 12-1: device descriptor read/64, error -71
[  668.270259][ T6089] usb 6-1: USB disconnect, device number 46
[  668.302358][ T6013] usb 12-1: new high-speed USB device number 18 using dummy_hcd
[  668.432463][ T6013] usb 12-1: device descriptor read/64, error -71
[  668.548592][ T6013] usb usb12-port1: attempt power cycle
[  668.612501][   T34] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[  668.752464][   T34] usb 9-1: device descriptor read/64, error -71
[  668.832357][ T6089] usb 10-1: new full-speed USB device number 31 using dummy_hcd
[  668.892393][ T6013] usb 12-1: new high-speed USB device number 19 using dummy_hcd
[  668.912824][ T6013] usb 12-1: device descriptor read/8, error -71
[  668.983560][ T6089] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  668.987304][ T6089] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  668.991899][ T6089] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  668.996681][ T6089] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.002381][   T34] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[  669.132348][   T34] usb 9-1: device descriptor read/64, error -71
[  669.152347][ T6013] usb 12-1: new high-speed USB device number 20 using dummy_hcd
[  669.173016][ T6013] usb 12-1: device descriptor read/8, error -71
[  669.207743][ T6089] usb 10-1: usb_control_msg returned -32
[  669.209601][ T6089] usbtmc 10-1:16.0: can't read capabilities
[  669.242771][   T34] usb usb9-port1: attempt power cycle
[  669.283002][ T6013] usb usb12-port1: unable to enumerate USB device
[  669.288017][T17023] lo speed is unknown, defaulting to 1000
[  669.575535][T17030] lo speed is unknown, defaulting to 1000
[  669.602344][   T34] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[  669.633970][   T34] usb 9-1: device descriptor read/8, error -71
[  669.882316][   T34] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  669.904339][   T34] usb 9-1: device descriptor read/8, error -71
[  670.026471][   T34] usb usb9-port1: unable to enumerate USB device
[  670.817966][T17052] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(18)
[  670.820782][T17052] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  670.824131][T17052] vhci_hcd vhci_hcd.0: Device attached
[  670.831344][T17052] vhci_hcd vhci_hcd.0: pdev(7) rhport(1) sockfd(20)
[  670.834203][T17052] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  670.837753][T17052] vhci_hcd vhci_hcd.0: Device attached
[  670.844317][T17052] vhci_hcd vhci_hcd.0: pdev(7) rhport(2) sockfd(22)
[  670.847200][T17052] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  670.850473][T17052] vhci_hcd vhci_hcd.0: Device attached
[  670.854630][T17052] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  670.861561][T17052] vhci_hcd vhci_hcd.0: pdev(7) rhport(4) sockfd(26)
[  670.864846][T17052] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  670.868661][T17052] vhci_hcd vhci_hcd.0: Device attached
[  670.875335][T17052] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(28)
[  670.878083][T17052] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  670.881381][T17052] vhci_hcd vhci_hcd.0: Device attached
[  670.886343][T17052] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  670.891605][T17049] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  670.896965][T17049] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  670.909727][T17049] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  670.917266][T17049] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  670.919977][T17049] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  670.924736][T17049] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  670.930730][T17060] vhci_hcd: connection closed
[  670.930908][T17062] vhci_hcd: connection closed
[  670.931125][T17058] vhci_hcd: connection closed
[  670.931891][T17056] vhci_hcd: connection closed
[  670.933100][T17054] vhci_hcd: connection closed
[  670.933325][   T60] vhci_hcd: stop threads
[  670.941766][   T60] vhci_hcd: release socket
[  670.943464][   T60] vhci_hcd: disconnect device
[  670.945774][   T60] vhci_hcd: stop threads
[  670.948253][   T60] vhci_hcd: release socket
[  670.951630][   T60] vhci_hcd: disconnect device
[  670.954701][   T60] vhci_hcd: stop threads
[  670.956216][   T60] vhci_hcd: release socket
[  670.957729][   T60] vhci_hcd: disconnect device
[  670.960889][   T60] vhci_hcd: stop threads
[  670.962418][   T60] vhci_hcd: release socket
[  670.965754][   T60] vhci_hcd: disconnect device
[  670.967487][   T60] vhci_hcd: stop threads
[  670.969074][   T60] vhci_hcd: release socket
[  670.970631][   T60] vhci_hcd: disconnect device
[  671.022420][   T34] vhci_hcd: vhci_device speed not set
[  671.489008][T17074] openvswitch: netlink: Missing key (keys=40, expected=100)
[  671.524205][T17076] tmpfs: Unknown parameter 'hash'
[  671.659434][ T7301] usb 10-1: USB disconnect, device number 31
[  671.711285][T17081] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3051'.
