last executing test programs:

4m24.345478797s ago: executing program 0 (id=3008):
socket$xdp(0x2c, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
syz_open_dev$tty20(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno', @ANYRESHEX=r4, @ANYBLOB="3a2c46f96b6661826fe772bb2648e8a86a07897e3a742ad17ad1802bf3fe31857371a85e0f0dbcf6124887234e4c6127471c0c72cd9f8e5677f979185825705ba784b7daa7e1281dcc766d8f20146441aed13afb36cfc16f5083b9993f5751319beea41594937a14d1db4e936caae55a95abca269b85da4c4e3ecc3dbb0a9f5ae8c2e50d6bdbff98e84b1f1f86242c3bab8b3ffe06e374f2ec89ef4deb6fbbb46b377d02763c5d90a69878df3999bc5a58ea783a536a2c82840977a8c0411738eb4d439b9e6f1838fb38e6196feca354ea80f927954e4f8b6736cad711b731b6798f684f413f62bb9d3c2b9407fead77f8debac0b998b4ae7abf46dd1c06000000eb3a348b8684c961e91fceaf80011d15ce"])
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x1e01, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x9, 0x3, 0x240, 0xdc, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1ac, 0xffffffff, 0xffffffff, 0x1ac, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x94, 0xdc, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x5, 0x8, 0x6, 'snmp_trap\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x2, 0x5, 0x1, 0x6, 0x3, 0x3], 0x1}, {0x3, [0x6, 0x6, 0x5, 0x1, 0x4, 0x2], 0x5, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x29c)
clock_settime(0x7, 0x0)
acct(&(0x7f0000000180)='./file0/file0\x00')
r6 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x3004c010}, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYRES8=r4], &(0x7f0000000200)='GPL\x00', 0x0, 0xfffffffffffffec8, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="2400000001040506000000000000000000008000050001000100000008000540ffff9249"], 0x24}}, 0x0)

4m22.711777254s ago: executing program 0 (id=3012):
r0 = socket(0x11, 0x3, 0x0)
setsockopt(r0, 0x107, 0xf, &(0x7f0000000100)="00008634", 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r2=>0x0})
sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000040)=@xdp={0x2c, 0x8, r2, 0x3}, 0x80, &(0x7f0000000600)=[{&(0x7f00000001c0)="0003022df0ff000000002d3922ff65b4355e953d23d27c69e074889fa8e7ee962184588e5fd8c5ee00a7472916f510027afb3654f0", 0x18}, {&(0x7f00000003c0)="60a75dc565ef116aa412580445034943beea59637ecdd8a174caf38d7adc18f6b256e8be", 0xffe8}, {&(0x7f0000000140)="55f0e46e5a", 0x5}, {&(0x7f0000000540)="d6cbcbd01a9287bce454d54ecea0f66b7367fbf6880d06443c29d1e06a5aa68da2a864699d98950e5555ab", 0x2b}], 0x4}, 0x40011)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x303000, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x2b)

4m22.711357952s ago: executing program 0 (id=3013):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r0, &(0x7f0000000480)=""/177, 0xb1, 0xe0)

4m22.612358457s ago: executing program 0 (id=3014):
r0 = socket(0x11, 0x3, 0x0)
setsockopt(r0, 0x107, 0xf, &(0x7f0000000100)="00008634", 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r2=>0x0})
sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000040)=@xdp={0x2c, 0xa888, r2, 0x3}, 0x80, &(0x7f0000000600)=[{&(0x7f00000001c0)="0003022df0ff000000002d3922ff65b4355e953d23d27c69e074889fa8e7ee962184588e5fd8c5ee00a7472916f510027afb3654f0", 0x18}, {&(0x7f00000003c0)="60a75dc565ef116aa412580445034943beea59637ecdd8a174caf38d7adc18f6b256e8be", 0xffe8}, {&(0x7f0000000140)="55f0e46e5a", 0x5}, {&(0x7f0000000540)="d6cbcbd01a9287bce454d54ecea0f66b7367fbf6880d06443c29d1e06a5aa68da2a864699d98950e5555ab", 0x2b}], 0x4}, 0x40011)

4m22.571585737s ago: executing program 0 (id=3015):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28011, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone3(&(0x7f000000dd80)={0x100000, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pause()
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

4m21.682351552s ago: executing program 0 (id=3024):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000fddbdf251200000008000300", @ANYRES32=r2, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x20048054)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x472f, 0x4)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0xfffd, 0x8000000000000003, 0x4002004c2, 0x7ff, 0x1, 0x0, 0x400, 0x200000000000080, 0x9, 0x4, 0x8, 0x8b], 0xeeee8000, 0x240046})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4m21.62386719s ago: executing program 32 (id=3024):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000fddbdf251200000008000300", @ANYRES32=r2, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x20048054)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x472f, 0x4)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0xfffd, 0x8000000000000003, 0x4002004c2, 0x7ff, 0x1, 0x0, 0x400, 0x200000000000080, 0x9, 0x4, 0x8, 0x8b], 0xeeee8000, 0x240046})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

9.360073979s ago: executing program 2 (id=4170):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
r1 = io_uring_setup(0x516, &(0x7f0000000640)={0x0, 0xddaa, 0x1, 0x503fa, 0x8100014e})
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x3, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000003, 0x20000000, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x7, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0xcc74, 0x80000000, 0x242, 0x5, 0xe, 0x0, 0x80008071, 0x7, 0x6, 0xffffffff, 0x7, 0x5, 0x3e, 0x10008f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x200003ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x5, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0xc8, 0xf9, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x10001, 0x0, 0x5, 0x8, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x3, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x1000b, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x4, 0xd, 0xffff8005, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x5, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x2, 0x83, 0x3, 0x4, 0x2950bfaf, 0x1001, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x4002, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xfffffffd, 0x5, 0x1c, 0x120000, 0x3, 0x3, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0xfffc, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x7f, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0xfffffffe, 0x4, 0xc8, 0x1, 0xfffff000, 0x5, 0x1003, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x227, 0x8001, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf44, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff343e, 0x1]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x0, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r2=>0xffffffffffffffff})
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x34c, 0xffffffff, 0x0, 0x0, 0xf4, 0xfeffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @multicast1}, [0xff, 0x0, 0xffffff00, 0xff000101], [0x0, 0xff, 0xff000000, 0xffffff00], 'gretap0\x00', 'veth0_virt_wifi\x00', {}, {}, 0x3b, 0xa, 0x1, 0x2d}, 0x2f2, 0xd0, 0xf4, 0x0, {}, [@common=@inet=@l2tp={{0x2c}, {0x3, 0x0, 0x3, 0x1, 0xc}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffe}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00', [0xff000000, 0xffffffff, 0xffffffff, 0xff], [0xff, 0xffffffff, 0x0, 0xff], 'pim6reg\x00', 'veth0_virt_wifi\x00', {0xff}, {}, 0x87, 0x8, 0x6, 0xc}, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3a8)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r3, 0xc02c564a, &(0x7f00000008c0)={0x7fff, 0x20363159, 0x3, @discrete={0xfffffffe, 0x8}})
syz_emit_ethernet(0x22, &(0x7f0000000880)={@multicast, @remote, @val={@val={0x88a8, 0x6}, {0x8100, 0x4, 0x0, 0x2}}, {@llc={0x4, {@snap={0x0, 0xaa, '-', "4cbf3a", 0x6204, "a3d0b92d"}}}}}, 0x0)

9.260181046s ago: executing program 2 (id=4171):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000040), 0x3, 0x2)
r3 = socket$kcm(0xa, 0x5, 0x0)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r5 = accept4$llc(0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x80800)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000800)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$inet(r5, &(0x7f0000000900)={&(0x7f00000004c0)={0x2, 0x4e20, @local}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000500)="0296bf7df2bb0145f2ebfa1478e4117a18289d102c4f29e70e14f3707e733ffd627291118395039d3f783d413a49ef073d55888bf98592cab42186a43445fba578c7d2c5303e9bcd94beb6f5cbd6b4982afd4f1126f306e9efe5b265074ab90f518c4589d1d5a1bba04b6ef2c27f473f354223c8dee342d343f76991469ed5a9f71abb0861e461f0e71adc31561dd10a28d44e", 0x93}, {&(0x7f00000005c0)="bd32a5d7cabd4caed94eba4ebc54af1bf44746bfa77862d17ce67297376bc340923d85966f8c1458d1729b4cd26e075397b1", 0x32}, {&(0x7f0000000600)="1ca5fb0ad4c0e33ff068509d2221dc95bbdcb7654aadb0f4301365b82d0ae685e70e906d9fe9cf94809da855ffc0f31918f5b14ce57a802602c00781b8886a8bef8a9a887bb869d6b4abff3ee44d2600aed9fc0fe011a17b47f3effa7e01cc39a70d29a6cece2e66d6e1518f5ce843301bee20af1d8bc5c2470ed13dbc56408bf84e1c1a3af23abe950c3437e9d3d907681ddd8db3c0a2039e254498637b", 0x9e}, {&(0x7f00000006c0)="89b1c626b6613e6b014e75e78ae53252e4fedadffb6510dbbe9e2b304408aa4541ecb4583a3595667afd006385faa900ca8ec5b00639b4e9702218bf3f6160aaa5676119c99d590a33e1d7193831fcbd89f4d6c2c0f3a494a7f340b632b5d150bfa8c719a018f7d63aa2bc6d", 0x6c}, {&(0x7f0000000740)="4035f107b2c06173ac8c4a7664fa47552d387b581398ddcc622ca7a2737223291d227134c3b4d7a815193aedde06e0daafca8aab02762d1dc25e23ec86f1be0bd3dc92b51e73", 0x46}], 0x5, &(0x7f00000009c0)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x80000000}}, @ip_tos_u8={{0xd}}, @ip_pktinfo={{0x18, 0x0, 0x8, {r6, @private=0xa010102, @remote}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0x7b, 0x0, 0xa, [0x800, 0x101]}, @rr={0x7, 0xb, 0xa7, [@empty, @private=0xa010102]}]}}}, @ip_retopts={{0x58, 0x0, 0x7, {[@end, @timestamp_prespec={0x44, 0x3c, 0xfd, 0x3, 0x9, [{@rand_addr=0x64010102, 0x1}, {@broadcast, 0x98}, {@rand_addr=0x64010100}, {@dev={0xac, 0x14, 0x14, 0x1e}, 0x2}, {@remote, 0xb1}, {@private=0xa010102, 0x6}, {@remote, 0xd0e}]}, @rr={0x7, 0xb, 0xe9, [@local, @remote]}, @noop]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x2}}], 0xdc}, 0x4004010)
r7 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
sendmsg$kcm(r3, &(0x7f0000002dc0)={&(0x7f0000001640)=@l2tp6={0xa, 0x0, 0x7fff, @local, 0x8}, 0x80, &(0x7f0000000340)=[{&(0x7f00000003c0)='`', 0x1}], 0x1}, 0x41)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000000), 0x4)
socket$kcm(0x10, 0x2, 0x0)
ioctl$VIDIOC_QUERYCAP(r2, 0x80685600, &(0x7f0000000080))
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207200902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffc, 0x0, 0x6}, {0x0, 0x0, 0x400000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x0, 0x32}, 0x0, @in=@private=0xa010101, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

7.718923655s ago: executing program 4 (id=4177):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x2258, &(0x7f0000000140)={0x0, 0x114df, 0x8, 0x4, 0x8b}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x9, 0x20000000, 0x4003, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4008014}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, r3, 0x0, 0x5005)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYRES16=<r7=>r0, @ANYBLOB="10b33852d17901ab391488", @ANYRES8=r2, @ANYRESDEC=r5, @ANYRES64=r1], 0x88}}, 0xec084867ce87ee97)
socket$key(0xf, 0x3, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r8, &(0x7f0000000b80)={&(0x7f00000001c0), 0xc, &(0x7f0000000b40)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9f0100fd", @ANYRES16=0x0, @ANYBLOB="000325bd7000fcdbdf2504000000600001801400020076657468305f766c616e00000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000000000014000200626f6e645f736c6176655f310000000008000300030000001400020064756d6d79300000000000000000000008000300010000003800018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="140002006272696467655f736c6176655f30000008000300030000001400018008000100", @ANYRES32=0x0, @ANYRES64=r7, @ANYRESOCT=r1, @ANYBLOB="1400020076657468315f766972745f77696669000800030001000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766972745f7769666930000000000000080003000000000008000300030000008800018014000200776c616e30000000000000000000000008000300030000000800030001000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="14000200636169663000000000000000000000001400020076657468315f746f5f687372000000001400020076657468315f746f5f626174616476001400020062726964676530000000000000000000"], 0x1a4}, 0x1, 0x0, 0x0, 0x4000}, 0x48800)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002c80)=ANY=[@ANYBLOB="3000000440000100fcff070004000000010000000800cb80040008b408000180040010800c00020000c1c6ebf2cc2ae7"], 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
timer_create(0x3, 0x0, &(0x7f00000003c0))
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe5e)
timer_delete(0x0)
r9 = timerfd_create(0x8, 0x80000)
timerfd_settime(r9, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
readv(r9, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)

5.780011254s ago: executing program 2 (id=4184):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a000000050004000000000009000200"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20008840)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x94)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x4, 0x2, 0x5e, 0x200000000000, 0x100000000000006, 0x0, 0x7})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r8, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

4.448966494s ago: executing program 4 (id=4187):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$mice(0xffffffffffffff9c, 0x0, 0x101)
syz_io_uring_setup(0x4a9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r0=>0x0, &(0x7f00000001c0)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x8501)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)='&', 0x1}], 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x41982)
getgroups(0x2, &(0x7f0000000300)=[0xffffffffffffffff, <r3=>0xffffffffffffffff])
r4 = openat$ttyprintk(0xffffff9c, &(0x7f0000000100), 0x40000, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x541a, &(0x7f0000000140)=0xcf7)
mount$9p_tcp(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x44, &(0x7f0000000540)=ANY=[@ANYBLOB="745041d8f54525aed0f3cc47fc2f12c672616e733d7463702c706f7274303030", @ANYRESHEX=r3, @ANYBLOB=',\x00'])

4.447885299s ago: executing program 1 (id=4188):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x2258, &(0x7f0000000140)={0x0, 0x114df, 0x8, 0x4, 0x8b}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x9, 0x20000000, 0x4003, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4008014}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, r3, 0x0, 0x5005)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYRES16=<r7=>r0, @ANYBLOB="10b33852d17901ab391488", @ANYRES8=r2, @ANYRESDEC=r5, @ANYRES64=r1], 0x88}}, 0xec084867ce87ee97)
socket$key(0xf, 0x3, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r8, &(0x7f0000000b80)={&(0x7f00000001c0), 0xc, &(0x7f0000000b40)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9f0100fd", @ANYRES16=0x0, @ANYBLOB="000325bd7000fcdbdf2504000000600001801400020076657468305f766c616e00000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000000000014000200626f6e645f736c6176655f310000000008000300030000001400020064756d6d79300000000000000000000008000300010000003800018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="140002006272696467655f736c6176655f30000008000300030000001400018008000100", @ANYRES32=0x0, @ANYRES64=r7, @ANYRESOCT=r1, @ANYBLOB="1400020076657468315f766972745f77696669000800030001000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766972745f7769666930000000000000080003000000000008000300030000008800018014000200776c616e30000000000000000000000008000300030000000800030001000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="14000200636169663000000000000000000000001400020076657468315f746f5f687372000000001400020076657468315f746f5f626174616476001400020062726964676530000000000000000000"], 0x1a4}, 0x1, 0x0, 0x0, 0x4000}, 0x48800)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002c80)=ANY=[@ANYBLOB="3000000440000100fcff070004000000010000000800cb80040008b408000180040010800c00020000c1c6ebf2cc2ae7"], 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
timer_create(0x3, 0x0, &(0x7f00000003c0))
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe5e)
r9 = timerfd_create(0x8, 0x80000)
timerfd_settime(r9, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
readv(r9, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)

4.350230308s ago: executing program 4 (id=4189):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x4)
getpid()
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip6_flowlabel\x00')
read$FUSE(r3, &(0x7f00000059c0)={0x2020}, 0x2020)

4.349861956s ago: executing program 3 (id=4190):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="5000000027000100000000000000000a01"], 0x50}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x102, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0x7}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xa0, 0x2, {{0x3, 0x0, 0x3, 0xe, 0x2, 0xff}, [@TCA_NETEM_DELAY_DIST={0xd, 0x2, "80d3898fbb602d80a8"}, @TCA_NETEM_LOSS={0x3a, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x44, 0x2, {0xfffffff9, 0x7, 0x1, 0x3}}, @NETEM_LOSS_GI={0x18, 0x1, {0x7, 0x9, 0xfffffffe}}, @NETEM_LOSS_GE={0x14, 0x2, {0xfffffffc, 0x492c, 0x0, 0xffffffff}}, @NETEM_LOSS_GI={0x18, 0x1, {0x2c, 0x0, 0x1, 0x8, 0x3}}, @NETEM_LOSS_GI={0x18, 0x1, {0x4, 0xc1b, 0x4, 0x8cbb, 0x1}}]}]}}}]}, 0x102}}, 0x4000010)

4.252695098s ago: executing program 3 (id=4191):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000d6100000000000000400000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018470000f8ffffff000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008e11e00b7030000080000008500000006000000184500000700000000000000000000001839000005000000000000000000000006650000080000006573fefff0ffffff9104000010000000851000000600000018400000f8ffffff00000000000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0xbefa, 0xe3, &(0x7f0000000400)=""/227, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0xffffffffffffffff, 0x1, 0x1, 0x1], 0x0, 0x10, 0x2}, 0x94)
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000680)={0x3, 0xb4, "94a8740326d83b24470065554d0773bad304a2bd4b7fa56c6cfe377431b9749f38c3127da25a8f11578fc57745abebc1bfe85252a8a7fb0ec8e9283c038f022ac46643bdaeb110eb5ffee80f7613d87e167f264c6f1d878e9c195b301b1ac2de9c30d4e30d1813fa44a252761e80e6f551284970475f0cf23ee7ac47f402fac44542f6ec9f0a5bed99e6ef9bbab24772b23a4a4701478b7562d51378623ae02b6a4922c78ed7c2654a66c7b5b6cb00a9b4cbf857"})
r1 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000001440)={&(0x7f00000014c0)})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310007000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000740)=ANY=[@ANYBLOB="14060000100001000000090a010100000000000000000a0000040900020073797a310000000008fc0940ffffffec0900010073797a3100000040080005400000000d140000001100010000000000000000000700000a02dda744b7ec19336ee1953039e1b673bd2c5bcb10895e49cf54f1b17f4dec6f299bc776a84d86802684e1e9e4a1e5a08f141554479797a344ef2f81f2d47e9a7007f0196a77b34f0bad8f250700e055965ba159372795877d02fcf0456bc156f3cc8f5ba77665511df9dcee61ae679d8e57ad4f5adfc0b1d1c2b217548a580136504e47e9f1cecb62ea28ef85f98faef7ecd41a26e33d74656724a680e5089a3d79cec08f2dce86abd75014516867287aa32f059ce3c7810729dac82fc2b40dfed1d028"], 0x64}, 0x1, 0x0, 0x0, 0x4064054}, 0x40)

4.179978246s ago: executing program 3 (id=4192):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000040), 0x3, 0x2)
r3 = socket$kcm(0xa, 0x5, 0x0)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r5 = accept4$llc(0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x80800)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000800)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$inet(r5, &(0x7f0000000900)={&(0x7f00000004c0)={0x2, 0x4e20, @local}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000500)="0296bf7df2bb0145f2ebfa1478e4117a18289d102c4f29e70e14f3707e733ffd627291118395039d3f783d413a49ef073d55888bf98592cab42186a43445fba578c7d2c5303e9bcd94beb6f5cbd6b4982afd4f1126f306e9efe5b265074ab90f518c4589d1d5a1bba04b6ef2c27f473f354223c8dee342d343f76991469ed5a9f71abb0861e461f0e71adc31561dd10a28d44e", 0x93}, {&(0x7f00000005c0)="bd32a5d7cabd4caed94eba4ebc54af1bf44746bfa77862d17ce67297376bc340923d85966f8c1458d1729b4cd26e075397b1", 0x32}, {&(0x7f0000000600)="1ca5fb0ad4c0e33ff068509d2221dc95bbdcb7654aadb0f4301365b82d0ae685e70e906d9fe9cf94809da855ffc0f31918f5b14ce57a802602c00781b8886a8bef8a9a887bb869d6b4abff3ee44d2600aed9fc0fe011a17b47f3effa7e01cc39a70d29a6cece2e66d6e1518f5ce843301bee20af1d8bc5c2470ed13dbc56408bf84e1c1a3af23abe950c3437e9d3d907681ddd8db3c0a2039e254498637b", 0x9e}, {&(0x7f00000006c0)="89b1c626b6613e6b014e75e78ae53252e4fedadffb6510dbbe9e2b304408aa4541ecb4583a3595667afd006385faa900ca8ec5b00639b4e9702218bf3f6160aaa5676119c99d590a33e1d7193831fcbd89f4d6c2c0f3a494a7f340b632b5d150bfa8c719a018f7d63aa2bc6d", 0x6c}, {&(0x7f0000000740)="4035f107b2c06173ac8c4a7664fa47552d387b581398ddcc622ca7a2737223291d227134c3b4d7a815193aedde06e0daafca8aab02762d1dc25e23ec86f1be0bd3dc92b51e73", 0x46}], 0x5, &(0x7f00000009c0)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x80000000}}, @ip_tos_u8={{0xd}}, @ip_pktinfo={{0x18, 0x0, 0x8, {r6, @private=0xa010102, @remote}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0x7b, 0x0, 0xa, [0x800, 0x101]}, @rr={0x7, 0xb, 0xa7, [@empty, @private=0xa010102]}]}}}, @ip_retopts={{0x58, 0x0, 0x7, {[@end, @timestamp_prespec={0x44, 0x3c, 0xfd, 0x3, 0x9, [{@rand_addr=0x64010102, 0x1}, {@broadcast, 0x98}, {@rand_addr=0x64010100}, {@dev={0xac, 0x14, 0x14, 0x1e}, 0x2}, {@remote, 0xb1}, {@private=0xa010102, 0x6}, {@remote, 0xd0e}]}, @rr={0x7, 0xb, 0xe9, [@local, @remote]}, @noop]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x2}}], 0xdc}, 0x4004010)
r7 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
sendmsg$kcm(r3, &(0x7f0000002dc0)={&(0x7f0000001640)=@l2tp6={0xa, 0x0, 0x7fff, @local, 0x8}, 0x80, &(0x7f0000000340)=[{&(0x7f00000003c0)='`', 0x1}], 0x1}, 0x41)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000000), 0x4)
socket$kcm(0x10, 0x2, 0x0)
ioctl$VIDIOC_QUERYCAP(r2, 0x80685600, &(0x7f0000000080))
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207200902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffc, 0x0, 0x6}, {0x0, 0x0, 0x400000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x0, 0x32}, 0x0, @in=@private=0xa010101, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

