last executing test programs:

8.028082723s ago: executing program 0 (id=2375):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_TIMEOUT(r3, 0x2201, &(0x7f0000000040)=0xfffffffa)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000))
r4 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x3)
r5 = syz_open_procfs$userns(0x0, 0x0)
mount_setattr(0xffffffffffffff9c, 0x0, 0x900, &(0x7f0000000240)={0x100088, 0x81, 0x100000, {r5}}, 0x20)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000640), 0x0, 0x0, 0x0, 0x0, r7})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r6, 0xc01064ab, &(0x7f0000000000)={0x0, 0x0, r7})
ioctl$TCXONC(r4, 0x540a, 0x3)
openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0405619, &(0x7f0000000100)={0x4, 0x80000, "4160ff014ee3ac531449d61c3b8211b92059de624b1a208e", {0xfffff7b0, 0x5}, 0x5})
socket$netlink(0x10, 0x3, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000400)={0x73622a85, 0xf, 0x3})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r8, 0xc018620b, &(0x7f0000000000)={0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)

7.774892186s ago: executing program 2 (id=2379):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$TIOCSPTLCK(r2, 0x40045431, 0x0)
r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x3)
r4 = syz_open_procfs$userns(0x0, &(0x7f0000000100))
mount_setattr(0xffffffffffffff9c, 0x0, 0x900, &(0x7f0000000240)={0x100088, 0x81, 0x100000, {r4}}, 0x20)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000640)})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r5, 0xc01064ab, &(0x7f0000000000))
ioctl$TCXONC(r3, 0x540a, 0x3)
openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0405619, &(0x7f0000000100)={0x4, 0x80000, "4160ff014ee3ac531449d61c3b8211b92059de624b1a208e", {0xfffff7b0, 0x5}, 0x5})
socket$netlink(0x10, 0x3, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000400)={0x73622a85, 0xf, 0x3})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc018620b, &(0x7f0000000000)={0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)

6.709575858s ago: executing program 0 (id=2380):
iopl(0x3)
connect$qrtr(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x14, 0x2, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xffff}}, 0x14}, 0x1, 0x3000000, 0x0, 0x4044081}, 0x0)

6.709227248s ago: executing program 1 (id=2381):
bpf$MAP_CREATE(0x1800, &(0x7f0000001200)=@base={0x6, 0x4, 0x4, 0xc, 0x1800}, 0x50)

6.623687817s ago: executing program 0 (id=2383):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100), 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x401, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2500}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_DIR={0x5, 0x17, 0x5}]}}}]}, 0x48}}, 0x0)
write(r1, &(0x7f00000001c0)="240000005800410f9c00f4f90085b3025cb1fddf08000100050100000800028001000000", 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x40, 0x107, 0xffffffee, 0x25dfdbff, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @fd}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0x400c0c0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r7, &(0x7f00000001c0)={0x18, 0x2, {0x3, @remote}}, 0x1e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r8, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4})
r9 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r9, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)

6.623408696s ago: executing program 1 (id=2384):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000040)={@cgroup=r3, r3, 0x2f}, 0x20)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', 0x0, 0x24, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
rmdir(&(0x7f0000000380)='./file0/../file0\x00')
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="480000000206030000000000000000000500000005000100060000000d000300686173683a6e6574000000000900020073797a310000000005000500020000000500040000000000e16d47cad10fa052d822d52667f51dfa157c7a4bbe4863fa6bb9ba6be2c1c80c81b70694ecfd0dbe2eb44521c606d8211202c3fba5d4eef807db768a5545a698b063fc5e0d0fc9a29c81ab0d6613f42192b80578cd18656ff3d96cdbaf48654531c97d484ccd2df78aedcf4af2776b1224f8b4e44d3608ec1ae1857d774f00eec9ca6dee0b62087dd5bbcdf2bca33b288049cdb35a6b0529fe164ce50b3fabcae6b18c74c03f3fd032f9b07a9b200e639df45c7621643fd411678ab7aa05c0890ba981a149164d3b36c1fd0d0f253bf742c79fd90cfc89cc6fdd40e5d2d3847b2a85594432fd1086008f9eba24aebe3bdd54de13b53d5a659c5aa4ab1165b72b5a9e19d3467f89b561a3bd8fd5864dea6323647a1d21a26fe1ffc7d8f1f20d584a3598c80ff4754091ec0ce5f1fa4d59291c4f3c"], 0x48}}, 0x0)

6.469376472s ago: executing program 2 (id=2385):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x5, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc, 0x7, {0x66ca4899a2c66c5d}}, {0xc, 0x8, {0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$sr(0xffffff9c, &(0x7f0000000300), 0x20100, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r5, 0x84, 0x74, &(0x7f0000000340)=""/8, &(0x7f0000000500)=0x8)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="64ff1ec4624307f1561b5ad480b718edf0ee74c7e370c8c0c568358cd8c65301c35e5f6a317435e1195ee61792096cdb57196fef44bc5be37efc8fea5656bd30b925d6185fda406b0ae8058fe702815f99c8763b7969d52a85c382cdf0"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x6)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={0x0, 0xd8}}, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
socket$kcm(0x10, 0x400000002, 0x0)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e20, 0x1000040, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3c}, 0x1c)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

5.651565172s ago: executing program 3 (id=2387):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0xc000)
ioctl$SIOCX25GDTEFACILITIES(r4, 0x89ea, &(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_freezer_state(r5, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r6, &(0x7f0000000040)='FROZEN\x00', 0x7)
write$cgroup_freezer_state(r6, &(0x7f0000000080)='THAWED\x00', 0x7)
socket$nl_route(0x10, 0x3, 0x0)
r7 = fsopen(&(0x7f0000000140)='mqueue\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0xa)
fchdir(r8)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
creat(0x0, 0x40)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

4.818396312s ago: executing program 1 (id=2388):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_TIMEOUT(r3, 0x2201, &(0x7f0000000040)=0xfffffffa)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000))
r4 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x3)
r5 = syz_open_procfs$userns(0x0, 0x0)
mount_setattr(0xffffffffffffff9c, 0x0, 0x900, &(0x7f0000000240)={0x100088, 0x81, 0x100000, {r5}}, 0x20)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000640), 0x0, 0x0, 0x0, 0x0, r7})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r6, 0xc01064ab, &(0x7f0000000000)={0x0, 0x0, r7})
ioctl$TCXONC(r4, 0x540a, 0x3)
openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0405619, &(0x7f0000000100)={0x4, 0x80000, "4160ff014ee3ac531449d61c3b8211b92059de624b1a208e", {0xfffff7b0, 0x5}, 0x5})
socket$netlink(0x10, 0x3, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000400)={0x73622a85, 0xf, 0x3})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r8, 0xc018620b, &(0x7f0000000000)={0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)

4.112990671s ago: executing program 3 (id=2389):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getrlimit(0xc, &(0x7f0000001400))
r0 = getpid()
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000014c0)={0x0, 0xa1, "cb2469df989ce71396189dea6a521b7adcb8e015891277e1b3e18d0ee73896e8186bcd068fe0408ff156e40413a9a69c50efb2e4e41f61a1da9b5e7f05afcc7581b7a69275c4111ca1d5e57229c33fac9f0482fad5099ce705dc5feb4b0da879d6ffff9e8bcf2f5f15b8f378573777dd5d3d2702f451771b50e7b32121b91699eac0b7a17f6bb0aba46eebb1b501dfe4989fe52d12ff04359a35b6a5e0ad3d8934"}, &(0x7f0000001580)=0xa9)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000280), 0x881, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000300)='\x00', &(0x7f0000000340)='^!{.,\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, &(0x7f0000000400)=""/4096, 0x1000)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
landlock_create_ruleset(&(0x7f0000000100)={0x0, 0x3}, 0x10, 0x0)
r7 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r6)
sendmsg$NLBL_CALIPSO_C_ADD(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="030025bd7000fedbdf2501000000080083746ec5830d3610fb942e674bfe0200020000000800020002000000ba69b3eb8ff835"], 0x24}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000380)={@local, @random="d8be17d19221", @val={@void}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x23, 0x28, 0x64, 0x0, 0xf, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x20, 0x6071, 0x0, 0x9}}}}}}, 0x0)

3.055206755s ago: executing program 2 (id=2390):
memfd_create(0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x6}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)={0x4c, r1, 0x200, 0x0, 0x0, {0x2c}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0xffffffff}]}, 0x4c}}, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0xfffffffd, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x2241, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000000b240)=ANY=[@ANYBLOB="140000002e00f10326bd7000fdffffff"], 0x14}, 0x1, 0x0, 0x0, 0x1882}, 0x4044080)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
recvmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r5, 0x0, 0x4, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

2.649264963s ago: executing program 0 (id=2391):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4)
socket$packet(0x11, 0x3, 0x300)
ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa33"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x6000, 0x0, 0x0, 0x2, 0x31}, 0x48)

2.648432489s ago: executing program 2 (id=2392):
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f00000007c0)={0x1e0, 0x140, 0x2000, 0x800, 0x74f9, 0x7, 0x2, 0x1f, {0x6, 0x4}, {0x20006, 0x401, 0x1}, {0x800, 0x40000000, 0x1}, {0x7, 0x75d00000}, 0x3, 0x1dd, 0x5, 0x1, 0x0, 0xffffffff, 0x5, 0xb, 0xff, 0x6, 0x1, 0x4, 0x3, 0x3e, 0x2, 0x462be122f10b40b4})

2.562943128s ago: executing program 0 (id=2393):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$TIOCSPTLCK(r2, 0x40045431, 0x0)
r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x3)
r4 = syz_open_procfs$userns(0x0, &(0x7f0000000100))
mount_setattr(0xffffffffffffff9c, 0x0, 0x900, &(0x7f0000000240)={0x100088, 0x81, 0x100000, {r4}}, 0x20)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000640)})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r5, 0xc01064ab, &(0x7f0000000000))
ioctl$TCXONC(r3, 0x540a, 0x3)
openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0405619, &(0x7f0000000100)={0x4, 0x80000, "4160ff014ee3ac531449d61c3b8211b92059de624b1a208e", {0xfffff7b0, 0x5}, 0x5})
socket$netlink(0x10, 0x3, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000400)={0x73622a85, 0xf, 0x3})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc018620b, &(0x7f0000000000)={0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)

2.562218219s ago: executing program 3 (id=2394):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$inet(0x2, 0x5, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, 0x0, &(0x7f00000002c0))
ioctl$KVM_CAP_DISABLE_QUIRKS(r3, 0x4068aea3, &(0x7f0000000200)={0x74, 0x0, 0x10})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r2, 0x4038587a, &(0x7f00000006c0)={{r2, &(0x7f0000000140)='gcm(aes)\x00', 0x4041, &(0x7f0000000300)={@_ha_fsid={[0x9, 0xffffffe4]}, {0x8, 0x8, 0x5, 0x3}}, 0x4, &(0x7f0000000380), &(0x7f0000000480)=0x5}, {[0x3ff, 0x9, 0x6, 0x4]}, 0x5, 0xde, &(0x7f00000005c0)=""/222})
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="5400856191e85926b425fdc3ff933574ad88d100000000000000000000000053e1b6c8ed16d626c72b6743c65047931d8ad287b5d4c3df4d1e8b6f2fdee6525b21013ea1c103691a2a0b3fb5ebbdb18965a00fefdc647fdf0c861aa0c67fe577463aa17d9e1377f1df524613fbeeec4e53f233147f98d5f2789fea736bdcda1fea71ae3076e120f11e1c7800006351", @ANYRES16=r7, @ANYBLOB="0100000000000000000017000000400006803c00040067636d286165732900000000000000000000000000000000000000000000000014000000e3de3d7b4cd07ec3ee777de774fc7987cca41989"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r10, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x68}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r9, 0x1, 0xfffffff5, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}}, 0x4000004)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r11, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x1, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)

2.467389353s ago: executing program 1 (id=2395):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99\x18\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1f\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\tRJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd99C\x9fF\x9c[M=\xa0^\xa8\xed)\xe8Z\xe8\x9b&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xc9\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8ZmH\x98\xaeb\xa5B5)\x80m\xff\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6\x05\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97O\xb7\xfa\x19\x06U)j!\x91\'\x98\xd2kFN\xfa\x80)O\xb9(!n\x9d\x13\x15\xf1\x1a\xb8y\x14l\xd1', 0x7)
ioctl$FS_IOC_RESVSP(r1, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x762})
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(0x0, r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004880)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="070200000000ffdbdf25010000000c000480050003000500000008000100030000000800020003000000"], 0x30}}, 0x810)
r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200), r2)
sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r4, 0x2, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}}, 0x11)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0x8001, 0x7}}, './file1\x00'})
openat(r5, &(0x7f0000000100)='./file1\x00', 0x40, 0x80)
r6 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="000010c20800"})
io_setup(0x0, &(0x7f0000000e80))
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r8, &(0x7f00000027c0)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000000500)={0x18, r9, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)
ioctl$FS_IOC_SETFLAGS(r6, 0xc0606610, &(0x7f0000000040)=0x60)

2.316307725s ago: executing program 2 (id=2396):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, 0x0, 0x8c, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x40000)
bind$alg(0xffffffffffffffff, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x232943, 0x1b8)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[], 0x2)
write$P9_RSTATu(r4, &(0x7f0000000840)=ANY=[@ANYBLOB="9afdffff"], 0xc2)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r4, 0x0)
write$binfmt_script(r4, &(0x7f0000000400)={'#! ', './file0', [{0x20, '\x00\x00\x02'}, {0x20, '\xb0!S\x90\xa6\x9c\xf8P\xbdo{\xca\xce\xee\xba\x89\x11\x19\xa3po\xb1\x93\f\x9c\xd9,c\xa3\b/]'}, {0x20, '\x00'/16}], 0xa, "09c39d22cbb1be253a4894790377a989d5f70e4a93b50156c5d1a5777b280174fcc07f6171b009696e3299b6bb7eab37e283931c69a259b77d31d358e70fcf56b6dc8cada73f18e6d4f7a976d08bfeb8222df4003c0df0616f8725c30737b588f005cc38a98932fbce13a93fc0259260a9a2956bc7ba17a342c0438b8537f102d742e13be59f0b267c251b304a76bb632f71986068a05210d6b788c58296c82bd5a49b7da8ddfbeac383999206e138de3e8d7207d4216fa3"}, 0xf9)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0x18, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0x4}]}, 0x18}}, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000004001000ffff00000b00000001000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)

2.315231362s ago: executing program 1 (id=2397):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x12})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
r1 = add_key$keyring(&(0x7f0000000500), 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_persistent(0x9, 0x0, r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180), 0x0)

2.200432968s ago: executing program 1 (id=2398):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x5, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc, 0x7, {0x66ca4899a2c66c5d}}, {0xc, 0x8, {0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$sr(0xffffff9c, &(0x7f0000000300), 0x20100, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r5, 0x84, 0x74, &(0x7f0000000340)=""/8, &(0x7f0000000500)=0x8)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="64ff1ec4624307f1561b5ad480b718edf0ee74c7e370c8c0c568358cd8c65301c35e5f6a317435e1195ee61792096cdb57196fef44bc5be37efc8fea5656bd30b925d6185fda406b0ae8058fe702815f99c8763b7969d52a85c382cdf0"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x6)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={0x0, 0xd8}}, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
socket$kcm(0x10, 0x400000002, 0x0)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e20, 0x1000040, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3c}, 0x1c)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