[  671.839447][T17082] ceph: No mds server is up or the cluster is laggy
[  671.853496][ T6013] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[  671.855522][T12044] libceph: connect (1)[c::]:6789 error -101
[  671.860579][T12044] libceph: mon0 (1)[c::]:6789 connect error
[  672.033190][ T6013] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  672.037009][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.045174][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.050382][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.061700][T17087] netlink: 'syz.5.3052': attribute type 10 has an invalid length.
[  672.064845][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.067769][T17087] openvswitch: netlink: Flow key attr not present in new flow.
[  672.070229][T17087] FAULT_INJECTION: forcing a failure.
[  672.070229][T17087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  672.071977][T17087] 
[  672.071983][T17087] ======================================================
[  672.071986][T17087] WARNING: possible circular locking dependency detected
[  672.071991][T17087] syzkaller #0 Not tainted
[  672.071996][T17087] ------------------------------------------------------
[  672.071999][T17087] syz.5.3052/17087 is trying to acquire lock:
[  672.072005][T17087] ffffffff8e0d12c0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80
[  672.072033][T17087] 
[  672.072033][T17087] but task is already holding lock:
[  672.072036][T17087] ffff88802b43a498 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  672.072060][T17087] 
[  672.072060][T17087] which lock already depends on the new lock.
[  672.072060][T17087] 
[  672.072063][T17087] 
[  672.072063][T17087] the existing dependency chain (in reverse order) is:
[  672.072066][T17087] 
[  672.072066][T17087] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  672.072079][T17087]        _raw_spin_lock_nested+0x31/0x40
[  672.072095][T17087]        raw_spin_rq_lock_nested+0x29/0x130
[  672.072106][T17087]        task_rq_lock+0xcf/0x490
[  672.072117][T17087]        cgroup_move_task+0x81/0x2a0
[  672.072130][T17087]        css_set_move_task+0x288/0x5f0
[  672.072145][T17087]        cgroup_post_fork+0x201/0x9d0
[  672.072156][T17087]        copy_process+0x602d/0x76a0
[  672.072170][T17087]        kernel_clone+0xfc/0x930
[  672.072183][T17087]        user_mode_thread+0xc8/0x110
[  672.072197][T17087]        rest_init+0x23/0x2b0
[  672.072209][T17087]        start_kernel+0x3f3/0x4e0
[  672.072289][T17087]        x86_64_start_reservations+0x18/0x30
[  672.072299][T17087]        x86_64_start_kernel+0x130/0x190
[  672.072308][T17087]        common_startup_64+0x13e/0x148
[  672.072320][T17087] 
[  672.072320][T17087] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  672.072333][T17087]        _raw_spin_lock_irqsave+0x3a/0x60
[  672.072347][T17087]        try_to_wake_up+0xb7/0x1870
[  672.072359][T17087]        __wake_up_common+0x135/0x1f0
[  672.072374][T17087]        __wake_up+0x31/0x60
[  672.072386][T17087]        tty_port_default_wakeup+0x2a/0x40
[  672.072399][T17087]        serial8250_tx_chars+0x68e/0x860
[  672.072412][T17087]        serial8250_handle_irq+0x761/0xcb0
[  672.072425][T17087]        serial8250_default_handle_irq+0x9a/0x250
[  672.072439][T17087]        serial8250_interrupt+0xf5/0x1b0
[  672.072453][T17087]        __handle_irq_event_percpu+0x236/0x920
[  672.072465][T17087]        handle_irq_event+0xab/0x1e0
[  672.072476][T17087]        handle_edge_irq+0x3ca/0x9e0
[  672.072486][T17087]        __common_interrupt+0xd0/0x2f0
[  672.072500][T17087]        common_interrupt+0x61/0xe0
[  672.072513][T17087]        asm_common_interrupt+0x26/0x40
[  672.072523][T17087]        unwind_next_frame+0x1617/0x20a0
[  672.072535][T17087]        arch_stack_walk+0x94/0x100
[  672.072546][T17087]        stack_trace_save+0x8e/0xc0
[  672.072559][T17087]        kasan_save_stack+0x33/0x60
[  672.072571][T17087]        kasan_save_track+0x14/0x30