4.0104516s ago: executing program 2 (id=4193):
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x0, 0xf, 0x1}, 0x50)
syz_usb_connect$cdc_ecm(0x5, 0x59, &(0x7f00000000c0)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x47, 0x1, 0x1, 0x1, 0x10, 0x4, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x2, 0x6, 0x0, 0x5, {{0x8, 0x24, 0x6, 0x0, 0x0, "12515a"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x2, 0x9, 0x3}}, {[{{0x9, 0x5, 0x81, 0x3, 0x40, 0x8, 0x1, 0x6}}], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x4, 0x3, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x9a, 0xb, 0x8}}}}}]}}]}}, &(0x7f0000000500)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x110, 0x4, 0x3, 0x7, 0x8, 0xc0}, 0x1c, &(0x7f0000000180)={0x5, 0xf, 0x1c, 0x2, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "416ecdd67a9b390f7faa1cb0514fb74a"}]}, 0x6, [{0xcd, &(0x7f00000001c0)=@string={0xcd, 0x3, "0998c56646923b30255e1bdb14748190ca55973ea21a009baeed42a040b8919440ec59912de2496b84a286b2b27a52a35ef471658c471f0e6970a20edfcb56c0f6bcb0e65697f2f8cf1b1c9815d8b3f4b5057119f3d226d1e3f07a9bca382e298b8b7c21aad7e2e482744d39b53e3ed5abfc8a7f9889b85d8d34e24d6f8fde611fd230aba1f14c779f7f5b439c089e72bd6f32b2eadca8af55278a3525cb088f70b9e81e4d8395e4c625ddd9a9ac5545f5dfee5f8a4fb853688045164122d547b8fb231214cfd5bb8673a7"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x1404}}, {0x65, &(0x7f0000000300)=@string={0x65, 0x3, "3f79239f91e3139eee36e6d8dd44e12c43a915f40740eaafa5846b0b135170ae26322a912ff6e11206053cff586fb31b2b48d0ac6f26bae69252e0bf68c16c24ab4efabde9cbf283735cffca9cb29340ba6095e118a26c255416a67885c66ef3451a82"}}, {0xb3, &(0x7f0000000380)=@string={0xb3, 0x3, "5f103b8568c5571867f25bc96600fe90b9c1989db68ba3f549c2fc145c051b07ca2ba01ed1fd7ee330c3fe5dfc4063d30af6e607868efd5553db2e1a9a66814dc3d225904c7ac67e7b5850c21fb768bee6906577e729dc48b846300792f2edc99a41c02c678d1efc0dfd2738ad17bc9da81385b3849f3cf94a4bbe2e45de7ac5ced63090e9d572dbaa611dfdcf16013bf819c24ca567c67f4f782205f0c25a03792f443151e2d030027fbfb76f55157620"}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x420}}, {0x67, &(0x7f0000000480)=@string={0x67, 0x3, "51aed2d6808c08654b8e7d544f71a743c4254637f15f6a7171232dc6126e73f9b0a6cb3827a16a42e240cc0de3c99d5808429c1d0b40d4ace0e1fabc112de0e520a2f9ca3031083927341cd07911cec4680017e0de9820bb2f8575a8681e3db157a240cd7f"}}]})

2.752416744s ago: executing program 2 (id=4194):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x84)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x300040d, 0x10)
writev(r0, &(0x7f0000000680)=[{&(0x7f00000000c0)='d', 0x1}], 0x1)
utimes(&(0x7f0000000240)='./file0/file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file0\x00', 0x8000, 0x102)

2.659433069s ago: executing program 2 (id=4195):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x2258, &(0x7f0000000140)={0x0, 0x114df, 0x8, 0x4, 0x8b}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x9, 0x20000000, 0x4003, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4008014}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, r3, 0x0, 0x5005)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYRES16=<r7=>r0, @ANYBLOB="10b33852d17901ab391488", @ANYRES8=r2, @ANYRESDEC=r5, @ANYRES64=r1], 0x88}}, 0xec084867ce87ee97)
socket$key(0xf, 0x3, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r8, &(0x7f0000000b80)={&(0x7f00000001c0), 0xc, &(0x7f0000000b40)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9f0100fd", @ANYRES16=0x0, @ANYBLOB="000325bd7000fcdbdf2504000000600001801400020076657468305f766c616e00000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000000000014000200626f6e645f736c6176655f310000000008000300030000001400020064756d6d79300000000000000000000008000300010000003800018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="140002006272696467655f736c6176655f30000008000300030000001400018008000100", @ANYRES32=0x0, @ANYRES64=r7, @ANYRESOCT=r1, @ANYBLOB="1400020076657468315f766972745f77696669000800030001000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766972745f7769666930000000000000080003000000000008000300030000008800018014000200776c616e30000000000000000000000008000300030000000800030001000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="14000200636169663000000000000000000000001400020076657468315f746f5f687372000000001400020076657468315f746f5f626174616476001400020062726964676530000000000000000000"], 0x1a4}, 0x1, 0x0, 0x0, 0x4000}, 0x48800)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002c80)=ANY=[@ANYBLOB="3000000440000100fcff070004000000010000000800cb80040008b408000180040010800c00020000c1c6ebf2cc2ae7"], 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
timer_create(0x3, 0x0, &(0x7f00000003c0))
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe5e)
timer_delete(0x0)
r9 = timerfd_create(0x8, 0x80000)
timerfd_settime(r9, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
readv(r9, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)

1.889168409s ago: executing program 4 (id=4196):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x84)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x300040d, 0x10)
writev(r0, &(0x7f0000000680)=[{&(0x7f00000000c0)='d', 0x1}], 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file0\x00', 0x8000, 0x102)

1.888419882s ago: executing program 3 (id=4197):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$mice(0xffffffffffffff9c, 0x0, 0x101)
syz_io_uring_setup(0x4a9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r0=>0x0, &(0x7f00000001c0)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x8501)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)='&', 0x1}], 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000006c0), 0x41982)
getgroups(0x2, &(0x7f0000000300)=[0xffffffffffffffff, <r3=>0xffffffffffffffff])
r4 = openat$ttyprintk(0xffffff9c, &(0x7f0000000100), 0x40000, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x541a, &(0x7f0000000140)=0xcf7)
mount$9p_tcp(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x44, &(0x7f0000000540)=ANY=[@ANYBLOB="745041d8f54525aed0f3cc47fc2f12c672616e733d7463702c706f7274303030", @ANYRESHEX=r3, @ANYBLOB=',\x00'])

1.829750401s ago: executing program 4 (id=4198):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
r1 = socket(0x10, 0x4, 0x2)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x1, 0x31, 0x1c, 0x65, 0x0, 0xa6, 0x1, 0x0, @remote, @multicast1}, @address_reply={0x12, 0x0, 0x0, 0x8}}}}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000200)={'ip6gre0\x00', <r5=>0x0, 0x29, 0x81, 0x4, 0x6, 0x8, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7800, 0x20, 0x5, 0x5}})
bind$xdp(r3, &(0x7f0000000340)={0x2c, 0x0, r5, 0x17, r1}, 0x10)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
openat$sysctl(0xffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_window_scaling\x00', 0x1, 0x0)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r6, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}, {0x0, 0xd}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
sendmmsg$sock(r3, &(0x7f0000001580)=[{{&(0x7f00000004c0)=@l2={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x5, 0x2}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000600)="57deaaaec344bad79e48df76f0f31cddccdc3e598ca61f67a8dec8e973df4b977cec236364fcf053d94b1a673bafe779c82ab5e02f063dc1b28519ebb71c9b", 0x3f}, {&(0x7f0000000640)}, {&(0x7f0000000680)="3f005f42be2869ca8ff588eb69834b3a23526fc97778d1912011e03024a8300edec34c971abc5e22f75226ffe324fcb9ee20cc776c46916f6b117e5e499004f8a036a3ef74976fcf36c2ea04d1d7bba6237acc72c72cd84683b04867b32b74a097d18f36169f5110f3977ecbfd725af5a7c9acae9e13c8cdf6de3cfb63019e50cb4c34108a6a2e1a663ed1e0f92a27d601d39b5781522328749c87c46c70", 0x9e}, {&(0x7f0000000740)="a50bcfea3fc0c1a421be3a3882134f23cf97cf718efa24ac85e24ef91bd94de87e6e3339a161706aa70b13c70530aeca2b4bd2c5623af371101755380aff9e223e5d20c2e36e6b94235d3ac74445b5272d29a16a98c291d88d0f1b", 0x5b}, {&(0x7f00000007c0)="0fbe886ae43452f556deeed35790d24195cc20567a7b6a46a45313bc1d1945fc5f2655bcd7e365a3229aa71ad98bbfa6d301ba85987bfa1b96051b21fd253973a67435db841df2b912a78e7e25abbc9ad5349f870a59f3d19e334c8a3ca9dfe880d63b0737c064f87fe4f17b56073178c1191bb15944723e5c5e00742b888eb60a57c9de", 0x84}, {&(0x7f0000000880)="34245ce09d5d6005bdc1ef562cf4a423aa7c3393f12e5ba904d7020c", 0x1c}, {&(0x7f0000000900)="c03c8a1df462219e2f22ff2c58fd455637a7cbc1b15215267b3dc6f787874203a572f2a31096e5882bf6a468a4900f9bd6b2d0171d5529d13937", 0x3a}], 0x7, &(0x7f0000000980)=[@txtime={{0x14, 0x1, 0x3d, 0x6}}, @mark={{0x10, 0x1, 0x24, 0x9}}, @timestamping={{0x10, 0x1, 0x25, 0x70}}, @txtime={{0x14, 0x1, 0x3d, 0x4}}, @txtime={{0x14, 0x1, 0x3d, 0xff}}], 0x5c}}, {{&(0x7f0000000a00)=@hci={0x1f, 0x2, 0x4}, 0x80, &(0x7f0000000b80)=[{&(0x7f0000000a80)="eda43a861d45b2013f96854fa4bf9f5af25a39c031df995c73d1a27e8efe9a9fccd8826e322307fdee24a3c45593d1b2e336ca7e7ee34bb3066879e336e7609d09a9d6adeea4007fff5bdad593e14633c2bd6193bc37f4c0f41a0bd245047faf91f51990c4229ffe3740568565b2cb16a29535af8500584f8547a42b23414be4308b9f36da3fe6ed64fe5ef89346a18c14f2e03e1d98c20616502752cf7eb47d1207c03b665c164c12d0bad1bc8e14e5a7489a633f7d50878171e490a4362556cb7269d1e00bfae727", 0xc9}], 0x1, &(0x7f0000000bc0)=[@txtime={{0x14, 0x1, 0x3d, 0x1000}}, @txtime={{0x14, 0x1, 0x3d, 0x7}}, @txtime={{0x14, 0x1, 0x3d, 0x1}}, @txtime={{0x14, 0x1, 0x3d, 0x8}}, @mark={{0x10, 0x1, 0x24, 0x2c}}, @txtime={{0x14, 0x1, 0x3d, 0x8000000000000000}}, @timestamping={{0x10, 0x1, 0x25, 0x8}}, @timestamping={{0x10, 0x1, 0x25, 0x100}}, @timestamping={{0x10, 0x1, 0x25, 0x4}}], 0xa4}}, {{&(0x7f0000000c80)=@in={0x2, 0x4e21, @rand_addr=0x64010100}, 0x80, &(0x7f0000001040)=[{&(0x7f0000000d00)="94e6", 0x2}, {&(0x7f0000000d40)="8618a35c11f4e1dbaec07e0e376da6cc6cea4c42a34cd1edf7fd6975740e588d997970371527024d1a1bb3936087c4814535d2c09427fb2c0e5db17967117450d9513abd5340618f1de7e452b490c0ab9dad5fa50b42100afe2ec632399a51d0832691c22bbbd907a75f3d9d43332eb400eba3883a32fd809ea0945db2252dc85a41a1ef96276259063f187691ebb2b6bc6347c4d3e9d58215d2862304a79bd76b05de3e8cc8ae6f42d5428bf0ce496e3e6c00a4e96b181d91593e234624ac001758f859cf12454dbf2c2b8b91346adaacdad5076cfce3b6", 0xd8}, {&(0x7f0000000e40)="8c0447df928d4813bf867eee9825ae0419e1507aa56e8c9ab3e09d2bd74475653cfb752c37ba0246efc0c0fb999659720370e944844c64dad46eebcd4e812785072bf15404cb18228f84ee28bf06eb8427fe1cc3cf2ffb610f00dcce5736e30958cee6a50a3447756846e3cbbacb68500bb2274254ea36c40b5fd2ce6029bcb3bdd523c2e3b29b9c8348cf97a3dbb111", 0x90}, {&(0x7f0000000f00)="18341c362cfa3c0ef1c1684568e674f121d3b47feafe630fc5dec6d16252be46e165bc1b36bbfb696c67d8b5d00e8f22afd456bb9a871b584f884e2b751c59b32c9c30ba8a25e3b7ecefba2606ce2b26a989552cd1fe03e2ff5fbf1d6d3004844245c31d6f488022e1c4013d3e324bcd9ac6f0f9eca5c23eb872ca0fa6d82767875ce215c984a3162225be7b7a7782b230869f56b41675d139dff2bd3f57550a5e29860ffb5527202eed04e55f8979e875802a30d1aa5f", 0xb7}, {&(0x7f0000000fc0)="a767600a356a69759c4dd8a9f795d1d31eaeda30910da5c73eec3796964712a8e6c00f6767b177d717ec7963c9f77e423ecefc36d8fd00c96c8e92d6ff41ad7d21a8caeb2a7bef2eceffde40d019bd8ea04526860b5545b2ae8c6e42213e5c0bdd1bd9c86e3973670987407f265f3cd33b784ac964", 0x75}], 0x5}}, {{&(0x7f0000001080)=@pppoe={0x18, 0x0, {0x1, @multicast, 'geneve0\x00'}}, 0x80, &(0x7f00000014c0)=[{&(0x7f0000001100)="b661a6ca2b634db7145daeb6aa84afc2c27db5e1bcbf944ef7c3490259dba975f9b50b3000629dff547a1f56314c9d86650d066fe37be7031ab3d01efd84572a38bec08e98c1ce445132aa7fc33ff261c153554d528564fb00076a46cc216ff29ffa9d828eefcb3831e1857c010b76827e68cb686d6eee192f70f1bde3c2225aff38", 0x82}, {&(0x7f00000011c0)="ddfa7437f4645214fdf6beaf0c5e27e52df68223c7bb800cb31454d9a01733c11f571e4cfd0adc93e832d95ddb3923c491159cb1d16d201d814c2d476201c2cd902fa4", 0x43}, {&(0x7f0000001240)="dc7f80bb47f08f622ff8d9c47a256c25a2cf2575ae0f9c6f1fef9692efe673a8af1443a7ae7eef8663f219083c8b83fdf1a78781f27b02385ccbbd2246027adda8603381e91f3aa97561cf3efec9115a66cfdfa0e6eebcb9c3d37d27dab7de383a232d902860f8191bf6df296f62a63966379609b8bd20086fdc4b549dd42943f3ced2da13c4c0d919de210ff9ba6d8c5dab5f6facece7360d3a41408a01cf3291ef55779bc49efd7f82eeaee9a561e50abe46ce94f1c6e9ed4a31702b5862bbbe58a9b31b47a4fa7d60b5a8091a0f1cccd971e00b8834b075490beb72fc9a496eb192536a08f015e96da112155ea353153bbd6e42d5", 0xf6}, {&(0x7f0000001340)="52b195fafb3a4a55959dab7dfff1c2299342379704b1e66145f51c091f9a86f800cbf7725456fe3348976361e6a532b631987c53fe4ddb5926eb5b9327e1b87de23458d639c25cfaf170f40f845202790a48decb11eda558988f", 0x5a}, {&(0x7f00000013c0)="5f0ac333f06f84254f1cb0ab828e2c5531ddf71fdf5b43b4804d71ae8b371769df1f7857ca1aa1b92b0b6cfdf34d0091471d6468659a12a55ac793c11c5491746b8a047c2bd82457692437e15b22312aa2c8f3ccce90374e4bd18c6c98ca7151cfcefee21fed0264c5b817565ccd33a1f836cd6931348bdf2980b942b0d3ecd90733933e2efaf93cc58edf0bccd2a15fde8102faae06ec7966e1158f2085f365a673a4d839d943f6e4205421b140edaaa01c70c840cbc46bedf82e18b7f8aab53e9905068eb76e", 0xc7}], 0x5, &(0x7f0000001500)=[@txtime={{0x14, 0x1, 0x3d, 0x6}}, @mark={{0x10, 0x1, 0x24, 0x5}}, @timestamping={{0x10}}, @mark={{0x10, 0x1, 0x24, 0x4}}, @timestamping={{0x10, 0x1, 0x25, 0x2}}, @txtime={{0x14, 0x1, 0x3d, 0xffffffff}}], 0x68}}], 0x4, 0x2000000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8)
getsockname$packet(r8, &(0x7f0000000180)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r9, {0x1}, {0xfff2, 0xffff}, {0xffff, 0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008854}, 0x4010)

1.829257687s ago: executing program 1 (id=4199):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0xf4, &(0x7f0000000000)=[{&(0x7f0000000840)=""/4097, 0x1001}, {&(0x7f0000004700)=""/4069, 0xfe5}, {&(0x7f0000003540)=""/4135, 0x1027}, {&(0x7f0000000280)=""/115, 0x73}, {&(0x7f0000000780)=""/175, 0xaf}, {&(0x7f00000000c0)=""/197, 0xc5}, {&(0x7f0000000500)=""/176, 0xb0}], 0x7}, 0x10100)

1.768277689s ago: executing program 1 (id=4200):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000d6100000000000000400000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018470000f8ffffff000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008e11e00b7030000080000008500000006000000184500000700000000000000000000001839000005000000000000000000000006650000080000006573fefff0ffffff9104000010000000851000000600000018400000f8ffffff00000000000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0xbefa, 0xe3, &(0x7f0000000400)=""/227, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x9, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0xffffffffffffffff, 0x1, 0x1, 0x1], 0x0, 0x10, 0x2}, 0x94)
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000680)={0x3, 0xb4, "94a8740326d83b24470065554d0773bad304a2bd4b7fa56c6cfe377431b9749f38c3127da25a8f11578fc57745abebc1bfe85252a8a7fb0ec8e9283c038f022ac46643bdaeb110eb5ffee80f7613d87e167f264c6f1d878e9c195b301b1ac2de9c30d4e30d1813fa44a252761e80e6f551284970475f0cf23ee7ac47f402fac44542f6ec9f0a5bed99e6ef9bbab24772b23a4a4701478b7562d51378623ae02b6a4922c78ed7c2654a66c7b5b6cb00a9b4cbf857"})
r1 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000001440)={&(0x7f00000014c0)=[{0x9, 0x10, 0x110, &(0x7f0000001900)="8ebb2a9cddd819d4edb5054fe962df4b17ccddbd5e01000000000000802af7ac41740cfc96d51327d35776cab3bde2a1f017c2bacbe3764a42b57f5c2b8f6b75738c5d0a82710a4d810960ed1cb5557d49cf7fe28adb13a65040b2a1f84949672c99aa593315f698eaa46cd17ff97487e9bcc672f63e4625a5af9ab47a90fdef5739aba2724f8bd68ec0135067fc8c31f8194f7f1f43ed6d66144c0df0d05a7b611562bcbfd2ac6ae3a972a6e07c16000000002d73d65b708e29000000000000000005ac8704c3ab89d947000000000000000000000000e05a459e8ee35327d3f3a4c7d9e1e47f2f396e907ff08572129845302df2cdc72be761ea05880b4e6f28a448addfbb26183178e6c04559f93f"}, {0x5, 0x0, 0xeb, &(0x7f0000001600)="77ca707ca611ce4c8cc54758b39354f07248a11308b0a32fc1b621cd6a5fe894125d5426d84e9411417e552c2aa4e56d9a84394cb52f295a6f82a4240c46e10042ab6893b76cac29cf12e0416bb77f366e1ede49175ae57611560be8fcec3aceedcb76ad9b9c307a677d670d828cf13525782732de7f1039d185ebe7e374376fe9593560b0f7d96ff2f6806b472eda8dc899bd07bee241214097218be13f03bf2dfd02ad5fc4c2a5e6794a167c86a6200eed370c1c90f31d55f27ca46348885bcc530fdbf2ede07ca50b7be85665818d06f66a4503b9dfcab7b0847f1869cf5f7231ae300ea2633b30f4c9"}], 0x2})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310007000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000740)=ANY=[@ANYBLOB="14060000100001000000090a010100000000000000000a0000040900020073797a310000000008fc0940ffffffec0900010073797a3100000040080005400000000d140000001100010000000000000000000700000a02dda744b7ec19336ee1953039e1b673bd2c5bcb10895e49cf54f1b17f4dec6f299bc776a84d86802684e1e9e4a1e5a08f141554479797a344ef2f81f2d47e9a7007f0196a77b34f0bad8f250700e055965ba159372795877d02fcf0456bc156f3cc8f5ba77665511df9dcee61ae679d8e57ad4f5adfc0b1d1c2b217548a580136504e47e9f1cecb62ea28ef85f98faef7ecd41a26e33d74656724a680e5089a3d79cec08f2dce86abd75014516867287aa32f059ce3c7810729dac82fc2b40dfed1d028"], 0x64}, 0x1, 0x0, 0x0, 0x4064054}, 0x40)

1.767986584s ago: executing program 1 (id=4201):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a000000050004000000000009000200"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20008840)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x94)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x4, 0x2, 0x5e, 0x200000000000, 0x100000000000006, 0x0, 0x7})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r8, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

