last executing test programs:

8.619005615s ago: executing program 2 (id=1372):
r0 = socket(0xf, 0x803, 0x9) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000400)=0x9) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c) (async, rerun: 64)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) (rerun: 64)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001e140100"], 0x20}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0}) (async, rerun: 32)
mkdir(&(0x7f0000000080)='./file1\x00', 0x8)
mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_misc(r7, &(0x7f0000000140)="a1e68390", 0x4)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r7, 0x40a45321, 0x0) (async)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f0000000180)={0xe, 0x8, 0x10, 0x4, 0x5, 0x4}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async)
quotactl_fd$Q_SETQUOTA(r7, 0xffffffff80000800, 0x0, 0x0) (async, rerun: 32)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r6, 0x3, {0x2, 0xff}}, 0x18) (rerun: 32)

7.133990095s ago: executing program 0 (id=1379):
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x8)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000080)={0x4000})
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xb97a, r2, 0x600}, 0x38)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000580), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @val={0x3a, [0x30]}}}}]})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r8, 0x6000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

6.579526323s ago: executing program 2 (id=1381):
r0 = syz_io_uring_setup(0x34b8, &(0x7f0000000540)={0x0, 0x8550, 0x0, 0x1, 0xf, 0x0, 0x0}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r1, r2, r3, &(0x7f0000000280)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x1, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x12100, 0x1, {0x3}})
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r5 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r5, 0x81044820, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@bridge_getvlan={0x50, 0x72, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x50}}, 0x0)
openat$sysctl(0xffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0)

5.989736712s ago: executing program 0 (id=1386):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x4ee59ce4, 0xfffffffffffffffd, 0xfffffffc}, 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$IOCTL_STOP_ACCEL_DEV(r3, 0x40096101, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r2, 0x1, 0x0)
fchdir(r4)
ioprio_set$pid(0x3, 0x0, 0x0)
r5 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x6, 0x1, 0x5, 0x6, 0x4, 0x1, {0x1, 0x180, 0xff, 0x5, 0xfc, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r5, r5, &(0x7f0000000080)=0x2, 0x7f03)

4.767923403s ago: executing program 3 (id=1388):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x400, &(0x7f0000000140)=ANY=[@ANYRESOCT=0x0])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010022bd7000ffcbdfa52100000008000300aa420b97ad0db3cbab848af6c971120ff0192b8329e7958a4d982c679acd8c1e05f3592298d3b8bba9f46e9b2d2c3a1a230036bbc85ffc4f6c4a00d14811bb5d99ae46853f4aca70924e4f7e82bc4a0f5cb8a2de194508b058d506dc09589012902143fdfcb2ca30c6986e41bae6de204c5aa729bad597a5dc5b9479cfc888885020fba96818a5e4cac210f89eebe4332993232fa7af810f43a9425f153f552664ffffffffffffff7fa64bc314c8e809d45200", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8840)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
getrlimit(0x4, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r6 = openat(r5, &(0x7f0000000040)='./file1\x00', 0x8040, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f00000002c0)='./file0\x00', 0x1d7)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r7, 0x112, 0xb, &(0x7f0000001340)=0x33, 0x2)

3.908263482s ago: executing program 3 (id=1390):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
openat$binfmt_format(0xffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
setreuid(0x0, 0xee00)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)

3.906406139s ago: executing program 1 (id=1391):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000200)={0x0, 0xb, 0x10}, 0xc)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = openat$nci(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=<r8=>0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r10, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}]}, 0x1c}}, 0x0)
sendmsg$NFC_CMD_START_POLL(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r10, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r9, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r10, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
sendmsg$NFC_CMD_DISABLE_SE(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r5, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000800)
sendto$inet(r0, &(0x7f00000000c0)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)

3.906000775s ago: executing program 2 (id=1392):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$SNDCTL_SYNTH_ID(r1, 0xc08c5114, &(0x7f00000003c0)={"637bf629b5896eeb77e137c6e7f24b7891d6f012acc9fe23b2a34566bb56", 0x2, 0x1, 0x0, 0x101, 0x81, 0x5, 0x1, 0x6, [0x5, 0x4, 0x1, 0x401, 0x3, 0x2ab9, 0x4e2edc8b, 0x80000001, 0x8, 0x7, 0x3, 0x4, 0x7ef, 0xc, 0xffff0000, 0x2, 0x6, 0x7, 0x6]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_io_uring_setup(0x48, &(0x7f0000000300)={0x0, 0xf20f, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000000))
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003580)=ANY=[@ANYRES64=r2], 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@cgroup=r1, 0x36, 0x0, 0x1, &(0x7f00000001c0)=[0x0], 0x1, 0x0, &(0x7f0000000480), &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000600), <r7=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)={@fallback=r4, r1, 0x36, 0x0, 0x0, @void, @value=r1, @void, @void, r7}, 0x20)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYRESHEX=r2], 0x38}, 0x1, 0x0, 0x0, 0x8040044}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08786eb8", @ANYRES64=r7], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x980902, 0x5})
r9 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r9, 0x40086603, &(0x7f0000000040))