[  672.072583][T17087]        __kasan_save_free_info+0x3b/0x60
[  672.072592][T17087]        __kasan_slab_free+0x5f/0x80
[  672.072605][T17087]        __rcu_free_sheaf_prepare+0x52/0x300
[  672.072621][T17087]        rcu_free_sheaf+0x1a/0xa0
[  672.072631][T17087]        rcu_core+0x79c/0x1530
[  672.072642][T17087]        handle_softirqs+0x216/0x8e0
[  672.072654][T17087]        __irq_exit_rcu+0x109/0x170
[  672.072666][T17087]        irq_exit_rcu+0x9/0x30
[  672.072678][T17087]        sysvec_apic_timer_interrupt+0xa4/0xc0
[  672.072702][T17087]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  672.072712][T17087]        pv_native_safe_halt+0xf/0x20
[  672.072720][T17087]        default_idle+0x13/0x20
[  672.072731][T17087]        default_idle_call+0x6c/0xb0
[  672.072742][T17087]        do_idle+0x38d/0x500
[  672.072752][T17087]        cpu_startup_entry+0x4f/0x60
[  672.072764][T17087]        start_secondary+0x21d/0x2b0
[  672.072779][T17087]        common_startup_64+0x13e/0x148
[  672.072794][T17087] 
[  672.072794][T17087] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  672.072813][T17087]        _raw_spin_lock_irqsave+0x3a/0x60
[  672.072878][T17087]        __wake_up+0x1c/0x60
[  672.072901][T17087]        tty_port_default_wakeup+0x2a/0x40
[  672.072919][T17087]        serial8250_tx_chars+0x68e/0x860
[  672.072937][T17087]        __start_tx+0x3df/0x490
[  672.072955][T17087]        serial8250_start_tx+0x368/0x530
[  672.072971][T17087]        __uart_start+0x295/0x500
[  672.072983][T17087]        uart_write+0x218/0xb30
[  672.072994][T17087]        n_tty_write+0x41b/0x11e0
[  672.073008][T17087]        file_tty_write.constprop.0+0x503/0x9b0
[  672.073025][T17087]        redirected_tty_write+0xd4/0x150
[  672.073040][T17087]        vfs_write+0x7d0/0x11d0
[  672.073056][T17087]        ksys_write+0x12a/0x250
[  672.073073][T17087]        do_syscall_64+0xcd/0x4b0
[  672.073089][T17087]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.073104][T17087] 
[  672.073104][T17087] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  672.073126][T17087]        _raw_spin_lock_irqsave+0x3a/0x60
[  672.073150][T17087]        serial8250_console_write+0x181/0x1890
[  672.073170][T17087]        console_flush_all+0x801/0xc60
[  672.073187][T17087]        console_unlock+0xd8/0x210
[  672.073197][T17087]        vprintk_emit+0x3d7/0x680
[  672.073209][T17087]        _printk+0xc7/0x100
[  672.073216][T17087]        register_console+0xc2d/0x11b0
[  672.073228][T17087]        univ8250_console_init+0x5f/0x90
[  672.073238][T17087]        console_init+0x14f/0x680
[  672.073248][T17087]        start_kernel+0x29f/0x4e0
[  672.073257][T17087]        x86_64_start_reservations+0x18/0x30
[  672.073266][T17087]        x86_64_start_kernel+0x130/0x190
[  672.073275][T17087]        common_startup_64+0x13e/0x148
[  672.073287][T17087] 
[  672.073287][T17087] -> #0 (console_owner){-.-.}-{0:0}:
[  672.073299][T17087]        __lock_acquire+0x12a6/0x1ce0
[  672.073315][T17087]        lock_acquire+0x179/0x350
[  672.073329][T17087]        console_lock_spinning_enable+0x72/0x80
[  672.073340][T17087]        console_flush_all+0x7aa/0xc60
[  672.073351][T17087]        console_unlock+0xd8/0x210
[  672.073361][T17087]        vprintk_emit+0x3d7/0x680
[  672.073372][T17087]        _printk+0xc7/0x100
[  672.073379][T17087]        should_fail_ex+0x4e7/0x640
[  672.073390][T17087]        strncpy_from_user+0x3b/0x2e0
[  672.073401][T17087]        strncpy_from_user_nofault+0x7f/0x180
[  672.073413][T17087]        bpf_bprintf_prepare+0xe90/0x13f0
[  672.073426][T17087]        bpf_trace_printk+0xda/0x190
[  672.073436][T17087]        bpf_prog_930ede9872f2967c+0x3e/0x44
[  672.073444][T17087]        bpf_trace_run2+0x236/0x590
[  672.073453][T17087]        __bpf_trace_contention_begin+0xc9/0x110
[  672.073468][T17087]        trace_contention_begin.constprop.0+0xde/0x160