960.004816ms ago: executing program 0 (id=2399):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BINDER_GET_EXTENDED_ERROR(0xffffffffffffffff, 0xc0046209, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = openat$cgroup_root(0xffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
kexec_load(0x8be, 0xa, &(0x7f0000001c00)=[{&(0x7f0000000280)="865248c661e01086308d44", 0xb, 0x5, 0x7fff}, {&(0x7f0000000400)="d2b3fb629820bd05cf0fbd04e7b6491630280f1bc7ef7a97b9c1b62ba3e08ae6bf5d9a6f7359f34ec2876ce8f586761bc7c70ecf622e461b8d4fb7f0fde019a52f4cc140c0dfa1e72d59874823bbe08aacb2494e8d7cca2f2be9481f7b0290bc946ccb1607cad7140f9843f5fb277240b38ac1fff1f743fc68dce7b60fb81b14620a5f10f06ef2522d807f981fb7eb7bf88bf53d4ab86982475c14c9113250c133682469c4370da653443ebd1bf24bf80fdeabb9ef94aa96d2f7f8227c05d31ed42c21bb2ed847", 0xc7, 0x5, 0x1}, {&(0x7f0000000500)="49076aed5b0c883912f3cc2931dd8fbf2200e362257c8775", 0x18, 0x3981, 0xfbe3}, {&(0x7f0000000540)="f6cb689935aacb2a2c9b5fa0f1625365917af51b644f063fe7b1863f1e7e18af969e217f62a4ed345236a632e4bbc0a49f85f4e089d0", 0x36, 0x8, 0x5}, {&(0x7f0000000900)="80f9852abd192949df9da869cf10f29de2518e9eed688f682c6286b47c25c40b41b83c62b4218ba696277c5b8bda4cd5b81bbdd2adc66ac042c31af60f2cc6256dd8e6aaff5b728f20e49bf2e3eeeac9ff428cd5fca7738459109ad5807f55351840d88611c1252e53c435b555e06411d275bc9db2843dd0755d02841227fcd8d51e329d0ea7fd3a5d1750c556b58406f8190d41dc8e332e2c74c1b5ef9c6f5762b1ebaec3282ac7225851846a5e71edb6fac00c617502ea8c9c1cf1bde1b6bd098af8facf5e7c0afa5d3fa59744c0b2bbf91f068428d4a271bd637babf88529f4602938586e7bc65a49549247f1a71e21e6318f009ad05e5f1a61e453e9579e4ab7497856217f166de1454a76288d2631b086c9f2cdc07ec8674fe18237f5f064b504890085894c6dfb7243b963db0d2172e14b7d7b11053d4fe932862ebbd7bb78795741211f5e0e044b87de04b33d41359ff479628ab9abae3352e2e1ce046f2e8e4d15bc87146b8669221ea43b35c0c4f222d59f3def5d7eae7ed5d1e3f5cd67e187b3b94f15e484f5457a0d4e6e1888a9f39cff9f4137c5f4377c666e9f1a5b246c52ccfc258059f5414e0f535bd35a3de1eb0de1934a6ab5664d7c90c1afea63e57625ad0f91e0e15bafd9d401b51869a4b4bef227a1cc5538c7144993d18f2641c1b2011bc31983309da2ce93af2379733fc25cd6d2e3836685141ad8fcb0a55390e3fcf6dbe790bd70ae666c44d6083b1b5c8c8b4d130a286ead1f588fcae630941cfa5cde6859b235e8c970e57f1954903f6d3ad3ad19f05b69fa7a2fa1d58539b2ce47ab7034a4f22bce41cb9c01498b3c837a5011b41233f4af3336c6605d0ea2ab695654170362d57eb155fdcc7bb5a424b377f13ae547e2af7ceefc27a6446045d317d9d9395822a69c118b398f4d1e7991d8ff7b05714133bc47fe33a84f0e8fbf25d2b7d72666306de2a7302014c55155351b2f75c1a4446c9bace14fa2113c345780200b47b28d63366c88156ab4f6226d9365f382abb1a91fe7b5774bb2f84f3ff192abee4b1a42added102cff5e12d8f85ce73cc0cfa30459bd23c9b6a8a7f2f2467eec4f601d1d3bdbd07c892ce8892f7d94d9f266b70f73dd1d799986686e98db9a26d2e60db52afd16a5969be6b1a42e405aabb12bed00fb872c30c06c784274061e203871c606030d51f09112d610d54878e49ca19f81514576b0a52f15b955b2b3bc01be0e4bc8f522acf2173d1a6369a3b57c5e2675a87cd013ef092aee935f44923efd1efcf48a52256658223000c606814f962148be27bb06d7c889524865a0a247e74f1e7f2ad0ad9c73a6d58259ab8f56b9f9c71f545dc9bdabddc9f3d4e19fcd905308dcfb6eedf0199b205fef5dc2ba75bca18f43bcfb9c9dba663d8df01d01ac932c8db5177eaf3301533290e115ceb359ed24b23cecc1a618785c61d822067cd8b837cbe4a7dfdd4e9e48ab46b55b8b1bb36a2332c75a25f69745388277327208960e186968bbf07533ec580b6b6c2316b78f0921d5a8482849e7382a7794fc1e14a82f83420e3d9aa088dc575fddb83cc06b3c0b91bffec15f2cac436f5b60eef01502fb4f795a00466bec9d85b19aaabcbed236f242b00dc2a596b8305c7ab6280af170d6e79c440c8da915d449d1f72c4558157f19d11f357a5fe8c3755c5fe16d56eb734e7cc994a36b94fb958b53b5144004fb6421e8f855c877037a7c09c69edaaea014f52af17858530c879c8015834131633b318738c3f571782c7b9e604a7425a494aa2da22684a20358d61c865712a6006aa1803cc0a507541cacdddcff25fe92021507db7fa88c1c78c03796cd21ecf86b1555409efd166f8b8ee1e444c0ce723980ff2ce68d534d81d47083ed82d388fdbfef9e5e9b3ccd1f9700f3d7abf88fe87140753113f8ea2aa945cb4861e62bf9f12fd11f752bc77ceaf408a0d7c5287a492e4ee3f69eba165ad4bc1d9e9c81a7d7e2dbd082bf838376b597c35468d2e904642c12f032795c398ba1bf373231335fdeb8029bc94e460fe7fa39a748a681eff1e47df334856504edb136e40790a254362f576727a6a9a3d72caa46ecf712a14c4c52098df35190e1b2336eee9db94fe3be40bcfa8209a68984afe57697cb6d6187feca76b11e4dc45c97f58afd6d2e0c6617c726f9fa97e48ba127c04274117712867c345e0e1663fd214cffbc4ddfdf0bb0513859bccbd904823c1fdd020645b52ffcbfc0e548207127f1bc5b1fe3f72caae6aa64ea24f10e49050172bbff03222f3fb10b80798425b60498ba2600f9ace709460f6703518d872d19b609388f788c662a774298ae5e3be3af2f5e60e06377766dd12c2ef0e2d476f758722d0bdf33ebfe2bb69a2e34a0f53a012b015e4b643d77d7657a5e23d14289306ede00579469fba70682d04336353908a5534f1e90c1528fe65404f2b4322380eaa2aaa20bf4ece931545085fee1493fb72063e1d30a39da7e17c8fca3b435c639fd5c615766813463f0c2dedcc5548078ea92ebd7d78dec1d6e3f31a37378c97a26b2bfd1acb2cc854e4d08cbb62324745d09dcdb0d7faeca17dcf2c7dffd14a168c14754036dcfe63ce16c55c39f5b1e893f09aa9174ec4c83a87ae54d9651054d961db15cf9f33b06ab4820ff056c143c2bd3c72683dda86e46735ba4a69adf3ddc69457315cecfaeaa2eaf741584db5e892e65a2d5b606347ce32efa65d8a04d8dc6f0dab3ffa5acb2de75a7ffe50861bb6a6a70b90dc2b79df5e0998522827b868f5f5d27a270ab459695c76e73219ebf1fdcc0216881fa9b711b0b6da351c3a233153f7b78eacb00128150b3db68dd8e8b34bb78705fe6fc23ea67b422341b5c86e21573860409c98823d5f5792608a56f0d20b4d7444bfafc76156be6706acf10df0c6cf2e0fb1f7615bb041b2db0561a1709436c605c6af75fb8bd45d5b0a95bd65900d14fabca1061a67da664851712044e9567667fb19141dc6b5ab880013dd41152833a10d03070703b037f11b3ade4d846e49b2f825c7fe131898d9b5eb2400b8491e40c5b77c05b50f47abe498cba8dccd28aa8a33c5abf41178b1103a92b2573cafe36a594e4eb5575cca77a38bd9b3fae2496bafbe3771abbe40b83ea9a2b7c397746ed540a8953bb237c187d98a56c9ea5c238dcb3af7d67abb1073b85f73763f13058c764ba2abc04323729a98310a797dbbdd49988b925f874acb27722e73f1a7e2b9d291478df238266b0b459ecd8f0622d9acaad166447266049c8f8c7cb5a148f2131bf2e1149bf896fd2319c4346f5edd3a8493bfecdd852520f03e274b0c0e269e898e8746649a28c6610337ee918a87dc4976ca793b0e67e788582f968395e8e56a65ce4355b6bd91561fd6ff1694283b3e949b53a31c1855aa794cc32e8385e12a315a5e6976839bfcfaa5ea9c10f1347bd60026d3c059d90284da30f7c05090fea0a5fa0ca2aae4a9001b04ea6a19ad28b3c5ac362b52b85a78e6ab4cfeedbfaf8e33ef81fef4b112e091497cdba3908a12432e90fe55de0be642c3d5fe0d840d93448b634ef7cde5bbd3d986e2387c1ca92db09920927f46d82b6545aba338c997db197b3df17232020a9e6b8741c36ae470b4aba11c61dec0c6d8445f8c352391047f2f6463d09ea5159b5f595aa2caf528fd4fbe29eaf4daa871e57087f345c1494dc4c63871d8774326bbcf4dcd19cbb2c9fc2c084a1e9a63778b290cc53ca1082a0491ff39f3d6cc7455335d4a3c28cdd5f046c4ae57264ee5b10df683ec8047765804be88e9e040528addf8816cff8eb669fe34e82b090fa0a73d160b9b553d487845e09ec258fb422c10d46d56b44c2efa1f80ebf9d233bd12ee7120b0d8eab7c7700aa03dc9c198a372c6ecd3c8270ca46c22f56a5bfed20e3357a8459a59ee1229cafdbad80fed4e08c3b9791f0bf69c9de0a924226ab644df3086317405f8273dac6b3340ba75d0f56adaa974551cd1bae6942af59a7e0c40c7e958a596a876327aa6b7a7aa22fcd12bc72df90cc090a31cc34315e528a1ebcfa64575b66c20c259c21bff54262cc3ba1f7ed821d09890edab9f4b68eb0874a1df14a7beeaef67384ee9ec2a699a64d5b697a2e67b91082e8ec56f8b6ebc4846783d1d3d68cd8744e8c81c5abd448f487a17ac6c24fc7d24aec7112c4c60b07b810ff446f25091c595ec63f8a02a2f1a608265cf7857df2d69f7f2ef7fd714f63ed225f8a2e4b8b1d70bd0d14a513a2aafb44b2b8ed3dfc6b4198a8cef1b2953f11e2d26908327071eef0f459be30067d37f46c02daf6c02cc82950906ad9e98c25a1e19189946828aaa402655215d8c5939f7203c237af606e419eb0674beb41a69dd64d71ac66bf874bb3f165ab0d052fb9cd427a6cb10868cfa6a80210955385a72856f0e8770027e17ee6b0ad967eb4f73264f8cb2429f9a466499d2d0fb83b75af29c0e8a031fada9e9d37249370cc3855c6a8b0bc8160eafc56ec9279af8489b2216dff5d8cc34da0bebc817eb116d651a8d27f77139c2708e402ecc838e3b61fa31ea34effc250b37e71bae7e954dc1bd421f59dce32f4fdb83ca36f557018b90d30a5618203fc46645b2345f32679ffae9e9a96709fd59b6835848be1630fbc284929268b0955adc16cd14aac0f0ade48f8eb7103328ffafedd9f90b0229bc8e3872900bc5257ed73517820bef76a64c14381a327c5cdefe3943927d3d3224aee7ac2e1a33cfa5b28f793aab87e290ea08433dbbd654738e4e49b25916ec548ae75070c9cb5e9be7b988e5c3ce576669220def319524e9ce334b3b5f9960556b4e8d381e75e054bc358f3daaa5f80d77c356f41e2d154828f6133a3290b2592dd29c06b27fbeb9d2c13ff5eec8f2545bb2b9fbb81ce11903acd697bd318723d13a4f80b98c381697bb03e8eb02675d3292c2d8e08e478ef7405cbd8d933c0cacada957a7c5cf59b976e7a0ec8cf9e80621db38e4de90cb32238df9ac9d4fa508c7702d912f255817fa12a0c2d5c39d20be01b74030c1c1a63dc74896bab436a03421544dfc9620a0d91cf35a8e68f835e5179ff902b714fdae4a0dc1de146f4831cce9f13d4c2d2950746d4232895eb282c773e234bd5c95ceb9cc2cc9b509206d304b5cabe59a0e714eb185d85cac823a53533d4b6067a2955721a71ded707e02688f79dcd64b3eef90d894999080918fc9833f028fcc5b30f3435714825ce49289c2ed92e9545e82a6e48c2e2c8680d39ead8c3e792939f4ca952d493a78c46a3a2afe3733d0850e863e830ca4ad735eed912054d39cb0698bff6ca35c59f9401dc6f78d3731626a8a94c95018997638b9726eb67494c7839d829835271bfee517b30518b99bb6fb3a790a1a02693230bfe26654a0b49845c6952ffe36bdcf0bf3f0b3663bf9a9c2eb45dde47c7278bf8dfd377d4c71a36a0f114a5c19f8cb403b30c039c71d59b0e3a93f287e0e5831db33f2ee9702b081983284722e4ce245143023778e997362e3648c1c769999af25407e84aa9487e76b5ab4ae95eae4f4ca5f1862c9379cba1863111ec33a85b61d9b0bd6bad48482820e16c7be3f683ebde3b60fa8425cd46b9ecb3aa56d6527d04599410677a3a834fffa7983b76dd1446778eada61e2c2d98d6385afa39ad15a6cc022200203d049e6d7e46210fc00970b0700a890d23fa636a464b0d41c50343bf30dd65f2876a4bd257ba9456b133e6bf12c70475607788c4a8b8983ceb8e1d0cfe732bc488d93f7", 0x1000, 0x1, 0x4}, {&(0x7f0000001900)="376f9c2eb297965b685091e3d37ffbf5323a067f78d91af0291f221735c307d606e78b0afc9d4444201aa679200f5004fa40e6aa8f468ece87d6c95f6c631846affcc3225a0748104f0ae4fc5560e53935d73aab791f405316ceba03733d14a54a6ea4dbc5e81ca7cad0fc", 0x6b, 0x6, 0xd7}, {&(0x7f0000001980)="519f0ed85804e324f9efc5409f2570c12fb1a018746b3d1115a097688143c5da95722cf07edb14e9f15abad8562505f2c12481b2d8527cf63ae481ab51f62da60361d449966e5ff294a9de7f6864f39fc583d60e96cc04c1c583fd4a27c09466a61322cedd6235e2cf5a31eb", 0x6c, 0xd4, 0xd}, {&(0x7f0000001a00)="d685034ded08e2e00703b8b7cacecb17044f3fb1329214d1cd433c1ba0fa9b9a55f4ef54a86d58db61b72d579cc49a49c8f1b46761d89485eb379c9e89850da331c5604306325a7f39c8ebbbf57b60b5a949f800b796abc6c003ccdff5c35851583d06df5afdd5b0bb9cdee2f7c280895d9bb2cbd65cb83bf0898648b57db626220215720b0b2c55fd29edcf77c9900702c135e63e478592fd705ab565bc2b74376fec08b6d6", 0xa6, 0x3, 0x8cb4}, {&(0x7f0000001ac0)="00d5f0b19b1363fc544b0e696d410afabc213ce37b10ee360e9df5a06e8b7be4c39e6daa036bf3e175a2bfa53da7cc325da93ae5b6d828d92d644e38ef9425bc36ecac64d45505dd16ce54aa6e0970fc5d7138b684cc386c15ae002b85299e1f4775a3022806bc8814b4a3fb665f3bb2ca9e1bd176", 0x75, 0x0, 0x3}, {&(0x7f0000001b40)="4ce8371655cd4181c0c57237207aa04486b25c7ff2a60211582ebb482efbe7022a666b85334888730a47e71e9d82690f1a662c3a3c7b2376f0e7b3a656713dd154acb0ce19e8773b59a44ec5d2eeed927b42c7906ed3bf7a546b67223019842c3ca502232eb62159d796d0480baf9eb4e9ab44205778871733bc48bef6ecb32bc0b951dde5194b6d996d07f5e9977974130557e68108d81a332b103811068f81830c5a42f6d5fee8e0", 0xa9, 0x0, 0x4}], 0x160000)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r4 = socket$key(0xf, 0x3, 0x2)
accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cgroup.events\x00', 0x275a, 0x0)
r5 = syz_open_dev$vim2m(0x0, 0x9de6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc044560f, &(0x7f0000000380)=@mmap={0x0, 0x1, 0x4, 0x10, 0x0, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}, 0x0, 0x1, {}, 0xfffffffe})
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r6, 0x0, 0x29, 0x0, 0x20000)

629.635406ms ago: executing program 3 (id=2400):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x22, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50)

629.138418ms ago: executing program 3 (id=2401):
memfd_create(0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x6}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)={0x4c, r1, 0x200, 0x0, 0x0, {0x2c}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0xffffffff}]}, 0x4c}}, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0xfffffffd, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x2241, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000000b240)=ANY=[@ANYBLOB="140000002e00f10326bd7000fdffffff"], 0x14}, 0x1, 0x0, 0x0, 0x1882}, 0x4044080)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
recvmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r5, 0x0, 0x4, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

217.397698ms ago: executing program 2 (id=2402):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = accept4$rose(0xffffffffffffffff, &(0x7f0000000100)=@short={0xb, @remote, @default, 0x1, @netrom}, &(0x7f0000000340)=0x1c, 0x80000)
bind$rose(r3, &(0x7f00000003c0)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, 0x1, @default}, 0x1c)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = dup(r4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000000040)=""/138, 0x8a)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x28000080)
sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
dup(r4) (async)
dup(r4)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181014100000000010000000000000e000a000f00000002800200121f", 0x2e}], 0x1}, 0x20000010)

0s ago: executing program 3 (id=2403):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000000))
r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x3)
r3 = syz_open_procfs$userns(0x0, &(0x7f0000000100))
mount_setattr(0xffffffffffffff9c, 0x0, 0x900, &(0x7f0000000240)={0x100088, 0x81, 0x100000, {r3}}, 0x20)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000640)})
ioctl$TCXONC(r2, 0x540a, 0x3)
openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000400)={0x73622a85, 0xf, 0x3})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f0000000000)={0x1})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