3.849980476s ago: executing program 3 (id=1393):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000340)=0x4, 0x12)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x74}}, &(0x7f0000000000)='GPL\x00'}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_ZERO(r1, 0x0, 0xc114)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x8, 0x0, 0x0, 0x4000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x6a040000)
r6 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0xc800)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x1f, 0x7ffdd000, 0x8000}], 0x320000)
writev(r6, &(0x7f0000000540)=[{&(0x7f0000001680)='0', 0x1}, {&(0x7f00000007c0)}], 0x2)

2.973789953s ago: executing program 2 (id=1394):
r0 = syz_open_dev$rtc(&(0x7f0000000000), 0x0, 0x8000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0xb00, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$ptmx(0xffffff9c, &(0x7f0000000040), 0x200042, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0xf, 0x0, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0xa0, 0x80}}, 0x1c}, 0x1, 0x0, 0x0, 0x400c0d4}, 0x8800)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r5, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mknod(&(0x7f0000000040)='./file0\x00', 0xffff8000, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.789057373s ago: executing program 0 (id=1395):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$kcm(0x11, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0x3}, {0xffff, 0xb}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004}, 0x4850)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x700, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee1611d4b8bf", 0x22}], 0x1}, 0x0)

2.788361983s ago: executing program 1 (id=1396):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
r3 = epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7f}, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000000)={0xa0000001})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040)={0x2004})
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_INGRESS={0x8}]}}]}, 0x3c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
r7 = socket$kcm(0x10, 0x2, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010027bd7000fedbdf2500000000", @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x50}, 0x80)

2.651667772s ago: executing program 2 (id=1397):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x400, &(0x7f0000000140)=ANY=[@ANYRESOCT=0x0])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010022bd7000ffcbdfa52100000008000300aa420b97ad0db3cbab848af6c971120ff0192b8329e7958a4d982c679acd8c1e05f3592298d3b8bba9f46e9b2d2c3a1a230036bbc85ffc4f6c4a00d14811bb5d99ae46853f4aca70924e4f7e82bc4a0f5cb8a2de194508b058d506dc09589012902143fdfcb2ca30c6986e41bae6de204c5aa729bad597a5dc5b9479cfc888885020fba96818a5e4cac210f89eebe4332993232fa7af810f43a9425f153f552664ffffffffffffff7fa64bc314c8e809d45200", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8840)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
getrlimit(0x4, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r6 = openat(r5, &(0x7f0000000040)='./file1\x00', 0x8040, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f00000002c0)='./file0\x00', 0x1d7)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000700)='./file1\x00')
ioctl$CDROM_DEBUG(0xffffffffffffffff, 0x5330, 0x1)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000001340)=0x33, 0x2)