[  672.073479][T17087]        __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  672.073489][T17087]        do_raw_spin_lock+0x20e/0x2b0
[  672.073499][T17087]        raw_spin_rq_lock_nested+0x7e/0x130
[  672.073511][T17087]        __schedule+0x307/0x5de0
[  672.073525][T17087]        preempt_schedule_common+0x44/0xc0
[  672.073540][T17087]        preempt_schedule_thunk+0x16/0x30
[  672.073556][T17087]        vprintk_emit+0x408/0x680
[  672.073568][T17087]        _printk+0xc7/0x100
[  672.073576][T17087]        ovs_flow_cmd_new+0x9f3/0xe30
[  672.073591][T17087]        genl_family_rcv_msg_doit+0x209/0x2f0
[  672.073605][T17087]        genl_rcv_msg+0x55c/0x800
[  672.073617][T17087]        netlink_rcv_skb+0x158/0x420
[  672.073628][T17087]        genl_rcv+0x28/0x40
[  672.073639][T17087]        netlink_unicast+0x5a7/0x870
[  672.073649][T17087]        netlink_sendmsg+0x8c8/0xdd0
[  672.073659][T17087]        ____sys_sendmsg+0xa95/0xc70
[  672.073673][T17087]        ___sys_sendmsg+0x134/0x1d0
[  672.073689][T17087]        __sys_sendmsg+0x16d/0x220
[  672.073699][T17087]        __do_fast_syscall_32+0x7c/0x300
[  672.073709][T17087]        do_fast_syscall_32+0x32/0x80
[  672.073718][T17087]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  672.073730][T17087] 
[  672.073730][T17087] other info that might help us debug this:
[  672.073730][T17087] 
[  672.073734][T17087] Chain exists of:
[  672.073734][T17087]   console_owner --> &p->pi_lock --> &rq->__lock
[  672.073734][T17087] 
[  672.073748][T17087]  Possible unsafe locking scenario:
[  672.073748][T17087] 
[  672.073751][T17087]        CPU0                    CPU1
[  672.073754][T17087]        ----                    ----
[  672.073756][T17087]   lock(&rq->__lock);
[  672.073762][T17087]                                lock(&p->pi_lock);
[  672.073769][T17087]                                lock(&rq->__lock);
[  672.073775][T17087]   lock(console_owner);
[  672.073781][T17087] 
[  672.073781][T17087]  *** DEADLOCK ***
[  672.073781][T17087] 
[  672.073784][T17087] 5 locks held by syz.5.3052/17087:
[  672.073790][T17087]  #0: ffffffff8ff83f30 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  672.073814][T17087]  #1: ffff88802b43a498 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  672.073838][T17087]  #2: ffffffff8e1c3fa0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1bc/0x590
[  672.073860][T17087]  #3: ffffffff8e1b1700 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  672.073880][T17087]  #4: ffffffff8e1b1770 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  672.073904][T17087] 
[  672.073904][T17087] stack backtrace:
[  672.073910][T17087] CPU: 0 UID: 0 PID: 17087 Comm: syz.5.3052 Not tainted syzkaller #0 PREEMPT(full) 
[  672.073922][T17087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  672.073929][T17087] Call Trace:
[  672.073935][T17087]  <TASK>
[  672.073940][T17087]  dump_stack_lvl+0x116/0x1f0
[  672.073956][T17087]  print_circular_bug+0x275/0x350
[  672.073979][T17087]  check_noncircular+0x14c/0x170
[  672.074005][T17087]  __lock_acquire+0x12a6/0x1ce0
[  672.074036][T17087]  lock_acquire+0x179/0x350
[  672.074060][T17087]  ? console_lock_spinning_enable+0x61/0x80
[  672.074080][T17087]  ? console_lock_spinning_enable+0x4a/0x80
[  672.074094][T17087]  console_lock_spinning_enable+0x72/0x80
[  672.074106][T17087]  ? console_lock_spinning_enable+0x61/0x80
[  672.074117][T17087]  console_flush_all+0x7aa/0xc60
[  672.074130][T17087]  ? __pfx_console_flush_all+0x10/0x10
[  672.074144][T17087]  ? is_printk_cpu_sync_owner+0x32/0x40
[  672.074159][T17087]  console_unlock+0xd8/0x210
[  672.074170][T17087]  ? __pfx_console_unlock+0x10/0x10
[  672.074181][T17087]  ? do_raw_spin_unlock+0xd0/0x230
[  672.074192][T17087]  ? _printk+0xc7/0x100
[  672.074201][T17087]  ? __down_trylock_console_sem+0xb0/0x140
[  672.074211][T17087]  vprintk_emit+0x3d7/0x680
[  672.074223][T17087]  ? __pfx_vprintk_emit+0x10/0x10
[  672.074236][T17087]  ? rcu_is_watching+0x12/0xc0
[  672.074250][T17087]  _printk+0xc7/0x100