240300][T12528] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  494.244950][T12528] vhci_hcd vhci_hcd.0: Device attached
[  494.326961][T11120] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  494.335051][T11120] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  494.342539][T11120] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.346869][T11120] usb 7-1: Product: syz
[  494.350033][T11120] usb 7-1: Manufacturer: syz
[  494.351697][T11120] usb 7-1: SerialNumber: syz
[  494.359900][T11120] usb 7-1: config 0 descriptor??
[  494.367080][T11120] hub 7-1:0.0: bad descriptor, ignoring hub
[  494.369047][T11120] hub 7-1:0.0: probe with driver hub failed with error -5
[  494.394866][T12528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1837'.
[  494.452775][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.547268][ T5950] usb 40-1: SetAddress Request (58) to port 0
[  494.549774][ T5950] usb 40-1: new SuperSpeed USB device number 58 using vhci_hcd
[  495.306164][ T6010] usb 7-1: USB disconnect, device number 54
[  495.483073][T12529] vhci_hcd: connection reset by peer
[  495.487102][   T12] vhci_hcd vhci_hcd.1: stop threads
[  495.489610][   T12] vhci_hcd vhci_hcd.1: release socket
[  495.492649][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  495.661691][T12537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.679195][T12537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.695459][T12550] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  495.702258][T12537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.707160][T12537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.711231][T12537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.801605][T12537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.989845][ T7474] usb 42-1: device descriptor read/8, error -110
[  496.222564][ T7474] usb usb42-port1: attempt power cycle
[  497.455224][T12581] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  497.458774][T12581] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  497.461739][T12581] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  497.467160][T12581] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  497.469906][T12581] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  497.635535][ T6360] usb 7-1: new full-speed USB device number 55 using dummy_hcd
[  497.692870][  T208] net_ratelimit: 4 callbacks suppressed
[  497.692887][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  497.809801][ T6360] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  497.823260][ T6360] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  497.827345][ T6360] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.828771][ T7474] usb usb42-port1: unable to enumerate USB device
[  497.831386][ T6360] usb 7-1: Product: syz
[  497.841541][ T6360] usb 7-1: Manufacturer: syz
[  497.846089][ T6360] usb 7-1: SerialNumber: syz
[  497.850210][T12580] chnl_net:caif_netlink_parms(): no params data found
[  497.855890][ T6360] usb 7-1: config 0 descriptor??
[  497.875717][ T6360] hub 7-1:0.0: bad descriptor, ignoring hub
[  497.883044][ T6360] hub 7-1:0.0: probe with driver hub failed with error -5
[  497.983131][T12580] bridge0: port 1(bridge_slave_0) entered blocking state
[  497.986000][T12580] bridge0: port 1(bridge_slave_0) entered disabled state
[  497.988679][T12580] bridge_slave_0: entered allmulticast mode
[  497.991623][T12580] bridge_slave_0: entered promiscuous mode
[  497.995032][T12580] bridge0: port 2(bridge_slave_1) entered blocking state
[  497.997463][T12580] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.000486][T12580] bridge_slave_1: entered allmulticast mode
[  498.003452][T12580] bridge_slave_1: entered promiscuous mode
[  498.021793][T12580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  498.027144][T12580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  498.045245][T12580] team0: Port device team_slave_0 added
[  498.048460][T12580] team0: Port device team_slave_1 added
[  498.063990][T12580] batman_adv: batadv0: Adding interface: batadv_slave_0
[  498.066298][T12580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  498.075422][T12580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  498.079875][T12580] batman_adv: batadv0: Adding interface: batadv_slave_1
[  498.082254][T12580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  498.093556][T12580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  498.121648][T12580] hsr_slave_0: entered promiscuous mode
[  498.124128][T12580] hsr_slave_1: entered promiscuous mode
[  498.126384][T12580] debugfs: 'hsr0' already exists in 'hsr'
[  498.128622][T12580] Cannot create hsr debugfs directory
[  498.151677][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  498.155135][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  498.629358][T12593] FAULT_INJECTION: forcing a failure.
[  498.629358][T12593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  498.636284][T12593] CPU: 1 UID: 0 PID: 12593 Comm: syz.0.1854 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  498.636320][T12593] Tainted: [L]=SOFTLOCKUP
[  498.636326][T12593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  498.636338][T12593] Call Trace:
[  498.636345][T12593]  <TASK>
[  498.636353][T12593]  dump_stack_lvl+0x100/0x190
[  498.636387][T12593]  should_fail_ex.cold+0x5/0xa
[  498.636409][T12593]  _copy_from_user+0x2e/0xd0
[  498.636434][T12593]  snd_pcm_oss_write2+0x1c2/0x400
[  498.636462][T12593]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  498.636483][T12593]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  498.636519][T12593]  snd_pcm_oss_write+0x729/0xa30
[  498.636544][T12593]  ? security_file_permission+0x76/0x210
[  498.636575][T12593]  vfs_write+0x2aa/0x1070
[  498.636594][T12593]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  498.636620][T12593]  ? __pfx_vfs_write+0x10/0x10
[  498.636635][T12593]  ? find_held_lock+0x2b/0x80
[  498.636653][T12593]  ? __fget_files+0x215/0x3d0
[  498.636670][T12593]  ? __fget_files+0x215/0x3d0
[  498.636691][T12593]  ? __fget_files+0x21f/0x3d0
[  498.636716][T12593]  ksys_write+0x12a/0x250
[  498.636733][T12593]  ? __pfx_ksys_write+0x10/0x10
[  498.636750][T12593]  ? __pfx_ksys_write+0x10/0x10
[  498.636774][T12593]  __do_fast_syscall_32+0xe3/0x8c0
[  498.636797][T12593]  do_fast_syscall_32+0x32/0x70
[  498.636816][T12593]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  498.636838][T12593] RIP: 0023:0xf6fdef6c
[  498.636851][T12593] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  498.636866][T12593] RSP: 002b:00000000f53cd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  498.636883][T12593] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001380
[  498.636893][T12593] RDX: 00000000ffffff63 RSI: 0000000000000000 RDI: 0000000000000000
[  498.636902][T12593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  498.636911][T12593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  498.636921][T12593] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  498.636942][T12593]  </TASK>
[  499.267941][T12580] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  499.272321][T12580] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  499.350889][T12605] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  499.666013][T12581] Bluetooth: hci4: command tx timeout
[  499.680198][T12580] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  499.691495][T12580] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  500.007954][ T5950] usb 40-1: device descriptor read/8, error -110
[  500.150496][T12580] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  500.153692][T12580] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  500.232551][T11120] usb 7-1: USB disconnect, device number 55
[  500.246897][T12580] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  500.251007][T12580] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  500.325602][T12613] netlink: 'syz.0.1859': attribute type 13 has an invalid length.
[  500.328584][T12613] netlink: 'syz.0.1859': attribute type 17 has an invalid length.
[  500.356978][T12613] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  500.419932][T12580] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  500.436742][T12580] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  500.441924][T12580] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  500.448428][T12580] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  500.451137][ T5950] usb usb40-port1: attempt power cycle
[  500.541872][T12580] 8021q: adding VLAN 0 to HW filter on device bond0
[  500.553576][T12580] 8021q: adding VLAN 0 to HW filter on device team0
[  500.559798][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.562892][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  500.572435][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.575789][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  500.749968][T12580] 8021q: adding VLAN 0 to HW filter on device batadv0
[  500.778713][T12580] veth0_vlan: entered promiscuous mode
[  500.781546][T12629] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  500.783928][T12629] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  500.785869][T12580] veth1_vlan: entered promiscuous mode
[  500.787127][T12629] vhci_hcd vhci_hcd.0: Device attached
[  500.795421][T12629] random: crng reseeded on system resumption
[  500.809011][T12580] veth0_macvtap: entered promiscuous mode
[  500.816078][T12580] veth1_macvtap: entered promiscuous mode
[  500.831476][T12580] batman_adv: batadv0: Interface activated: batadv_slave_0
[  500.852805][T12580] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.878233][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.882566][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.906280][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  500.916217][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.012078][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.016060][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.072271][  T101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.075835][  T101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.080699][ T5950] usb usb40-port1: unable to enumerate USB device
[  501.119113][ T5808] usb 38-1: SetAddress Request (58) to port 0
[  501.121693][ T5808] usb 38-1: new SuperSpeed USB device number 58 using vhci_hcd
[  501.206182][T12630] vhci_hcd: connection reset by peer
[  501.208971][  T208] vhci_hcd vhci_hcd.0: stop threads
[  501.211673][  T208] vhci_hcd vhci_hcd.0: release socket
[  501.214211][  T208] vhci_hcd vhci_hcd.0: disconnect device
[  501.365904][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  501.399136][T12640] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1851'.
[  501.814576][T12645] nbd1: detected capacity change from 0 to 63
[  501.825754][T12646] block nbd1: NBD_DISCONNECT
[  501.828919][T12646] block nbd1: Disconnected due to user request.
[  501.832168][T12646] block nbd1: shutting down sockets
[  501.842740][    C2] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.846285][    C2] Buffer I/O error on dev nbd1, logical block 0, async page read
[  501.852154][    C2] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.856291][    C2] Buffer I/O error on dev nbd1, logical block 1, async page read
[  501.859442][    C2] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.862772][    C2] Buffer I/O error on dev nbd1, logical block 2, async page read
[  501.865319][    C2] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.868363][    C2] Buffer I/O error on dev nbd1, logical block 3, async page read
[  501.870995][T12452] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.875412][T12452] Buffer I/O error on dev nbd1, logical block 0, async page read
[  501.881677][T12452] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.886920][T12452] Buffer I/O error on dev nbd1, logical block 1, async page read
[  501.891113][T12581] Bluetooth: hci4: command tx timeout
[  501.945822][T12653] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  501.963385][T12452] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.975406][T12452] Buffer I/O error on dev nbd1, logical block 2, async page read
[  501.978841][T12452] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.987553][T12452] Buffer I/O error on dev nbd1, logical block 3, async page read
[  501.995668][T12452] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  501.999746][T12452] Buffer I/O error on dev nbd1, logical block 0, async page read
[  502.002348][T12452] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  502.006514][T12452] Buffer I/O error on dev nbd1, logical block 1, async page read
[  502.009621][T12452] ldm_validate_partition_table(): Disk read failed.
[  502.012891][T12452] Dev nbd1: unable to read RDB block 0
[  502.027793][T12452]  nbd1: unable to read partition table
[  502.034734][T12452] ldm_validate_partition_table(): Disk read failed.
[  502.039811][T12452] Dev nbd1: unable to read RDB block 0
[  502.042785][T12452]  nbd1: unable to read partition table
[  502.187763][ T6027] usb 6-1: new full-speed USB device number 48 using dummy_hcd
[  502.487372][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  502.505873][ T6027] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  502.700804][T12662] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  503.092701][T12666] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.1872'.
[  503.621427][ T6027] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  503.626004][ T6027] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.637886][ T6027] usb 6-1: Product: syz
[  503.639744][ T6027] usb 6-1: Manufacturer: syz
[  503.642037][ T6027] usb 6-1: SerialNumber: syz
[  503.647215][ T6027] usb 6-1: config 0 descriptor??
[  503.663456][ T6027] hub 6-1:0.0: bad descriptor, ignoring hub
[  503.666150][ T6027] hub 6-1:0.0: probe with driver hub failed with error -5
[  503.844507][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  504.100922][T12581] Bluetooth: hci4: command tx timeout
[  504.308232][T12674] netlink: 'syz.0.1873': attribute type 10 has an invalid length.
[  504.314611][T12674] 8021q: adding VLAN 0 to HW filter on device batadv0
[  504.319205][T12674] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  504.367930][T12674] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  504.374688][T12674] batman_adv: batadv0: Removing interface: batadv_slave_0
[  504.383045][T12674] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  504.392783][T12674] batman_adv: batadv0: Removing interface: batadv_slave_1
[  504.410490][T12674] bond0: (slave batadv0): Releasing backup interface
[  504.625233][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  505.459787][T12682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1877'.
[  505.464367][T12682] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1877'.
[  506.131096][T11120] usb 6-1: USB disconnect, device number 48
[  506.335061][T12581] Bluetooth: hci4: command tx timeout
[  506.525192][ T5808] usb 38-1: device descriptor read/8, error -110
[  507.039192][ T6027] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  507.076685][ T5808] usb usb38-port1: attempt power cycle
[  507.147045][T12706] netlink: 'syz.1.1884': attribute type 8 has an invalid length.
[  507.151863][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1884'.
[  507.193369][T12702] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1882'.
[  507.203941][ T6027] usb 8-1: Using ep0 maxpacket: 8
[  507.209519][ T6027] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[  507.217013][ T6027] usb 8-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  507.220570][ T6027] usb 8-1: config 179 has no interface number 0
[  507.222791][ T6027] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  507.226255][ T6027] usb 8-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  507.232366][ T6027] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  507.236127][ T6027] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.470574][ T6027] usb 8-1: USB disconnect, device number 9
[  507.726000][T12719] nbd: must specify a size in bytes for the device
[  507.779343][ T5808] usb usb38-port1: unable to enumerate USB device
[  507.862548][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  507.909414][T12728] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  508.008683][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  508.053806][T12720] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  508.056490][T12720] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  508.076235][T12720] vhci_hcd vhci_hcd.0: Device attached
[  508.191332][T12717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1887'.
[  508.329900][T12730] vhci_hcd: connection closed
[  508.330422][  T606] vhci_hcd vhci_hcd.1: stop threads
[  508.334828][  T606] vhci_hcd vhci_hcd.1: release socket
[  508.337272][  T606] vhci_hcd vhci_hcd.1: disconnect device
[  508.376249][   T24] usb 40-1: enqueue for inactive port 0
[  508.643273][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  508.921156][   T24] usb usb40-port1: attempt power cycle
[  509.503862][T12751] FAULT_INJECTION: forcing a failure.
[  509.503862][T12751] name failslab, interval 1, probability 0, space 0, times 0
[  509.509295][T12751] CPU: 0 UID: 0 PID: 12751 Comm: syz.0.1899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  509.509318][T12751] Tainted: [L]=SOFTLOCKUP
[  509.509322][T12751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  509.509330][T12751] Call Trace:
[  509.509336][T12751]  <TASK>
[  509.509342][T12751]  dump_stack_lvl+0x100/0x190
[  509.509370][T12751]  should_fail_ex.cold+0x5/0xa
[  509.509387][T12751]  should_failslab+0xc2/0x120
[  509.509403][T12751]  __kmalloc_cache_noprof+0x7a/0x6f0
[  509.509422][T12751]  ? sctp_add_bind_addr+0xae/0x3e0
[  509.509447][T12751]  sctp_add_bind_addr+0xae/0x3e0
[  509.509469][T12751]  sctp_copy_local_addr_list+0x349/0x550
[  509.509486][T12751]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  509.509502][T12751]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  509.509518][T12751]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  509.509534][T12751]  sctp_bind_addr_copy+0xe0/0x530
[  509.509559][T12751]  sctp_connect_new_asoc+0x1c9/0x770
[  509.509577][T12751]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  509.509596][T12751]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  509.509613][T12751]  __sctp_connect+0x3e7/0xc70
[  509.509633][T12751]  ? __pfx___sctp_connect+0x10/0x10
[  509.509656][T12751]  __sctp_setsockopt_connectx+0x100/0x190
[  509.509676][T12751]  sctp_getsockopt+0x3e86/0x7080
[  509.509694][T12751]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  509.509712][T12751]  ? __pfx__kstrtoull+0x10/0x10
[  509.509735][T12751]  ? __pfx_sctp_getsockopt+0x10/0x10
[  509.509755][T12751]  ? __lock_acquire+0x4a5/0x2630
[  509.509778][T12751]  ? __pfx___might_resched+0x10/0x10
[  509.509802][T12751]  ? aa_sk_perm+0x309/0xaa0
[  509.509821][T12751]  ? __pfx_aa_sk_perm+0x10/0x10
[  509.509838][T12751]  ? __lock_acquire+0x4a5/0x2630
[  509.509855][T12751]  ? find_held_lock+0x2b/0x80
[  509.509871][T12751]  ? aa_sock_opt_perm+0xfe/0x1b0
[  509.509896][T12751]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  509.509912][T12751]  do_sock_getsockopt+0x259/0x3d0
[  509.509930][T12751]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  509.509954][T12751]  __sys_getsockopt+0x133/0x1d0
[  509.509976][T12751]  ? ksys_write+0x1ac/0x250
[  509.509992][T12751]  ? __ia32_sys_getsockopt+0xbc/0x160
[  509.510013][T12751]  __ia32_sys_getsockopt+0xbc/0x160
[  509.510033][T12751]  ? __do_fast_syscall_32+0x94/0x8c0
[  509.510048][T12751]  ? lockdep_hardirqs_on+0x78/0x100
[  509.510061][T12751]  __do_fast_syscall_32+0xe3/0x8c0
[  509.510096][T12751]  do_fast_syscall_32+0x32/0x70
[  509.510118][T12751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  509.510142][T12751] RIP: 0023:0xf6fdef6c
[  509.510161][T12751] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  509.510179][T12751] RSP: 002b:00000000f53cd50c EFLAGS: 00000292 ORIG_RAX: 000000000000016d