2.568883788s ago: executing program 0 (id=1398):
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x9, 0x0, &(0x7f0000000040))
close(0xffffffffffffffff)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x40800)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000002080)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002040)={&(0x7f0000001400)={0xbb8, r3, 0x400, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x68, 0x80}}}}, [@NL80211_ATTR_TX_RATES={0x258, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x6c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xe, 0x7, 0xfff, 0x1, 0x3, 0x10, 0x9, 0x3]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0xe0, 0xfffc, 0x6, 0x9, 0xfc, 0xa5b, 0x1a3a]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xcb, 0xe83, 0x7, 0x8, 0x3, 0xfff8, 0x2, 0xe7]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x6, 0xc, 0x0, 0x1, 0x2, 0x7, 0xff]}}]}, @NL80211_BAND_5GHZ={0x64, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xfeb1, 0xde, 0x5, 0x2, 0x9, 0x8, 0xb, 0xfff]}}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x9, 0x74, 0x2, 0x2, 0x2, 0x36, 0x60, 0x4, 0x16, 0x9, 0x6c, 0x1, 0x30, 0x9, 0x30, 0x16, 0x36, 0xc, 0x48, 0x3, 0x12]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x8, 0x400, 0x2, 0x0, 0x5, 0x6]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x5, 0x4, 0x2, 0x24, 0x6bfc1789922be2b9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0xac, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3c, 0x2, [{0x0, 0x1}, {0x2, 0x3}, {0x1}, {0x6}, {0x6, 0x4}, {0x1, 0x2}, {0x3, 0x5}, {0x6, 0x4}, {0x2, 0x5}, {0x2, 0x2}, {0x7, 0x5}, {0x6, 0x3}, {0x5, 0xa}, {0x5, 0x3}, {0x2, 0x7}, {0x3, 0x4}, {0x0, 0x3}, {0x1, 0x2}, {0x4, 0x9}, {0x2, 0x2}, {0x1, 0x3}, {0x6, 0x3}, {0x1, 0xa}, {0x6, 0x2}, {0x4, 0x6}, {0x2, 0x5}, {0x3, 0x4}, {0x1, 0x3}, {0x6, 0x1}, {0x7, 0x7}, {0x2, 0x9}, {0x5, 0xa}, {0x0, 0x7}, {0x3, 0x5}, {0x4, 0x2}, {0x1, 0x1}, {0x0, 0x6}, {0x0, 0xa}, {0x5, 0x6}, {0x1, 0x8}, {0x0, 0x8}, {0x1, 0x8}, {0x6, 0x4}, {0x3}, {0x7, 0x6}, {0x2, 0x7}, {0x2, 0x8}, {0x2, 0x3}, {0x3, 0xa}, {0x3, 0x8}, {0x7, 0x5}, {0x5, 0x9}, {0x2, 0x5}, {0x6, 0xa}, {0x1, 0x7}, {0x5, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xd858, 0x1, 0x3, 0x1, 0xff, 0x8, 0x8, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xf07f, 0x9, 0x1, 0x6, 0x5, 0x0, 0xa4b2, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfe00, 0x101, 0x9, 0xffff, 0x6, 0x3130, 0x7, 0x9]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x5b5, 0xc2d, 0x10, 0x8, 0x18, 0x7, 0xb, 0x1ff]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x16, 0x6]}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xe548, 0x5, 0x8001, 0x4, 0x0, 0x5, 0x1000, 0x2]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x80, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x1a, 0x24, 0x30, 0x24, 0xb, 0x6c, 0x20, 0x48, 0x0, 0x2, 0xe1, 0x1b, 0x9, 0xc, 0x24, 0x30, 0x2, 0x4, 0x2, 0xc, 0x30, 0x1c, 0x1b, 0x12, 0x2, 0x2, 0x4, 0x4]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x7, 0xd, 0x28, 0xf85, 0x1ff, 0x97]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0xfa}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x30, 0x60, 0x6, 0x1, 0x4, 0x2, 0x1b, 0x18, 0x9, 0x1b, 0x3, 0x6c, 0x12, 0xc, 0x4, 0xc, 0x18, 0x36, 0x2]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x14, 0x2, [{0x4, 0x9}, {0x3, 0x9}, {0x5, 0x5}, {0x4, 0x1}, {0x4, 0x3}, {0x6, 0x1}, {0x0, 0x8}, {0x1, 0x9}, {0x5, 0x8}, {0x4, 0x8}, {0x1, 0x8}, {0x5, 0x9}, {0x0, 0xa}, {0x6, 0x6}, {0x6, 0x6}, {0x0, 0x8}]}]}]}, @NL80211_ATTR_TX_RATES={0x74, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x34, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x6, 0x0, 0xd507, 0x7f, 0xa, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x10, 0x7, 0x0, 0x0, 0x4b6f, 0x45a]}}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6c, 0x6, 0x5, 0x9, 0x48, 0x12, 0x60, 0x3, 0x16, 0x18, 0x60, 0x6e, 0x9, 0xc, 