1.699897875s ago: executing program 3 (id=4202):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f, 0x4}}, 0x20)
r1 = syz_io_uring_setup(0x5ce, &(0x7f0000000480)={0x0, 0x0, 0x400, 0xffffffff, 0x138}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000540)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000100)=[{0x562f, 0x7b, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47bc, 0x0, 0x21, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@deltaction={0x154, 0x31, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x4}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x58, 0x1, [{0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}, @TCA_ACT_TAB={0x70, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x14, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0x14, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x14, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CONNECT(r7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x3f00, 0x5, 0x1000}, &(0x7f0000000340), &(0x7f0000000300))

1.126259071s ago: executing program 4 (id=4203):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000040), 0x3, 0x2)
r3 = socket$kcm(0xa, 0x5, 0x0)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = accept4$llc(0xffffffffffffffff, &(0x7f0000000200)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000400)=0x10, 0x80800)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000800)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$inet(r5, &(0x7f0000000900)={&(0x7f00000004c0)={0x2, 0x4e20, @local}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000500)="0296bf7df2bb0145f2ebfa1478e4117a18289d102c4f29e70e14f3707e733ffd627291118395039d3f783d413a49ef073d55888bf98592cab42186a43445fba578c7d2c5303e9bcd94beb6f5cbd6b4982afd4f1126f306e9efe5b265074ab90f518c4589d1d5a1bba04b6ef2c27f473f354223c8dee342d343f76991469ed5a9f71abb0861e461f0e71adc31561dd10a28d44e", 0x93}, {&(0x7f00000005c0)="bd32a5d7cabd4caed94eba4ebc54af1bf44746bfa77862d17ce67297376bc340923d85966f8c1458d1729b4cd26e075397b1", 0x32}, {&(0x7f0000000600)="1ca5fb0ad4c0e33ff068509d2221dc95bbdcb7654aadb0f4301365b82d0ae685e70e906d9fe9cf94809da855ffc0f31918f5b14ce57a802602c00781b8886a8bef8a9a887bb869d6b4abff3ee44d2600aed9fc0fe011a17b47f3effa7e01cc39a70d29a6cece2e66d6e1518f5ce843301bee20af1d8bc5c2470ed13dbc56408bf84e1c1a3af23abe950c3437e9d3d907681ddd8db3c0a2039e254498637b", 0x9e}, {&(0x7f00000006c0)="89b1c626b6613e6b014e75e78ae53252e4fedadffb6510dbbe9e2b304408aa4541ecb4583a3595667afd006385faa900ca8ec5b00639b4e9702218bf3f6160aaa5676119c99d590a33e1d7193831fcbd89f4d6c2c0f3a494a7f340b632b5d150bfa8c719a018f7d63aa2bc6d", 0x6c}, {&(0x7f0000000740)="4035f107b2c06173ac8c4a7664fa47552d387b581398ddcc622ca7a2737223291d227134c3b4d7a815193aedde06e0daafca8aab02762d1dc25e23ec86f1be0bd3dc92b51e73", 0x46}], 0x5, &(0x7f00000009c0)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x80000000}}, @ip_tos_u8={{0xd}}, @ip_pktinfo={{0x18, 0x0, 0x8, {r6, @private=0xa010102, @remote}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0x7b, 0x0, 0xa, [0x800, 0x101]}, @rr={0x7, 0xb, 0xa7, [@empty, @private=0xa010102]}]}}}, @ip_retopts={{0x58, 0x0, 0x7, {[@end, @timestamp_prespec={0x44, 0x3c, 0xfd, 0x3, 0x9, [{@rand_addr=0x64010102, 0x1}, {@broadcast, 0x98}, {@rand_addr=0x64010100}, {@dev={0xac, 0x14, 0x14, 0x1e}, 0x2}, {@remote, 0xb1}, {@private=0xa010102, 0x6}, {@remote, 0xd0e}]}, @rr={0x7, 0xb, 0xe9, [@local, @remote]}, @noop]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x2}}], 0xdc}, 0x4004010)
r7 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
sendmsg$kcm(r3, &(0x7f0000002dc0)={&(0x7f0000001640)=@l2tp6={0xa, 0x0, 0x7fff, @local, 0x8}, 0x80, &(0x7f0000000340)=[{&(0x7f00000003c0)='`', 0x1}], 0x1}, 0x41)
socket$kcm(0x10, 0x2, 0x0)
ioctl$VIDIOC_QUERYCAP(r2, 0x80685600, &(0x7f0000000080))
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207200902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffc, 0x0, 0x6}, {0x0, 0x0, 0x400000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x0, 0x32}, 0x0, @in=@private=0xa010101, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

620.037392ms ago: executing program 3 (id=4204):
syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000000))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r1}, 0x8)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x20, &(0x7f0000000340)={&(0x7f0000000140)=""/83, 0x53, <r2=>0x0, &(0x7f0000000200)=""/11, 0xb}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xc, 0x16, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r2}, 0x94)
splice(r1, 0xffffffffffffffff, r1, 0x0, 0x6, 0xa)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r4 = syz_open_dev$dvb_frontend(&(0x7f00000002c0), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r4, 0x40086f52, &(0x7f0000004000)={0x33, &(0x7f0000004040)=[{0xc, '\x00', @data=0x5, 0x4}]})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_GUEST_MEMFD(r6, 0xc040aed4, &(0x7f00000001c0)={0x1000200001ee0000, 0x3})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0xc, 0x6, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = open(&(0x7f0000000080)='./file1\x00', 0x66842, 0x90)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x14, 0x6400, 0x0, 0x3)

77.150969ms ago: executing program 1 (id=4205):
close(0x3)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001400192000000000000000022865"], 0x28}}, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x1, 0xa27, 0x0, &(0x7f0000000280)})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x125, 0x9})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r3, 0x5)
r4 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e63, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}, 0x100000b}, 0x1c)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$sock_int(r5, 0x1, 0x20, &(0x7f0000000900)=0xc9b7, 0x4)
listen(r4, 0xb)
r6 = socket$netlink(0x10, 0x3, 0x4)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000001590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)="d8000000140081044e81f782db44b904021f080211000000040000a118000200e000000114000e1208000f0100810401a80016ea1f000840032e5f54c9201114000000000000000000000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c01000000000000e2cb090000001fb79101005ee4001b14620d9de656d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x4009044)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)

0s ago: executing program 1 (id=4206):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000400)='veno', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
pipe2$watch_queue(&(0x7f00000002c0), 0x80)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
r3 = epoll_create1(0x80000)
prctl$PR_MCE_KILL(0x21, 0x1, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r3, &(0x7f0000000000)={0xa0000001})
setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000140)=0xfffffffe, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0x3, &(0x7f0000000040)=[{0x5, 0x8, 0xd7, 0x7}, {0x7, 0x5, 0xc, 0x86}, {0x2, 0x1, 0x9, 0x7a}]})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)=',', 0x1)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000f00)=@delchain={0x43c, 0x65, 0x1, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xfff1}, {0xe, 0x6}, {0x1, 0xfff1}}, [@f_tcindex={{0xc}, {0x40c, 0x2, [@TCA_TCINDEX_POLICE={0x408, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x79, 0x8, 0x1, 0x0, 0xa, 0x6, 0x7, 0x5, 0x7, 0x0, 0x19030790, 0x120000, 0x0, 0x7, 0x101, 0x81, 0xfffffffb, 0x2, 0x9, 0x5, 0x6, 0x6, 0x4, 0x9, 0x9, 0x5, 0x2, 0x400, 0x9b4f, 0x0, 0x2, 0x80000000, 0x81, 0x96, 0x2, 0x8, 0x8000, 0x0, 0xffffffff, 0xd, 0x4, 0x5, 0xbc0000, 0x0, 0xd8, 0x9, 0xb1d9, 0x8, 0x5, 0x8, 0x4, 0x1, 0x7, 0x80, 0x4, 0x2, 0x9, 0x32, 0xffff, 0x101, 0x2, 0x0, 0x24b81042, 0x6, 0x8, 0x45, 0x56, 0xe61, 0x9, 0x0, 0x4, 0x7, 0xf, 0x1ff, 0x1, 0x10, 0xff, 0xfffffff8, 0x80, 0x2b54, 0x4, 0x9, 0x7, 0x3d5, 0xffffffff, 0x2, 0x6, 0x4, 0x2, 0xc, 0x0, 0x3, 0x3ff, 0x3, 0x8001, 0x36a04c11, 0x0, 0x7, 0x9, 0x10, 0xffff3b20, 0x1, 0x81, 0x3, 0x3ff, 0x5, 0x101, 0x2, 0x4, 0x7, 0x6, 0x1, 0xa02, 0x7f4, 0xac1, 0x9, 0x7a7a2476, 0x81, 0x0, 0x800, 0x3, 0x100, 0x78e7215, 0x7fff, 0xf, 0x594, 0x5, 0x3, 0xfffffff9, 0x80, 0x0, 0x8, 0x1, 0x401, 0x9, 0x5, 0x1, 0x3, 0x6, 0x4, 0x7, 0x39ca, 0x9, 0x33e, 0x80, 0xb, 0x7, 0xc, 0x7, 0x1, 0x80, 0x9, 0x7a7a, 0x4, 0x5, 0x8, 0x4, 0x6, 0xb24, 0x6d, 0x5, 0x0, 0xe24, 0x2, 0x1, 0x3, 0x8, 0x25c3, 0x6, 0xab, 0x8, 0x101, 0x4a1, 0xefb, 0x7, 0x1ff, 0x400, 0xffffffff, 0x4, 0x9, 0x6, 0x0, 0xb, 0x7, 0x200, 0x80000001, 0x3, 0x40, 0x0, 0x1, 0x400, 0x9, 0x0, 0x8, 0x0, 0xc, 0x4, 0xcc, 0x4, 0x1ff, 0x6, 0xf94, 0x7, 0x2, 0x5, 0x9, 0x9, 0x6, 0x1000, 0x750, 0x7fffffff, 0x9, 0x7, 0xffffffff, 0x4, 0x20f, 0x3ff, 0x8, 0x3, 0xffffffff, 0x0, 0x0, 0x101, 0x980, 0x7, 0x400, 0x5, 0x5, 0x245, 0x81, 0x9, 0x81, 0x5, 0x4, 0x3, 0x5, 0x7, 0x2, 0x7, 0x6, 0x6a021791, 0x9, 0x6, 0x69ad, 0x3, 0x4, 0x2, 0x400, 0x101, 0x5, 0x3, 0x7fff, 0x1cca, 0x3, 0x461]}]}]}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)=""/8, 0x8}, {&(0x7f0000000e40)=""/164, 0xa4}], 0x2}, 0x3)

kernel console output (not intermixed with test programs):