[  509.510199][T12751] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[  509.510212][T12751] RDX: 000000000000006f RSI: 0000000080000140 RDI: 0000000080000180
[  509.510223][T12751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  509.510231][T12751] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  509.510238][T12751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  509.510261][T12751]  </TASK>
[  509.540960][   T24] usb usb40-port1: unable to enumerate USB device
[  509.751043][T12758] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  509.871440][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  509.977948][   T24] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  509.999457][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  510.160828][   T24] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  510.165716][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.169683][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.175478][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.180103][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.183661][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.188486][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.195414][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.198512][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.202129][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.224720][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.228465][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.232355][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.240071][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.242954][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.250081][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.254198][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.259253][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.266393][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.269462][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.272361][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.288016][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.292383][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  510.296257][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  510.301129][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  510.306452][   T24] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  510.315259][   T24] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  510.318788][   T24] usb 6-1: Product: syz
[  510.321112][   T24] usb 6-1: Manufacturer: syz
[  510.323166][   T24] usb 6-1: SerialNumber: syz
[  510.327417][   T24] usb 6-1: config 0 descriptor??
[  510.348222][   T24] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  510.565769][   T24] usb 6-1: USB disconnect, device number 49
[  510.577449][   T24] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  510.945976][T12764] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  511.121673][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.483719][T12768] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  512.381231][T12779] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1906'.
[  512.941479][T12789] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  512.946176][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.030071][T12792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.035161][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.128621][T12794] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.131838][T12794] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.673090][T12809] netlink: 'syz.3.1914': attribute type 13 has an invalid length.
[  513.676547][T12809] netlink: 'syz.3.1914': attribute type 17 has an invalid length.
[  516.192591][   T13] net_ratelimit: 9 callbacks suppressed
[  516.192608][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  516.327706][T12816] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  516.330433][T12816] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  516.334034][T12816] vhci_hcd vhci_hcd.0: Device attached
[  516.399888][T12809] random: crng reseeded on system resumption
[  516.611908][T12822] vhci_hcd: connection closed
[  516.612236][   T46] vhci_hcd vhci_hcd.3: stop threads
[  516.616989][   T46] vhci_hcd vhci_hcd.3: release socket
[  516.619279][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  516.635293][T12255] usb 44-1: enqueue for inactive port 0
[  516.840458][T12828] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  516.843515][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  517.170429][T12255] usb usb44-port1: attempt power cycle
[  517.246104][T12837] /dev/nbd1: Can't open blockdev
[  517.526044][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  517.528934][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  517.611482][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  517.811080][T12255] usb usb44-port1: unable to enumerate USB device
[  518.207560][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.859646][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.942848][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  521.665679][T12846] syz.2.1918 (12846) used greatest stack depth: 18008 bytes left
[  522.313428][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  522.912384][T12858] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  523.175117][   T53] usb 7-1: new full-speed USB device number 56 using dummy_hcd
[  523.425524][   T53] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  523.429491][   T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  523.441417][   T53] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  523.452435][   T53] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.459456][   T53] usb 7-1: Product: syz
[  523.461144][   T53] usb 7-1: Manufacturer: syz
[  523.470128][   T53] usb 7-1: SerialNumber: syz
[  523.473762][   T53] usb 7-1: config 0 descriptor??
[  523.516256][   T53] hub 7-1:0.0: bad descriptor, ignoring hub
[  523.519699][   T53] hub 7-1:0.0: probe with driver hub failed with error -5
[  524.105322][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  527.110748][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  527.353798][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  527.364792][  T829] usb 7-1: USB disconnect, device number 56
[  527.468236][T12872] syz.3.1932 (12872): /proc/12871/oom_adj is deprecated, please use /proc/12871/oom_score_adj instead.
[  528.327235][ T1113] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[  528.329562][ T1113] ata1.00: irq_stat 0x40000000
[  528.331266][ T1113] ata1.00: failed command: ZAC MANAGEMENT OUT
[  528.333312][ T1113] ata1.00: cmd 9f/02:00:00:00:00/01:00:00:00:00/40 tag 16 nodata 0 out
[  528.333312][ T1113]          res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error)
[  528.341046][ T1113] ata1.00: status: { DRDY ERR }
[  528.342714][ T1113] ata1.00: error: { ABRT }
[  528.344300][ T1113] ata1.00: device reported invalid CHS sector 0
[  528.444071][ T1113] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  528.446444][ T1113] ata1: failed to read log page 10h (errno=-5)
[  528.448431][ T1113] ata1.00: exception Emask 0x1 SAct 0x40000 SErr 0x0 action 0x0
[  528.450931][ T1113] ata1.00: irq_stat 0x40000000
[  528.452512][ T1113] ata1.00: failed command: READ FPDMA QUEUED
[  528.454733][ T1113] ata1.00: cmd 60/70:90:ae:84:03/04:00:00:00:00/40 tag 18 ncq dma 581632 in
[  528.454733][ T1113]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  528.460242][ T1113] ata1.00: status: { DRDY }
[  528.462602][ T1113] ata1.00: configured for UDMA/100
[  528.465108][ T1113] sd 0:0:0:0: [sda] tag#18 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  528.466793][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  528.468436][ T1113] sd 0:0:0:0: [sda] tag#18 Sense Key : Aborted Command [current] 
[  528.475045][ T1113] sd 0:0:0:0: [sda] tag#18 Add. Sense: No additional sense information
[  528.478397][ T1113] sd 0:0:0:0: [sda] tag#18 CDB: Read(10) 28 00 00 03 84 ae 00 04 70 00
[  528.481378][ T1113] blk_print_req_error: 138 callbacks suppressed
[  528.481395][ T1113] I/O error, dev sda, sector 230574 op 0x0:(READ) flags 0x80700 phys_seg 87 prio class 2
[  528.487046][ T1113] ata1: EH complete
[  529.833753][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  529.891443][T12887] overlayfs: failed to resolve './file1': -2
[  530.613118][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  532.830306][T12898] Cache volume key already in use (9p,syz,)
[  533.253919][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.495864][T12898] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  533.852353][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  536.004706][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  537.100327][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.723528][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.726622][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.351488][T12925] nbd: must specify a size in bytes for the device
[  539.578366][T12255] usb 7-1: new full-speed USB device number 57 using dummy_hcd
[  539.584028][T12927] netlink: 'syz.3.1950': attribute type 13 has an invalid length.
[  539.587601][T12927] netlink: 'syz.3.1950': attribute type 17 has an invalid length.
[  539.611311][T12927] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  539.794884][T12255] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  539.798438][T12255] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  539.826594][T12255] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  539.830691][T12255] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.834210][T12255] usb 7-1: Product: syz
[  539.856011][T12255] usb 7-1: Manufacturer: syz
[  539.858364][T12255] usb 7-1: SerialNumber: syz
[  539.867232][T12255] usb 7-1: config 0 descriptor??
[  539.871867][T12255] hub 7-1:0.0: bad descriptor, ignoring hub
[  539.874869][T12255] hub 7-1:0.0: probe with driver hub failed with error -5
[  539.890889][T12255] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input46
[  540.348098][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.354981][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.359872][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.379346][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.732565][ T7474] usb 7-1: USB disconnect, device number 57
[  542.153365][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.607046][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.194912][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  545.437258][T12947] FAULT_INJECTION: forcing a failure.
[  545.437258][T12947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  545.441344][T12947] CPU: 1 UID: 0 PID: 12947 Comm: syz.2.1958 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  545.441365][T12947] Tainted: [L]=SOFTLOCKUP
[  545.441369][T12947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  545.441377][T12947] Call Trace:
[  545.441382][T12947]  <TASK>
[  545.441387][T12947]  dump_stack_lvl+0x100/0x190
[  545.441410][T12947]  should_fail_ex.cold+0x5/0xa
[  545.441425][T12947]  _copy_from_user+0x2e/0xd0
[  545.441441][T12947]  sctp_getsockopt+0x96b/0x7080
[  545.441459][T12947]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  545.441475][T12947]  ? __pfx__kstrtoull+0x10/0x10
[  545.441494][T12947]  ? __pfx_sctp_getsockopt+0x10/0x10
[  545.441510][T12947]  ? __lock_acquire+0x4a5/0x2630
[  545.441530][T12947]  ? __pfx___might_resched+0x10/0x10
[  545.441550][T12947]  ? aa_sk_perm+0x309/0xaa0
[  545.441566][T12947]  ? __pfx_aa_sk_perm+0x10/0x10
[  545.441581][T12947]  ? find_held_lock+0x2b/0x80
[  545.441594][T12947]  ? aa_sock_opt_perm+0xfe/0x1b0
[  545.441615][T12947]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  545.441629][T12947]  do_sock_getsockopt+0x259/0x3d0
[  545.441645][T12947]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  545.441665][T12947]  __sys_getsockopt+0x133/0x1d0
[  545.441684][T12947]  ? ksys_write+0x1ac/0x250
[  545.441698][T12947]  ? __ia32_sys_getsockopt+0xbc/0x160
[  545.441714][T12947]  __ia32_sys_getsockopt+0xbc/0x160
[  545.441731][T12947]  ? __do_fast_syscall_32+0x94/0x8c0
[  545.441744][T12947]  ? lockdep_hardirqs_on+0x78/0x100
[  545.441755][T12947]  __do_fast_syscall_32+0xe3/0x8c0
[  545.441769][T12947]  do_fast_syscall_32+0x32/0x70
[  545.441781][T12947]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.441796][T12947] RIP: 0023:0xf7fb2f6c
[  545.441806][T12947] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  545.441817][T12947] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 000000000000016d
[  545.441828][T12947] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[  545.441835][T12947] RDX: 000000000000006d RSI: 0000000080000000 RDI: 0000000080000040
[  545.441842][T12947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  545.441848][T12947] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  545.441855][T12947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  545.441868][T12947]  </TASK>
[  546.257254][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  546.261726][ T6360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  546.266676][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  548.298270][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  548.992761][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  548.995944][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  548.999621][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.004460][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.494994][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  552.607454][T12954] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  552.636556][T12255] usb 7-1: new full-speed USB device number 58 using dummy_hcd
[  552.743760][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  552.821607][T12255] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  552.825069][T12255] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  552.831163][T12255] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  552.834483][T12255] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  552.837032][T12255] usb 7-1: Product: syz
[  552.838382][T12255] usb 7-1: Manufacturer: syz
[  552.845697][T12255] usb 7-1: SerialNumber: syz
[  552.852270][T12255] usb 7-1: config 0 descriptor??
[  552.861806][T12255] hub 7-1:0.0: bad descriptor, ignoring hub
[  552.863862][T12255] hub 7-1:0.0: probe with driver hub failed with error -5
[  552.884166][T12255] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input47
[  553.306654][T12971] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  554.458936][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  554.466492][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  554.475088][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  554.480220][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.992700][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  556.473252][T12255] usb 7-1: USB disconnect, device number 58
[  559.240922][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  559.244063][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  560.609596][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  560.612523][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  560.615151][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  560.618741][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.506791][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  565.396070][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  565.688721][T13003] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  565.738265][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.764126][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.990417][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.867124][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.551976][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.821407][T13014] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  572.235394][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  572.247428][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  572.343225][  T101] dummy0: left allmulticast mode
[  572.346525][  T101] dummy0: left promiscuous mode
[  572.352437][  T101] bridge0: port 3(dummy0) entered disabled state
[  572.478424][  T101] bridge_slave_1: left allmulticast mode
[  572.482588][  T101] bridge_slave_1: left promiscuous mode
[  572.539299][  T101] bridge0: port 2(bridge_slave_1) entered disabled state
[  572.579948][  T101] bridge_slave_0: left allmulticast mode
[  572.582286][  T101] bridge_slave_0: left promiscuous mode
[  572.584707][  T101] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.561447][T13019] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  573.728710][T13026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1983'.
[  573.871955][   T39] usb 7-1: new full-speed USB device number 59 using dummy_hcd
[  573.940943][  T101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  573.973351][  T101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  573.994295][  T101] bond0 (unregistering): Released all slaves
[  574.001945][  T101] bond1 (unregistering): left allmulticast mode
[  574.004736][  T101] bond1 (unregistering): Released all slaves
[  574.019419][   T24] usb 5-1: new full-speed USB device number 53 using dummy_hcd
[  574.043815][   T39] usb 7-1: config index 0 descriptor too short (expected 14385, got 27)
[  574.046701][   T39] usb 7-1: config 52 has too many interfaces: 52, using maximum allowed: 32
[  574.049734][   T39] usb 7-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[  574.053081][   T39] usb 7-1: config 52 has 0 interfaces, different from the descriptor's value: 52
[  574.065457][   T39] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  574.070710][   T39] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.076159][   T39] usb 7-1: Product: syz
[  574.078676][   T39] usb 7-1: Manufacturer: syz
[  574.081449][   T39] usb 7-1: SerialNumber: syz
[  574.114643][  T101] tipc: Left network mode
[  574.203053][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  574.209369][   T24] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  574.213196][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.215992][   T24] usb 5-1: Product: syz
[  574.217360][   T24] usb 5-1: Manufacturer: syz
[  574.219307][   T24] usb 5-1: SerialNumber: syz
[  574.224126][   T24] usb 5-1: config 0 descriptor??
[  574.745632][   T24] usb 5-1: USB disconnect, device number 53
[  574.934908][   T39] usb 7-1: USB disconnect, device number 59
[  575.494360][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  575.846363][T13050] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  575.908721][T13052] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  576.823892][T13060] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  576.826766][T13060] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  576.936808][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  577.086209][ T6360] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  577.258812][ T6360] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  577.263218][ T6360] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  577.273497][ T6360] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  577.277642][ T6360] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.288581][ T6360] usb 8-1: Product: syz
[  577.290552][ T6360] usb 8-1: Manufacturer: syz
[  577.310753][ T6360] usb 8-1: SerialNumber: syz
[  577.412525][ T6360] usb 8-1: config 0 descriptor??
[  577.420760][ T6360] hub 8-1:0.0: bad descriptor, ignoring hub
[  577.422846][ T6360] hub 8-1:0.0: probe with driver hub failed with error -5
[  577.427563][ T6360] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input48
[  577.524432][T13070] nbd: must specify a size in bytes for the device
[  577.632331][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  577.761064][T13077] geneve2: entered promiscuous mode