[  672.074258][T17087]  ? __pfx__printk+0x10/0x10
[  672.074268][T17087]  ? __pfx____ratelimit+0x10/0x10
[  672.074284][T17087]  ? ring_buffer_unlock_commit+0x2e8/0x620
[  672.074296][T17087]  should_fail_ex+0x4e7/0x640
[  672.074308][T17087]  strncpy_from_user+0x3b/0x2e0
[  672.074318][T17087]  strncpy_from_user_nofault+0x7f/0x180
[  672.074331][T17087]  bpf_bprintf_prepare+0xe90/0x13f0
[  672.074346][T17087]  ? string+0x2c4/0x4f0
[  672.074360][T17087]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  672.074374][T17087]  ? __pfx_format_decode+0x10/0x10
[  672.074388][T17087]  ? rcu_is_watching+0x12/0xc0
[  672.074402][T17087]  ? bpf_trace_run2+0x3e1/0x590
[  672.074412][T17087]  bpf_trace_printk+0xda/0x190
[  672.074420][T17087]  ? __pfx_bpf_trace_printk+0x10/0x10
[  672.074431][T17087]  ? bpf_trace_run2+0x3e1/0x590
[  672.074442][T17087]  bpf_prog_930ede9872f2967c+0x3e/0x44
[  672.074451][T17087]  bpf_trace_run2+0x236/0x590
[  672.074461][T17087]  ? __pfx_bpf_trace_run2+0x10/0x10
[  672.074471][T17087]  ? panic_on_this_cpu+0x32/0x40
[  672.074487][T17087]  ? _prb_read_valid+0x73c/0x890
[  672.074497][T17087]  __bpf_trace_contention_begin+0xc9/0x110
[  672.074513][T17087]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  672.074532][T17087]  trace_contention_begin.constprop.0+0xde/0x160
[  672.074544][T17087]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  672.074555][T17087]  ? __lock_acquire+0xb97/0x1ce0
[  672.074571][T17087]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  672.074582][T17087]  ? __asan_memcpy+0x3c/0x60
[  672.074594][T17087]  ? desc_read+0x2ae/0x370
[  672.074610][T17087]  do_raw_spin_lock+0x20e/0x2b0
[  672.074621][T17087]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  672.074631][T17087]  ? rcu_qs+0x2b/0xe0
[  672.074642][T17087]  ? rcu_note_context_switch+0x192/0x1e00
[  672.074656][T17087]  raw_spin_rq_lock_nested+0x7e/0x130
[  672.074669][T17087]  ? preempt_schedule_common+0x44/0xc0
[  672.074690][T17087]  __schedule+0x307/0x5de0
[  672.074706][T17087]  ? __pfx__prb_read_valid+0x10/0x10
[  672.074715][T17087]  ? find_held_lock+0x2b/0x80
[  672.074727][T17087]  ? up+0xcb/0x140
[  672.074737][T17087]  ? do_raw_spin_unlock+0x172/0x230
[  672.074748][T17087]  ? __pfx___schedule+0x10/0x10
[  672.074765][T17087]  ? __pfx_prb_read_valid+0x10/0x10
[  672.074774][T17087]  ? __up_console_sem+0x8f/0xe0
[  672.074783][T17087]  ? lockdep_hardirqs_on+0x7c/0x110
[  672.074794][T17087]  ? preempt_schedule_thunk+0x16/0x30
[  672.074809][T17087]  preempt_schedule_common+0x44/0xc0
[  672.074826][T17087]  preempt_schedule_thunk+0x16/0x30
[  672.074841][T17087]  ? vprintk_emit+0x3f6/0x680
[  672.074853][T17087]  ? vprintk_emit+0x403/0x680
[  672.074865][T17087]  vprintk_emit+0x408/0x680
[  672.074877][T17087]  ? __pfx_vprintk_emit+0x10/0x10
[  672.074890][T17087]  ? find_held_lock+0x2b/0x80
[  672.074902][T17087]  _printk+0xc7/0x100
[  672.074911][T17087]  ? __pfx__printk+0x10/0x10
[  672.074920][T17087]  ? __pfx____ratelimit+0x10/0x10
[  672.074937][T17087]  ? ovs_flow_cmd_new+0x9e7/0xe30
[  672.074953][T17087]  ? ovs_flow_cmd_new+0x9da/0xe30
[  672.074969][T17087]  ovs_flow_cmd_new+0x9f3/0xe30
[  672.074986][T17087]  ? __wake_up_klogd.part.0+0x99/0xf0
[  672.074997][T17087]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  672.075023][T17087]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  672.075038][T17087]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  672.075054][T17087]  genl_family_rcv_msg_doit+0x209/0x2f0
[  672.075069][T17087]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  672.075089][T17087]  ? bpf_lsm_capable+0x9/0x10
[  672.075111][T17087]  ? security_capable+0x7e/0x260
[  672.075131][T17087]  ? ns_capable+0xd7/0x110
[  672.075154][T17087]  genl_rcv_msg+0x55c/0x800
[  672.075177][T17087]  ? __pfx_genl_rcv_msg+0x10/0x10
[  672.075200][T17087]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  672.075222][T17087]  netlink_rcv_skb+0x158/0x420