i_hcd.1: stop threads
[  950.368084][ T1147] vhci_hcd vhci_hcd.1: release socket
[  950.372810][ T1147] vhci_hcd vhci_hcd.1: disconnect device
[  950.463004][T21048] fuse: Unknown parameter ''
[  950.843690][T21066] netlink: 'syz.2.3447': attribute type 2 has an invalid length.
[  950.846994][T21066] netlink: 'syz.2.3447': attribute type 8 has an invalid length.
[  950.850381][T21066] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3447'.
[  950.862476][T21067] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  950.865138][T21067] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  950.869214][T21067] vhci_hcd vhci_hcd.0: Device attached
[  950.976048][T21071] netlink: 'syz.2.3448': attribute type 2 has an invalid length.
[  950.979545][T21071] netlink: 'syz.2.3448': attribute type 8 has an invalid length.
[  950.983287][T21071] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3448'.
[  951.143236][ T6075] usb 46-1: SetAddress Request (22) to port 0
[  951.145289][ T6075] usb 46-1: new SuperSpeed USB device number 22 using vhci_hcd
[  951.484084][T21068] vhci_hcd: connection reset by peer
[  951.487478][T20865] vhci_hcd vhci_hcd.4: stop threads
[  951.489832][T20865] vhci_hcd vhci_hcd.4: release socket
[  951.491980][T20865] vhci_hcd vhci_hcd.4: disconnect device
[  952.025875][T21085] xt_CT: No such helper "syz1"
[  952.647856][T21103] netlink: 'syz.3.3455': attribute type 4 has an invalid length.
[  952.742833][T21104] netlink: 'syz.3.3455': attribute type 4 has an invalid length.
[  953.039180][T21109] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.687337][T21127] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.723904][T21130] x_tables: ip_tables: DNAT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  953.730191][T21130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3464'.
[  953.738545][T21130] bridge2: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  953.742998][T21130] bridge2: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  953.747632][T21130] bridge2: entered promiscuous mode
[  953.751341][T21130] netlink: 'syz.2.3464': attribute type 14 has an invalid length.
[  953.756361][T21131] x_tables: ip_tables: DNAT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  954.171326][T21141] mkiss: ax0: crc mode is auto.
[  954.602814][   T67] usb 40-1: device descriptor read/8, error -110
[  954.923093][ T6021] usb 42-1: device descriptor read/8, error -110
[  954.993602][   T67] usb usb40-port1: attempt power cycle
[  955.313370][ T6021] usb usb42-port1: attempt power cycle
[  955.563417][   T67] usb usb40-port1: unable to enumerate USB device
[  955.885257][ T6021] usb usb42-port1: unable to enumerate USB device
[  956.216388][ T6075] usb 46-1: device descriptor read/8, error -110
[  956.370757][T21160] ceph: No mds server is up or the cluster is laggy
[  956.392129][   T29] libceph: connect (1)[c::]:6789 error -101
[  956.427603][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  956.605507][ T6075] usb usb46-port1: attempt power cycle
[  956.961996][T21180] mkiss: ax0: crc mode is auto.
[  957.163776][ T6075] usb usb46-port1: unable to enumerate USB device
[  958.615104][T21190] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  958.617213][T21190] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  958.619867][T21190] vhci_hcd vhci_hcd.0: Device attached
[  958.819345][T21191] vhci_hcd: connection closed
[  958.819686][  T153] vhci_hcd vhci_hcd.2: stop threads
[  958.825263][  T153] vhci_hcd vhci_hcd.2: release socket
[  958.828210][  T153] vhci_hcd vhci_hcd.2: disconnect device
[  960.692473][T21265] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  960.719969][T21267] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  960.722583][T21267] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  960.726350][T21267] vhci_hcd vhci_hcd.0: Device attached
[  960.745972][T21268] vhci_hcd: connection closed
[  960.746298][  T526] vhci_hcd vhci_hcd.1: stop threads
[  960.750246][  T526] vhci_hcd vhci_hcd.1: release socket
[  960.752175][  T526] vhci_hcd vhci_hcd.1: disconnect device
[  961.538436][T21276] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  961.540632][T21276] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  961.550215][T21276] vhci_hcd vhci_hcd.0: Device attached
[  961.566278][T21276] 9pnet_fd: Insufficient options for proto=fd
[  961.584137][T21276] x_tables: duplicate underflow at hook 3
[  961.813316][   T29] usb 40-1: SetAddress Request (121) to port 0
[  961.816019][   T29] usb 40-1: new SuperSpeed USB device number 121 using vhci_hcd
[  962.135484][T21277] vhci_hcd: connection reset by peer
[  962.138685][ T1147] vhci_hcd vhci_hcd.1: stop threads
[  962.140428][ T1147] vhci_hcd vhci_hcd.1: release socket
[  962.142535][ T1147] vhci_hcd vhci_hcd.1: disconnect device
[  963.021390][T21309] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  963.024168][T21309] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  963.033421][T21309] vhci_hcd vhci_hcd.0: Device attached
[  963.045597][T21311] vhci_hcd: connection closed
[  963.046110][  T153] vhci_hcd vhci_hcd.1: stop threads
[  963.055756][  T153] vhci_hcd vhci_hcd.1: release socket
[  963.065183][  T153] vhci_hcd vhci_hcd.1: disconnect device
[  964.027362][T21345] netlink: 'syz.1.3505': attribute type 4 has an invalid length.
[  964.174005][T21352] netlink: 'syz.1.3505': attribute type 4 has an invalid length.
[  965.167608][T21378] netlink: 'syz.1.3511': attribute type 4 has an invalid length.
[  965.515458][T21387] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  965.517655][T21387] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  965.520947][T21387] vhci_hcd vhci_hcd.0: Device attached
[  965.538492][T21388] vhci_hcd: connection closed
[  965.539858][T20865] vhci_hcd vhci_hcd.1: stop threads
[  965.552723][T20865] vhci_hcd vhci_hcd.1: release socket
[  965.554983][T20865] vhci_hcd vhci_hcd.1: disconnect device
[  966.464699][T21412] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  966.466953][T21412] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  966.474986][T21412] vhci_hcd vhci_hcd.0: Device attached
[  966.559545][T21425] fuse: Unknown parameter 'fe'
[  966.882942][  T840] usb 42-1: SetAddress Request (14) to port 0
[  966.885529][  T840] usb 42-1: new SuperSpeed USB device number 14 using vhci_hcd
[  966.892693][ T6043] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  966.947837][   T29] usb 40-1: device descriptor read/8, error -110
[  967.150940][ T6043] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  967.150973][ T6043] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  967.151004][ T6043] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  967.151023][ T6043] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  967.172763][T21425] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  967.175366][ T6043] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  967.525056][   T29] usb usb40-port1: attempt power cycle
[  967.647608][T21419] vhci_hcd: connection reset by peer
[  967.648083][ T5978] usb 7-1: USB disconnect, device number 13
[  967.651248][  T526] vhci_hcd vhci_hcd.2: stop threads
[  967.653697][  T526] vhci_hcd vhci_hcd.2: release socket
[  967.661644][  T526] vhci_hcd vhci_hcd.2: disconnect device
[  968.069245][T21462] mkiss: ax0: crc mode is auto.
[  968.484491][   T29] usb usb40-port1: unable to enumerate USB device
[  972.077574][  T840] usb 42-1: device descriptor read/8, error -110
[  972.197491][T21541] netlink: 868 bytes leftover after parsing attributes in process `syz.4.3535'.
[  972.217084][T21540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3535'.
[  972.464192][  T840] usb usb42-port1: attempt power cycle
[  972.671597][   T40] audit: type=1326 audit(1772227661.616:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.681054][   T40] audit: type=1326 audit(1772227661.616:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.691199][   T40] audit: type=1326 audit(1772227661.616:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.700918][   T40] audit: type=1326 audit(1772227661.616:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.705078][T21551] FAULT_INJECTION: forcing a failure.
[  972.705078][T21551] name failslab, interval 1, probability 0, space 0, times 0
[  972.714430][T21551] CPU: 2 UID: 0 PID: 21551 Comm: syz.1.3537 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  972.714450][   T40] audit: type=1326 audit(1772227661.616:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.714471][T21551] Tainted: [L]=SOFTLOCKUP
[  972.714476][T21551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  972.714482][T21551] Call Trace:
[  972.714487][T21551]  <TASK>
[  972.714491][T21551]  dump_stack_lvl+0x100/0x190
[  972.714512][T21551]  should_fail_ex.cold+0x5/0xa
[  972.714524][T21551]  should_failslab+0xc2/0x120
[  972.714535][T21551]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  972.714552][T21551]  ? __alloc_skb+0x140/0x710
[  972.714565][T21551]  __alloc_skb+0x140/0x710
[  972.714575][T21551]  ? __alloc_skb+0x5b7/0x710
[  972.714586][T21551]  ? __pfx___alloc_skb+0x10/0x10
[  972.714596][T21551]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  972.714611][T21551]  ? audit_log_start+0x29d/0x930
[  972.714625][T21551]  ? lockdep_init_map_type+0x5c/0x250
[  972.714642][T21551]  audit_log_start+0x350/0x930
[  972.714658][T21551]  ? __pfx_audit_log_start+0x10/0x10
[  972.714676][T21551]  ? find_held_lock+0x2b/0x80
[  972.714685][T21551]  ? ksys_write+0x190/0x250
[  972.714701][T21551]  ? ksys_write+0x190/0x250
[  972.714718][T21551]  audit_seccomp+0x60/0x190
[  972.714733][T21551]  __seccomp_filter+0x896/0x1140
[  972.714746][T21551]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  972.714762][T21551]  ? __pfx___seccomp_filter+0x10/0x10
[  972.714778][T21551]  ? fput+0x79/0x100
[  972.714788][T21551]  ? ksys_write+0x1ac/0x250
[  972.714806][T21551]  __secure_computing+0x204/0x2c0
[  972.714821][T21551]  __do_fast_syscall_32+0x3f4/0x8c0
[  972.714836][T21551]  do_fast_syscall_32+0x32/0x70
[  972.714849][T21551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  972.714863][T21551] RIP: 0023:0xf7f42f6c
[  972.714873][T21551] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  972.714884][T21551] RSP: 002b:00000000f53c450c EFLAGS: 00000292 ORIG_RAX: 00000000000000b4
[  972.714895][T21551] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080001240
[  972.714902][T21551] RDX: 00000000ffffff8c RSI: 0000000000200000 RDI: 0000000000000000
[  972.714908][T21551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  972.714914][T21551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  972.714920][T21551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  972.714933][T21551]  </TASK>
[  972.715047][T21551] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  972.731520][   T40] audit: type=1326 audit(1772227661.616:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.732549][T21551] audit: out of memory in audit_log_start
[  972.738548][   T40] audit: type=1326 audit(1772227661.626:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  972.861115][   T40] audit: type=1326 audit(1772227661.626:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21548 comm="syz.1.3537" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f42f6c code=0x7ffc0000
[  973.080823][  T840] usb usb42-port1: unable to enumerate USB device
[  973.243681][T21561] mkiss: ax0: crc mode is auto.
[  974.167484][T21578] FAULT_INJECTION: forcing a failure.
[  974.167484][T21578] name failslab, interval 1, probability 0, space 0, times 0
[  974.171447][T21578] CPU: 3 UID: 0 PID: 21578 Comm: syz.1.3542 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  974.171466][T21578] Tainted: [L]=SOFTLOCKUP
[  974.171470][T21578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  974.171477][T21578] Call Trace:
[  974.171482][T21578]  <TASK>
[  974.171487][T21578]  dump_stack_lvl+0x100/0x190
[  974.171506][T21578]  should_fail_ex.cold+0x5/0xa
[  974.171520][T21578]  should_failslab+0xc2/0x120
[  974.171531][T21578]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  974.171547][T21578]  ? __alloc_skb+0x140/0x710
[  974.171561][T21578]  __alloc_skb+0x140/0x710
[  974.171571][T21578]  ? __alloc_skb+0x5b7/0x710
[  974.171581][T21578]  ? __pfx___alloc_skb+0x10/0x10
[  974.171596][T21578]  netlink_alloc_large_skb+0x69/0x150
[  974.171612][T21578]  netlink_sendmsg+0x680/0xda0
[  974.171628][T21578]  ? __pfx_netlink_sendmsg+0x10/0x10
[  974.171643][T21578]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  974.171660][T21578]  ____sys_sendmsg+0xa54/0xc30
[  974.171677][T21578]  ? __pfx_____sys_sendmsg+0x10/0x10
[  974.171698][T21578]  ___sys_sendmsg+0x190/0x1e0
[  974.171715][T21578]  ? __pfx____sys_sendmsg+0x10/0x10
[  974.171747][T21578]  __sys_sendmsg+0x170/0x220
[  974.171760][T21578]  ? __pfx___sys_sendmsg+0x10/0x10
[  974.171776][T21578]  ? __pfx_ksys_write+0x10/0x10
[  974.171795][T21578]  __do_fast_syscall_32+0xe3/0x8c0
[  974.171810][T21578]  do_fast_syscall_32+0x32/0x70
[  974.171824][T21578]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  974.171841][T21578] RIP: 0023:0xf7f42f6c
[  974.171851][T21578] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  974.171862][T21578] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  974.171873][T21578] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000240
[  974.171879][T21578] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  974.171885][T21578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  974.171891][T21578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  974.171898][T21578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  974.171911][T21578]  </TASK>
[  974.734347][ T5978] libceph: connect (1)[c::]:6789 error -101
[  974.736759][ T5978] libceph: mon0 (1)[c::]:6789 connect error
[  974.765684][T21582] ceph: No mds server is up or the cluster is laggy
[  974.866294][T21587] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  974.868872][T21587] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  974.907987][T21587] vhci_hcd vhci_hcd.0: Device attached
[  974.918867][T21594] vhci_hcd: connection closed
[  974.919124][  T526] vhci_hcd vhci_hcd.1: stop threads
[  974.938932][  T526] vhci_hcd vhci_hcd.1: release socket
[  974.940851][  T526] vhci_hcd vhci_hcd.1: disconnect device
[  977.061945][T21663] FAULT_INJECTION: forcing a failure.
[  977.061945][T21663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  977.068167][T21663] CPU: 2 UID: 0 PID: 21663 Comm: syz.2.3556 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  977.068197][T21663] Tainted: [L]=SOFTLOCKUP
[  977.068204][T21663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  977.068216][T21663] Call Trace:
[  977.068223][T21663]  <TASK>
[  977.068230][T21663]  dump_stack_lvl+0x100/0x190
[  977.068264][T21663]  should_fail_ex.cold+0x5/0xa
[  977.068289][T21663]  _copy_from_user+0x2e/0xd0
[  977.068318][T21663]  move_addr_to_kernel+0x65/0x170
[  977.068347][T21663]  __sys_sendto+0x1c9/0x520
[  977.068368][T21663]  ? __pfx___sys_sendto+0x10/0x10
[  977.068386][T21663]  ? __lock_acquire+0x4a5/0x2630
[  977.068435][T21663]  __ia32_compat_sys_socketcall+0x59a/0x770
[  977.068461][T21663]  ? __fget_files+0x21f/0x3d0
[  977.068489][T21663]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  977.068515][T21663]  ? fput+0x79/0x100
[  977.068546][T21663]  do_int80_emulation+0x141/0x6b0
[  977.068573][T21663]  asm_int80_emulation+0x1a/0x20
[  977.068592][T21663] RIP: 0023:0xf71e5cab
[  977.068608][T21663] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  977.068627][T21663] RSP: 002b:00000000f549c34c EFLAGS: 00000246 ORIG_RAX: 0000000000000066
[  977.068646][T21663] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f549c3f4
[  977.068658][T21663] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  977.068683][T21663] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  977.068694][T21663] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  977.068704][T21663] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  977.068728][T21663]  </TASK>
[  977.513467][T21680] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  978.927545][T21704] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  978.929670][T21704] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  978.932241][T21704] vhci_hcd vhci_hcd.0: Device attached
[  978.938053][T21705] vhci_hcd: connection closed
[  978.938860][   T59] vhci_hcd vhci_hcd.3: stop threads
[  978.942387][   T59] vhci_hcd vhci_hcd.3: release socket
[  978.944399][   T59] vhci_hcd vhci_hcd.3: disconnect device
[  979.020580][T21711] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3564'.
[  979.492506][T21736] afs: Unknown parameter 'dyn'
[  979.619270][T21741] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  979.635781][T21741] block device autoloading is deprecated and will be removed.
[  979.832367][T21745] fuse: Bad value for 'fd'
[  981.032870][T21767] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  981.034969][T21767] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  981.042927][T21767] vhci_hcd vhci_hcd.0: Device attached
[  981.091930][T21767] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3575'.
[  981.131199][T21773] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  981.134139][T21773] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  981.139152][T21773] vhci_hcd vhci_hcd.0: Device attached
[  981.144540][T21774] vhci_hcd: connection closed
[  981.145391][  T153] vhci_hcd vhci_hcd.4: stop threads
[  981.149312][  T153] vhci_hcd vhci_hcd.4: release socket
[  981.151310][  T153] vhci_hcd vhci_hcd.4: disconnect device
[  981.316981][ T6075] usb 40-1: SetAddress Request (125) to port 0
[  981.319589][ T6075] usb 40-1: new SuperSpeed USB device number 125 using vhci_hcd
[  982.713162][T21768] vhci_hcd: connection reset by peer
[  982.736621][   T59] vhci_hcd vhci_hcd.1: stop threads
[  982.745484][   T59] vhci_hcd vhci_hcd.1: release socket
[  982.770286][   T59] vhci_hcd vhci_hcd.1: disconnect device
[  982.792180][T21792] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  982.794198][T21792] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  982.797296][T21792] vhci_hcd vhci_hcd.0: Device attached
[  982.847529][T21792] 9pnet_fd: Insufficient options for proto=fd
[  982.872082][T21798] netlink: 'syz.4.3584': attribute type 2 has an invalid length.
[  982.874611][T21798] netlink: 'syz.4.3584': attribute type 8 has an invalid length.
[  982.876907][T21792] x_tables: duplicate underflow at hook 3
[  982.876976][T21798] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3584'.
[  982.932175][T21800] netlink: 220 bytes leftover after parsing attributes in process `syz.4.3585'.
[  982.942637][T21800] netlink: 220 bytes leftover after parsing attributes in process `syz.4.3585'.
[  983.072784][  T840] usb 44-1: SetAddress Request (6) to port 0
[  983.074722][  T840] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  983.083574][T21793] vhci_hcd: connection closed
[  983.095882][  T153] vhci_hcd vhci_hcd.3: stop threads
[  983.099425][  T153] vhci_hcd vhci_hcd.3: release socket
[  983.101542][  T153] vhci_hcd vhci_hcd.3: disconnect device
[  983.265069][T21815] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  983.267197][T21815] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  983.275854][T21815] vhci_hcd vhci_hcd.0: Device attached
[  983.279167][T21816] vhci_hcd: connection closed
[  983.279436][   T59] vhci_hcd vhci_hcd.4: stop threads
[  983.286975][   T59] vhci_hcd vhci_hcd.4: release socket
[  983.289551][   T59] vhci_hcd vhci_hcd.4: disconnect device
[  983.575227][T21823] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  983.578118][T21823] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  983.581603][T21823] vhci_hcd vhci_hcd.0: Device attached
[  983.588725][T21823] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3589'.
[  983.853868][   T67] usb 42-1: SetAddress Request (18) to port 0
[  983.860107][   T67] usb 42-1: new SuperSpeed USB device number 18 using vhci_hcd
[  984.171558][T21826] vhci_hcd: connection reset by peer
[  984.173979][   T59] vhci_hcd vhci_hcd.2: stop threads
[  984.175797][   T59] vhci_hcd vhci_hcd.2: release socket
[  984.178121][   T59] vhci_hcd vhci_hcd.2: disconnect device
[  984.242238][T21843] FAULT_INJECTION: forcing a failure.
[  984.242238][T21843] name failslab, interval 1, probability 0, space 0, times 0
[  984.249294][T21843] CPU: 1 UID: 0 PID: 21843 Comm: syz.4.3596 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  984.249314][T21843] Tainted: [L]=SOFTLOCKUP
[  984.249318][T21843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  984.249325][T21843] Call Trace:
[  984.249329][T21843]  <TASK>
[  984.249335][T21843]  dump_stack_lvl+0x100/0x190
[  984.249355][T21843]  should_fail_ex.cold+0x5/0xa
[  984.249368][T21843]  ? tomoyo_encode2+0xfb/0x3c0
[  984.249379][T21843]  should_failslab+0xc2/0x120
[  984.249390][T21843]  __kmalloc_noprof+0xe0/0x850
[  984.249405][T21843]  ? d_absolute_path+0x136/0x1b0
[  984.249421][T21843]  tomoyo_encode2+0xfb/0x3c0
[  984.249434][T21843]  tomoyo_encode+0x29/0x50
[  984.249444][T21843]  tomoyo_realpath_from_path+0x18c/0x690
[  984.249459][T21843]  tomoyo_path_number_perm+0x23c/0x580
[  984.249475][T21843]  ? tomoyo_path_number_perm+0x22e/0x580
[  984.249492][T21843]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  984.249522][T21843]  ? find_held_lock+0x2b/0x80
[  984.249532][T21843]  ? hook_file_ioctl_common+0x146/0x410
[  984.249548][T21843]  ? __fget_files+0x215/0x3d0
[  984.249567][T21843]  ? __fget_files+0x21f/0x3d0
[  984.249585][T21843]  security_file_ioctl_compat+0xd3/0x230
[  984.249603][T21843]  __ia32_compat_sys_ioctl+0xc2/0x360
[  984.249619][T21843]  __do_fast_syscall_32+0xe3/0x8c0
[  984.249635][T21843]  do_fast_syscall_32+0x32/0x70
[  984.249648][T21843]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  984.249663][T21843] RIP: 0023:0xf7fe6f6c
[  984.249672][T21843] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  984.249683][T21843] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  984.249694][T21843] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0104d08
[  984.249701][T21843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  984.249707][T21843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  984.249713][T21843] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  984.249719][T21843] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  984.249733][T21843]  </TASK>
[  984.249745][T21843] ERROR: Out of memory at tomoyo_realpath_from_path.
[  984.656201][T21849] overlayfs: missing 'lowerdir'
[  984.756864][T21853] netlink: 'syz.3.3600': attribute type 2 has an invalid length.
[  984.759464][T21853] netlink: 'syz.3.3600': attribute type 8 has an invalid length.
[  984.762141][T21853] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3600'.
[  985.706772][T21871] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  985.709084][T21871] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  985.712554][T21871] vhci_hcd vhci_hcd.0: Device attached
[  985.763876][T21883] overlayfs: workdir and upperdir must be separate subtrees
[  985.952531][T21890] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.3606'.
[  986.065296][T21876] wireguard0: entered promiscuous mode
[  986.067604][T21876] wireguard0: entered allmulticast mode
[  986.362732][ T6075] usb 40-1: device descriptor read/8, error -110
[  986.473910][T21877] vhci_hcd: connection closed
[  986.474639][T20865] vhci_hcd vhci_hcd.2: stop threads
[  986.478343][T20865] vhci_hcd vhci_hcd.2: release socket
[  986.480629][T20865] vhci_hcd vhci_hcd.2: disconnect device
[  986.753568][ T6075] usb usb40-port1: attempt power cycle
[  986.791515][T21905] netlink: 'syz.4.3609': attribute type 2 has an invalid length.
[  986.794236][T21905] netlink: 'syz.4.3609': attribute type 8 has an invalid length.
[  986.796830][T21905] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3609'.
[  986.820672][T21906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3608'.
[  987.187540][T21920] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3614'.
[  987.326478][ T6075] usb usb40-port1: unable to enumerate USB device
[  987.525253][T21928] fuse: Bad value for 'group_id'
[  987.527060][T21928] fuse: Bad value for 'group_id'
[  987.588644][T21932] netlink: 'syz.1.3619': attribute type 2 has an invalid length.
[  987.591499][T21932] netlink: 'syz.1.3619': attribute type 8 has an invalid length.
[  987.594339][T21932] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3619'.
[  987.625685][T21933] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  987.628484][T21933] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  987.644199][T21933] vhci_hcd vhci_hcd.0: Device attached