[  577.764127][  T606] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  577.770378][  T606] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  577.773180][  T606] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  577.776195][  T606] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  577.777450][T13076] netlink: 'syz.0.1996': attribute type 13 has an invalid length.
[  577.782520][T13076] netlink: 'syz.0.1996': attribute type 17 has an invalid length.
[  577.791035][T13076] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  577.834254][T12255] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  577.909342][   T39] usb 8-1: USB disconnect, device number 10
[  578.015951][T12255] usb 6-1: Using ep0 maxpacket: 16
[  578.144207][T13079] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  578.146816][T13079] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  578.150536][T13079] vhci_hcd vhci_hcd.0: Device attached
[  578.232647][  T101] hsr_slave_0: left promiscuous mode
[  578.235754][  T101] hsr_slave_1: left promiscuous mode
[  578.238111][  T101] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  578.241222][  T101] batman_adv: batadv0: Removing interface: batadv_slave_0
[  578.253932][  T101] veth1_macvtap: left promiscuous mode
[  578.258189][  T101] veth0_macvtap: left promiscuous mode
[  578.260951][  T101] veth1_vlan: left promiscuous mode
[  578.263585][  T101] veth0_vlan: left promiscuous mode
[  578.443423][ T5950] usb 38-1: SetAddress Request (62) to port 0
[  578.447854][ T5950] usb 38-1: new SuperSpeed USB device number 62 using vhci_hcd
[  578.506881][  T101] team0 (unregistering): Port device team_slave_1 removed
[  578.525822][  T101] team0 (unregistering): Port device team_slave_0 removed
[  578.567298][T13087] fuse: Bad value for 'group_id'
[  578.569118][T13087] fuse: Bad value for 'group_id'
[  578.635038][T13094] nbd: must specify a size in bytes for the device
[  578.688577][T13080] vhci_hcd: connection reset by peer
[  578.690784][  T208] vhci_hcd vhci_hcd.0: stop threads
[  578.693254][  T208] vhci_hcd vhci_hcd.0: release socket
[  578.696434][  T208] vhci_hcd vhci_hcd.0: disconnect device
[  578.734599][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.207996][T13106] nbd: must specify a size in bytes for the device
[  579.426685][ T6360] usb 7-1: new full-speed USB device number 60 using dummy_hcd
[  579.599089][ T6360] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  579.603855][ T6360] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  579.611147][ T6360] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  579.615013][ T6360] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.618467][ T6360] usb 7-1: Product: syz
[  579.620475][ T6360] usb 7-1: Manufacturer: syz
[  579.622618][ T6360] usb 7-1: SerialNumber: syz
[  579.627071][ T6360] usb 7-1: config 0 descriptor??
[  579.631542][ T6360] hub 7-1:0.0: bad descriptor, ignoring hub
[  579.634077][ T6360] hub 7-1:0.0: probe with driver hub failed with error -5
[  579.639937][ T6360] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input49
[  579.832498][T11120] usb 5-1: new full-speed USB device number 54 using dummy_hcd
[  579.995114][T11120] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  579.999364][T11120] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  580.006962][T11120] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  580.010344][T11120] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.012880][T11120] usb 5-1: Product: syz
[  580.014926][T11120] usb 5-1: Manufacturer: syz
[  580.016729][T11120] usb 5-1: SerialNumber: syz
[  580.021218][T11120] usb 5-1: config 0 descriptor??
[  580.025634][T11120] hub 5-1:0.0: bad descriptor, ignoring hub
[  580.027635][T11120] hub 5-1:0.0: probe with driver hub failed with error -5
[  580.032821][T11120] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input50
[  580.094148][T11120] input: failed to attach handler mousedev to device input50, error: -5
[  580.437032][T12255] usb 6-1: unable to get BOS descriptor or descriptor too short
[  580.453138][T12255] usb 6-1: no configurations
[  580.455418][T12255] usb 6-1: can't read configurations, error -22
[  580.816630][T13125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2011'.
[  580.954470][T13132] nbd: must specify a size in bytes for the device
[  581.126724][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  581.991834][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.205512][T13152] FAULT_INJECTION: forcing a failure.
[  582.205512][T13152] name failslab, interval 1, probability 0, space 0, times 0
[  582.209557][T13152] CPU: 1 UID: 0 PID: 13152 Comm: syz.2.2020 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  582.209588][T13152] Tainted: [L]=SOFTLOCKUP
[  582.209592][T13152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  582.209600][T13152] Call Trace:
[  582.209606][T13152]  <TASK>
[  582.209614][T13152]  dump_stack_lvl+0x100/0x190
[  582.209642][T13152]  should_fail_ex.cold+0x5/0xa
[  582.209667][T13152]  should_failslab+0xc2/0x120
[  582.209681][T13152]  __kvmalloc_node_noprof+0xfa/0xa00
[  582.209692][T13152]  ? ceph_msg_new2+0x370/0x4f0
[  582.209707][T13152]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  582.209728][T13152]  ceph_msg_new2+0x370/0x4f0
[  582.209746][T13152]  ceph_monc_init+0x686/0xcd0
[  582.209762][T13152]  ceph_create_client+0x25e/0x370
[  582.209777][T13152]  ceph_get_tree+0x1a4/0x1fd0
[  582.209792][T13152]  ? bpf_lsm_capable+0x9/0x10
[  582.209805][T13152]  ? security_capable+0x80/0x260
[  582.209818][T13152]  vfs_get_tree+0x92/0x320
[  582.209835][T13152]  vfs_cmd_create+0xd7/0x2a0
[  582.209851][T13152]  __do_sys_fsconfig+0x55a/0xcb0
[  582.209867][T13152]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  582.209886][T13152]  ? __pfx_ksys_write+0x10/0x10
[  582.209900][T13152]  __do_fast_syscall_32+0xe3/0x8c0
[  582.209917][T13152]  do_fast_syscall_32+0x32/0x70
[  582.209930][T13152]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  582.209944][T13152] RIP: 0023:0xf7fb2f6c
[  582.209954][T13152] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  582.209966][T13152] RSP: 002b:00000000f543450c EFLAGS: 00000292 ORIG_RAX: 00000000000001af
[  582.209978][T13152] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000006
[  582.209985][T13152] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  582.209991][T13152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  582.209998][T13152] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  582.210004][T13152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  582.210018][T13152]  </TASK>
[  582.291664][T13150] 8021q: adding VLAN 0 to HW filter on device batadv1
[  582.505314][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  583.033295][T13161] nbd: must specify a size in bytes for the device
[  583.191896][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  583.194763][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  583.417303][T13163] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  583.478184][   T53] usb 5-1: USB disconnect, device number 54
[  583.671569][   T39] usb 7-1: USB disconnect, device number 60
[  583.862248][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  583.961265][T13174] netlink: 'syz.3.2029': attribute type 13 has an invalid length.
[  583.964625][T13174] netlink: 'syz.3.2029': attribute type 17 has an invalid length.
[  583.975037][T13174] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  584.053514][ T5950] usb 38-1: device descriptor read/8, error -110
[  584.523922][ T5950] usb usb38-port1: attempt power cycle
[  584.619606][T13186] FAULT_INJECTION: forcing a failure.
[  584.619606][T13186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  584.624538][T13186] CPU: 2 UID: 0 PID: 13186 Comm: syz.2.2033 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  584.624558][T13186] Tainted: [L]=SOFTLOCKUP
[  584.624562][T13186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  584.624569][T13186] Call Trace:
[  584.624573][T13186]  <TASK>
[  584.624578][T13186]  dump_stack_lvl+0x100/0x190
[  584.624600][T13186]  should_fail_ex.cold+0x5/0xa
[  584.624615][T13186]  _copy_from_user+0x2e/0xd0
[  584.624631][T13186]  get_compat_cmd+0x8d/0x4a0
[  584.624645][T13186]  ? __pfx_get_compat_cmd+0x10/0x10
[  584.624660][T13186]  ? tomoyo_path_number_perm+0x188/0x580
[  584.624677][T13186]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  584.624693][T13186]  comedi_compat_ioctl+0x14d/0xe20
[  584.624710][T13186]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  584.624726][T13186]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  584.624739][T13186]  ? do_vfs_ioctl+0x226/0x13e0
[  584.624761][T13186]  ? find_held_lock+0x2b/0x80
[  584.624772][T13186]  ? hook_file_ioctl_common+0x146/0x410
[  584.624791][T13186]  ? __fget_files+0x21f/0x3d0
[  584.624804][T13186]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  584.624821][T13186]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  584.624840][T13186]  __do_fast_syscall_32+0xe3/0x8c0
[  584.624854][T13186]  do_fast_syscall_32+0x32/0x70
[  584.624867][T13186]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  584.624887][T13186] RIP: 0023:0xf7fb2f6c
[  584.624896][T13186] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  584.624907][T13186] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  584.624919][T13186] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008040640a
[  584.624926][T13186] RDX: 00000000800006c0 RSI: 0000000000000000 RDI: 0000000000000000
[  584.624933][T13186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  584.624939][T13186] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  584.624946][T13186] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  584.624960][T13186]  </TASK>
[  584.793185][T13194] nbd: must specify a size in bytes for the device
[  584.853397][T13177] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  584.855852][T13177] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  584.859399][T13177] vhci_hcd vhci_hcd.0: Device attached
[  584.866036][T13177] random: crng reseeded on system resumption
[  585.187130][ T5950] usb usb38-port1: unable to enumerate USB device
[  585.197191][   T39] usb 44-1: SetAddress Request (18) to port 0
[  585.200532][   T39] usb 44-1: new SuperSpeed USB device number 18 using vhci_hcd
[  585.229262][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  585.318089][T13196] vhci_hcd: connection reset by peer
[  585.321814][   T13] vhci_hcd vhci_hcd.3: stop threads
[  585.323755][   T13] vhci_hcd vhci_hcd.3: release socket
[  585.326056][   T13] vhci_hcd vhci_hcd.3: disconnect device
[  585.389025][T13203] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  585.391437][T13203] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  585.394635][T13203] vhci_hcd vhci_hcd.0: Device attached
[  585.458821][T13203] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2037'.
[  585.721088][ T6010] usb 42-1: SetAddress Request (71) to port 0
[  585.723152][ T6010] usb 42-1: new SuperSpeed USB device number 71 using vhci_hcd
[  585.848420][T13204] vhci_hcd: connection reset by peer
[  585.850952][   T13] vhci_hcd vhci_hcd.2: stop threads
[  585.852818][   T13] vhci_hcd vhci_hcd.2: release socket
[  585.854947][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  585.978768][T13218] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2043'.
[  585.982420][T13218] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2043'.
[  586.545865][T13226] nbd: must specify a size in bytes for the device
[  586.999494][T13240] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  587.784793][T13254] binder: 13253:13254 unknown command 0
[  587.786887][T13254] binder: 13253:13254 ioctl c0306201 80000480 returned -22
[  587.879779][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.477949][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.485504][T13257] nbd: must specify a size in bytes for the device
[  588.736189][T13269] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.740661][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  589.501129][T13271] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2060'.
[  589.588110][T13277] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  589.590525][T13277] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  589.675020][T13277] vhci_hcd vhci_hcd.0: Device attached
[  590.016768][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  590.049233][T13277] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2056'.
[  590.191927][T13279] vhci_hcd: connection closed
[  590.192197][ T1180] vhci_hcd vhci_hcd.3: stop threads
[  590.196254][ T1180] vhci_hcd vhci_hcd.3: release socket
[  590.198287][ T1180] vhci_hcd vhci_hcd.3: disconnect device
[  590.205516][T13291] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  590.207723][T13291] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  590.210883][T13291] vhci_hcd vhci_hcd.0: Device attached
[  590.237419][ T1180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.240360][ T1180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  590.615150][   T39] usb 44-1: device descriptor read/8, error -110
[  590.653356][T13292] vhci_hcd: connection closed
[  590.654791][  T208] vhci_hcd vhci_hcd.2: stop threads
[  590.679159][  T208] vhci_hcd vhci_hcd.2: release socket
[  590.695388][  T208] vhci_hcd vhci_hcd.2: disconnect device
[  590.899659][T13300] netlink: 1748 bytes leftover after parsing attributes in process `syz.0.2066'.
[  591.018411][T13304] nbd: must specify a size in bytes for the device
[  591.064236][   T39] usb usb44-port1: attempt power cycle
[  591.128127][ T6010] usb 42-1: device descriptor read/8, error -110
[  591.155084][T13311] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  591.384277][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.596553][ T6010] usb usb42-port1: attempt power cycle
[  591.687326][   T39] usb usb44-port1: unable to enumerate USB device
[  591.731817][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  592.376385][ T6010] usb usb42-port1: unable to enumerate USB device
[  593.440178][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  593.826660][T13344] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2076'.
[  593.834721][T13337] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  593.836854][T13337] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  593.839573][T13337] vhci_hcd vhci_hcd.0: Device attached
[  593.987135][T13345] vhci_hcd: connection closed
[  593.988597][ T1180] vhci_hcd vhci_hcd.1: stop threads
[  593.993163][ T1180] vhci_hcd vhci_hcd.1: release socket
[  593.996474][ T1180] vhci_hcd vhci_hcd.1: disconnect device
[  595.156553][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  595.248131][T13365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2083'.
[  596.171888][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.834071][ T5808] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[  597.027767][ T5808] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  597.033345][ T5808] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  597.036465][ T5808] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  597.040332][ T5808] usb 8-1: Product: syz
[  597.042033][ T5808] usb 8-1: Manufacturer: syz
[  597.044198][ T5808] usb 8-1: SerialNumber: syz
[  597.049218][ T5808] usb 8-1: config 0 descriptor??
[  597.810578][T12255] usb 8-1: USB disconnect, device number 11
[  598.397888][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  598.823736][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.302167][T13426] ceph: No mds server is up or the cluster is laggy
[  600.458577][ T6007] libceph: connect (1)[c::]:6789 error -101
[  600.458692][ T6007] libceph: mon0 (1)[c::]:6789 connect error
[  600.459307][T13431] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  600.478247][T13433] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  600.940078][T13405] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2096'.
[  601.072975][T13441] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2103'.
[  601.315310][T13445] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2105'.
[  601.644292][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.718604][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.816955][T13450] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  601.819302][T13450] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  601.822599][T13450] vhci_hcd vhci_hcd.0: Device attached
[  601.924355][T13450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.927799][T13450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.930636][T13450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.934214][T13450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.936980][T13450] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.942041][T13450] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2106'.
[  602.078544][T13456] netlink: 'syz.1.2107': attribute type 13 has an invalid length.
[  602.083987][T13456] netlink: 'syz.1.2107': attribute type 17 has an invalid length.
[  602.103345][   T39] usb 38-1: SetAddress Request (66) to port 0
[  602.105990][   T39] usb 38-1: new SuperSpeed USB device number 66 using vhci_hcd
[  602.369508][T13453] vhci_hcd: connection reset by peer
[  602.382290][ T1180] vhci_hcd vhci_hcd.0: stop threads
[  602.384132][ T1180] vhci_hcd vhci_hcd.0: release socket
[  602.388190][ T1180] vhci_hcd vhci_hcd.0: disconnect device
[  602.520122][T13463] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  602.522361][T13463] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  602.525899][T13463] vhci_hcd vhci_hcd.0: Device attached
[  602.599858][T13467] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  602.602234][T13467] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  602.619900][T13467] vhci_hcd vhci_hcd.0: Device attached
[  602.681200][T13463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2108'.
[  602.736994][T13471] random: crng reseeded on system resumption
[  602.861463][ T6010] usb 44-1: SetAddress Request (22) to port 0
[  602.864264][ T6010] usb 44-1: new SuperSpeed USB device number 22 using vhci_hcd
[  602.925727][ T7474] usb 40-1: SetAddress Request (67) to port 0
[  602.928507][ T7474] usb 40-1: new SuperSpeed USB device number 67 using vhci_hcd
[  602.933321][T13468] vhci_hcd: connection closed
[  602.933604][ T6470] vhci_hcd vhci_hcd.1: stop threads
[  602.939146][ T6470] vhci_hcd vhci_hcd.1: release socket
[  602.941520][ T6470] vhci_hcd vhci_hcd.1: disconnect device
[  602.957893][ T7474] usb 40-1: enqueue for inactive port 0
[  603.273841][T13464] vhci_hcd: connection reset by peer
[  603.275942][ T1180] vhci_hcd vhci_hcd.3: stop threads
[  603.277797][ T1180] vhci_hcd vhci_hcd.3: release socket
[  603.279871][ T1180] vhci_hcd vhci_hcd.3: disconnect device
[  603.331365][   T24] usb 5-1: new full-speed USB device number 55 using dummy_hcd
[  603.411467][ T7474] usb usb40-port1: attempt power cycle
[  603.508643][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  603.525080][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  603.573891][   T24] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  603.578125][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.581848][   T24] usb 5-1: Product: syz
[  603.583779][   T24] usb 5-1: Manufacturer: syz
[  603.585611][   T24] usb 5-1: SerialNumber: syz
[  603.608830][   T24] usb 5-1: config 0 descriptor??
[  603.658811][   T24] hub 5-1:0.0: bad descriptor, ignoring hub
[  603.666160][   T24] hub 5-1:0.0: probe with driver hub failed with error -5
[  603.714894][   T24] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input51
[  604.052241][ T7474] usb usb40-port1: unable to enumerate USB device
[  604.397202][ T6470] net_ratelimit: 4 callbacks suppressed
[  604.397220][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  604.509205][ T6007] usb 5-1: USB disconnect, device number 55
[  604.613999][T13489] nbd: must specify a size in bytes for the device
[  604.893051][T13474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  604.971015][T12581] Bluetooth: hci1: Ignoring connect complete event for invalid link type
[  605.085046][T13503] netlink: 'syz.0.2119': attribute type 13 has an invalid length.
[  605.087524][T13503] netlink: 'syz.0.2119': attribute type 17 has an invalid length.