[  672.075233][T17087]  ? __pfx_genl_rcv_msg+0x10/0x10
[  672.075247][T17087]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  672.075263][T17087]  genl_rcv+0x28/0x40
[  672.075274][T17087]  netlink_unicast+0x5a7/0x870
[  672.075287][T17087]  ? __pfx_netlink_unicast+0x10/0x10
[  672.075298][T17087]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  672.075311][T17087]  netlink_sendmsg+0x8c8/0xdd0
[  672.075324][T17087]  ? __pfx_netlink_sendmsg+0x10/0x10
[  672.075336][T17087]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  672.075350][T17087]  ____sys_sendmsg+0xa95/0xc70
[  672.075366][T17087]  ? __pfx_____sys_sendmsg+0x10/0x10
[  672.075381][T17087]  ? get_compat_msghdr+0x11a/0x170
[  672.075395][T17087]  ___sys_sendmsg+0x134/0x1d0
[  672.075407][T17087]  ? __pfx____sys_sendmsg+0x10/0x10
[  672.075423][T17087]  ? find_held_lock+0x2b/0x80
[  672.075440][T17087]  __sys_sendmsg+0x16d/0x220
[  672.075452][T17087]  ? __pfx___sys_sendmsg+0x10/0x10
[  672.075467][T17087]  ? rcu_is_watching+0x12/0xc0
[  672.075482][T17087]  __do_fast_syscall_32+0x7c/0x300
[  672.075495][T17087]  do_fast_syscall_32+0x32/0x80
[  672.075507][T17087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  672.075522][T17087] RIP: 0023:0xf70be579
[  672.075532][T17087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  672.075543][T17087] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  672.075555][T17087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  672.075562][T17087] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  672.075569][T17087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  672.075576][T17087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  672.075582][T17087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  672.075593][T17087]  </TASK>
[  672.648399][T17087] CPU: 0 UID: 0 PID: 17087 Comm: syz.5.3052 Not tainted syzkaller #0 PREEMPT(full) 
[  672.648424][T17087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  672.648436][T17087] Call Trace:
[  672.648444][T17087]  <TASK>
[  672.648452][T17087]  dump_stack_lvl+0x116/0x1f0
[  672.648476][T17087]  should_fail_ex+0x512/0x640
[  672.648497][T17087]  strncpy_from_user+0x3b/0x2e0
[  672.648516][T17087]  strncpy_from_user_nofault+0x7f/0x180
[  672.648539][T17087]  bpf_bprintf_prepare+0xe90/0x13f0
[  672.648563][T17087]  ? string+0x2c4/0x4f0
[  672.648586][T17087]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  672.648607][T17087]  ? __pfx_format_decode+0x10/0x10
[  672.648629][T17087]  ? rcu_is_watching+0x12/0xc0
[  672.648658][T17087]  ? bpf_trace_run2+0x3e1/0x590
[  672.648675][T17087]  bpf_trace_printk+0xda/0x190
[  672.648690][T17087]  ? __pfx_bpf_trace_printk+0x10/0x10
[  672.648708][T17087]  ? bpf_trace_run2+0x3e1/0x590
[  672.648728][T17087]  bpf_prog_930ede9872f2967c+0x3e/0x44
[  672.648744][T17087]  bpf_trace_run2+0x236/0x590
[  672.648761][T17087]  ? __pfx_bpf_trace_run2+0x10/0x10
[  672.648779][T17087]  ? panic_on_this_cpu+0x32/0x40
[  672.648806][T17087]  ? _prb_read_valid+0x73c/0x890
[  672.648824][T17087]  __bpf_trace_contention_begin+0xc9/0x110
[  672.648851][T17087]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  672.648882][T17087]  trace_contention_begin.constprop.0+0xde/0x160
[  672.648901][T17087]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  672.648920][T17087]  ? __lock_acquire+0xb97/0x1ce0
[  672.648944][T17087]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  672.648961][T17087]  ? __asan_memcpy+0x3c/0x60
[  672.648980][T17087]  ? desc_read+0x2ae/0x370
[  672.649008][T17087]  do_raw_spin_lock+0x20e/0x2b0
[  672.649026][T17087]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  672.649044][T17087]  ? rcu_qs+0x2b/0xe0
[  672.649062][T17087]  ? rcu_note_context_switch+0x192/0x1e00
[  672.649089][T17087]  raw_spin_rq_lock_nested+0x7e/0x130
[  672.649110][T17087]  ? preempt_schedule_common+0x44/0xc0
[  672.649138][T17087]  __schedule+0x307/0x5de0