[  987.681500][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  987.684889][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  987.903020][T21951] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  987.905886][T21951] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  987.910064][T21951] vhci_hcd vhci_hcd.0: Device attached
[  988.212701][ T6021] usb 46-1: SetAddress Request (26) to port 0
[  988.216702][ T6021] usb 46-1: new SuperSpeed USB device number 26 using vhci_hcd
[  988.401517][T21936] vhci_hcd: connection reset by peer
[  988.404301][T20865] vhci_hcd vhci_hcd.3: stop threads
[  988.406458][T20865] vhci_hcd vhci_hcd.3: release socket
[  988.408626][T20865] vhci_hcd vhci_hcd.3: disconnect device
[  988.408692][  T840] usb 44-1: device descriptor read/8, error -110
[  988.676594][T21953] vhci_hcd: connection reset by peer
[  988.678672][  T526] vhci_hcd vhci_hcd.4: stop threads
[  988.680503][  T526] vhci_hcd vhci_hcd.4: release socket
[  988.682338][  T526] vhci_hcd vhci_hcd.4: disconnect device
[  988.813332][  T840] usb usb44-port1: attempt power cycle
[  988.922836][   T67] usb 42-1: device descriptor read/8, error -110
[  989.289479][T21984] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  989.292424][T21984] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  989.296292][T21984] vhci_hcd vhci_hcd.0: Device attached
[  989.315065][T21984] ieee802154 phy0 wpan0: encryption failed: -22
[  989.373251][  T840] usb usb44-port1: unable to enumerate USB device
[  989.382762][   T67] usb 42-1: SetAddress Request (19) to port 0
[  989.384838][   T67] usb 42-1: new SuperSpeed USB device number 19 using vhci_hcd
[  989.482755][ T6043] usb 6-1: new low-speed USB device number 15 using dummy_hcd
[  989.536147][T21985] vhci_hcd: connection reset by peer
[  989.538811][T14950] vhci_hcd vhci_hcd.2: stop threads
[  989.540588][T14950] vhci_hcd vhci_hcd.2: release socket
[  989.542484][T14950] vhci_hcd vhci_hcd.2: disconnect device
[  989.622716][ T6043] usb 6-1: device descriptor read/64, error -71
[  989.872965][ T6043] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[  990.032893][ T6043] usb 6-1: device descriptor read/64, error -71
[  990.163209][ T6043] usb usb6-port1: attempt power cycle
[  990.254674][T22012] netlink: 'syz.2.3629': attribute type 2 has an invalid length.
[  990.258042][T22012] netlink: 'syz.2.3629': attribute type 8 has an invalid length.
[  990.261525][T22012] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3629'.
[  990.692750][ T6043] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[  990.713392][ T6043] usb 6-1: device descriptor read/8, error -71
[  990.952890][ T6043] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[  990.975222][ T6043] usb 6-1: device descriptor read/8, error -71
[  991.085388][ T6043] usb usb6-port1: unable to enumerate USB device
[  991.720384][T22062] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  991.722525][T22062] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  991.726555][T22062] vhci_hcd vhci_hcd.0: Device attached
[  992.276830][T22084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3637'.
[  992.408348][T22086] netlink: 'syz.1.3638': attribute type 2 has an invalid length.
[  992.410885][T22086] netlink: 'syz.1.3638': attribute type 8 has an invalid length.
[  992.415475][T22086] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3638'.
[  992.539573][T22065] vhci_hcd: connection closed
[  992.539779][   T59] vhci_hcd vhci_hcd.2: stop threads
[  992.544050][   T59] vhci_hcd vhci_hcd.2: release socket
[  992.546380][   T59] vhci_hcd vhci_hcd.2: disconnect device
[  992.930599][T22110] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3641'.
[  993.021107][T22113] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  993.120472][   T40] kauditd_printk_skb: 38 callbacks suppressed
[  993.120487][   T40] audit: type=1326 audit(1772227682.066:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22119 comm="syz.2.3643" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x0
[  993.162249][T22113] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  993.244472][T22113] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  993.251318][ T6021] usb 46-1: device descriptor read/8, error -110
[  993.339374][T22113] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  993.434556][T14950] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  993.441904][T14950] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  993.450478][T14950] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  993.459410][T14950] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  993.677324][ T6021] usb usb46-port1: attempt power cycle
[  994.250097][ T6021] usb usb46-port1: unable to enumerate USB device
[  994.443564][   T67] usb 42-1: device descriptor read/8, error -110
[  994.572859][   T67] usb usb42-port1: attempt power cycle
[  994.977400][T22140] netlink: 'syz.4.3646': attribute type 1 has an invalid length.
[  994.980180][T22140] netlink: 'syz.4.3646': attribute type 1 has an invalid length.
[  995.135353][T22149] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  995.138227][T22149] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  995.156376][T22149] vhci_hcd vhci_hcd.0: Device attached
[  995.194633][T22152] vhci_hcd: connection closed
[  995.195602][  T526] vhci_hcd vhci_hcd.1: stop threads
[  995.203821][  T526] vhci_hcd vhci_hcd.1: release socket
[  995.208494][  T526] vhci_hcd vhci_hcd.1: disconnect device
[  995.357756][   T67] usb usb42-port1: unable to enumerate USB device
[  995.544962][T22157] netlink: 'syz.2.3654': attribute type 1 has an invalid length.
[  995.572774][T22157] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  995.580762][T22157] 8021q: adding VLAN 0 to HW filter on device bond2
[  995.585246][T14950] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  995.693854][ T1140] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  996.189060][T22174] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  996.192200][T22174] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  996.198472][T22174] vhci_hcd vhci_hcd.0: Device attached
[  996.204496][T22175] vhci_hcd: connection closed
[  996.206654][  T526] vhci_hcd vhci_hcd.2: stop threads
[  996.211147][  T526] vhci_hcd vhci_hcd.2: release socket
[  996.217952][  T526] vhci_hcd vhci_hcd.2: disconnect device
[  996.348508][T22179] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3660'.
[  996.434565][T22180] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  996.436802][T22180] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  996.441026][T22180] vhci_hcd vhci_hcd.0: Device attached
[  996.593171][   T10] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  996.717135][ T6043] usb 44-1: SetAddress Request (10) to port 0
[  996.719496][ T6043] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd
[  996.772765][   T10] usb 6-1: Using ep0 maxpacket: 8
[  996.777299][   T10] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  996.780724][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  996.783912][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  996.887953][T22181] vhci_hcd: connection reset by peer
[  996.891659][ T1140] vhci_hcd vhci_hcd.3: stop threads
[  996.902725][ T1140] vhci_hcd vhci_hcd.3: release socket
[  996.905245][ T1140] vhci_hcd vhci_hcd.3: disconnect device
[  997.119872][T22210] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  997.122687][T22210] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  997.127589][T22210] vhci_hcd vhci_hcd.0: Device attached
[  997.402811][ T6021] usb 42-1: SetAddress Request (22) to port 0
[  997.405746][ T6021] usb 42-1: new SuperSpeed USB device number 22 using vhci_hcd
[  997.645281][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  997.647921][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  997.916762][T22227] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3668'.
[  997.938543][T22211] vhci_hcd: connection reset by peer
[  997.941076][T14950] vhci_hcd vhci_hcd.2: stop threads
[  997.944870][T14950] vhci_hcd vhci_hcd.2: release socket
[  997.947524][T14950] vhci_hcd vhci_hcd.2: disconnect device
[  999.659332][ T5997] libceph: connect (1)[c::]:6789 error -101
[  999.661504][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  999.662344][   T10] usb 6-1: string descriptor 0 read error: -71
[  999.698936][   T10] usb 6-1: USB disconnect, device number 19
[  999.924663][ T5997] libceph: connect (1)[c::]:6789 error -101
[  999.927357][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  999.974645][T22267] ceph: No mds server is up or the cluster is laggy
[ 1000.320564][T22285] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1000.322700][T22285] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1000.332796][T22285] vhci_hcd vhci_hcd.0: Device attached
[ 1000.624226][ T6075] usb 46-1: SetAddress Request (30) to port 0
[ 1000.631330][ T6075] usb 46-1: new SuperSpeed USB device number 30 using vhci_hcd
[ 1001.028806][T22292] netlink: 'syz.2.3682': attribute type 1 has an invalid length.
[ 1001.121461][T22286] vhci_hcd: connection reset by peer
[ 1001.134924][T14950] vhci_hcd vhci_hcd.4: stop threads
[ 1001.136831][T14950] vhci_hcd vhci_hcd.4: release socket
[ 1001.139090][T14950] vhci_hcd vhci_hcd.4: disconnect device
[ 1001.812747][ T6043] usb 44-1: device descriptor read/8, error -110
[ 1002.056861][T22317] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1002.219360][ T6043] usb usb44-port1: attempt power cycle
[ 1002.443010][ T6021] usb 42-1: device descriptor read/8, error -110
[ 1002.833547][ T6021] usb usb42-port1: attempt power cycle
[ 1002.833919][ T6043] usb usb44-port1: unable to enumerate USB device
[ 1003.214812][T22354] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1003.216977][T22354] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1003.220031][T22354] vhci_hcd vhci_hcd.0: Device attached
[ 1003.453368][ T6021] usb 42-1: SetAddress Request (25) to port 0
[ 1003.455382][ T6021] usb 42-1: new SuperSpeed USB device number 25 using vhci_hcd
[ 1003.694876][T22359] netlink: 'syz.4.3695': attribute type 1 has an invalid length.
[ 1003.727623][T22359] bond1: (slave ip6gretap2): Enslaving as a backup interface with an up link
[ 1003.733616][T22359] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1003.734749][   T13] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1003.781510][T22362] misc userio: Begin command sent, but we're already running
[ 1003.852776][   T13] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1004.034479][T22355] vhci_hcd: connection reset by peer
[ 1004.036806][   T13] vhci_hcd vhci_hcd.2: stop threads
[ 1004.038955][   T13] vhci_hcd vhci_hcd.2: release socket
[ 1004.040890][   T13] vhci_hcd vhci_hcd.2: disconnect device
[ 1005.724618][ T6075] usb 46-1: device descriptor read/8, error -110
[ 1006.050307][   T40] audit: type=1326 audit(1772227694.996:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22397 comm="syz.1.3705" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x0
[ 1006.143670][ T6075] usb usb46-port1: attempt power cycle
[ 1006.734453][ T6075] usb usb46-port1: unable to enumerate USB device
[ 1007.076255][T22433] PKCS7: Unknown OID: [4] 2.19.1.0.0.0.4.0.0.0.0
[ 1007.078590][T22433] PKCS7: Only support pkcs7_signedData type
[ 1007.118166][T22435] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1007.120952][T22435] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1007.124613][T22435] vhci_hcd vhci_hcd.0: Device attached
[ 1007.129176][T22436] vhci_hcd: connection closed
[ 1007.129533][T20865] vhci_hcd vhci_hcd.1: stop threads
[ 1007.135868][T20865] vhci_hcd vhci_hcd.1: release socket
[ 1007.138367][T20865] vhci_hcd vhci_hcd.1: disconnect device
[ 1007.669718][T22439] netlink: 'syz.1.3709': attribute type 1 has an invalid length.
[ 1008.523199][ T6021] usb 42-1: device descriptor read/8, error -110
[ 1008.662326][ T6021] usb usb42-port1: unable to enumerate USB device
[ 1011.452765][ T5978] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1011.628749][ T5978] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1011.632160][ T5978] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1011.645024][ T5978] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1011.648219][ T5978] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1011.651040][ T5978] usb 9-1: Product: syz
[ 1011.652408][ T5978] usb 9-1: Manufacturer: syz
[ 1011.654420][ T5978] usb 9-1: SerialNumber: syz
[ 1011.662466][ T5978] usb 9-1: config 0 descriptor??
[ 1011.669733][ T5978] usb 9-1: selecting invalid altsetting 0
[ 1011.885473][T10503] usb 9-1: USB disconnect, device number 3
[ 1012.386707][T22553] gre0: Master is either lo or non-ether device
[ 1012.795397][T22560] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1012.797664][T22560] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1012.834256][T22560] vhci_hcd vhci_hcd.0: Device attached
[ 1013.132747][ T6021] usb 42-1: SetAddress Request (26) to port 0
[ 1013.135594][ T6021] usb 42-1: new SuperSpeed USB device number 26 using vhci_hcd
[ 1013.219465][T22564] vhci_hcd: connection reset by peer
[ 1013.221766][  T153] vhci_hcd vhci_hcd.2: stop threads
[ 1013.225064][  T153] vhci_hcd vhci_hcd.2: release socket
[ 1013.227276][  T153] vhci_hcd vhci_hcd.2: disconnect device
[ 1013.919358][T22576] 9p: Bad value for 'wfdno'
[ 1014.004720][T22585] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3737'.
[ 1018.205119][ T6021] usb 42-1: device descriptor read/8, error -110
[ 1018.603918][ T6021] usb usb42-port1: attempt power cycle
[ 1019.243310][ T6021] usb usb42-port1: unable to enumerate USB device
[ 1020.035988][T22742] netlink: 'syz.4.3760': attribute type 4 has an invalid length.
[ 1023.232151][T22777] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3770'.
[ 1025.104356][T22810] FAULT_INJECTION: forcing a failure.
[ 1025.104356][T22810] name failslab, interval 1, probability 0, space 0, times 0
[ 1025.110031][T22810] CPU: 3 UID: 0 PID: 22810 Comm: syz.2.3780 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1025.110059][T22810] Tainted: [L]=SOFTLOCKUP
[ 1025.110068][T22810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1025.110079][T22810] Call Trace:
[ 1025.110086][T22810]  <TASK>
[ 1025.110093][T22810]  dump_stack_lvl+0x100/0x190
[ 1025.110123][T22810]  should_fail_ex.cold+0x5/0xa
[ 1025.110145][T22810]  should_failslab+0xc2/0x120
[ 1025.110166][T22810]  __kvmalloc_node_noprof+0xfa/0xa00
[ 1025.110192][T22810]  ? map_get_next_key+0x2d0/0x730
[ 1025.110223][T22810]  map_get_next_key+0x2d0/0x730
[ 1025.110250][T22810]  ? bpf_lsm_bpf+0x9/0x10
[ 1025.110269][T22810]  __sys_bpf+0x20e9/0x4b90
[ 1025.110293][T22810]  ? __pfx___sys_bpf+0x10/0x10
[ 1025.110313][T22810]  ? proc_fail_nth_write+0x9f/0x220
[ 1025.110334][T22810]  ? find_held_lock+0x2b/0x80
[ 1025.110356][T22810]  ? find_held_lock+0x2b/0x80
[ 1025.110374][T22810]  ? ksys_write+0x190/0x250
[ 1025.110406][T22810]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1025.110443][T22810]  ? fput+0x79/0x100
[ 1025.110462][T22810]  ? ksys_write+0x1ac/0x250
[ 1025.110491][T22810]  __ia32_sys_bpf+0x79/0xf0
[ 1025.110513][T22810]  ? lockdep_hardirqs_on+0x78/0x100
[ 1025.110533][T22810]  __do_fast_syscall_32+0xe3/0x8c0
[ 1025.110559][T22810]  do_fast_syscall_32+0x32/0x70
[ 1025.110581][T22810]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1025.110602][T22810] RIP: 0023:0xf70aef6c
[ 1025.110618][T22810] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1025.110634][T22810] RSP: 002b:00000000f549d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1025.110652][T22810] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[ 1025.110663][T22810] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[ 1025.110674][T22810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1025.110684][T22810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1025.110695][T22810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1025.110716][T22810]  </TASK>
[ 1025.630395][T22816] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[ 1025.632549][T22816] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1025.635265][T22816] vhci_hcd vhci_hcd.0: Device attached
[ 1025.922719][  T840] usb 46-1: SetAddress Request (34) to port 0
[ 1025.924993][  T840] usb 46-1: new SuperSpeed USB device number 34 using vhci_hcd
[ 1026.113046][T22818] vhci_hcd: connection reset by peer
[ 1026.115220][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1026.116996][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1026.121390][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1028.270841][T22879] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1028.273004][T22879] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1028.296779][T22879] vhci_hcd vhci_hcd.0: Device attached
[ 1028.374667][T22879] 9pnet_fd: Insufficient options for proto=fd
[ 1028.455066][T22879] x_tables: duplicate underflow at hook 3
[ 1029.115715][T22880] vhci_hcd: connection closed
[ 1029.116053][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1029.120756][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1029.123807][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1030.833780][T22929] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1030.836600][T22929] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1030.840289][T22929] vhci_hcd vhci_hcd.0: Device attached
[ 1030.870165][T22929] 9pnet_fd: Insufficient options for proto=fd
[ 1030.896839][T22929] x_tables: duplicate underflow at hook 3
[ 1030.925273][T22929] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3803'.
[ 1031.002722][  T840] usb 46-1: device descriptor read/8, error -110
[ 1031.169808][ T6021] usb 40-1: SetAddress Request (3) to port 0
[ 1031.200934][ T6021] usb 40-1: new SuperSpeed USB device number 3 using vhci_hcd
[ 1031.486430][T22930] vhci_hcd: connection reset by peer
[ 1031.490107][   T12] vhci_hcd vhci_hcd.1: stop threads
[ 1031.492432][   T12] vhci_hcd vhci_hcd.1: release socket
[ 1031.495041][   T12] vhci_hcd vhci_hcd.1: disconnect device
[ 1031.976047][T22943] fuse: Unknown parameter '�-p�al�PԴ�/��(�>G�\Y�G *��4�dy?gqF�
!I�H�7%��}{n0x0000000000000004'
[ 1031.992696][T22943] input: syz0 as /devices/virtual/input/input357
[ 1032.083542][  T840] usb usb46-port1: attempt power cycle
[ 1032.118419][T22945] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1032.121228][T22945] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1032.142755][T22945] vhci_hcd vhci_hcd.0: Device attached
[ 1032.222915][  T840] usb 46-1: SetAddress Request (36) to port 0
[ 1032.225296][  T840] usb 46-1: new SuperSpeed USB device number 36 using vhci_hcd
[ 1033.472711][T22949] vhci_hcd: connection reset by peer
[ 1033.475330][  T153] vhci_hcd vhci_hcd.4: stop threads
[ 1033.477110][  T153] vhci_hcd vhci_hcd.4: release socket
[ 1033.478996][  T153] vhci_hcd vhci_hcd.4: disconnect device
[ 1034.723819][T22968] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3811'.
[ 1035.098620][T22983] Bluetooth: MGMT ver 1.23
[ 1036.341852][ T6021] usb 40-1: device descriptor read/8, error -110
[ 1036.537348][T23021] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3820'.
[ 1036.541406][T23021] 8021q: VLANs not supported on gre0
[ 1036.643895][T23030] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1036.646138][T23030] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1036.652790][T23030] vhci_hcd vhci_hcd.0: Device attached
[ 1036.694937][T23030] 9pnet_fd: Insufficient options for proto=fd
[ 1036.708685][T23030] x_tables: duplicate underflow at hook 3
[ 1036.721731][T23030] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3819'.
[ 1036.735023][ T6021] usb usb40-port1: attempt power cycle
[ 1037.452434][ T6021] usb usb40-port1: unable to enumerate USB device
[ 1037.516897][T23032] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1037.520102][ T1147] vhci_hcd vhci_hcd.4: stop threads
[ 1037.521872][ T1147] vhci_hcd vhci_hcd.4: release socket
[ 1037.523750][ T1147] vhci_hcd vhci_hcd.4: disconnect device
[ 1037.526045][  T840] usb 46-1: device descriptor read/8, error -110
[ 1037.923394][  T840] usb usb46-port1: unable to enumerate USB device
[ 1040.540540][T23102] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1040.550931][T23102] netlink: 'syz.4.3830': attribute type 1 has an invalid length.
[ 1044.951725][   T40] audit: type=1326 audit(2000000010.219:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23171 comm="syz.2.3841" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aef6c code=0x0
[ 1045.400851][   T40] audit: type=1326 audit(2000000010.669:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23190 comm="syz.3.3845" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc5f6c code=0x0
[ 1045.438594][   T40] audit: type=1804 audit(2000000010.709:410): pid=23198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3847" name="/newroot/217/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1045.861109][T23209] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3849'.
[ 1045.865192][T23209] 8021q: VLANs not supported on gre0
[ 1048.835174][T23268] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1048.837829][T23268] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1048.841350][T23268] vhci_hcd vhci_hcd.0: Device attached
[ 1049.223539][ T6021] usb 42-1: SetAddress Request (30) to port 0
[ 1049.225781][ T6021] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd
[ 1049.291582][T23268] 9pnet_fd: Insufficient options for proto=fd
[ 1049.312579][T23268] x_tables: duplicate underflow at hook 3
[ 1049.322792][T23268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3857'.
[ 1049.503496][T23269] vhci_hcd: connection reset by peer
[ 1049.505591][T14950] vhci_hcd vhci_hcd.2: stop threads
[ 1049.507351][T14950] vhci_hcd vhci_hcd.2: release socket
[ 1049.510389][T14950] vhci_hcd vhci_hcd.2: disconnect device
[ 1049.560705][T23283] vlan2: entered promiscuous mode
[ 1049.562367][T23283] syz_tun: entered promiscuous mode
[ 1049.657030][   T40] audit: type=1804 audit(2000000014.929:411): pid=23285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3862" name="/newroot/220/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1050.157451][T23295] netlink: 'syz.4.3865': attribute type 2 has an invalid length.
[ 1050.160330][ T6146] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1050.162632][T23295] netlink: 'syz.4.3865': attribute type 8 has an invalid length.
[ 1050.165780][T23295] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3865'.
[ 1050.442848][T23305] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1050.445653][T23305] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1050.472825][T23305] vhci_hcd vhci_hcd.0: Device attached
[ 1050.490722][T23305] 9pnet_fd: Insufficient options for proto=fd
[ 1050.504932][T23305] x_tables: duplicate underflow at hook 3
[ 1050.515607][T23305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3867'.
[ 1050.949923][   T40] audit: type=1804 audit(2000000016.219:412): pid=23316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3872" name="/newroot/413/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1051.110553][T23306] vhci_hcd: connection closed
[ 1051.110867][T14950] vhci_hcd vhci_hcd.2: stop threads
[ 1051.119458][T14950] vhci_hcd vhci_hcd.2: release socket
[ 1051.122285][T14950] vhci_hcd vhci_hcd.2: disconnect device
[ 1051.274522][T23324] netlink: 'syz.1.3876': attribute type 2 has an invalid length.
[ 1051.277134][T23324] netlink: 'syz.1.3876': attribute type 8 has an invalid length.
[ 1051.279678][T23324] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3876'.
[ 1051.923482][T23329] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1051.923498][T23329] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1051.923551][T23329] vhci_hcd vhci_hcd.0: Device attached
[ 1052.212831][   T67] usb 40-1: SetAddress Request (7) to port 0
[ 1052.215254][   T67] usb 40-1: new SuperSpeed USB device number 7 using vhci_hcd
[ 1052.326341][T23341] vhci_hcd: connection reset by peer
[ 1052.328373][  T153] vhci_hcd vhci_hcd.1: stop threads
[ 1052.330180][  T153] vhci_hcd vhci_hcd.1: release socket
[ 1052.332115][  T153] vhci_hcd vhci_hcd.1: disconnect device
[ 1052.735746][T23363] FAULT_INJECTION: forcing a failure.
[ 1052.735746][T23363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1052.740481][T23363] CPU: 2 UID: 0 PID: 23363 Comm: syz.2.3886 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1052.740500][T23363] Tainted: [L]=SOFTLOCKUP
[ 1052.740504][T23363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1052.740511][T23363] Call Trace:
[ 1052.740516][T23363]  <TASK>
[ 1052.740521][T23363]  dump_stack_lvl+0x100/0x190
[ 1052.740540][T23363]  should_fail_ex.cold+0x5/0xa
[ 1052.740553][T23363]  _copy_from_user+0x2e/0xd0
[ 1052.740570][T23363]  compat_do_replace+0x417/0x500
[ 1052.740586][T23363]  ? sockopt_release_sock+0x57/0x70