[  605.095854][T13503] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  605.728223][T13505] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  605.730529][T13505] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  605.733831][T13505] vhci_hcd vhci_hcd.0: Device attached
[  605.739374][T13505] random: crng reseeded on system resumption
[  605.837575][T13509] netlink: 'syz.2.2120': attribute type 13 has an invalid length.
[  605.840296][T13509] netlink: 'syz.2.2120': attribute type 17 has an invalid length.
[  605.919690][T13509] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  606.095030][T13506] vhci_hcd: connection closed
[  606.095905][ T6470] vhci_hcd vhci_hcd.0: stop threads
[  606.106150][ T6470] vhci_hcd vhci_hcd.0: release socket
[  606.111929][ T6470] vhci_hcd vhci_hcd.0: disconnect device
[  606.454738][T13516] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  606.456886][T13516] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  606.466692][T13516] vhci_hcd vhci_hcd.0: Device attached
[  606.487102][T13516] random: crng reseeded on system resumption
[  606.761665][ T7474] usb 42-1: SetAddress Request (75) to port 0
[  606.764439][ T7474] usb 42-1: new SuperSpeed USB device number 75 using vhci_hcd
[  606.823739][T13517] vhci_hcd: connection closed
[  606.849450][   T13] vhci_hcd vhci_hcd.2: stop threads
[  606.854935][   T13] vhci_hcd vhci_hcd.2: release socket
[  606.857543][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  607.200043][ T7474] usb 42-1: enqueue for inactive port 0
[  607.541685][   T39] usb 38-1: device descriptor read/8, error -110
[  607.627576][ T7474] usb usb42-port1: attempt power cycle
[  607.959195][   T39] usb usb38-port1: attempt power cycle
[  608.016700][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  608.229407][ T7474] usb usb42-port1: unable to enumerate USB device
[  608.311188][ T6010] usb 44-1: device descriptor read/8, error -110
[  608.455821][T13528] nbd: must specify a size in bytes for the device
[  608.549663][ T7474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  608.579098][   T39] usb usb38-port1: unable to enumerate USB device
[  608.739998][ T6010] usb usb44-port1: attempt power cycle
[  609.348180][ T6010] usb usb44-port1: unable to enumerate USB device
[  609.550651][ T6010] usb 6-1: new full-speed USB device number 52 using dummy_hcd
[  609.715197][ T6010] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  609.720367][ T6010] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  609.737872][ T6010] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  609.742072][ T6010] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.751290][ T6010] usb 6-1: Product: syz
[  609.752074][T13550] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  609.758504][ T6010] usb 6-1: Manufacturer: syz
[  609.760172][ T6010] usb 6-1: SerialNumber: syz
[  609.770525][ T6010] usb 6-1: config 0 descriptor??
[  609.776660][ T6010] hub 6-1:0.0: bad descriptor, ignoring hub
[  609.779455][ T6010] hub 6-1:0.0: probe with driver hub failed with error -5
[  609.785121][ T6010] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input52
[  609.850028][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.033613][T13554] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  610.035763][T13554] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  610.038717][T13554] vhci_hcd vhci_hcd.0: Device attached
[  610.164799][T13557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2132'.
[  610.301407][T13548] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  610.303533][T13548] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  610.306153][T13548] vhci_hcd vhci_hcd.0: Device attached
[  610.510986][T12255] usb 42-1: SetAddress Request (79) to port 0
[  610.513829][T12255] usb 42-1: new SuperSpeed USB device number 79 using vhci_hcd
[  610.608437][  T829] usb 44-1: SetAddress Request (26) to port 0
[  610.612017][  T829] usb 44-1: new SuperSpeed USB device number 26 using vhci_hcd
[  610.630337][ T6360] usb 6-1: USB disconnect, device number 52
[  610.878482][T13538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2128'.
[  610.985824][T13555] vhci_hcd: connection reset by peer
[  610.988459][   T13] vhci_hcd vhci_hcd.2: stop threads
[  610.990740][   T13] vhci_hcd vhci_hcd.2: release socket
[  610.996111][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  611.816757][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  612.965528][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.046345][T13561] vhci_hcd: connection reset by peer
[  613.050397][T13574] netlink: 'syz.0.2137': attribute type 13 has an invalid length.
[  613.053234][T13574] netlink: 'syz.0.2137': attribute type 17 has an invalid length.
[  613.057148][  T208] vhci_hcd vhci_hcd.3: stop threads
[  613.094471][  T208] vhci_hcd vhci_hcd.3: release socket
[  613.098485][  T208] vhci_hcd vhci_hcd.3: disconnect device
[  613.111081][T13574] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  613.336325][T13577] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2136'.
[  613.953566][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.064230][T13595] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  615.065616][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.170837][T13596] random: crng reseeded on system resumption
[  615.323137][T13592] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  615.325838][T13592] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  615.329380][T13592] vhci_hcd vhci_hcd.0: Device attached
[  615.332103][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.490038][T13597] vhci_hcd: connection closed
[  615.503651][ T1180] vhci_hcd vhci_hcd.0: stop threads
[  615.508044][ T1180] vhci_hcd vhci_hcd.0: release socket
[  615.524119][ T1180] vhci_hcd vhci_hcd.0: disconnect device
[  616.015631][  T829] usb 44-1: device descriptor read/8, error -110
[  616.144692][ T6010] usb usb38-port1: attempt power cycle
[  616.485845][  T829] usb usb44-port1: attempt power cycle
[  616.795118][ T6010] usb usb38-port1: unable to enumerate USB device
[  616.808297][T12255] usb 42-1: device descriptor read/8, error -110
[  617.107668][  T829] usb usb44-port1: unable to enumerate USB device
[  617.244840][T12255] usb usb42-port1: attempt power cycle
[  617.531331][T13613] FAULT_INJECTION: forcing a failure.
[  617.531331][T13613] name failslab, interval 1, probability 0, space 0, times 0
[  617.536790][T13613] CPU: 1 UID: 0 PID: 13613 Comm: syz.3.2147 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  617.536819][T13613] Tainted: [L]=SOFTLOCKUP
[  617.536825][T13613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  617.536835][T13613] Call Trace:
[  617.536841][T13613]  <TASK>
[  617.536848][T13613]  dump_stack_lvl+0x100/0x190
[  617.536880][T13613]  should_fail_ex.cold+0x5/0xa
[  617.536900][T13613]  ? tomoyo_realpath_from_path+0xb6/0x690
[  617.536924][T13613]  should_failslab+0xc2/0x120
[  617.536943][T13613]  __kmalloc_noprof+0xe0/0x850
[  617.536973][T13613]  tomoyo_realpath_from_path+0xb6/0x690
[  617.537003][T13613]  tomoyo_path_number_perm+0x23c/0x580
[  617.537022][T13613]  ? tomoyo_path_number_perm+0x22e/0x580
[  617.537043][T13613]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  617.537087][T13613]  ? find_held_lock+0x2b/0x80
[  617.537103][T13613]  ? hook_file_ioctl_common+0x146/0x410
[  617.537124][T13613]  ? __fget_files+0x215/0x3d0
[  617.537145][T13613]  ? __fget_files+0x21f/0x3d0
[  617.537165][T13613]  security_file_ioctl_compat+0xd3/0x230
[  617.537189][T13613]  __ia32_compat_sys_ioctl+0xc2/0x360
[  617.537217][T13613]  __do_fast_syscall_32+0xe3/0x8c0
[  617.537240][T13613]  do_fast_syscall_32+0x32/0x70
[  617.537258][T13613]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  617.537278][T13613] RIP: 0023:0xf704ef6c
[  617.537293][T13613] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  617.537307][T13613] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  617.537323][T13613] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000006407
[  617.537333][T13613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  617.537342][T13613] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  617.537352][T13613] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  617.537362][T13613] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  617.537384][T13613]  </TASK>
[  617.537391][T13613] ERROR: Out of memory at tomoyo_realpath_from_path.
[  617.843574][T12255] usb usb42-port1: unable to enumerate USB device
[  618.324025][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  620.108771][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.858283][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.199403][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.562510][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  626.287997][  T606] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  626.514389][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.001064][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.275945][T13687] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2167'.
[  629.700574][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.771563][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.835781][   T40] audit: type=1326 audit(1775237095.007:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.884118][   T40] audit: type=1326 audit(1775237095.007:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.917807][   T40] audit: type=1326 audit(1775237095.017:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.952459][T13721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2175'.
[  629.957129][   T40] audit: type=1326 audit(1775237095.017:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.966647][   T40] audit: type=1326 audit(1775237095.017:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.978696][   T40] audit: type=1326 audit(1775237095.017:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.985526][   T40] audit: type=1326 audit(1775237095.017:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  629.995472][   T40] audit: type=1326 audit(1775237095.017:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  630.009754][   T40] audit: type=1326 audit(1775237095.017:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  630.020786][   T40] audit: type=1326 audit(1775237095.017:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.0.2174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[  631.767289][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  633.020935][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  633.523704][T13760] nbd: must specify a size in bytes for the device
[  633.633744][T13762] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[  634.414923][T13773] nfs4: Unknown parameter '].'
[  635.136210][T13786] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  635.138357][T13786] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  635.141314][T13786] vhci_hcd vhci_hcd.0: Device attached
[  635.191347][T13786] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2198'.
[  635.528263][ T6007] usb 42-1: SetAddress Request (83) to port 0
[  635.531144][ T6007] usb 42-1: new SuperSpeed USB device number 83 using vhci_hcd
[  635.536260][T13787] vhci_hcd: connection closed
[  635.536647][ T1180] vhci_hcd vhci_hcd.2: stop threads
[  635.548386][ T1180] vhci_hcd vhci_hcd.2: release socket
[  635.553898][ T1180] vhci_hcd vhci_hcd.2: disconnect device
[  635.845223][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.383906][T13800] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  636.386695][T13800] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  636.392709][T13800] vhci_hcd vhci_hcd.0: Device attached
[  636.611589][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  636.637221][T13796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2200'.
[  636.672020][   T39] usb 44-1: SetAddress Request (30) to port 0
[  636.674168][   T39] usb 44-1: new SuperSpeed USB device number 30 using vhci_hcd
[  636.775644][T13802] vhci_hcd: connection reset by peer
[  636.777665][ T6470] vhci_hcd vhci_hcd.3: stop threads
[  636.780178][ T6470] vhci_hcd vhci_hcd.3: release socket
[  636.782481][ T6470] vhci_hcd vhci_hcd.3: disconnect device
[  636.901375][T13812] [U] 
[  636.902560][T13812] [U] 
[  636.903496][T13812] [U] 
[  636.904433][T13812] [U] 
[  636.905659][T13812] [U] 
[  636.906862][T13812] [U] 
[  636.907995][T13812] [U] 
[  636.909099][T13812] [U] 
[  636.910433][T13812] [U] 
[  636.911404][T13812] [U] 
[  636.912366][T13812] [U] 
[  636.913378][T13812] [U] 
[  636.914867][T13812] [U] 
[  636.915881][T13812] [U] 
[  636.916844][T13812] [U] 
[  636.917812][T13812] [U] 
[  636.919086][T13812] [U] 
[  636.920028][T13812] [U] 
[  636.920938][T13812] [U] 
[  636.921834][T13812] [U] 
[  636.922825][T13812] [U] 
[  636.923780][T13812] [U] 
[  636.924732][T13812] [U] 
[  636.925683][T13812] [U] 
[  636.926871][T13812] [U] 
[  636.927825][T13812] [U] 
[  636.928740][T13812] [U] 
[  636.929734][T13812] [U] 
[  636.930902][T13812] [U] 
[  636.931817][T13812] [U] 
[  636.932754][T13812] [U] 
[  636.933709][T13812] [U] 
[  636.934911][T13812] [U] 
[  636.935830][T13812] [U] 
[  636.936745][T13812] [U] 
[  636.937665][T13812] [U] 
[  636.938848][T13812] [U] 
[  636.939821][T13812] [U] 
[  636.940702][T13812] [U] 
[  636.941601][T13812] [U] 
[  636.942714][T13812] [U] 
[  636.943626][T13812] [U] 
[  636.944562][T13812] [U] 
[  636.945517][T13812] [U] 
[  636.946658][T13812] [U] 
[  636.947666][T13812] [U] 
[  636.948653][T13812] [U] 
[  636.949642][T13812] [U] 
[  636.950896][T13812] [U] 
[  636.951788][T13812] [U] 
[  636.952678][T13812] [U] 
[  636.953539][T13812] [U] 
[  636.954491][T13812] [U] 
[  636.955384][T13812] [U] 
[  636.956252][T13812] [U] 
[  636.956626][T13814] random: crng reseeded on system resumption
[  636.957108][T13812] [U] 
[  636.961032][T13812] [U] 
[  636.962156][T13812] [U] 
[  636.963399][T13812] [U] 
[  636.964588][T13812] [U] 
[  636.965885][T13812] [U] 
[  636.966825][T13812] [U] 
[  636.967746][T13812] [U] 
[  636.968650][T13812] [U] 
[  636.969309][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  636.969322][   T40] audit: type=1326 audit(617.911:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13808 comm="syz.0.2213" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x0
[  636.969748][T13812] [U] 
[  636.979116][T13812] [U] 
[  636.980035][T13812] [U] 
[  636.980934][T13812] [U] 
[  636.983085][T13812] [U] 
[  636.984003][T13812] [U] 
[  636.984911][T13812] [U] 
[  636.985802][T13812] [U] 
[  636.986981][T13812] [U] 
[  636.987922][T13812] [U] 
[  636.988826][T13812] [U] 
[  636.989799][T13812] [U] 
[  636.991005][T13812] [U] 
[  636.992006][T13812] [U] 
[  636.993010][T13812] [U] 
[  636.994016][T13812] [U] 
[  636.995348][T13812] [U] 
[  636.996306][T13812] [U] 
[  636.997265][T13812] [U] 
[  636.998284][T13812] [U] 
[  636.999295][T13812] [U] 
[  637.000210][T13812] [U] 
[  637.001098][T13812] [U] 
[  637.001992][T13812] [U] 
[  637.003135][T13812] [U] 
[  637.004024][T13812] [U] 
[  637.004916][T13812] [U] 
[  637.005779][T13812] [U] 
[  637.006764][T13812] [U] 
[  637.007733][T13812] [U] 
[  637.008703][T13812] [U] 
[  637.009829][T13812] [U] 
[  637.011078][T13812] [U] 
[  637.012096][T13812] [U] 
[  637.013092][T13812] [U] 
[  637.014058][T13812] [U] 
[  637.015109][T13812] [U] 
[  637.016004][T13812] [U] 
[  637.016895][T13812] [U] 
[  637.017797][T13812] [U] 
[  637.018840][T13812] [U] 
[  637.019800][T13812] [U] 
[  637.020688][T13812] [U] 
[  637.021578][T13812] [U] 
[  637.022885][T13812] [U] 
[  637.023805][T13812] [U] 
[  637.024922][T13812] [U] 
[  637.026067][T13812] [U] 
[  637.027271][T13812] [U] 
[  637.028347][T13812] [U] 
[  637.029435][T13812] [U] 
[  637.030526][T13812] [U] 
[  637.031759][T13812] [U] 
[  637.032748][T13812] [U] 
[  637.033644][T13812] [U] 
[  637.034588][T13812] [U] 
[  637.035709][T13812] [U] 
[  637.036607][T13812] [U] 
[  637.037510][T13812] [U] 
[  637.038442][T13812] [U] 
[  637.039400][T13812] [U] 
[  637.040326][T13812] [U] 
[  637.041233][T13812] [U] 
[  637.217185][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  637.682990][T13808] [U] 
[  637.901962][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.151155][T13833] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  638.153405][T13833] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  638.158339][T13833] vhci_hcd vhci_hcd.0: Device attached
[  638.220880][T13833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.223800][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.229987][T13833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2211'.
[  638.623335][T13850] netlink: 'syz.3.2220': attribute type 13 has an invalid length.
[  638.625638][   T53] usb 38-1: SetAddress Request (74) to port 0
[  638.633506][T13850] netlink: 'syz.3.2220': attribute type 17 has an invalid length.
[  638.645285][T13850] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  638.653817][   T53] usb 38-1: new SuperSpeed USB device number 74 using vhci_hcd
[  638.752218][T13834] vhci_hcd: connection reset by peer
[  638.754597][ T1180] vhci_hcd vhci_hcd.0: stop threads
[  638.756382][ T1180] vhci_hcd vhci_hcd.0: release socket
[  638.758194][ T1180] vhci_hcd vhci_hcd.0: disconnect device
[  639.631615][ T6010] usb 5-1: new full-speed USB device number 56 using dummy_hcd
[  639.655636][T13852] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  639.658418][T13852] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  639.662097][T13852] vhci_hcd vhci_hcd.0: Device attached
[  640.758825][T13870] random: crng reseeded on system resumption
[  641.205095][T13260] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  641.208600][ T6010] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  641.212489][ T6010] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  641.218367][ T6010] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  641.221263][ T6010] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.224758][ T6010] usb 5-1: Product: syz
[  641.226436][ T6010] usb 5-1: Manufacturer: syz
[  641.228056][ T6010] usb 5-1: SerialNumber: syz
[  641.231163][ T6010] usb 5-1: config 0 descriptor??
[  641.245807][ T6010] hub 5-1:0.0: bad descriptor, ignoring hub
[  641.248234][ T6010] hub 5-1:0.0: probe with driver hub failed with error -5
[  641.252301][ T6010] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input53
[  641.865160][ T6007] usb 42-1: device descriptor read/8, error -110
[  641.983390][  T829] usb 5-1: USB disconnect, device number 56
[  641.993923][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  642.649740][T13882] nbd: must specify a size in bytes for the device
[  642.801306][T13866] vhci_hcd: connection reset by peer
[  642.803796][  T208] vhci_hcd vhci_hcd.3: stop threads
[  642.806045][  T208] vhci_hcd vhci_hcd.3: release socket
[  642.808958][   T39] usb 44-1: device descriptor read/8, error -110
[  642.811141][  T208] vhci_hcd vhci_hcd.3: disconnect device
[  642.870649][ T6007] usb usb42-port1: attempt power cycle
[  642.910363][T13886] nbd: must specify a size in bytes for the device
[  643.244781][   T39] usb usb44-port1: attempt power cycle
[  643.496931][T13898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.499915][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.507819][T13898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2229'.
[  643.513781][ T6007] usb usb42-port1: unable to enumerate USB device
[  643.516183][T13894] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  643.518546][T13894] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  643.521545][T13894] vhci_hcd vhci_hcd.0: Device attached
[  643.648758][T13899] vhci_hcd: connection closed
[  643.671157][  T101] vhci_hcd vhci_hcd.0: stop threads
[  643.674817][  T101] vhci_hcd vhci_hcd.0: release socket
[  643.676690][  T101] vhci_hcd vhci_hcd.0: disconnect device
[  643.901902][   T39] usb usb44-port1: unable to enumerate USB device
[  644.047087][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.130553][   T53] usb 38-1: device descriptor read/8, error -110