[  672.649164][T17087]  ? __pfx__prb_read_valid+0x10/0x10
[  672.649181][T17087]  ? find_held_lock+0x2b/0x80
[  672.649201][T17087]  ? up+0xcb/0x140
[  672.649219][T17087]  ? do_raw_spin_unlock+0x172/0x230
[  672.649238][T17087]  ? __pfx___schedule+0x10/0x10
[  672.649264][T17087]  ? __pfx_prb_read_valid+0x10/0x10
[  672.649281][T17087]  ? __up_console_sem+0x8f/0xe0
[  672.649298][T17087]  ? lockdep_hardirqs_on+0x7c/0x110
[  672.649315][T17087]  ? preempt_schedule_thunk+0x16/0x30
[  672.649342][T17087]  preempt_schedule_common+0x44/0xc0
[  672.649369][T17087]  preempt_schedule_thunk+0x16/0x30
[  672.649395][T17087]  ? vprintk_emit+0x3f6/0x680
[  672.649414][T17087]  ? vprintk_emit+0x403/0x680
[  672.649434][T17087]  vprintk_emit+0x408/0x680
[  672.649454][T17087]  ? __pfx_vprintk_emit+0x10/0x10
[  672.649475][T17087]  ? find_held_lock+0x2b/0x80
[  672.649496][T17087]  _printk+0xc7/0x100
[  672.649511][T17087]  ? __pfx__printk+0x10/0x10
[  672.649528][T17087]  ? __pfx____ratelimit+0x10/0x10
[  672.649555][T17087]  ? ovs_flow_cmd_new+0x9e7/0xe30
[  672.649581][T17087]  ? ovs_flow_cmd_new+0x9da/0xe30
[  672.649609][T17087]  ovs_flow_cmd_new+0x9f3/0xe30
[  672.649647][T17087]  ? __wake_up_klogd.part.0+0x99/0xf0
[  672.649665][T17087]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  672.649711][T17087]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  672.649738][T17087]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  672.649765][T17087]  genl_family_rcv_msg_doit+0x209/0x2f0
[  672.649790][T17087]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  672.649816][T17087]  ? bpf_lsm_capable+0x9/0x10
[  672.649843][T17087]  ? security_capable+0x7e/0x260
[  672.649906][T17087]  ? ns_capable+0xd7/0x110
[  672.649929][T17087]  genl_rcv_msg+0x55c/0x800
[  672.649953][T17087]  ? __pfx_genl_rcv_msg+0x10/0x10
[  672.649975][T17087]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[  672.650006][T17087]  netlink_rcv_skb+0x158/0x420
[  672.650026][T17087]  ? __pfx_genl_rcv_msg+0x10/0x10
[  672.650048][T17087]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  672.650075][T17087]  genl_rcv+0x28/0x40
[  672.650096][T17087]  netlink_unicast+0x5a7/0x870
[  672.650117][T17087]  ? __pfx_netlink_unicast+0x10/0x10
[  672.650136][T17087]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  672.650160][T17087]  netlink_sendmsg+0x8c8/0xdd0
[  672.650182][T17087]  ? __pfx_netlink_sendmsg+0x10/0x10
[  672.650204][T17087]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  672.650225][T17087]  ____sys_sendmsg+0xa95/0xc70
[  672.650249][T17087]  ? __pfx_____sys_sendmsg+0x10/0x10
[  672.650271][T17087]  ? get_compat_msghdr+0x11a/0x170
[  672.650293][T17087]  ___sys_sendmsg+0x134/0x1d0
[  672.650313][T17087]  ? __pfx____sys_sendmsg+0x10/0x10
[  672.650335][T17087]  ? find_held_lock+0x2b/0x80
[  672.650361][T17087]  __sys_sendmsg+0x16d/0x220
[  672.650378][T17087]  ? __pfx___sys_sendmsg+0x10/0x10
[  672.650399][T17087]  ? rcu_is_watching+0x12/0xc0
[  672.650420][T17087]  __do_fast_syscall_32+0x7c/0x300
[  672.650440][T17087]  do_fast_syscall_32+0x32/0x80
[  672.650458][T17087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  672.650480][T17087] RIP: 0023:0xf70be579
[  672.650494][T17087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  672.650512][T17087] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  672.650530][T17087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  672.650541][T17087] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  672.650552][T17087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  672.650563][T17087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  672.650573][T17087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  672.650589][T17087]  </TASK>
[  672.842694][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout
[  672.842702][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.848992][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.872307][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.877246][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.883492][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.888599][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.893202][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.898491][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.903441][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.907065][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.912118][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.916424][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.920608][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.925653][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.929418][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.933651][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.938403][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.942114][ T6013] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  672.946626][ T6013] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  672.951210][ T6013] usb 9-1: config 0 interface 0 has no altsetting 0
[  672.962665][ T5955] Bluetooth: hci1: command 0x0c1a tx timeout
[  672.963247][ T6013] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  672.968309][ T6013] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  672.971801][ T6013] usb 9-1: Product: syz
[  672.975950][ T6013] usb 9-1: Manufacturer: syz
[  672.982376][ T6013] usb 9-1: SerialNumber: syz
[  672.988556][ T6013] usb 9-1: config 0 descriptor??
[  673.001585][ T6013] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  673.260228][    C0] usb 9-1: yurex_control_callback - control failed: -71
[  673.262927][ T6013] usb 9-1: USB disconnect, device number 34
[  673.265694][ T6013] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  674.882647][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout
[  675.042412][ T5955] Bluetooth: hci1: command 0x0c1a tx timeout
[  676.972373][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout
[  677.132502][ T5955] Bluetooth: hci1: command 0x0c1a tx timeout

VM DIAGNOSIS:
23:30:29  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851ebd95 RDI=ffffffff9ab2b1c0 RBP=ffffffff9ab2b180 RSP=ffffc90004e16368
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff9ab2b180 R15=ffffffff851ebd30
RIP=ffffffff851ebdbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097c8c000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000050bfd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000cb32fc RBX=0000000000000001 RCX=ffffffff8b48ba59 RDX=ffffed10056a6656
RSI=ffffffff8bd01640 RDI=ffffffff81905a5d RBP=ffffed1003adf490 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801d6fa480 R14=ffffffff905f6a90 R15=0000000000000000
RIP=ffffffff8b48a57f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097d8c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000005cc07000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000002000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000002
RSI=00000000000000fb RDI=0000000000000002 RBP=ffff8880277524b8 RSP=ffffc9000d0ff5d8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000001 R13=1ffff92001a1febe R14=1ffff11004eea401 R15=0000000000000000
RIP=ffffffff8168cb68 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097e8c000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000005cc07000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000094dd31 RBX=0000000000000003 RCX=ffffffff8b48ba59 RDX=0000000000000000
RSI=ffffffff8d81dc19 RDI=ffffffff8bd016c0 RBP=ffffed100376a000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056e6655 R10=ffff88802b7332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801bb50000 R14=ffffffff905f6a90 R15=0000000000000000
RIP=ffffffff8b48a57f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097f8c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000636ce000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000