[ 1052.740599][T23363]  ? __pfx_compat_do_replace+0x10/0x10
[ 1052.740613][T23363]  ? __local_bh_enable_ip+0x9e/0x120
[ 1052.740624][T23363]  ? lockdep_hardirqs_on+0x78/0x100
[ 1052.740638][T23363]  ? lock_acquire+0x1cf/0x380
[ 1052.740655][T23363]  ? bpf_lsm_capable+0x9/0x10
[ 1052.740666][T23363]  ? security_capable+0x80/0x260
[ 1052.740681][T23363]  do_ip6t_set_ctl+0x562/0xb00
[ 1052.740695][T23363]  ? nf_sockopt_find.isra.0+0x222/0x290
[ 1052.740712][T23363]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[ 1052.740729][T23363]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1052.740743][T23363]  ? __pfx___might_resched+0x10/0x10
[ 1052.740763][T23363]  ? nf_sockopt_find.isra.0+0x222/0x290
[ 1052.740779][T23363]  nf_setsockopt+0x8d/0xf0
[ 1052.740795][T23363]  ipv6_setsockopt+0x135/0x170
[ 1052.740812][T23363]  udpv6_setsockopt+0x7d/0xd0
[ 1052.740828][T23363]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1052.740843][T23363]  do_sock_setsockopt+0xf3/0x1d0
[ 1052.740859][T23363]  __sys_setsockopt+0x119/0x190
[ 1052.740873][T23363]  __ia32_sys_setsockopt+0xbc/0x160
[ 1052.740884][T23363]  ? __do_fast_syscall_32+0x94/0x8c0
[ 1052.740897][T23363]  ? lockdep_hardirqs_on+0x78/0x100
[ 1052.740909][T23363]  __do_fast_syscall_32+0xe3/0x8c0
[ 1052.740923][T23363]  do_fast_syscall_32+0x32/0x70
[ 1052.740935][T23363]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1052.740949][T23363] RIP: 0023:0xf70aef6c
[ 1052.740959][T23363] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1052.740969][T23363] RSP: 002b:00000000f549d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[ 1052.740980][T23363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[ 1052.740987][T23363] RDX: 0000000000000040 RSI: 00000000800013c0 RDI: 000000000000060c
[ 1052.740993][T23363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1052.740999][T23363] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1052.741005][T23363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1052.741018][T23363]  </TASK>
[ 1053.099502][T23373] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1053.102612][T23373] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1053.112951][T23373] vhci_hcd vhci_hcd.0: Device attached
[ 1053.149514][T23373] 9pnet_fd: Insufficient options for proto=fd
[ 1053.161030][T23373] x_tables: duplicate underflow at hook 3
[ 1053.403184][ T6146] usb 46-1: SetAddress Request (38) to port 0
[ 1053.405329][ T6146] usb 46-1: new SuperSpeed USB device number 38 using vhci_hcd
[ 1053.786795][T23374] vhci_hcd: connection reset by peer
[ 1053.788773][ T7514] vhci_hcd vhci_hcd.4: stop threads
[ 1053.790475][ T7514] vhci_hcd vhci_hcd.4: release socket
[ 1053.796868][ T7514] vhci_hcd vhci_hcd.4: disconnect device
[ 1053.812730][T17308] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1053.974395][T17308] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1053.977213][T17308] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1053.980472][T17308] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1053.983649][T17308] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1053.987050][T17308] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1053.991866][T17308] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1053.995587][T17308] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1053.998125][T17308] usb 8-1: Product: syz
[ 1053.999578][T17308] usb 8-1: Manufacturer: syz
[ 1054.025141][T17308] cdc_wdm 8-1:1.0: skipping garbage
[ 1054.027305][T17308] cdc_wdm 8-1:1.0: skipping garbage
[ 1054.029874][T17308] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[ 1054.031779][T17308] cdc_wdm 8-1:1.0: Unknown control protocol
[ 1054.282734][ T6021] usb 42-1: device descriptor read/8, error -110
[ 1054.518329][T10503] usb 8-1: USB disconnect, device number 13
[ 1054.683714][ T6021] usb usb42-port1: attempt power cycle
[ 1055.263212][ T6021] usb usb42-port1: unable to enumerate USB device
[ 1056.708153][   T40] audit: type=1804 audit(2000000021.979:413): pid=23458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3902" name="/newroot/360/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1057.242814][   T67] usb 40-1: device descriptor read/8, error -110
[ 1057.511996][T23470] loop5: detected capacity change from 0 to 7
[ 1057.536516][T23471] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1057.539354][T23471] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1057.553160][T23471] vhci_hcd vhci_hcd.0: Device attached
[ 1057.588699][T23471] 9pnet_fd: Insufficient options for proto=fd
[ 1057.597043][T23471] x_tables: duplicate underflow at hook 3
[ 1057.635221][   T67] usb usb40-port1: attempt power cycle
[ 1057.679825][T23346] Dev loop5: unable to read RDB block 7
[ 1057.681712][T23346]  loop5: unable to read partition table
[ 1057.684055][T23346] loop5: partition table beyond EOD, truncated
[ 1057.822798][  T840] usb 42-1: SetAddress Request (34) to port 0
[ 1057.825582][  T840] usb 42-1: new SuperSpeed USB device number 34 using vhci_hcd
[ 1057.855829][T23470] Dev loop5: unable to read RDB block 7
[ 1057.858441][T23470]  loop5: unable to read partition table
[ 1057.861078][T23470] loop5: partition table beyond EOD, truncated
[ 1057.868555][T23470] loop_reread_partitions: partition scan of loop5 (���W������ý�*���	���%���4FLQk݊5) failed (rc=-5)
[ 1058.184228][T23472] vhci_hcd: connection reset by peer
[ 1058.186223][   T13] vhci_hcd vhci_hcd.2: stop threads
[ 1058.187967][   T13] vhci_hcd vhci_hcd.2: release socket
[ 1058.189958][   T13] vhci_hcd vhci_hcd.2: disconnect device
[ 1058.205231][   T67] usb usb40-port1: unable to enumerate USB device
[ 1058.443170][ T6146] usb 46-1: device descriptor read/8, error -110
[ 1058.844050][ T6146] usb usb46-port1: attempt power cycle
[ 1058.955615][T23501] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[ 1058.957769][T23501] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1058.960579][T23501] vhci_hcd vhci_hcd.0: Device attached
[ 1058.967094][T23502] vhci_hcd: connection closed
[ 1058.967405][   T13] vhci_hcd vhci_hcd.3: stop threads
[ 1058.970966][   T13] vhci_hcd vhci_hcd.3: release socket
[ 1058.973796][   T13] vhci_hcd vhci_hcd.3: disconnect device
[ 1059.085077][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[ 1059.087275][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[ 1059.433806][ T6146] usb usb46-port1: unable to enumerate USB device
[ 1059.591168][   T40] audit: type=1804 audit(2000000024.859:414): pid=23517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3912" name="/newroot/422/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1061.433543][T23550] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3917'.
[ 1061.437132][T23551] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1061.440011][T23551] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1061.462736][T23551] vhci_hcd vhci_hcd.0: Device attached
[ 1061.488050][T23551] 9pnet_fd: Insufficient options for proto=fd
[ 1061.511475][T23551] x_tables: duplicate underflow at hook 3
[ 1061.752323][T15257] usb 40-1: SetAddress Request (11) to port 0
[ 1061.757058][T15257] usb 40-1: new SuperSpeed USB device number 11 using vhci_hcd
[ 1062.172848][T23552] vhci_hcd: connection reset by peer
[ 1062.177567][T14950] vhci_hcd vhci_hcd.1: stop threads
[ 1062.179269][T14950] vhci_hcd vhci_hcd.1: release socket
[ 1062.181040][T14950] vhci_hcd vhci_hcd.1: disconnect device
[ 1062.562763][T23580] bond3 (unregistering): Released all slaves
[ 1062.839444][   T40] audit: type=1804 audit(2000000028.109:415): pid=23603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3921" name="/newroot/335/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1062.923162][  T840] usb 42-1: device descriptor read/8, error -110
[ 1063.092957][T23605] xt_CT: No such helper "pptp"
[ 1063.112446][T23606] xt_CT: No such helper "pptp"
[ 1063.140028][T23612] netlink: 'syz.3.3923': attribute type 2 has an invalid length.
[ 1063.143102][T23612] netlink: 'syz.3.3923': attribute type 8 has an invalid length.
[ 1063.145683][T23612] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3923'.
[ 1063.337765][  T840] usb usb42-port1: attempt power cycle
[ 1063.895262][  T840] usb usb42-port1: unable to enumerate USB device
[ 1064.146706][T23628] netlink: 'syz.3.3929': attribute type 2 has an invalid length.
[ 1064.149502][T23628] netlink: 'syz.3.3929': attribute type 8 has an invalid length.
[ 1064.151968][T23628] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3929'.
[ 1064.413407][T23634] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1064.416130][T23634] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1064.419886][T23634] vhci_hcd vhci_hcd.0: Device attached
[ 1064.476783][T23634] 9pnet_fd: Insufficient options for proto=fd
[ 1064.488386][T23634] x_tables: duplicate underflow at hook 3
[ 1064.674396][T23641] netlink: 'syz.1.3933': attribute type 2 has an invalid length.
[ 1064.677006][T23641] netlink: 'syz.1.3933': attribute type 8 has an invalid length.
[ 1064.679466][T23641] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3933'.
[ 1064.693068][  T840] usb 42-1: SetAddress Request (38) to port 0
[ 1064.695388][  T840] usb 42-1: new SuperSpeed USB device number 38 using vhci_hcd
[ 1065.109554][T23635] vhci_hcd: connection reset by peer
[ 1065.112762][ T7514] vhci_hcd vhci_hcd.2: stop threads
[ 1065.115033][ T7514] vhci_hcd vhci_hcd.2: release socket
[ 1065.117423][ T7514] vhci_hcd vhci_hcd.2: disconnect device
[ 1066.010552][T23643] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.143187][T23643] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.373866][T23643] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.472255][T23643] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.587414][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.594878][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.609418][ T1140] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.618046][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.648016][T23681] raw_sendmsg: syz.2.3939 forgot to set AF_INET. Fix it!
[ 1066.802429][T23687] netlink: 'syz.2.3941': attribute type 2 has an invalid length.
[ 1066.807991][T23687] netlink: 'syz.2.3941': attribute type 8 has an invalid length.
[ 1066.810741][T23687] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3941'.
[ 1066.842780][T15257] usb 40-1: device descriptor read/8, error -110
[ 1067.383178][T15257] usb usb40-port1: attempt power cycle
[ 1067.953391][T15257] usb usb40-port1: unable to enumerate USB device
[ 1068.237059][T23713] fuse: Unknown parameter '000000000000000000000x0000000000000003���������;�3�D&.�d�+���S��Ȟ�!��Ys	i>j{4.ŝ�Q�6/:��T&Q7]�W>*~�I��'
[ 1068.415225][T23723] vivid-000: =================  START STATUS  =================
[ 1068.419030][T23723] vivid-000: Test Pattern: 75% Colorbar
[ 1068.421042][T23723] vivid-000: Fill Percentage of Frame: 100
[ 1068.423002][T23723] vivid-000: Horizontal Movement: Move Right Slow
[ 1068.425416][T23723] vivid-000: Vertical Movement: No Movement
[ 1068.427354][T23723] vivid-000: OSD Text Mode: All
[ 1068.428951][T23723] vivid-000: Show Border: false
[ 1068.430513][T23723] vivid-000: Show Square: false
[ 1068.432109][T23723] vivid-000: Sensor Flipped Horizontally: false
[ 1068.434798][T23723] vivid-000: Sensor Flipped Vertically: false
[ 1068.442903][T23723] vivid-000: Insert SAV Code in Image: false
[ 1068.446755][T23723] vivid-000: Insert EAV Code in Image: false
[ 1068.450388][T23723] vivid-000: Insert Video Guard Band: false
[ 1068.452466][T23723] vivid-000: Reduced Framerate: false
[ 1068.456749][T23723] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[ 1068.459222][T23723] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1068.461839][T23723] vivid-000: Enable Capture Cropping: true
[ 1068.463938][T23723] vivid-000: Enable Capture Composing: true
[ 1068.465898][T23723] vivid-000: Enable Capture Scaler: true
[ 1068.467696][T23723] vivid-000: Timestamp Source: End of Frame
[ 1068.469623][T23723] vivid-000: Colorspace: SMPTE 170M
[ 1068.471313][T23723] vivid-000: Transfer Function: Default
[ 1068.473437][T23723] vivid-000: Y'CbCr Encoding: Default
[ 1068.475213][T23723] vivid-000: HSV Encoding: Hue 0-179
[ 1068.477064][T23723] vivid-000: Quantization: Default
[ 1068.477762][T23729] kvm: pic: single mode not supported
[ 1068.478707][T23723] vivid-000: Apply Alpha To Red Only: false
[ 1068.478742][T23723] vivid-000: Standard Aspect Ratio: 4x3
[ 1068.478754][T23723] vivid-000: DV Timings Signal Mode: 
[ 1068.481071][T23729] kvm: pic: level sensitive irq not supported
[ 1068.488352][T23723] Current DV Timings
[ 1068.489228][T23729] kvm: pic: non byte read
[ 1068.490360][T23723]  inactive
[ 1068.492353][T23729] kvm: pic: non byte read
[ 1068.494552][T23723] 
[ 1068.495376][T23729] kvm: pic: non byte read
[ 1068.496478][T23723] vivid-000: DV Timings: 640x480p59
[ 1068.497881][T23729] kvm: pic: non byte read
[ 1068.498931][T23723]  inactive
[ 1068.498941][T23723] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[ 1068.498955][T23723] vivid-000: Maximum EDID Blocks: 2
[ 1068.498967][T23723] vivid-000: Limited RGB Range (16-235): false
[ 1068.498979][T23723] vivid-000: Rx RGB Quantization Range: Automatic
[ 1068.498992][T23723] vivid-000: Power Present: 0x00000001
[ 1068.501671][T23729] kvm: pic: non byte read
[ 1068.502545][T23723] 
[ 1068.502553][T23723] tpg source WxH: 720x576 (R'G'B)
[ 1068.504511][T23729] kvm: pic: non byte read
[ 1068.506879][T23723] tpg field: 4
[ 1068.508893][T23729] kvm: pic: non byte read
[ 1068.510466][T23723] tpg crop: (0,0)/16x576
[ 1068.513724][T23729] kvm: pic: non byte read
[ 1068.515320][T23723] tpg compose: (0,0)/64x576
[ 1068.517273][T23729] kvm: pic: non byte read
[ 1068.517709][T23723] tpg colorspace: 1
[ 1068.520100][T23729] kvm: pic: non byte read
[ 1068.521207][T23723] tpg transfer function: 0/2
[ 1068.537154][T23723] tpg quantization: 0/1
[ 1068.538513][T23723] tpg RGB range: 0/2
[ 1068.539827][T23723] vivid-000: ==================  END STATUS  ==================
[ 1068.666288][    C2] sr 2:0:0:0: [sr0] tag#16 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1068.670519][    C2] sr 2:0:0:0: [sr0] tag#16 CDB: Test Unit Ready 
[ 1068.672757][T15257] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1068.676998][T23739] binder: 23738:23739 ioctl c018620c 80000040 returned -1
[ 1068.822663][T15257] usb 7-1: Using ep0 maxpacket: 8
[ 1068.830573][T15257] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1068.834622][T15257] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1068.838090][T15257] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1068.842383][T15257] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1068.846941][T15257] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1068.850442][T15257] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1068.861104][T15257] hub 7-1:1.0: bad descriptor, ignoring hub
[ 1068.867270][T15257] hub 7-1:1.0: probe with driver hub failed with error -5
[ 1068.870365][T15257] cdc_wdm 7-1:1.0: skipping garbage
[ 1068.872419][T15257] cdc_wdm 7-1:1.0: skipping garbage
[ 1068.882295][T15257] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[ 1068.884905][T15257] cdc_wdm 7-1:1.0: Unknown control protocol
[ 1069.065307][T23728] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3956'.
[ 1069.072863][T23728] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3956'.
[ 1069.093116][T23728] unsupported nlmsg_type 40
[ 1069.325284][   T67] usb 7-1: USB disconnect, device number 14
[ 1069.723174][  T840] usb 42-1: device descriptor read/8, error -110
[ 1070.123641][  T840] usb usb42-port1: attempt power cycle
[ 1070.292926][T15257] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1070.446781][T23801] netlink: 'syz.1.3969': attribute type 2 has an invalid length.
[ 1070.450109][T23801] netlink: 'syz.1.3969': attribute type 8 has an invalid length.
[ 1070.452762][T15257] usb 8-1: Using ep0 maxpacket: 32
[ 1070.453643][T23801] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3969'.
[ 1070.456163][T15257] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1070.463280][T15257] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[ 1070.467204][T15257] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1070.481176][T15257] usb 8-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1070.484112][T15257] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1070.486607][T15257] usb 8-1: Product: syz
[ 1070.487931][T15257] usb 8-1: Manufacturer: syz
[ 1070.489522][T15257] usb 8-1: SerialNumber: syz
[ 1070.494670][T15257] usb 8-1: config 0 descriptor??
[ 1070.499720][T15257] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input358
[ 1070.571334][T23803] block device autoloading is deprecated and will be removed.
[ 1070.698968][    C3] xpad 8-1:0.0: xpad_irq_in - usb_submit_urb failed with result -1
[ 1070.713450][  T840] usb usb42-port1: unable to enumerate USB device
[ 1070.770748][T23813] block device autoloading is deprecated and will be removed.
[ 1070.781119][  T840] usb 8-1: USB disconnect, device number 14
[ 1070.783130][    C3] xpad 8-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[ 1072.569604][T23843] bond3 (unregistering): Released all slaves
[ 1074.311038][T23884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3991'.
[ 1074.544853][T23896] 9p: Bad value for 'rfdno'
[ 1074.651182][T23903] team0: Port device vlan3 added
[ 1074.896599][T23919] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1075.297817][T23931] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[ 1075.299950][T23931] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1075.304964][T23931] vhci_hcd vhci_hcd.0: Device attached
[ 1075.321885][T23931] random: crng reseeded on system resumption
[ 1075.403381][T23937] netlink: 'syz.2.4001': attribute type 2 has an invalid length.
[ 1075.403509][T23937] netlink: 'syz.2.4001': attribute type 8 has an invalid length.
[ 1075.403523][T23937] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4001'.
[ 1075.602796][ T6021] usb 44-1: SetAddress Request (14) to port 0
[ 1075.602856][ T6021] usb 44-1: new SuperSpeed USB device number 14 using vhci_hcd
[ 1075.768654][T23932] vhci_hcd: connection reset by peer
[ 1075.772856][   T12] vhci_hcd vhci_hcd.3: stop threads
[ 1075.774981][   T12] vhci_hcd vhci_hcd.3: release socket
[ 1075.782806][   T12] vhci_hcd vhci_hcd.3: disconnect device
[ 1076.377368][T23949] FAULT_INJECTION: forcing a failure.
[ 1076.377368][T23949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1076.430719][T23949] CPU: 1 UID: 0 PID: 23949 Comm: syz.4.4003 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1076.430765][T23949] Tainted: [L]=SOFTLOCKUP
[ 1076.430772][T23949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1076.430781][T23949] Call Trace:
[ 1076.430789][T23949]  <TASK>
[ 1076.430799][T23949]  dump_stack_lvl+0x100/0x190
[ 1076.430830][T23949]  should_fail_ex.cold+0x5/0xa
[ 1076.430851][T23949]  _copy_to_iter+0x5a4/0x1720
[ 1076.430883][T23949]  ? __pfx__copy_to_iter+0x10/0x10
[ 1076.430906][T23949]  ? __rcu_read_unlock+0x27f/0x5e0
[ 1076.430932][T23949]  ? traverse.part.0.constprop.0+0x2c5/0x650
[ 1076.430965][T23949]  seq_read_iter+0x691/0x1270
[ 1076.430991][T23949]  ? aa_file_perm+0x7f3/0x14d0
[ 1076.431017][T23949]  seq_read+0x33b/0x4c0
[ 1076.431041][T23949]  ? __pfx_seq_read+0x10/0x10
[ 1076.431069][T23949]  ? import_ubuf+0x1b6/0x220
[ 1076.431101][T23949]  ? __pfx_seq_read+0x10/0x10
[ 1076.431125][T23949]  proc_reg_read+0x240/0x330
[ 1076.431149][T23949]  ? __pfx_proc_reg_read+0x10/0x10
[ 1076.431172][T23949]  vfs_readv+0x5d8/0x8d0
[ 1076.431203][T23949]  ? __pfx_vfs_readv+0x10/0x10
[ 1076.431226][T23949]  ? finish_task_switch.isra.0+0x205/0xb80
[ 1076.431249][T23949]  ? lockdep_hardirqs_on+0x78/0x100
[ 1076.431298][T23949]  ? __fget_files+0x21f/0x3d0
[ 1076.431330][T23949]  ? do_preadv+0x1ac/0x270
[ 1076.431350][T23949]  do_preadv+0x1ac/0x270
[ 1076.431375][T23949]  ? __pfx_do_preadv+0x10/0x10
[ 1076.431397][T23949]  ? exit_to_user_mode_loop+0xdd/0x4a0
[ 1076.431426][T23949]  __do_fast_syscall_32+0xe3/0x8c0
[ 1076.431450][T23949]  do_fast_syscall_32+0x32/0x70
[ 1076.431470][T23949]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1076.431492][T23949] RIP: 0023:0xf7fe6f6c
[ 1076.431507][T23949] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1076.431522][T23949] RSP: 002b:00000000f546450c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
[ 1076.431540][T23949] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000380
[ 1076.431551][T23949] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000000
[ 1076.431561][T23949] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1076.431570][T23949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1076.431579][T23949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1076.431603][T23949]  </TASK>
[ 1076.755490][T23957] vivid-000: =================  START STATUS  =================
[ 1076.758136][T23957] vivid-000: Test Pattern: 75% Colorbar
[ 1076.770610][T23957] vivid-000: Fill Percentage of Frame: 100
[ 1076.773622][T23957] vivid-000: Horizontal Movement: Move Right Slow
[ 1076.776477][T23957] vivid-000: Vertical Movement: No Movement
[ 1076.778991][T23957] vivid-000: OSD Text Mode: All
[ 1076.782689][T23957] vivid-000: Show Border: false
[ 1076.784364][T23957] vivid-000: Show Square: false
[ 1076.785969][T23957] vivid-000: Sensor Flipped Horizontally: false
[ 1076.788740][T23957] vivid-000: Sensor Flipped Vertically: false
[ 1076.790780][T23957] vivid-000: Insert SAV Code in Image: false
[ 1076.795539][T23957] vivid-000: Insert EAV Code in Image: false
[ 1076.797636][T23957] vivid-000: Insert Video Guard Band: false
[ 1076.802727][T23957] vivid-000: Reduced Framerate: false
[ 1076.804536][T23957] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[ 1076.822067][T23957] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1076.824910][T23957] vivid-000: Enable Capture Cropping: true
[ 1076.828720][T23963] kvm: pic: single mode not supported
[ 1076.828953][T23963] kvm: pic: level sensitive irq not supported
[ 1076.828995][T23957] vivid-000: Enable Capture Composing: true
[ 1076.836240][T23957] vivid-000: Enable Capture Scaler: true
[ 1076.838244][T23957] vivid-000: Timestamp Source: End of Frame
[ 1076.838721][T23963] picdev_read: 59 callbacks suppressed
[ 1076.838737][T23963] kvm: pic: non byte read
[ 1076.840321][T23957] vivid-000: Colorspace: 
[ 1076.843726][T23963] kvm: pic: non byte read
[ 1076.844390][T23957] SMPTE 170M
[ 1076.846806][T23963] kvm: pic: non byte read
[ 1076.847835][T23957] 
[ 1076.849832][T23963] kvm: pic: non byte read
[ 1076.850740][T23957] vivid-000: Transfer Function: 
[ 1076.852261][T23963] kvm: pic: non byte read
[ 1076.853792][T23957] Default
[ 1076.856585][T23963] kvm: pic: non byte read
[ 1076.857019][T23957] 
[ 1076.858757][T23963] kvm: pic: non byte read
[ 1076.859932][T23957] vivid-000: Y'CbCr Encoding: 
[ 1076.861550][T23963] kvm: pic: non byte read
[ 1076.862639][T23957] Default
[ 1076.867056][T23957] vivid-000: HSV Encoding: Hue 0-179
[ 1076.869414][T23957] vivid-000: Quantization: Default
[ 1076.871531][T23957] vivid-000: Apply Alpha To Red Only: false
[ 1076.872223][T23963] kvm: pic: non byte read
[ 1076.880504][T23957] vivid-000: Standard Aspect Ratio: 4x3
[ 1076.881679][T23963] kvm: pic: non byte read
[ 1076.888187][T23957] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[ 1076.897921][T23957] vivid-000: DV Timings: 640x480p59 inactive
[ 1076.906267][T23957] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[ 1076.923789][T23957] vivid-000: Maximum EDID Blocks: 2
[ 1076.925843][T23957] vivid-000: Limited RGB Range (16-235): false
[ 1076.931507][T23957] vivid-000: Rx RGB Quantization Range: Automatic
[ 1076.951983][T23957] vivid-000: Power Present: 0x00000001
[ 1076.965983][T23957] tpg source WxH: 720x576 (R'G'B)
[ 1076.967657][T23957] tpg field: 4
[ 1076.968807][T23957] tpg crop: (0,0)/16x576
[ 1076.970175][T23957] tpg compose: (0,0)/64x576
[ 1076.971729][T23957] tpg colorspace: 1
[ 1076.975222][T23957] tpg transfer function: 0/2
[ 1076.976858][T23957] tpg quantization: 0/1
[ 1076.978380][T23957] tpg RGB range: 0/2
[ 1076.979781][T23957] vivid-000: ==================  END STATUS  ==================
[ 1077.336541][T23971] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1078.960564][T24033] netlink: 'syz.2.4021': attribute type 2 has an invalid length.
[ 1078.969855][T24033] netlink: 'syz.2.4021': attribute type 8 has an invalid length.
[ 1078.972479][T24033] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4021'.
[ 1080.224174][T24058] ALSA: seq fatal error: cannot create timer (-22)
[ 1080.351605][T24062] zonefs (loop2) ERROR: Not a zoned block device
[ 1080.365059][T24062] netlink: 'syz.2.4027': attribute type 21 has an invalid length.
[ 1080.367782][T24062] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1080.693937][ T6021] usb 44-1: device descriptor read/8, error -110