[  644.483378][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.549406][   T53] usb usb38-port1: attempt power cycle
[  645.159339][   T53] usb usb38-port1: unable to enumerate USB device
[  647.620242][ T6025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  647.732526][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  647.847310][T13956] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  647.849884][T13956] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  647.873398][T13956] vhci_hcd vhci_hcd.0: Device attached
[  647.947674][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2245'.
[  648.066670][   T39] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  648.155310][T13960] vhci_hcd: connection closed
[  648.187793][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  648.193964][  T208] vhci_hcd vhci_hcd.2: stop threads
[  648.195858][  T208] vhci_hcd vhci_hcd.2: release socket
[  648.197798][  T208] vhci_hcd vhci_hcd.2: disconnect device
[  648.253711][T13966] can0: slcan on ttyS3.
[  648.402971][   T39] usb 5-1: New USB device found, idVendor=1235, idProduct=8201, bcdDevice= 0.40
[  648.406508][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.409278][   T39] usb 5-1: Product: syz
[  648.410910][   T39] usb 5-1: Manufacturer: ⁋瀷ﳳꋑ▙२檷ႊ瘜帚瀯䷊ﲏ№ᩞ蒥Ԟꂣ쭘堠鹜愑萾筢㓉璓૪螂꽚닚飷ʆ婲ᆹ兀ئﻥꏧꃣ䘔Ό䇚탓ᙜ믯귯﯉哚㴞懞饥岗괂ᄫ跇貲꫆፭귱ὤ诃Ⴂ蹠汆倁街귒ꕸگ⼇쐬⭣葙㠷⼡⺴
[  648.431945][   T39] usb 5-1: SerialNumber: syz
[  648.650832][T13963] can0 (unregistered): slcan off ttyS3.
[  648.737939][T13955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  648.742282][T13955] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  648.883498][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  648.890369][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  648.969912][T13955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  648.974462][T13955] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  648.996554][   T39] usb 5-1: Audio class v2/v3 interfaces need an interface association
[  649.936030][   T39] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  649.946108][   T39] usb 5-1: USB disconnect, device number 57
[  650.225871][T13957] udevd[13957]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  650.970695][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.019531][T14014] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2255'.
[  651.181802][T14015] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2253'.
[  651.574706][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  652.818253][T11120] usb 6-1: new full-speed USB device number 53 using dummy_hcd
[  653.517035][T11120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  653.520735][T11120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  653.645770][T11120] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  653.667959][T11120] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.671091][T11120] usb 6-1: Product: syz
[  653.672560][T11120] usb 6-1: Manufacturer: syz
[  653.683743][T11120] usb 6-1: SerialNumber: syz
[  653.688001][T11120] usb 6-1: config 0 descriptor??
[  653.694784][T11120] hub 6-1:0.0: bad descriptor, ignoring hub
[  653.708306][T11120] hub 6-1:0.0: probe with driver hub failed with error -5
[  653.720101][T11120] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input54
[  654.639289][  T101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  654.859364][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.097619][T14047] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2267'.
[  655.682540][   T39] usb 6-1: USB disconnect, device number 53
[  655.844907][T14061] netlink: 'syz.2.2271': attribute type 13 has an invalid length.
[  655.847496][T14061] netlink: 'syz.2.2271': attribute type 17 has an invalid length.
[  655.858678][T14061] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  656.185364][T14072] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  656.188364][T14072] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  656.191577][T14072] vhci_hcd vhci_hcd.0: Device attached
[  656.210406][T14072] random: crng reseeded on system resumption
[  656.547692][   T53] usb 42-1: SetAddress Request (87) to port 0
[  656.551563][   T53] usb 42-1: new SuperSpeed USB device number 87 using vhci_hcd
[  656.688631][T14073] vhci_hcd: connection reset by peer
[  656.691432][ T1160] vhci_hcd vhci_hcd.2: stop threads
[  656.693640][ T1160] vhci_hcd vhci_hcd.2: release socket
[  656.696836][ T1160] vhci_hcd vhci_hcd.2: disconnect device
[  656.929592][T12255] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  657.059310][T14083] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  657.061531][T14083] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  657.065356][T14083] vhci_hcd vhci_hcd.0: Device attached
[  657.199639][T12255] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  657.204277][T12255] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  657.223321][T12255] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  657.227240][T12255] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.230722][T12255] usb 8-1: Product: syz
[  657.232501][T12255] usb 8-1: Manufacturer: syz
[  657.234284][T12255] usb 8-1: SerialNumber: syz
[  657.242466][T12255] usb 8-1: config 0 descriptor??
[  657.245617][T12255] hub 8-1:0.0: bad descriptor, ignoring hub
[  657.247835][T12255] hub 8-1:0.0: probe with driver hub failed with error -5
[  657.248551][T14082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2278'.
[  657.252013][T12255] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input55
[  657.360955][T13474] usb 40-1: SetAddress Request (71) to port 0
[  657.363971][T13474] usb 40-1: new SuperSpeed USB device number 71 using vhci_hcd
[  657.723352][ T1180] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.726227][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.752284][T14093] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  657.752538][T14084] vhci_hcd: connection reset by peer
[  657.754929][T14093] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  657.756722][T14093] vhci_hcd vhci_hcd.0: Device attached
[  657.781468][ T1180] vhci_hcd vhci_hcd.1: stop threads
[  657.789293][ T1180] vhci_hcd vhci_hcd.1: release socket
[  657.791328][ T1180] vhci_hcd vhci_hcd.1: disconnect device
[  658.151236][   T39] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  658.170183][T14096] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2280'.
[  658.760953][T14103] netlink: 'syz.1.2282': attribute type 1 has an invalid length.
[  658.918687][T14103] 8021q: adding VLAN 0 to HW filter on device bond1
[  658.949447][T14105] bond2: entered allmulticast mode
[  658.951542][T14105] 8021q: adding VLAN 0 to HW filter on device bond2
[  659.057808][T14102] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  659.061158][T14102] overlayfs: missing 'lowerdir'
[  659.291900][T14111] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2281'.
[  659.804484][T12255] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  660.231785][T14094] vhci_hcd: connection closed
[  660.233952][ T6470] vhci_hcd vhci_hcd.2: stop threads
[  660.238070][ T6470] vhci_hcd vhci_hcd.2: release socket
[  660.239893][ T6470] vhci_hcd vhci_hcd.2: disconnect device
[  660.459089][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  660.481475][ T7729] usb 8-1: USB disconnect, device number 12
[  660.569120][T14130] netlink: 284 bytes leftover after parsing attributes in process `syz.1.2289'.
[  660.572909][T14130] netlink: 284 bytes leftover after parsing attributes in process `syz.1.2289'.
[  661.335251][T14140] FAULT_INJECTION: forcing a failure.
[  661.335251][T14140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  661.339962][T14140] CPU: 1 UID: 0 PID: 14140 Comm: syz.0.2292 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  661.339994][T14140] Tainted: [L]=SOFTLOCKUP
[  661.339998][T14140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  661.340006][T14140] Call Trace:
[  661.340012][T14140]  <TASK>
[  661.340018][T14140]  dump_stack_lvl+0x100/0x190
[  661.340042][T14140]  should_fail_ex.cold+0x5/0xa
[  661.340056][T14140]  _copy_to_iter+0x1f3/0x1720
[  661.340073][T14140]  ? __pfx___skb_try_recv_datagram+0x10/0x10
[  661.340091][T14140]  ? __pfx__copy_to_iter+0x10/0x10
[  661.340107][T14140]  ? __skb_recv_datagram+0x1b2/0x220
[  661.340129][T14140]  simple_copy_to_iter+0x46/0x90
[  661.340144][T14140]  __skb_datagram_iter+0x129/0x900
[  661.340158][T14140]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  661.340175][T14140]  ? skb_recv_datagram+0x88/0xc0
[  661.340192][T14140]  skb_copy_datagram_iter+0xa1/0x270
[  661.340209][T14140]  netlink_recvmsg+0x27e/0xa90
[  661.340222][T14140]  ? __pfx_netlink_recvmsg+0x10/0x10
[  661.340232][T14140]  ? __fget_files+0x215/0x3d0
[  661.340244][T14140]  ? __fget_files+0x215/0x3d0
[  661.340256][T14140]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  661.340271][T14140]  ? __pfx_netlink_recvmsg+0x10/0x10
[  661.340282][T14140]  sock_recvmsg+0x1a4/0x1f0
[  661.340297][T14140]  __sys_recvfrom+0x200/0x300
[  661.340316][T14140]  ? __pfx___sys_recvfrom+0x10/0x10
[  661.340332][T14140]  ? __lock_acquire+0x4a5/0x2630
[  661.340363][T14140]  __ia32_compat_sys_socketcall+0x5eb/0x770
[  661.340385][T14140]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  661.340403][T14140]  ? lockdep_hardirqs_on+0x78/0x100
[  661.340424][T14140]  do_int80_emulation+0x141/0x6b0
[  661.340439][T14140]  asm_int80_emulation+0x1a/0x20
[  661.340450][T14140] RIP: 0023:0xf7115cab
[  661.340461][T14140] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  661.340472][T14140] RSP: 002b:00000000f538a3ac EFLAGS: 00000246 ORIG_RAX: 0000000000000066
[  661.340484][T14140] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f538a45c
[  661.340491][T14140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  661.340498][T14140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  661.340504][T14140] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  661.340510][T14140] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  661.340529][T14140]  </TASK>
[  661.849043][T14141] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2291'.
[  662.171794][   T53] usb 42-1: device descriptor read/8, error -110
[  662.212332][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.328987][T14150] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  662.331177][T14150] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  662.379104][T14150] vhci_hcd vhci_hcd.0: Device attached
[  662.612149][   T53] usb usb42-port1: attempt power cycle
[  662.747866][T14145] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2290'.
[  662.899329][T14152] vhci_hcd: connection reset by peer
[  662.902873][ T6470] vhci_hcd vhci_hcd.1: stop threads
[  662.904769][ T6470] vhci_hcd vhci_hcd.1: release socket
[  662.907836][ T6470] vhci_hcd vhci_hcd.1: disconnect device
[  662.907873][T13474] usb 40-1: device descriptor read/8, error -110
[  662.979805][T14162] nbd: must specify a size in bytes for the device
[  663.257685][   T53] usb usb42-port1: unable to enumerate USB device
[  663.334235][  T829] usb 7-1: new full-speed USB device number 61 using dummy_hcd
[  663.344796][T13474] usb usb40-port1: attempt power cycle
[  663.359316][T14164] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  663.361364][T14164] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  663.375414][T14164] vhci_hcd vhci_hcd.0: Device attached
[  663.495201][  T829] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  663.498765][  T829] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  663.505429][  T829] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  663.508326][  T829] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.510921][  T829] usb 7-1: Product: syz
[  663.512233][  T829] usb 7-1: Manufacturer: syz
[  663.513650][  T829] usb 7-1: SerialNumber: syz
[  663.536847][  T829] usb 7-1: config 0 descriptor??
[  663.540271][  T829] hub 7-1:0.0: bad descriptor, ignoring hub
[  663.542547][  T829] hub 7-1:0.0: probe with driver hub failed with error -5
[  663.546138][  T829] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input56
[  663.814721][ T6360] usb 44-1: SetAddress Request (34) to port 0
[  663.817442][ T6360] usb 44-1: new SuperSpeed USB device number 34 using vhci_hcd
[  663.889977][ T6470] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  664.326015][T14171] vhci_hcd: connection reset by peer
[  664.328304][ T6470] vhci_hcd vhci_hcd.3: stop threads
[  664.330040][ T6470] vhci_hcd vhci_hcd.3: release socket
[  664.337760][ T6470] vhci_hcd vhci_hcd.3: disconnect device
[  664.602218][T13474] usb usb40-port1: unable to enumerate USB device
[  665.503228][T13474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  665.879386][  T606] raw-gadget.0 gadget.2: failed to queue suspend event
[  666.276154][T14165] raw-gadget.0 gadget.2: failed to queue disconnect event
[  666.425042][ T7729] usb 7-1: USB disconnect, device number 61
[  666.576605][T14194] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  666.625600][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.703129][T14197] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2306'.
[  666.985831][T14202] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.989255][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.994554][T14202] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.997434][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.000989][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.001032][T14202] netlink: 'syz.0.2311': attribute type 21 has an invalid length.
[  667.001093][T14202] netlink: 'syz.0.2311': attribute type 1 has an invalid length.
[  667.011296][T14202] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2311'.
[  667.105808][T14207] netlink: 'syz.0.2312': attribute type 13 has an invalid length.
[  667.108693][T14207] netlink: 'syz.0.2312': attribute type 17 has an invalid length.
[  667.118027][T14207] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  667.843190][T14212] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  667.845477][T14212] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  667.848096][T14212] vhci_hcd vhci_hcd.0: Device attached
[  667.867784][T14212] random: crng reseeded on system resumption
[  667.980380][T14209] overlayfs: missing 'workdir'
[  667.996696][T12581] Bluetooth: hci4: link tx timeout
[  667.998752][T12581] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  668.063013][T14213] vhci_hcd: connection closed
[  668.064477][  T606] vhci_hcd vhci_hcd.0: stop threads
[  668.068270][  T606] vhci_hcd vhci_hcd.0: release socket
[  668.070474][  T606] vhci_hcd vhci_hcd.0: disconnect device
[  668.142396][   T34] usb 38-1: enqueue for inactive port 0
[  668.693779][   T34] usb usb38-port1: attempt power cycle
[  668.762191][ T6010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.774168][T14221] netlink: 'syz.2.2315': attribute type 13 has an invalid length.
[  668.776731][T14221] netlink: 'syz.2.2315': attribute type 17 has an invalid length.
[  668.799851][T14221] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  669.274710][ T6360] usb 44-1: device descriptor read/8, error -110
[  669.565897][T14240] random: crng reseeded on system resumption
[  669.569854][   T34] usb usb38-port1: unable to enumerate USB device
[  669.572129][T14237] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  669.574277][T14237] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  669.582222][T14237] vhci_hcd vhci_hcd.0: Device attached
[  669.723944][ T6360] usb usb44-port1: attempt power cycle
[  669.827066][T14238] vhci_hcd: connection closed
[  669.827818][  T208] vhci_hcd vhci_hcd.2: stop threads
[  669.831679][  T208] vhci_hcd vhci_hcd.2: release socket
[  669.834037][  T208] vhci_hcd vhci_hcd.2: disconnect device
[  669.862671][T13474] usb 42-1: enqueue for inactive port 0
[  670.204399][   T63] Bluetooth: hci4: command 0x0406 tx timeout
[  670.344145][ T6360] usb usb44-port1: unable to enumerate USB device
[  670.394983][T13474] usb usb42-port1: attempt power cycle
[  670.713443][T14248] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  670.729034][T14248] xt_HMARK: spi-set and port-set can't be combined
[  670.928978][T14255] netlink: 'syz.3.2324': attribute type 13 has an invalid length.
[  670.933619][T14255] netlink: 'syz.3.2324': attribute type 17 has an invalid length.
[  671.034480][T13474] usb usb42-port1: unable to enumerate USB device
[  671.401992][T14260] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2326'.
[  672.396462][T14279] random: crng reseeded on system resumption
[  672.494300][    C2] net_ratelimit: 6 callbacks suppressed
[  672.494315][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.543857][T14274] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  672.546411][T14274] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  672.549484][T14274] vhci_hcd vhci_hcd.0: Device attached
[  672.549553][T14284] vhci_hcd: connection closed
[  672.553190][ T1160] vhci_hcd vhci_hcd.3: stop threads
[  672.556808][ T1160] vhci_hcd vhci_hcd.3: release socket
[  672.558725][ T1160] vhci_hcd vhci_hcd.3: disconnect device
[  672.769391][ T1160] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.906396][T14292] FAULT_INJECTION: forcing a failure.
[  672.906396][T14292] name failslab, interval 1, probability 0, space 0, times 0
[  672.911905][T14292] CPU: 1 UID: 0 PID: 14292 Comm: syz.2.2333 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  672.911929][T14292] Tainted: [L]=SOFTLOCKUP
[  672.911934][T14292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  672.911942][T14292] Call Trace:
[  672.911949][T14292]  <TASK>
[  672.911956][T14292]  dump_stack_lvl+0x100/0x190
[  672.911986][T14292]  should_fail_ex.cold+0x5/0xa
[  672.912003][T14292]  should_failslab+0xc2/0x120
[  672.912019][T14292]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  672.912033][T14292]  ? nf_lwtunnel_net_init+0x38/0xf0
[  672.912047][T14292]  ? __pfx__proc_mkdir+0x10/0x10
[  672.912061][T14292]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  672.912087][T14292]  ? __pfx_nf_lwtunnel_net_init+0x10/0x10
[  672.912100][T14292]  kmemdup_noprof+0x29/0x60
[  672.912114][T14292]  nf_lwtunnel_net_init+0x38/0xf0
[  672.912129][T14292]  ops_init+0x1e2/0x5f0
[  672.912144][T14292]  setup_net+0x118/0x3a0
[  672.912158][T14292]  ? __pfx_setup_net+0x10/0x10
[  672.912171][T14292]  ? lockdep_init_map_type+0x5c/0x250
[  672.912192][T14292]  ? mutex_init_lockep+0x110/0x150
[  672.912222][T14292]  copy_net_ns+0x46f/0x7c0
[  672.912239][T14292]  create_new_namespaces+0x3ea/0xac0
[  672.912258][T14292]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  672.912276][T14292]  ksys_unshare+0x473/0xad0
[  672.912297][T14292]  ? __pfx_ksys_unshare+0x10/0x10
[  672.912318][T14292]  ? __pfx_ksys_write+0x10/0x10
[  672.912335][T14292]  __ia32_sys_unshare+0x30/0x40
[  672.912354][T14292]  __do_fast_syscall_32+0xe3/0x8c0
[  672.912372][T14292]  do_fast_syscall_32+0x32/0x70
[  672.912388][T14292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  672.912413][T14292] RIP: 0023:0xf7fb2f6c
[  672.912429][T14292] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  672.912445][T14292] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000136
[  672.912460][T14292] RAX: ffffffffffffffda RBX: 0000000066000080 RCX: 0000000000000000
[  672.912468][T14292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  672.912476][T14292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  672.912483][T14292] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  672.912491][T14292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  672.912507][T14292]  </TASK>
[  673.462055][T14298] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2334'.
[  674.058199][T13474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  674.121101][T14307] nbd: must specify a size in bytes for the device
[  674.336772][T14313] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2339'.
[  675.094053][T14327] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  675.097384][T14327] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  675.142342][T14327] vhci_hcd vhci_hcd.0: Device attached
[  675.430052][   T34] usb 38-1: SetAddress Request (82) to port 0
[  675.432762][   T34] usb 38-1: new SuperSpeed USB device number 82 using vhci_hcd
[  675.516100][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  675.815730][T14338] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  676.692730][T14350] nbd: must specify a size in bytes for the device
[  677.303616][T14342] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  677.306531][T14342] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  677.312850][T13474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.323743][  T208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.327989][T14342] vhci_hcd vhci_hcd.0: Device attached
[  677.340320][T14342] random: crng reseeded on system resumption
[  677.481082][T14357] vhci_hcd: connection closed
[  677.482178][ T1160] vhci_hcd vhci_hcd.3: stop threads
[  677.487033][ T1160] vhci_hcd vhci_hcd.3: release socket
[  677.488754][ T1160] vhci_hcd vhci_hcd.3: disconnect device
[  677.509264][T14326] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.526057][T14326] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.541895][T14326] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.569125][T14326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2344'.
[  677.704396][T14329] vhci_hcd: connection reset by peer
[  677.710381][  T208] vhci_hcd vhci_hcd.0: stop threads
[  677.712852][  T208] vhci_hcd vhci_hcd.0: release socket
[  677.720345][  T208] vhci_hcd vhci_hcd.0: disconnect device
[  678.294156][T14377] nbd: must specify a size in bytes for the device
[  679.220555][T14379] FAULT_INJECTION: forcing a failure.
[  679.220555][T14379] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  679.227538][T14379] CPU: 0 UID: 0 PID: 14379 Comm: syz.3.2360 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  679.227557][T14379] Tainted: [L]=SOFTLOCKUP
[  679.227562][T14379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  679.227569][T14379] Call Trace:
[  679.227573][T14379]  <TASK>
[  679.227578][T14379]  dump_stack_lvl+0x100/0x190
[  679.227600][T14379]  should_fail_ex.cold+0x5/0xa
[  679.227612][T14379]  ? fs_reclaim_acquire+0x70/0x100
[  679.227628][T14379]  should_fail_alloc_page+0xeb/0x140
[  679.227643][T14379]  prepare_alloc_pages+0x1f0/0x5f0
[  679.227659][T14379]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  679.227679][T14379]  ? lock_acquire+0x1cf/0x380
[  679.227697][T14379]  ? __lock_acquire+0x4a5/0x2630
[  679.227714][T14379]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  679.227734][T14379]  ? lock_acquire+0x1cf/0x380
[  679.227755][T14379]  ? __lock_acquire+0x4a5/0x2630
[  679.227768][T14379]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  679.227782][T14379]  ? policy_nodemask+0xed/0x4f0
[  679.227795][T14379]  alloc_pages_mpol+0x1fb/0x550
[  679.227809][T14379]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  679.227821][T14379]  ? find_held_lock+0x2b/0x80
[  679.227832][T14379]  ? filemap_get_entry+0x1a7/0x3b0
[  679.227843][T14379]  ? filemap_get_entry+0x1a7/0x3b0
[  679.227855][T14379]  folio_alloc_noprof+0x22/0x330
[  679.227870][T14379]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  679.227885][T14379]  ? __pfx_filemap_get_entry+0x10/0x10
[  679.227897][T14379]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  679.227917][T14379]  __filemap_get_folio_mpol+0x6a4/0xe70
[  679.227932][T14379]  iomap_write_begin+0x15bd/0x2340
[  679.227948][T14379]  ? rcu_is_watching+0x12/0xc0
[  679.227969][T14379]  ? __pfx_iomap_write_begin+0x10/0x10
[  679.227980][T14379]  ? fault_in_readable+0x14c/0x190
[  679.227992][T14379]  ? __pfx_fault_in_readable+0x10/0x10
[  679.228004][T14379]  ? inode_to_bdi+0x9e/0x160
[  679.228020][T14379]  iomap_file_buffered_write+0x48b/0xac0
[  679.228038][T14379]  ? __pfx_iomap_file_buffered_write+0x10/0x10
[  679.228050][T14379]  ? __lock_acquire+0x4a5/0x2630
[  679.228076][T14379]  ? __pfx_generic_write_checks+0x10/0x10
[  679.228095][T14379]  ? file_update_time_flags+0x373/0x500
[  679.228113][T14379]  fuse_file_write_iter+0x6f8/0x990
[  679.228135][T14379]  do_iter_readv_writev+0x6ee/0x920
[  679.228154][T14379]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  679.228178][T14379]  vfs_writev+0x360/0xe10
[  679.228195][T14379]  ? rcu_is_watching+0x12/0xc0
[  679.228215][T14379]  ? __pfx_vfs_writev+0x10/0x10
[  679.228233][T14379]  ? fdget_pos+0x2aa/0x380
[  679.228256][T14379]  ? __fget_files+0x21f/0x3d0
[  679.228271][T14379]  ? do_writev+0x13e/0x340
[  679.228280][T14379]  do_writev+0x13e/0x340
[  679.228290][T14379]  ? __pfx_do_writev+0x10/0x10
[  679.228300][T14379]  ? __pfx_ksys_write+0x10/0x10
[  679.228315][T14379]  __do_fast_syscall_32+0xe3/0x8c0
[  679.228330][T14379]  do_fast_syscall_32+0x32/0x70
[  679.228343][T14379]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  679.228358][T14379] RIP: 0023:0xf704ef6c
[  679.228367][T14379] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  679.228378][T14379] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000092
[  679.228390][T14379] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000000
[  679.228397][T14379] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  679.228404][T14379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  679.228410][T14379] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  679.228416][T14379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  679.228430][T14379]  </TASK>
[  679.446365][T14395] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2363'.
[  680.087930][T14402] netlink: 'syz.3.2365': attribute type 13 has an invalid length.
[  680.091096][T14402] netlink: 'syz.3.2365': attribute type 17 has an invalid length.
[  680.137131][T14402] net_ratelimit: 4 callbacks suppressed
[  680.137139][T14402] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  680.159949][T14404] openvswitch: netlink: Flow key attr not present in new flow.
[  680.410809][T14408] nbd: must specify a size in bytes for the device
[  680.483378][T14415] FAULT_INJECTION: forcing a failure.
[  680.483378][T14415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  680.488651][T14415] CPU: 3 UID: 0 PID: 14415 Comm: syz.2.2371 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  680.488672][T14415] Tainted: [L]=SOFTLOCKUP
[  680.488675][T14415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  680.488683][T14415] Call Trace:
[  680.488688][T14415]  <TASK>
[  680.488693][T14415]  dump_stack_lvl+0x100/0x190
[  680.488716][T14415]  should_fail_ex.cold+0x5/0xa
[  680.488730][T14415]  _copy_from_user+0x2e/0xd0
[  680.488747][T14415]  get_compat_msghdr+0xb3/0x4b0
[  680.488768][T14415]  ? __pfx_get_compat_msghdr+0x10/0x10
[  680.488792][T14415]  ? ___sys_recvmsg+0x177/0x1a0
[  680.488809][T14415]  ? kfree+0x2ec/0x6b0
[  680.488831][T14415]  ___sys_recvmsg+0x193/0x1a0
[  680.488852][T14415]  ? __pfx____sys_recvmsg+0x10/0x10
[  680.488870][T14415]  ? find_held_lock+0x2b/0x80
[  680.488887][T14415]  ? __pfx___might_resched+0x10/0x10
[  680.488907][T14415]  do_recvmmsg+0x563/0x760
[  680.488923][T14415]  ? __pfx_do_recvmmsg+0x10/0x10
[  680.488939][T14415]  ? ksys_write+0x190/0x250
[  680.488950][T14415]  ? ksys_write+0x190/0x250
[  680.488966][T14415]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  680.488983][T14415]  __sys_recvmmsg+0x21f/0x270
[  680.488995][T14415]  ? __pfx___sys_recvmmsg+0x10/0x10
[  680.489007][T14415]  ? ksys_write+0x1ac/0x250
[  680.489020][T14415]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  680.489038][T14415]  ? __do_fast_syscall_32+0x94/0x8c0
[  680.489051][T14415]  ? lockdep_hardirqs_on+0x78/0x100
[  680.489063][T14415]  __do_fast_syscall_32+0xe3/0x8c0
[  680.489076][T14415]  do_fast_syscall_32+0x32/0x70
[  680.489089][T14415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  680.489104][T14415] RIP: 0023:0xf7fb2f6c
[  680.489114][T14415] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  680.489127][T14415] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  680.489139][T14415] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000ac0
[  680.489146][T14415] RDX: 00000000040001de RSI: 0000000000010002 RDI: 0000000000000000
[  680.489153][T14415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  680.489159][T14415] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  680.489166][T14415] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  680.489179][T14415]  </TASK>
[  680.590276][T13474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.659136][T14417] input: syz0 as /devices/virtual/input/input57
[  680.806776][   T34] usb 38-1: device descriptor read/8, error -110
[  681.121845][ T6025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  681.660014][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.766839][   T34] usb usb38-port1: attempt power cycle
[  683.028282][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  683.362168][   T34] usb usb38-port1: unable to enumerate USB device
[  683.818543][T14441] input: syz0 as /devices/virtual/input/input58
[  684.892904][T14459] nbd: must specify a size in bytes for the device
[  684.958927][T14461] netlink: 'syz.2.2385': attribute type 13 has an invalid length.
[  684.962804][T14461] netlink: 'syz.2.2385': attribute type 17 has an invalid length.
[  684.999087][T14461] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  686.231375][T14468] random: crng reseeded on system resumption
[  686.238369][T14467] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  686.240996][T14467] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  686.249792][T14467] vhci_hcd vhci_hcd.0: Device attached
[  686.276364][T13474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  686.362824][T14457] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  686.725213][   T39] usb 42-1: SetAddress Request (95) to port 0
[  686.727619][   T39] usb 42-1: new SuperSpeed USB device number 95 using vhci_hcd
[  687.142272][ T1160] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  687.223640][T14469] vhci_hcd: connection reset by peer
[  687.228189][  T101] vhci_hcd vhci_hcd.2: stop threads
[  687.230128][  T101] vhci_hcd vhci_hcd.2: release socket
[  687.236916][  T101] vhci_hcd vhci_hcd.2: disconnect device
[  687.507942][T14479] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  687.647210][T14479] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  687.652484][T14479] overlayfs: failed to look up (tracing) for ino (-66)
[  687.684259][T14479] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2389'.
[  688.854839][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  688.859732][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  688.970905][T14491] nbd: must specify a size in bytes for the device
[  689.091857][T14497] tipc: Started in network mode
[  689.093869][T14497] tipc: Node identity 7f000001, cluster identity 4711
[  689.096360][T14497] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  689.106026][T14497] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  689.110515][T14497] tipc: Enabled bearer <udp:syz0>, priority 10
[  689.243737][T14501] netlink: 'syz.1.2398': attribute type 13 has an invalid length.
[  689.246507][T14501] netlink: 'syz.1.2398': attribute type 17 has an invalid length.
[  689.268502][T14501] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  690.318569][ T5808] tipc: Node number set to 2130706433
[  691.235408][T11120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  691.243219][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  691.572953][T14505] ------------[ cut here ]------------
[  691.574850][T14505] inode->i_blocks
[  691.574860][T14505] WARNING: mm/shmem.c:1430 at shmem_evict_inode+0x8e6/0xbd0, CPU#1: syz.0.2399/14505
[  691.579469][T14505] Modules linked in:
[  691.580887][T14505] CPU: 1 UID: 0 PID: 14505 Comm: syz.0.2399 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  691.585125][T14505] Tainted: [L]=SOFTLOCKUP
[  691.586743][T14505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  691.590237][T14505] RIP: 0010:shmem_evict_inode+0x8e6/0xbd0
[  691.592059][T14505] Code: fe e8 3e cd b9 ff 45 85 ff 75 ac e8 84 d2 b9 ff 48 8b 74 24 28 48 8b 7c 24 30 e8 45 7a 92 ff e9 e5 fd ff ff e8 6b d2 b9 ff 90 <0f> 0b 90 e9 59 f9 ff ff e8 5d d2 b9 ff 4c 89 e2 48 b8 00 00 00 00
[  691.598486][T14505] RSP: 0018:ffffc900037bf948 EFLAGS: 00010293
[  691.600736][T14505] RAX: 0000000000000000 RBX: ffff88805386a850 RCX: ffffffff824e6fee
SYZFAIL: failed to recv rpc
[  691.603556][T14505] RDX: ffff888024bd8000 RSI: ffffffff824e7695 RDI: ffff888024bd8000
[  691.606570][T14505] RBP: ffffc900037bfa70 R08: 0000000000000007 R09: 0000000000000000
[  691.609509][T14505] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008
[  691.612228][T14505] R13: 0000000000000000 R14: ffffed100a70d506 R15: 0000000000000000
[  691.615194][T14505] FS:  0000000000000000(0000) GS:ffff888097241000(0000) knlGS:0000000000000000
[  691.618335][T14505] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  691.620794][T14505] CR2: 00000000f734f998 CR3: 000000000e598000 CR4: 0000000000352ef0
[  691.623505][T14505] Call Trace:
[  691.624595][T14505]  <TASK>
[  691.625763][T14505]  ? __pfx_shmem_evict_inode+0x10/0x10
[  691.627536][T14505]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  691.629708][T14505]  ? find_held_lock+0x2b/0x80
[  691.631421][T14505]  ? evict+0x37e/0xad0
[  691.632838][T14505]  ? evict+0x37e/0xad0
[  691.634442][T14505]  ? __pfx_shmem_evict_inode+0x10/0x10
[  691.636537][T14505]  evict+0x3c2/0xad0
[  691.638201][T14505]  ? find_held_lock+0x2b/0x80
[  691.639784][T14505]  ? __pfx_evict+0x10/0x10
[  691.641328][T14505]  ? iput.part.0+0x5fd/0xf50
[  691.642873][T14505]  iput.part.0+0x605/0xf50
[  691.644297][T14505]  ? __pfx_inode_just_drop+0x10/0x10
[  691.646070][T14505]  iput+0x35/0x40
[  691.647319][T14505]  dentry_unlink_inode+0x2a1/0x490
[  691.649114][T14505]  __dentry_kill+0x1d0/0x600
[  691.650926][T14505]  finish_dput+0x76/0x480
[  691.652499][T14505]  dput.part.0+0x456/0x570
[  691.654298][T14505]  dput+0x1f/0x30
[  691.655548][T14505]  __fput+0x519/0xb40
[  691.656877][T14505]  ? _raw_spin_unlock_irq+0x23/0x50
[  691.658699][T14505]  task_work_run+0x150/0x240
[  691.660380][T14505]  ? __pfx_task_work_run+0x10/0x10
[  691.662129][T14505]  ? do_raw_spin_unlock+0x145/0x1e0
[  691.664083][T14505]  do_exit+0x8b8/0x2b60
[  691.665980][T14505]  ? preempt_schedule_thunk+0x16/0x30
[  691.668263][T14505]  ? __pfx_do_exit+0x10/0x10
[  691.670077][T14505]  ? preempt_schedule_thunk+0x16/0x30
[  691.671953][T14505]  do_group_exit+0xd5/0x2a0
[  691.673503][T14505]  __ia32_sys_exit_group+0x3e/0x50
[  691.675165][T14505]  ia32_sys_call+0x19ea/0x19f0
[  691.676879][T14505]  __do_fast_syscall_32+0xe3/0x8c0
[  691.678589][T14505]  do_fast_syscall_32+0x32/0x70
[  691.680266][T14505]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  691.682341][T14505] RIP: 0023:0xf6fdef6c
[  691.683768][T14505] Code: Unable to access opcode bytes at 0xf6fdef42.
[  691.686150][T14505] RSP: 002b:00000000ffbabd3c EFLAGS: 00000282 ORIG_RAX: 00000000000000fc
[  691.689688][T14505] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  691.692534][T14505] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7146d99
[  691.695138][T14505] RBP: 00000000f73a2ff4 R08: 0000000000000000 R09: 0000000000000000
[  691.697662][T14505] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  691.700257][T14505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  691.702880][T14505]  </TASK>
[  691.703926][T14505] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  691.706346][T14505] CPU: 1 UID: 0 PID: 14505 Comm: syz.0.2399 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  691.710197][T14505] Tainted: [L]=SOFTLOCKUP
[  691.711724][T14505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  691.715029][T14505] Call Trace:
[  691.716121][T14505]  <TASK>
[  691.717093][T14505]  dump_stack_lvl+0x100/0x190
[  691.718644][T14505]  vpanic+0x552/0x970
[  691.720013][T14505]  ? __pfx_vpanic+0x10/0x10
[  691.721492][T14505]  panic+0xd1/0xe0
[  691.722801][T14505]  ? __pfx_panic+0x10/0x10
[  691.724420][T14505]  ? check_panic_on_warn+0x1f/0x90
[  691.726332][T14505]  check_panic_on_warn.cold+0x19/0x34
[  691.728193][T14505]  ? shmem_evict_inode+0x8e6/0xbd0
[  691.729914][T14505]  __warn.cold+0x191/0x348
[  691.731395][T14505]  __report_bug+0x296/0x3d0
[  691.732882][T14505]  ? shmem_evict_inode+0x8e6/0xbd0
[  691.734554][T14505]  ? __pfx___report_bug+0x10/0x10
[  691.736213][T14505]  ? find_held_lock+0x2b/0x80
[  691.737818][T14505]  ? __lock_acquire+0x4a5/0x2630
[  691.739522][T14505]  ? shmem_evict_inode+0x8e6/0xbd0
[  691.741219][T14505]  report_bug+0xb2/0x220
[  691.742631][T14505]  ? shmem_evict_inode+0x8e6/0xbd0
[  691.744290][T14505]  handle_bug+0x16a/0x2a0
[  691.745700][T14505]  exc_invalid_op+0x17/0x50
[  691.747198][T14505]  asm_exc_invalid_op+0x1a/0x20
[  691.748794][T14505] RIP: 0010:shmem_evict_inode+0x8e6/0xbd0
[  691.750794][T14505] Code: fe e8 3e cd b9 ff 45 85 ff 75 ac e8 84 d2 b9 ff 48 8b 74 24 28 48 8b 7c 24 30 e8 45 7a 92 ff e9 e5 fd ff ff e8 6b d2 b9 ff 90 <0f> 0b 90 e9 59 f9 ff ff e8 5d d2 b9 ff 4c 89 e2 48 b8 00 00 00 00
[  691.757055][T14505] RSP: 0018:ffffc900037bf948 EFLAGS: 00010293
[  691.759034][T14505] RAX: 0000000000000000 RBX: ffff88805386a850 RCX: ffffffff824e6fee
[  691.761593][T14505] RDX: ffff888024bd8000 RSI: ffffffff824e7695 RDI: ffff888024bd8000
[  691.764368][T14505] RBP: ffffc900037bfa70 R08: 0000000000000007 R09: 0000000000000000
[  691.767103][T14505] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008
[  691.769918][T14505] R13: 0000000000000000 R14: ffffed100a70d506 R15: 0000000000000000
[  691.772426][T14505]  ? shmem_evict_inode+0x23e/0xbd0
[  691.774082][T14505]  ? shmem_evict_inode+0x8e5/0xbd0
[  691.775716][T14505]  ? shmem_evict_inode+0x8e5/0xbd0
[  691.777360][T14505]  ? __pfx_shmem_evict_inode+0x10/0x10
[  691.779140][T14505]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  691.781165][T14505]  ? find_held_lock+0x2b/0x80
[  691.782844][T14505]  ? evict+0x37e/0xad0
[  691.784259][T14505]  ? evict+0x37e/0xad0
[  691.785677][T14505]  ? __pfx_shmem_evict_inode+0x10/0x10
[  691.787487][T14505]  evict+0x3c2/0xad0
[  691.788762][T14505]  ? find_held_lock+0x2b/0x80
[  691.790270][T14505]  ? __pfx_evict+0x10/0x10
[  691.791553][T14505]  ? iput.part.0+0x5fd/0xf50
[  691.793218][T14505]  iput.part.0+0x605/0xf50
[  691.794704][T14505]  ? __pfx_inode_just_drop+0x10/0x10
[  691.796526][T14505]  iput+0x35/0x40
[  691.797868][T14505]  dentry_unlink_inode+0x2a1/0x490
[  691.799796][T14505]  __dentry_kill+0x1d0/0x600
[  691.801444][T14505]  finish_dput+0x76/0x480
[  691.802876][T14505]  dput.part.0+0x456/0x570
[  691.804337][T14505]  dput+0x1f/0x30
[  691.805546][T14505]  __fput+0x519/0xb40
[  691.806865][T14505]  ? _raw_spin_unlock_irq+0x23/0x50
[  691.808562][T14505]  task_work_run+0x150/0x240
[  691.810142][T14505]  ? __pfx_task_work_run+0x10/0x10
[  691.811813][T14505]  ? do_raw_spin_unlock+0x145/0x1e0
[  691.813600][T14505]  do_exit+0x8b8/0x2b60
[  691.815072][T14505]  ? preempt_schedule_thunk+0x16/0x30
[  691.817014][T14505]  ? __pfx_do_exit+0x10/0x10
[  691.818800][T14505]  ? preempt_schedule_thunk+0x16/0x30
[  691.820687][T14505]  do_group_exit+0xd5/0x2a0
[  691.822242][T14505]  __ia32_sys_exit_group+0x3e/0x50
[  691.823909][T14505]  ia32_sys_call+0x19ea/0x19f0
[  691.825473][T14505]  __do_fast_syscall_32+0xe3/0x8c0
[  691.827153][T14505]  do_fast_syscall_32+0x32/0x70
[  691.828744][T14505]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  691.830837][T14505] RIP: 0023:0xf6fdef6c
[  691.832204][T14505] Code: Unable to access opcode bytes at 0xf6fdef42.
[  691.834564][T14505] RSP: 002b:00000000ffbabd3c EFLAGS: 00000282 ORIG_RAX: 00000000000000fc
[  691.837798][T14505] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  691.840714][T14505] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7146d99
[  691.843250][T14505] RBP: 00000000f73a2ff4 R08: 0000000000000000 R09: 0000000000000000
[  691.845756][T14505] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  691.848306][T14505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  691.850905][T14505]  </TASK>
[  691.852668][T14505] Kernel Offset: disabled
[  691.854203][T14505] Rebooting in 86400 seconds..