[ 1081.173838][ T6021] usb usb44-port1: attempt power cycle
[ 1081.505104][T24079] netlink: 'syz.3.4030': attribute type 2 has an invalid length.
[ 1081.508321][T24079] netlink: 'syz.3.4030': attribute type 8 has an invalid length.
[ 1081.511624][T24079] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4030'.
[ 1081.753600][ T6021] usb usb44-port1: unable to enumerate USB device
[ 1081.764619][T24089] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1081.767346][T24089] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1081.847518][T24089] vhci_hcd vhci_hcd.0: Device attached
[ 1081.897418][T24089] 9pnet_fd: Insufficient options for proto=fd
[ 1081.910870][T24089] x_tables: duplicate underflow at hook 3
[ 1082.095600][T24090] vhci_hcd: connection closed
[ 1082.101053][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1082.105390][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1082.110597][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1082.142731][  T840] usb 46-1: enqueue for inactive port 0
[ 1082.665335][  T840] usb usb46-port1: attempt power cycle
[ 1082.749733][T24134] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4037'.
[ 1082.753479][T24134] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4037'.
[ 1082.851474][T24140] netlink: 'syz.4.4040': attribute type 2 has an invalid length.
[ 1082.854035][T24140] netlink: 'syz.4.4040': attribute type 8 has an invalid length.
[ 1082.857919][T24140] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4040'.
[ 1083.202543][T24161] FAULT_INJECTION: forcing a failure.
[ 1083.202543][T24161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1083.206857][T24161] CPU: 2 UID: 0 PID: 24161 Comm: syz.4.4043 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1083.206875][T24161] Tainted: [L]=SOFTLOCKUP
[ 1083.206879][T24161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1083.206886][T24161] Call Trace:
[ 1083.206891][T24161]  <TASK>
[ 1083.206896][T24161]  dump_stack_lvl+0x100/0x190
[ 1083.206915][T24161]  should_fail_ex.cold+0x5/0xa
[ 1083.206928][T24161]  _copy_from_user+0x2e/0xd0
[ 1083.206945][T24161]  get_compat_msghdr+0xb3/0x4b0
[ 1083.206957][T24161]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1083.206974][T24161]  ___sys_sendmsg+0x1b6/0x1e0
[ 1083.206991][T24161]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1083.207007][T24161]  ? __pte_offset_map+0x179/0x310
[ 1083.207039][T24161]  __sys_sendmsg+0x170/0x220
[ 1083.207052][T24161]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1083.207073][T24161]  __do_fast_syscall_32+0xe3/0x8c0
[ 1083.207088][T24161]  do_fast_syscall_32+0x32/0x70
[ 1083.207105][T24161]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1083.207119][T24161] RIP: 0023:0xf7fe6f6c
[ 1083.207128][T24161] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1083.207139][T24161] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1083.207150][T24161] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1083.207157][T24161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1083.207163][T24161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1083.207169][T24161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1083.207175][T24161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1083.207188][T24161]  </TASK>
[ 1083.234362][  T840] usb usb46-port1: unable to enumerate USB device
[ 1083.841180][   T40] audit: type=1326 audit(2000000049.109:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24173 comm="syz.2.4046" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aef6c code=0x0
[ 1083.991191][T24175] syz.2.4046 invoked oom-killer: gfp_mask=0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000
[ 1083.997519][T24175] CPU: 2 UID: 0 PID: 24175 Comm: syz.2.4046 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1083.997538][T24175] Tainted: [L]=SOFTLOCKUP
[ 1083.997542][T24175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1083.997550][T24175] Call Trace:
[ 1083.997554][T24175]  <TASK>
[ 1083.997558][T24175]  dump_stack_lvl+0x100/0x190
[ 1083.997579][T24175]  dump_header+0xfb/0x606
[ 1083.997592][T24175]  oom_kill_process.cold+0xd/0x330
[ 1083.997605][T24175]  out_of_memory+0x1256/0x14f0
[ 1083.997623][T24175]  ? __pfx_out_of_memory+0x10/0x10
[ 1083.997641][T24175]  __alloc_frozen_pages_noprof+0x233d/0x2ba0
[ 1083.997665][T24175]  ? __pfx_should_flush_tlb+0x10/0x10
[ 1083.997679][T24175]  ? __pfx_flush_tlb_func+0x10/0x10
[ 1083.997695][T24175]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1083.997713][T24175]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1083.997729][T24175]  ? __lock_acquire+0x4a5/0x2630
[ 1083.997745][T24175]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1083.997763][T24175]  ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80
[ 1083.997779][T24175]  ? policy_nodemask+0xed/0x4f0
[ 1083.997791][T24175]  alloc_pages_mpol+0x1fb/0x550
[ 1083.997802][T24175]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1083.997811][T24175]  ? __lock_acquire+0x4a5/0x2630
[ 1083.997828][T24175]  folio_alloc_mpol_noprof+0x36/0x340
[ 1083.997842][T24175]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1083.997854][T24175]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1083.997866][T24175]  ? rcu_read_unlock+0x2d/0xb0
[ 1083.997880][T24175]  ? rcu_read_unlock+0x2d/0xb0
[ 1083.997894][T24175]  ? __lock_acquire+0x4a5/0x2630
[ 1083.997909][T24175]  do_wp_page+0xf28/0x4f00
[ 1083.997925][T24175]  ? __pfx_do_wp_page+0x10/0x10
[ 1083.997938][T24175]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1083.997957][T24175]  __handle_mm_fault+0x1ac8/0x2b60
[ 1083.997973][T24175]  ? mt_find+0x45e/0x8e0
[ 1083.997987][T24175]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1083.998000][T24175]  ? __pfx_mt_find+0x10/0x10
[ 1083.998021][T24175]  ? find_vma+0xbf/0x140
[ 1083.998036][T24175]  ? __pfx_find_vma+0x10/0x10
[ 1083.998054][T24175]  handle_mm_fault+0x36d/0xa20
[ 1083.998071][T24175]  do_user_addr_fault+0x74c/0x12f0
[ 1083.998091][T24175]  exc_page_fault+0x6f/0xd0
[ 1083.998104][T24175]  asm_exc_page_fault+0x26/0x30
[ 1083.998116][T24175] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[ 1083.998129][T24175] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca e9 57 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[ 1083.998139][T24175] RSP: 0018:ffffc9000071f998 EFLAGS: 00050246
[ 1083.998153][T24175] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080065018
[ 1083.998160][T24175] RDX: 0000000000080000 RSI: ffffffff8951fcae RDI: ffff88802904a480
[ 1083.998167][T24175] RBP: ffffc9000071fd38 R08: 0000000000000005 R09: 0000000000000000
[ 1083.998173][T24175] R10: 0000000080000002 R11: 0000000000000002 R12: 0000000000000000
[ 1083.998179][T24175] R13: 0000000080065000 R14: ffffc9000071fd7c R15: 0000000080000002
[ 1083.998191][T24175]  ? ____sys_recvmsg+0x3ae/0x6b0
[ 1083.998209][T24175]  ____sys_recvmsg+0x3b9/0x6b0
[ 1083.998226][T24175]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1083.998246][T24175]  ? ___sys_recvmsg+0x177/0x1a0
[ 1083.998261][T24175]  ? kfree+0x2ec/0x6b0
[ 1083.998276][T24175]  ___sys_recvmsg+0x16a/0x1a0
[ 1083.998292][T24175]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1083.998310][T24175]  ? find_held_lock+0x2b/0x80
[ 1083.998325][T24175]  ? __pfx___might_resched+0x10/0x10
[ 1083.998344][T24175]  do_recvmmsg+0x563/0x760
[ 1083.998362][T24175]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1083.998380][T24175]  ? nf_sockopt_find.isra.0+0x222/0x290
[ 1083.998400][T24175]  ? rcu_is_watching+0x12/0xc0
[ 1083.998415][T24175]  ? do_sock_setsockopt+0x101/0x1d0
[ 1083.998428][T24175]  ? kfree+0x2ec/0x6b0
[ 1083.998443][T24175]  __sys_recvmmsg+0x21f/0x270
[ 1083.998457][T24175]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1083.998474][T24175]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1083.998487][T24175]  ? __do_fast_syscall_32+0x94/0x8c0
[ 1083.998499][T24175]  ? lockdep_hardirqs_on+0x78/0x100
[ 1083.998511][T24175]  __do_fast_syscall_32+0xe3/0x8c0
[ 1083.998526][T24175]  do_fast_syscall_32+0x32/0x70
[ 1083.998539][T24175]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1083.998553][T24175] RIP: 0023:0xf70aef6c
[ 1083.998562][T24175] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1083.998583][T24175] RSP: 002b:00000000f547c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[ 1083.998596][T24175] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[ 1083.998606][T24175] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[ 1083.998615][T24175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1083.998625][T24175] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1083.998635][T24175] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1083.998658][T24175]  </TASK>
[ 1083.998682][T24175] Mem-Info:
[ 1084.180394][T24175] active_anon:1875 inactive_anon:793 isolated_anon:0
[ 1084.180394][T24175]  active_file:12546 inactive_file:5531 isolated_file:0
[ 1084.180394][T24175]  unevictable:1768 dirty:259 writeback:0
[ 1084.180394][T24175]  slab_reclaimable:7584 slab_unreclaimable:66080
[ 1084.180394][T24175]  mapped:26648 shmem:1771 pagetables:1323
[ 1084.180394][T24175]  sec_pagetables:323 bounce:0
[ 1084.180394][T24175]  kernel_misc_reclaimable:0
[ 1084.180394][T24175]  free:77876 free_pcp:0 free_cma:0
[ 1084.197019][T24175] Node 0 active_anon:12kB inactive_anon:40kB active_file:0kB inactive_file:40kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7904kB pagetables:1560kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[ 1084.211328][T24175] Node 0 DMA free:2596kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1084.221296][T24175] lowmem_reserve[]: 0 285 285 285 285
[ 1084.223361][T24175] Node 0 DMA32 free:38012kB boost:29412kB min:42484kB low:45752kB high:49020kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12kB inactive_anon:40kB active_file:0kB inactive_file:40kB unevictable:3536kB writepending:0kB zspages:292kB present:1032196kB managed:292656kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1084.235223][T24175] lowmem_reserve[]: 0 0 0 0 0
[ 1084.236888][T24175] Node 0 DMA: 59*4kB (U) 13*8kB (UM) 11*16kB (UM) 7*32kB (UM) 1*64kB (U) 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2596kB
[ 1084.241751][T24175] Node 0 DMA32: 1492*4kB (UME) 534*8kB (UME) 220*16kB (UME) 248*32kB (UME) 62*64kB (UME) 25*128kB (UME) 8*256kB (UM) 8*512kB (M) 3*1024kB (M) 0*2048kB 0*4096kB = 38080kB
[ 1084.248079][T24175] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1084.251961][T24175] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1084.256307][T24175] 23326 total pagecache pages
[ 1084.258289][T24175] 857 pages in swap cache
[ 1084.260140][T24175] Free swap  = 100340kB
[ 1084.261568][T24175] Total swap = 124996kB
[ 1084.263427][T24175] 524155 pages RAM
[ 1084.265965][T24175] 0 pages HighMem/MovableOnly
[ 1084.267561][T24175] 210098 pages reserved
[ 1084.268947][T24175] 0 pages cma reserved
[ 1084.270269][T24175] Unreclaimable slab info:
[ 1084.272087][T24175] Name                      Used          Total
[ 1084.275718][T24175] pid_3                     33KB         63KB
[ 1084.278039][T24175] pid_2                     44KB         86KB
[ 1084.280064][T24175] bio-464                   17KB         31KB
[ 1084.282192][T24175] bio-528                   19KB         31KB
[ 1084.284615][T24175] bio-544                   19KB         31KB
[ 1084.286596][T24175] bio-560                   19KB         31KB
[ 1084.288787][T24175] afs_inode_cache           84KB         92KB
[ 1084.291189][T24175] zswap_entry              421KB        509KB
[ 1084.294495][T24175] AF_VSOCK                  70KB        122KB
[ 1084.296570][T24175] sw_flow_stats             30KB         36KB
[ 1084.298693][T24175] sw_flow                   85KB        122KB
[ 1084.300735][T24175] batadv_tt_change_cache          0KB          4KB
[ 1084.303116][T24175] batadv_tl_cache            7KB         16KB
[ 1084.305147][T24175] ceph_osd_request           8KB         95KB
[ 1084.307117][T24175] ceph_msg                   3KB         30KB
[ 1084.309198][T24175] IEEE-802.15.4-MAC         21KB        125KB
[ 1084.311391][T24175] IEEE-802.15.4-RAW         57KB        126KB
[ 1084.318092][T24175] p9_req_t                  33KB         55KB
[ 1084.320154][T24175] INET_SMC                 100KB        187KB
[ 1084.322195][T24175] SMC6                      62KB        125KB
[ 1084.324390][T24175] SMC                       93KB        187KB
[ 1084.326863][T24185] netlink: 'syz.4.4049': attribute type 2 has an invalid length.
[ 1084.326939][T24175] TIPC                      68KB        215KB
[ 1084.329373][T24185] netlink: 'syz.4.4049': attribute type 8 has an invalid length.
[ 1084.331310][T24175] rds_tcp_connection          6KB        111KB
[ 1084.333908][T24185] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4049'.
[ 1084.336161][T24175] RDS                       51KB        123KB
[ 1084.340736][T24175] rds_connection            25KB         46KB
[ 1084.343140][T24175] SCTPv6                    78KB        210KB
[ 1084.345124][T24175] SCTP                      43KB        153KB
[ 1084.349115][T24175] sctp_chunk                16KB         46KB
[ 1084.349710][T24188] netlink: 'syz.3.4051': attribute type 19 has an invalid length.
[ 1084.351118][T24175] sctp_bind_bucket           0KB         20KB
[ 1084.355838][T24175] PNPIPE                    52KB         92KB
[ 1084.357813][T24175] PHONET                    16KB         31KB
[ 1084.360169][T24175] L2TP/IPv6                 61KB        127KB
[ 1084.363545][T24175] L2TP/IP                   47KB         94KB
[ 1084.365862][T24175] KCM                       56KB         93KB
[ 1084.367847][T24175] kcm_mux                   52KB         94KB
[ 1084.369736][T24175] RXRPC                     44KB        224KB
[ 1084.371634][T24175] rxrpc_call_jar           159KB        286KB
[ 1084.374010][T24175] can_receiver              18KB         23KB
[ 1084.376049][T24175] net_bridge_fdb_entry       1210KB       1232KB
[ 1084.378057][T24175] MPTCPv6                   47KB        191KB
[ 1084.380009][T24175] ip6-frags                  0KB         31KB
[ 1084.381955][T24175] fib6_node                 99KB        128KB
[ 1084.385279][T24175] ip6_dst_cache            172KB        398KB
[ 1084.387253][T24175] mfc6_cache                13KB         16KB
[ 1084.389251][T24175] PINGv6                    78KB        123KB
[ 1084.391241][T24175] RAWv6                    162KB        247KB
[ 1084.393551][T24175] UDPLITEv6                 58KB        126KB
[ 1084.395577][T24175] UDPv6                     81KB        252KB
[ 1084.397553][T24175] tw_sock_TCPv6              0KB         39KB
[ 1084.399533][T24175] request_sock_TCPv6          0KB         30KB
[ 1084.400850][T24189] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1084.402038][T24175] TCPv6                    152KB        268KB
[ 1084.403905][T24189] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1084.408686][T24175] nf_conntrack               0KB         39KB
[ 1084.410670][T24175] wg_peer                  104KB        148KB
[ 1084.411767][T24189] vhci_hcd vhci_hcd.0: Device attached
[ 1084.412941][T24175] allowedips_node           21KB         31KB
[ 1084.417103][T24175] ubi_wl_entry_slab          2KB          3KB
[ 1084.419136][T24175] t10_alua_lu_gp_cache          8KB         15KB
[ 1084.421225][T24175] scsi_sense_cache          60KB         60KB
[ 1084.423447][T24175] virtio_scsi_cmd           21KB         24KB
[ 1084.425461][T24175] bio-136                   49KB         68KB
[ 1084.427489][T24175] io_kiocb                   0KB         62KB
[ 1084.429462][T24175] bio-264                   10KB         15KB
[ 1084.431430][T24175] mqueue_inode_cache         55KB        212KB
[ 1084.433982][T24175] f2fs_bio_post_read_ctx         30KB         31KB
[ 1084.436182][T24175] jfs_mp                    14KB         15KB
[ 1084.438261][T24175] fuse_request              17KB         55KB
[ 1084.440246][T24175] cifs_small_rq             28KB         32KB
[ 1084.442192][T24175] cifs_request              67KB         67KB
[ 1084.445034][T24175] cifs_mpx_ids               8KB         15KB
[ 1084.447015][T24175] cifs_io_subrequest         42KB         47KB
[ 1084.450558][T24175] cifs_io_request          105KB        111KB
[ 1084.450578][T24175] nfs_commit_data           24KB         31KB
[ 1084.450586][T24175] nfs_write_data            38KB         63KB
[ 1084.450605][T24175] jbd2_inode                16KB         19KB
[ 1084.450613][T24175] ext4_system_zone           1KB          3KB
[ 1084.450621][T24175] ext4_io_end_vec            5KB         15KB
[ 1084.450635][T24175] kioctx                    27KB        127KB
[ 1084.450643][T24175] aio_kiocb                 30KB         54KB
[ 1084.450650][T24175] userfaultfd_ctx_cache         48KB         94KB
[ 1084.450661][T24175] fanotify_mark             22KB         23KB
[ 1084.450668][T24175] dnotify_mark              22KB         23KB
[ 1084.450676][T24175] dnotify_struct             5KB          7KB
[ 1084.450683][T24175] fasync_cache              36KB         47KB
[ 1084.450692][T24175] zspage                   113KB        133KB
[ 1084.450708][T24175] zs_handle                146KB        496KB
[ 1084.450716][T24175] pid_namespace             44KB        123KB
[ 1084.450723][T24175] kvm_gmem_inode_cache         29KB         31KB
[ 1084.450731][T24175] kvm_async_pf               0KB          3KB
[ 1084.450739][T24175] kvm_vcpu                  62KB        281KB
[ 1084.450747][T24175] kvm_mmu_page_header         19KB         34KB
[ 1084.450755][T24175] pte_list_desc             15KB         31KB
[ 1084.450763][T24175] x86_emulator              63KB        253KB
[ 1084.450772][T24175] rpc_buffers               25KB         31KB
[ 1084.450779][T24175] rpc_tasks                  8KB         15KB
[ 1084.450787][T24175] UNIX-STREAM               89KB        214KB
[ 1084.450795][T24175] UNIX                     328KB        398KB
[ 1084.450804][T24175] mfc_cache                 10KB         20KB
[ 1084.450812][T24175] UDP-Lite                  17KB        127KB
[ 1084.450819][T24175] MPTCP                     45KB        122KB
[ 1084.450827][T24175] request_sock_subflow_v4          0KB         30KB
[ 1084.450835][T24175] tcp_bind2_bucket           3KB         16KB
[ 1084.450847][T24175] tcp_bind_bucket            7KB         48KB
[ 1084.450857][T24175] inet_peer                  0KB          8KB
[ 1084.450873][T24175] xfrm_state              3244KB       4016KB
[ 1084.450885][T24175] ip_fib_trie               25KB         44KB
[ 1084.450898][T24175] ip_fib_alias              78KB        110KB
[ 1084.450912][T24175] rtable                   530KB        592KB
[ 1084.450924][T24175] PING                      66KB        126KB
[ 1084.450936][T24175] RAW                       82KB        223KB
[ 1084.450947][T24175] UDP                      119KB        286KB
[ 1084.450958][T24175] tw_sock_TCP                0KB         31KB
[ 1084.450967][T24175] request_sock_TCP           0KB          7KB
[ 1084.450974][T24175] TCP                      286KB        414KB
[ 1084.450983][T24175] hugetlbfs_inode_cache         28KB        156KB
[ 1084.450992][T24175] fscache_cookie_jar         32KB         61KB
[ 1084.450999][T24175] netfs_subrequest          52KB        101KB
[ 1084.451008][T24175] netfs_request            156KB        239KB
[ 1084.451016][T24175] bio-280                   21KB         23KB
[ 1084.451024][T24175] ep_head                    3KB         20KB
[ 1084.451032][T24175] eventpoll_pwq              7KB         35KB
[ 1084.451040][T24175] eventpoll_epi             50KB         66KB
[ 1084.451048][T24175] inotify_inode_mark         15KB         39KB
[ 1084.451056][T24175] sgpool-128                17KB         29KB
[ 1084.451064][T24175] sgpool-64                 25KB         31KB
[ 1084.451072][T24175] sgpool-32                  2KB        189KB
[ 1084.451079][T24175] sgpool-16                  6KB         31KB
[ 1084.451087][T24175] sgpool-8                   1KB         31KB
[ 1084.451094][T24175] bio_crypt_ctx              9KB         11KB
[ 1084.451101][T24175] bio_integrity_data          7KB          8KB
[ 1084.451109][T24175] request_queue            219KB        247KB
[ 1084.451117][T24175] blkdev_ioc                 0KB         31KB
[ 1084.451125][T24175] bio-200                    7KB         62KB
[ 1084.451134][T24175] biovec-max               255KB        476KB
[ 1084.451143][T24175] biovec-64                  0KB        252KB
[ 1084.451150][T24175] biovec-16                  0KB         15KB
[ 1084.451159][T24175] mm_slot                   10KB         15KB
[ 1084.451166][T24175] ksm_mm_slot                3KB          4KB
[ 1084.451174][T24175] user_namespace            13KB         30KB
[ 1084.451182][T24175] uid_cache                 27KB         46KB
[ 1084.451191][T24175] iommu_iova_magazine        979KB       1165KB
[ 1084.451212][T24175] iommu_iova               223KB        384KB
[ 1084.498865][T24189] 9pnet_fd: Insufficient options for proto=fd
[ 1084.499097][T24175] dmaengine-unmap-256         26KB         30KB
[ 1084.514364][T24189] x_tables: duplicate underflow at hook 3
[ 1084.525677][T24175] dmaengine-unmap-128         14KB         30KB
[ 1084.611809][T24175] dmaengine-unmap-16          7KB          8KB
[ 1084.623147][T24175] dmaengine-unmap-2          3KB          4KB
[ 1084.625207][T24175] QIPCRTR                   48KB        218KB
[ 1084.627149][T24175] audit_buffer              35KB         50KB
[ 1084.629172][T24175] skbuff_ext_cache          16KB         36KB
[ 1084.631196][T24175] skbuff_small_head       1937KB       2562KB
[ 1084.635458][T24175] skbuff_fclone_cache        141KB        234KB
[ 1084.637501][T24175] skbuff_head_cache       1557KB       2265KB
[ 1084.639590][T24175] configfs_dir_cache         30KB         32KB
[ 1084.641647][T24175] file_lease_cache          24KB         31KB
[ 1084.644288][T24175] file_lock_cache            8KB         63KB
[ 1084.646763][T24175] file_lock_ctx             37KB         47KB
[ 1084.648902][T24175] fsnotify_inode_mark_connector         21KB         35KB
[ 1084.651307][T24175] posix_timers_cache         32KB         56KB
[ 1084.654587][T24175] taskstats                 55KB        127KB
[ 1084.656564][T24175] mem_cgroup_per_node         99KB        154KB
[ 1084.658551][T24175] mem_cgroup               119KB        149KB
[ 1084.660519][T24175] proc_dir_entry           679KB        781KB
[ 1084.672759][T24175] pde_opener                 4KB         15KB
[ 1084.674806][T24175] seq_file                  21KB         62KB
[ 1084.676801][T24175] sigqueue                   2KB         31KB
[ 1084.678855][T24175] shmem_inode_cache       7846KB       7927KB
[ 1084.680845][T24175] kernfs_iattrs_cache         45KB         46KB
[ 1084.686995][T24175] kernfs_node_cache      26591KB      26595KB
[ 1084.689261][T24175] mnt_cache                 94KB        126KB
[ 1084.691984][T24175] bfilp                     21KB         31KB
[ 1084.693015][   T10] usb 40-1: SetAddress Request (15) to port 0
[ 1084.695411][T24175] filp                     609KB        748KB
[ 1084.696585][   T10] usb 40-1: new SuperSpeed USB device number 15 using vhci_hcd
[ 1084.698307][T24175] names_cache              382KB        452KB
[ 1084.705524][T24175] net_namespace            114KB        229KB
[ 1084.707494][T24175] ima_iint_cache            44KB         63KB
[ 1084.709498][T24175] lsm_inode_cache         1493KB       1779KB
[ 1084.711479][T24175] lsm_file_cache           175KB        216KB
[ 1084.714758][T24175] key_jar                   31KB         47KB
[ 1084.716820][T24175] uts_namespace             71KB        123KB
[ 1084.718797][T24175] nsproxy                    8KB         31KB
[ 1084.720808][T24175] vm_area_struct          1444KB       1742KB
[ 1084.723580][T24175] fs_cache                  33KB         60KB
[ 1084.725747][T24175] files_cache              119KB        207KB
[ 1084.727741][T24175] signal_cache             859KB       2002KB
[ 1084.729811][T24175] sighand_cache           1093KB       2164KB
[ 1084.732060][T24175] task_struct             4708KB       5009KB
[ 1084.742816][T24175] cred                     158KB        316KB
[ 1084.744957][T24175] anon_vma_chain           324KB        370KB
[ 1084.754835][T24175] anon_vma                 367KB        470KB
[ 1084.762964][T24175] pid                      150KB        351KB
[ 1084.765030][T24175] Acpi-Operand             201KB        324KB
[ 1084.767012][T24175] Acpi-ParseExt             21KB         35KB
[ 1084.769070][T24175] Acpi-Parse                12KB         19KB
[ 1084.771062][T24175] Acpi-State                16KB         27KB
[ 1084.782729][T24175] Acpi-Namespace            35KB         44KB
[ 1084.784788][T24175] shared_policy_node          7KB          8KB
[ 1084.786795][T24175] numa_policy                9KB         15KB
[ 1084.788812][T24175] perf_event                34KB         62KB
[ 1084.790837][T24175] trace_event_file         540KB        540KB
[ 1084.793107][T24175] ftrace_event_field       1020KB       1023KB
[ 1084.802960][T24175] pool_workqueue          1935KB       2032KB
[ 1084.805020][T24175] task_group                42KB         61KB
[ 1084.807167][T24175] maple_node              2103KB       2744KB
[ 1084.809238][T24175] mm_struct                327KB        490KB
[ 1084.811364][T24175] vmap_area                693KB       1089KB
[ 1084.832930][T24175] debug_objects_cache       5561KB       8267KB
[ 1084.834991][T24175] page->ptl                142KB        173KB
[ 1084.836983][T24175] kmalloc-cg-8k           1856KB       1952KB
[ 1084.838952][T24175] kmalloc-cg-4k          13392KB      13536KB
[ 1084.840924][T24175] kmalloc-cg-2k           8528KB       9408KB
[ 1084.852751][T24175] kmalloc-cg-1k           2466KB       3232KB
[ 1084.854833][T24175] kmalloc-cg-512          1520KB       1744KB
[ 1084.856849][T24175] kmalloc-cg-256           429KB        480KB
[ 1084.858814][T24175] kmalloc-cg-128           244KB        300KB
[ 1084.860935][T24175] kmalloc-cg-64             62KB         80KB
[ 1084.872811][T24175] kmalloc-cg-32             70KB        168KB
[ 1084.874860][T24175] kmalloc-cg-16              7KB         16KB
[ 1084.876819][T24175] kmalloc-cg-8              20KB         36KB
[ 1084.878831][T24175] kmalloc-cg-192            61KB         96KB
[ 1084.880821][T24175] kmalloc-cg-96             74KB         84KB
[ 1084.892792][T24175] kmalloc-8k              5296KB       5536KB
[ 1084.894797][T24175] kmalloc-4k             20480KB      21216KB
[ 1084.896982][T24175] kmalloc-2k             37744KB      37792KB
[ 1084.898951][T24175] kmalloc-1k              8324KB       9344KB
[ 1084.900926][T24175] kmalloc-512            10363KB      12352KB
[ 1084.912527][T24175] kmalloc-256             4659KB       5120KB
[ 1084.914739][T24175] kmalloc-128             1523KB       2192KB
[ 1084.916726][T24175] kmalloc-64              3063KB       4548KB
[ 1084.918840][T24175] kmalloc-32              2122KB       5044KB
[ 1084.920774][T24175] kmalloc-16               436KB        716KB
[ 1084.922878][T24175] kmalloc-8                437KB        712KB
[ 1084.924920][T24175] kmalloc-192             1567KB       1816KB
[ 1084.926822][T24175] kmalloc-96              1507KB       1860KB
[ 1084.929134][T24175] kmem_cache_node          213KB        220KB
[ 1084.931128][T24175] kmem_cache               175KB        218KB
[ 1084.936259][T24175] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz2,task=syz.2.4046,pid=24175,uid=0
[ 1084.942993][T24175] Out of memory (oom_kill_allocating_task): Killed process 24173 (syz.2.4046) total-vm:106496kB, anon-rss:740kB, file-rss:27304kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[ 1085.022718][T24190] vhci_hcd: connection reset by peer
[ 1085.025292][ T7514] vhci_hcd vhci_hcd.1: stop threads
[ 1085.027906][ T7514] vhci_hcd vhci_hcd.1: release socket
[ 1085.030434][ T7514] vhci_hcd vhci_hcd.1: disconnect device
[ 1087.314016][T24255] netlink: 'syz.1.4061': attribute type 2 has an invalid length.
[ 1087.316555][T24255] netlink: 'syz.1.4061': attribute type 8 has an invalid length.
[ 1087.318992][T24255] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4061'.
[ 1087.570514][T24269] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4064'.
[ 1087.575636][T24270] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[ 1087.577756][T24270] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1087.580507][T24270] vhci_hcd vhci_hcd.0: Device attached
[ 1087.589286][T24270] random: crng reseeded on system resumption
[ 1087.670038][T24273] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1087.670055][T24273] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1087.670316][T24273] vhci_hcd vhci_hcd.0: Device attached
[ 1087.707867][T24273] 9pnet_fd: Insufficient options for proto=fd
[ 1087.727286][T24273] x_tables: duplicate underflow at hook 3
[ 1087.842793][T17308] usb 42-1: SetAddress Request (42) to port 0
[ 1087.844838][T17308] usb 42-1: new SuperSpeed USB device number 42 using vhci_hcd
[ 1087.956737][T14950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1087.961012][T14950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1088.119082][T24271] vhci_hcd: connection reset by peer
[ 1088.121237][  T153] vhci_hcd vhci_hcd.2: stop threads
[ 1088.125184][  T153] vhci_hcd vhci_hcd.2: release socket
[ 1088.127037][  T153] vhci_hcd vhci_hcd.2: disconnect device
[ 1088.285025][ T6021] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1088.442682][ T6021] usb 9-1: Using ep0 maxpacket: 32
[ 1088.447890][ T6021] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1088.451882][ T6021] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[ 1088.455688][ T6021] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1088.461142][ T6021] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1088.464253][ T6021] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1088.466924][ T6021] usb 9-1: Product: syz
[ 1088.468424][ T6021] usb 9-1: Manufacturer: syz
[ 1088.470371][ T6021] usb 9-1: SerialNumber: syz
[ 1088.477545][ T6021] usb 9-1: config 0 descriptor??
[ 1088.486162][ T6021] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input360
[ 1088.496320][    C2] xpad 9-1:0.0: xpad_irq_in - usb_submit_urb failed with result -1
[ 1088.720415][T24274] vhci_hcd: connection closed
[ 1088.720887][ T1147] vhci_hcd vhci_hcd.1: stop threads
[ 1088.726110][ T1147] vhci_hcd vhci_hcd.1: release socket
[ 1088.729532][ T1147] vhci_hcd vhci_hcd.1: disconnect device
[ 1088.772193][    C2] xpad 9-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[ 1088.775154][ T6021] usb 9-1: USB disconnect, device number 4
[ 1089.431343][T24318] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4069'.
[ 1089.579301][T24328] netlink: 'syz.4.4071': attribute type 2 has an invalid length.
[ 1089.583663][T24328] netlink: 'syz.4.4071': attribute type 8 has an invalid length.
[ 1089.591040][T24328] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4071'.
[ 1089.722743][   T10] usb 40-1: device descriptor read/8, error -110
[ 1090.223210][   T10] usb usb40-port1: attempt power cycle
[ 1090.577183][T24374] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[ 1090.579373][T24374] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1090.581275][T24378] netlink: 'syz.3.4080': attribute type 1 has an invalid length.
[ 1090.594661][T24374] vhci_hcd vhci_hcd.0: Device attached
[ 1090.639652][T24374] 9pnet_fd: Insufficient options for proto=fd
[ 1090.668410][T24382] netlink: 'syz.3.4082': attribute type 2 has an invalid length.
[ 1090.670651][T24382] netlink: 'syz.3.4082': attribute type 8 has an invalid length.
[ 1090.673001][T24382] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4082'.
[ 1090.681341][T24374] x_tables: duplicate underflow at hook 3
[ 1090.806767][   T10] usb usb40-port1: unable to enumerate USB device
[ 1091.973556][T24375] vhci_hcd: connection closed
[ 1091.978584][  T153] vhci_hcd vhci_hcd.2: stop threads
[ 1091.982237][  T153] vhci_hcd vhci_hcd.2: release socket
[ 1092.243041][  T153] vhci_hcd vhci_hcd.2: disconnect device
[ 1092.482970][T24406] netlink: 6 bytes leftover after parsing attributes in process `syz.1.4090'.
[ 1092.523883][T24409] netlink: 'syz.1.4092': attribute type 2 has an invalid length.
[ 1092.526424][T24409] netlink: 'syz.1.4092': attribute type 8 has an invalid length.
[ 1092.529533][T24409] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4092'.
[ 1092.952761][T17308] usb 42-1: device descriptor read/8, error -110
[ 1093.034323][T24429] 9p: Bad value for 'rfdno'
[ 1093.343248][T17308] usb usb42-port1: attempt power cycle
[ 1093.943175][T17308] usb usb42-port1: unable to enumerate USB device
[ 1094.319275][T24469] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.200490][T24469] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.305177][T24469] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.356984][T24469] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.434772][  T153] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.442871][  T153] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.449768][  T153] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.457244][  T526] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.927361][T24486] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.024787][T24486] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.225738][T24486] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.354541][T24486] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.269605][T24498] 9p: Bad value for 'rfdno'
[ 1098.779429][T24543] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1098.846894][T24543] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.723473][T24543] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.786889][T24543] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.877373][   T13] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.885845][   T13] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.893167][   T13] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.900114][   T13] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.336370][  T526] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.347950][T14950] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.351725][T14950] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.421531][   T13] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.682149][T24647] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4137'.
[ 1104.075658][T24667] FAULT_INJECTION: forcing a failure.
[ 1104.075658][T24667] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.079601][T24667] CPU: 3 UID: 0 PID: 24667 Comm: syz.1.4140 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1104.079618][T24667] Tainted: [L]=SOFTLOCKUP
[ 1104.079622][T24667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1104.079629][T24667] Call Trace:
[ 1104.079634][T24667]  <TASK>
[ 1104.079639][T24667]  dump_stack_lvl+0x100/0x190
[ 1104.079658][T24667]  should_fail_ex.cold+0x5/0xa
[ 1104.079671][T24667]  should_failslab+0xc2/0x120
[ 1104.079682][T24667]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1104.079698][T24667]  ? __alloc_skb+0x140/0x710
[ 1104.079712][T24667]  __alloc_skb+0x140/0x710
[ 1104.079722][T24667]  ? __alloc_skb+0x5b7/0x710
[ 1104.079732][T24667]  ? __pfx___alloc_skb+0x10/0x10
[ 1104.079747][T24667]  netlink_alloc_large_skb+0x69/0x150
[ 1104.079786][T24667]  netlink_sendmsg+0x680/0xda0
[ 1104.079802][T24667]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1104.079817][T24667]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1104.079834][T24667]  ____sys_sendmsg+0xa54/0xc30
[ 1104.079850][T24667]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1104.079871][T24667]  ___sys_sendmsg+0x190/0x1e0
[ 1104.079888][T24667]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1104.079920][T24667]  __sys_sendmsg+0x170/0x220
[ 1104.079933][T24667]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1104.079949][T24667]  ? __pfx_ksys_write+0x10/0x10
[ 1104.079968][T24667]  __do_fast_syscall_32+0xe3/0x8c0
[ 1104.079984][T24667]  do_fast_syscall_32+0x32/0x70
[ 1104.079997][T24667]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1104.080011][T24667] RIP: 0023:0xf7f42f6c
[ 1104.080020][T24667] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1104.080031][T24667] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1104.080043][T24667] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[ 1104.080050][T24667] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1104.080056][T24667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1104.080062][T24667] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1104.080068][T24667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1104.080081][T24667]  </TASK>
[ 1104.976327][T24683] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.105987][T24683] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.193945][T24683] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.559242][T24683] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.639233][T20865] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.641949][T20865] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.646470][T20865] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.655823][T20865] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.884400][T24689] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4147'.
[ 1106.537298][T24731] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4154'.
[ 1107.913978][   T40] audit: type=1804 audit(2000000018.249:417): pid=24739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4156" name="/newroot/393/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1108.231483][   T40] audit: type=1804 audit(2000000018.769:418): pid=24758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4157" name="/newroot/394/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1108.421620][T24764] binder: 24763:24764 unknown command 1853191215
[ 1108.424194][T24764] binder: 24763:24764 ioctl c0306201 80000080 returned -22
[ 1109.580730][T24771] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.696932][T24771] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.802770][   T40] audit: type=1804 audit(2000000020.139:419): pid=24781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4165" name="/newroot/491/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1109.804797][T24771] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.809635][   T40] audit: type=1804 audit(2000000020.139:420): pid=24779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4165" name="/newroot/491/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1109.875258][T24771] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.911648][T24782] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1109.913710][T24782] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1109.917870][T24782] vhci_hcd vhci_hcd.0: Device attached
[ 1109.922870][T24782] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4162'.
[ 1109.972119][  T153] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.979477][  T153] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.987559][  T153] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.996628][  T153] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1110.053760][T24786] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4166'.
[ 1110.059727][T24783] vhci_hcd: connection closed
[ 1110.060584][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1110.065925][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1110.071728][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1110.086643][   T40] audit: type=1804 audit(2000000020.629:421): pid=24788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4167" name="/newroot/396/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1110.102778][   T67] vhci_hcd vhci_hcd.4: vhci_device speed not set
[ 1111.798549][   T40] audit: type=1804 audit(2000000022.279:422): pid=24821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4174" name="/newroot/292/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1112.118098][   T40] audit: type=1804 audit(2000000022.659:423): pid=24826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4176" name="/newroot/293/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1114.002716][T24848] FAULT_INJECTION: forcing a failure.
[ 1114.002716][T24848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1114.006906][T24848] CPU: 2 UID: 0 PID: 24848 Comm: syz.1.4183 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1114.006924][T24848] Tainted: [L]=SOFTLOCKUP
[ 1114.006928][T24848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1114.006935][T24848] Call Trace:
[ 1114.006940][T24848]  <TASK>
[ 1114.006945][T24848]  dump_stack_lvl+0x100/0x190
[ 1114.006965][T24848]  should_fail_ex.cold+0x5/0xa
[ 1114.006978][T24848]  _copy_from_iter+0x1f4/0x1690
[ 1114.006997][T24848]  ? __asan_memset+0x23/0x50
[ 1114.007011][T24848]  ? __pfx__copy_from_iter+0x10/0x10
[ 1114.007028][T24848]  ? __pfx___alloc_skb+0x10/0x10
[ 1114.007045][T24848]  netlink_sendmsg+0x808/0xda0
[ 1114.007061][T24848]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1114.007076][T24848]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1114.007093][T24848]  ____sys_sendmsg+0xa54/0xc30
[ 1114.007109][T24848]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1114.007131][T24848]  ___sys_sendmsg+0x190/0x1e0
[ 1114.007147][T24848]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1114.007180][T24848]  __sys_sendmsg+0x170/0x220
[ 1114.007192][T24848]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1114.007208][T24848]  ? __pfx_ksys_write+0x10/0x10
[ 1114.007227][T24848]  __do_fast_syscall_32+0xe3/0x8c0
[ 1114.007243][T24848]  do_fast_syscall_32+0x32/0x70
[ 1114.007256][T24848]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1114.007270][T24848] RIP: 0023:0xf7f42f6c
[ 1114.007279][T24848] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1114.007289][T24848] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1114.007300][T24848] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[ 1114.007307][T24848] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1114.007313][T24848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1114.007319][T24848] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1114.007326][T24848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1114.007339][T24848]  </TASK>
[ 1114.132442][T24851] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4184'.
[ 1114.136169][   T40] audit: type=1804 audit(2000000024.679:424): pid=24853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4185" name="/newroot/404/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1115.392942][   T40] audit: type=1804 audit(2000000025.929:425): pid=24857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4186" name="/newroot/405/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1115.626616][T24866] netlink: 50 bytes leftover after parsing attributes in process `syz.3.4190'.
[ 1115.629711][T24866] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4190'.
[ 1116.192698][T15257] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1116.375512][T15257] usb 7-1: Using ep0 maxpacket: 32
[ 1116.386908][T15257] usb 7-1: config 1 interface 0 altsetting 6 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1116.391973][T15257] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1116.401483][T15257] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1116.404923][T15257] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1116.408174][T15257] usb 7-1: Product: 礿鼣鸓㛮䓝ⳡꥃ䀇꿪蒥୫儓깰㈦鄪ዡԆ＼潘᮳䠫곐♯劒뿠셨⑬享뷺쯩菲屳쫿늜䂓悺ꈘ╬ᙔ碦욅ᩅ
[ 1116.413934][T15257] usb 7-1: Manufacturer: ᐄ
[ 1116.415523][T15257] usb 7-1: SerialNumber: ၟ蔻앨ᡗ쥛f郾솹鶘讶쉉ᓼ՜ܛ⯊Ạ﷑쌰巾䃼퍣ߦ躆嗽ᨮ暚䶁틃逥穌细塻쉐뜟빨郦睥⧧䣜䚸ܰ짭䆚Ⳁ赧ﰞﴍ㠧ឭ鶼Ꭸ뎅龄祿䭊⺾앺훎逰헩憪ﴝᛏ㬁᧸䳂枥翆硏Ԣ싰͚⽹ㅄバ缂랿啯瘕
[ 1116.658158][T15257] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[ 1116.678177][T15257] usb 7-1: USB disconnect, device number 15
[ 1117.232684][   T40] audit: type=1804 audit(2000000027.729:426): pid=24903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4194" name="/newroot/430/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1118.009513][   T40] audit: type=1804 audit(2000000028.549:427): pid=24906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4196" name="/newroot/297/file0/file0" dev="9p" ino=72613983 res=1 errno=0
[ 1118.175310][T24916] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4201'.
[ 1118.536694][T24924] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4198'.
[ 1119.816071][T24955] netlink: 'syz.1.4205': attribute type 2 has an invalid length.
[ 1119.818471][T24955] netlink: 'syz.1.4205': attribute type 8 has an invalid length.
[ 1119.820926][T24955] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4205'.
[ 1119.928208][T24940] Oops: general protection fault, probably for non-canonical address 0xeac826e83f43c1fe: 0000 [#1] SMP KASAN NOPTI
[ 1119.932411][T24940] KASAN: maybe wild-memory-access in range [0x56415741fa1e0ff0-0x56415741fa1e0ff7]
[ 1119.936397][T24940] CPU: 3 UID: 0 PID: 24940 Comm: syz.3.4204 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1119.940145][T24940] Tainted: [L]=SOFTLOCKUP
[ 1119.941588][T24940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1119.944736][T24940] RIP: 0010:try_module_get+0x23/0xd0
[ 1119.946351][T24940] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 48 85 ff 0f 84 9b 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 89 fb <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 89 00 00 00 83 3b 02 74 67 48
[ 1119.953421][T24940] RSP: 0000:ffffc9000e0a78b8 EFLAGS: 00010202
[ 1119.955429][T24940] RAX: dffffc0000000000 RBX: 56415741fa1e0ff3 RCX: ffffc9003146a000
[ 1119.957933][T24940] RDX: 0ac82ae83f43c1fe RSI: ffffffff87e91d50 RDI: 56415741fa1e0ff3
[ 1119.960405][T24940] RBP: ffff888024589200 R08: 0000000000000001 R09: fffffbfff1fd9f21
[ 1119.963080][T24940] R10: ffffffff8fecf90f R11: 0000000000000000 R12: ffff88806cc6efc0
[ 1119.965565][T24940] R13: ffffffff8a14f370 R14: ffff88802a9cd598 R15: ffff88806cc6f008
[ 1119.968003][T24940] FS:  0000000000000000(0000) GS:ffff88809744e000(0063) knlGS:00000000f5486b40
[ 1119.970638][T24940] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1119.972743][T24940] CR2: 00000000ff9f9034 CR3: 0000000068e31000 CR4: 0000000000352ef0
[ 1119.975239][T24940] Call Trace:
[ 1119.976267][T24940]  <TASK>
[ 1119.977149][T24940]  dvb_device_open+0x124/0x3b0
[ 1119.978598][T24940]  ? __pfx_dvb_device_open+0x10/0x10
[ 1119.980209][T24940]  chrdev_open+0x234/0x6a0
[ 1119.981930][T24940]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1119.984364][T24940]  ? __pfx_chrdev_open+0x10/0x10
[ 1119.985934][T24940]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1119.987964][T24940]  do_dentry_open+0x6d8/0x1660
[ 1119.989490][T24940]  ? __pfx_chrdev_open+0x10/0x10
[ 1119.991181][T24940]  vfs_open+0x82/0x3f0
[ 1119.992480][T24940]  path_openat+0x208c/0x31a0
[ 1119.993994][T24940]  ? asm_int80_emulation+0x1a/0x20
[ 1119.995604][T24940]  ? __pfx_path_openat+0x10/0x10
[ 1119.997205][T24940]  do_file_open+0x20e/0x430
[ 1119.998698][T24940]  ? __pfx_do_file_open+0x10/0x10
[ 1120.000324][T24940]  ? _raw_spin_unlock+0x28/0x50
[ 1120.001945][T24940]  ? alloc_fd+0x476/0x790
[ 1120.003340][T24940]  do_sys_openat2+0x10d/0x1e0
[ 1120.004950][T24940]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1120.006580][T24940]  ? rcu_is_watching+0x12/0xc0
[ 1120.008125][T24940]  __ia32_compat_sys_openat+0x12d/0x210
[ 1120.009870][T24940]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1120.011998][T24940]  ? __pfx___do_compat_sys_sigreturn+0x10/0x10
[ 1120.013991][T24940]  do_int80_emulation+0x141/0x6b0
[ 1120.015627][T24940]  asm_int80_emulation+0x1a/0x20
[ 1120.017199][T24940] RIP: 0023:0xf71c5cab
[ 1120.018498][T24940] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1120.025393][T24940] RSP: 002b:00000000f548603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1120.028281][T24940] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5486100
[ 1120.030749][T24940] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1120.033255][T24940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1120.035766][T24940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1120.038221][T24940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1120.040712][T24940]  </TASK>
[ 1120.041748][T24940] Modules linked in:
[ 1120.043506][T24940] ---[ end trace 0000000000000000 ]---
[ 1120.047564][T24940] RIP: 0010:try_module_get+0x23/0xd0
[ 1120.049310][T24940] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 48 85 ff 0f 84 9b 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 89 fb <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 89 00 00 00 83 3b 02 74 67 48
[ 1120.056371][T24940] RSP: 0000:ffffc9000e0a78b8 EFLAGS: 00010202
[ 1120.060143][T24940] RAX: dffffc0000000000 RBX: 56415741fa1e0ff3 RCX: ffffc9003146a000
[ 1120.064577][T24940] RDX: 0ac82ae83f43c1fe RSI: ffffffff87e91d50 RDI: 56415741fa1e0ff3
[ 1120.067342][T24940] RBP: ffff888024589200 R08: 0000000000000001 R09: fffffbfff1fd9f21
[ 1120.069969][T24940] R10: ffffffff8fecf90f R11: 0000000000000000 R12: ffff88806cc6efc0
[ 1120.072946][T24940] R13: ffffffff8a14f370 R14: ffff88802a9cd598 R15: ffff88806cc6f008
[ 1120.075450][T24940] FS:  0000000000000000(0000) GS:ffff88809744e000(0063) knlGS:00000000f5486b40
[ 1120.078244][T24940] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1120.080436][T24940] CR2: 00007f64efc1fd20 CR3: 0000000068e31000 CR4: 0000000000352ef0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1120.083339][T24940] Kernel panic - not syncing: Fatal exception
[ 1120.086027][T24940] Kernel Offset: disabled
[ 1120.087359][T24940] Rebooting in 86400 seconds..