0x9]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x4d4b, 0x9, 0x2, 0x1, 0x32, 0x2, 0xc]}}]}]}, @NL80211_ATTR_TX_RATES={0x258, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7, 0x5, 0x0, 0xff01, 0x5, 0x2, 0xfffb]}}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x84, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x35, 0x2, [{0x7, 0x4}, {0x6, 0x5}, {0x4, 0x1}, {0x4, 0x2}, {0x6, 0x7}, {0x6, 0x7}, {0x0, 0x4}, {0x6, 0x6}, {0x7}, {0x4}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x8}, {0x1, 0xa}, {0x2, 0x8}, {0x4, 0x4}, {0x6, 0xa}, {0x4, 0x2}, {0x0, 0x3}, {0x0, 0x4}, {0x0, 0x9}, {0x2, 0x6}, {0x5}, {0x4, 0x3}, {0x0, 0x7}, {0x7, 0xa}, {0x0, 0x9}, {0x3, 0x5}, {0x2, 0x9}, {0x3, 0x7}, {0x6, 0x6}, {0x3, 0xa}, {0x1, 0x5}, {0x1, 0x3}, {0x1, 0xa}, {0x1, 0x3}, {0x3, 0x8}, {0x0, 0xa}, {0x2, 0x8}, {0x6, 0x7}, {0x6, 0x6}, {0x4, 0x1}, {0x2}, {0x6, 0x1}, {0x5, 0x7}, {0x5, 0x9}, {0x0, 0x6}, {0x7, 0x6}, {0x6, 0x6}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x16, 0x0, 0x12, 0x2, 0x30, 0x24]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdf, 0x200, 0xfc01, 0x1, 0x2, 0x8, 0xfe00, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0x7c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xe02c, 0x9, 0x400, 0x8, 0xff, 0x2, 0x2, 0x4]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x3, 0x9, 0x5, 0x36, 0x48, 0x12, 0x9, 0x0, 0x60, 0x4f, 0xc, 0x6, 0x36, 0x4]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x60, 0x5, 0x48, 0x1, 0x48, 0x4, 0x18, 0x60, 0x6, 0xb, 0x60, 0x18, 0x18, 0x36, 0x6, 0x24, 0x24, 0x9, 0x1, 0x6c, 0x30, 0x4, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x5df, 0x0, 0x5, 0xfff, 0x6919, 0xa, 0x73a4]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_2GHZ={0xc8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0xfff8, 0x81, 0x7, 0x6, 0x100, 0x1, 0x800]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x12, 0x9, 0x1, 0x53, 0x30, 0x5, 0x0, 0xb, 0x3, 0x4, 0x48, 0x2, 0x12, 0x5, 0x48]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x18, 0x1b, 0x16, 0x60, 0x3, 0xbfd495cf11b2058c, 0x4, 0x2, 0x5, 0x48, 0x3, 0xb, 0x60, 0x1, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x4}, {}, {0x7, 0x9}, {0x0, 0xa}, {0x1, 0x3}, {0x7, 0x1}, {0x1, 0x5}, {0x4, 0x8}, {0x1, 0xa}, {0x4, 0x1}, {0x7, 0x2}, {0x3, 0x6}, {0x2, 0x3}, {0x4, 0x8}, {0x3}, {0x7, 0x9}, {0x0, 0x6}, {0x1}, {0x4, 0x3}, {0x2, 0x9}, {0x4, 0x9}, {0x7, 0x4}, {0x6}, {0x6, 0x7}, {0x0, 0x9}, {0x0, 0x5}, {0x7, 0x9}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x9}, {0x0, 0x1}, {0x7, 0x3}, {0x0, 0xa}, {0x5, 0x7}, {0x6, 0xa}, {0x1, 0x3}, {0x1, 0x1}, {0x6, 0x9}, {0x3, 0x7}, {0x4, 0x9}, {0x2, 0x3}, {0x1, 0x9}, {0x0, 0x8}, {0x7, 0x6}, {0x5, 0x4}, {0x5, 0x2}, {0x6, 0x3}, {0x5, 0x8}, {0x1, 0x4}, {0x7}, {0x6, 0x7}, {0x7, 0xa}, {0x7, 0x3}]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x6c, 0x1b, 0x5, 0xc, 0x60, 0x9, 0x48, 0x4c, 0x30, 0x24, 0x24, 0x6, 0x48, 0x6c, 0x13, 0x1, 0x0, 0x2, 0x24, 0x36, 0x1b, 0x9, 0x6c, 0x6c, 0x9, 0x6c, 0x3, 0x12, 0x30, 0x30]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x28478b43d1594d86}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x27, 0x2, [{0x6}, {0x4, 0x5}, {0x1, 0x3}, {0x1, 0xa}, {0x7, 0x8}, {0x2, 0xa}, {0x6, 0x5}, {0x1, 0x1}, {0x5, 0x8}, {0x2, 0x3}, {0x4, 0x5}, {0x7, 0x8}, {0x1, 0x2}, {0x7, 0x4}, {0x1, 0x2}, {0x0, 0x2}, {0x1, 0x6}, {0x4, 0x3}, {0x3}, {0x1, 0x9}, {0x3, 0x1}, {0x0, 0x9}, {0x3, 0x3}, {0x5}, {0x6, 0xa}, {0x2, 0x2}, {0x4, 0x3}, {0x2, 0x1}, {0x2}, {0x6, 0xa}, {0x0, 0xa}, {0x0, 0x2}, {0x2, 0x1}, {0x1, 0x8}, {0x0, 0x1}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x1ac, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x80, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x49, 0x2, [{0x2, 0x6}, {0x1, 0x1}, {0x4, 0x3}, {0x7, 0x8}, {0x7, 0x5}, {0x0, 0x3}, {0x0, 0x6}, {0x0, 0x1}, {0x6, 0x1}, {0x0, 0x8}, {0x2, 0x7}, {0x0, 0xa}, {0x6, 0x6}, {0x4, 0x3}, {0x4, 0x4}, {0x7, 0x5}, {0x2, 0x7}, {0x6}, {}, {0x0, 0x5}, {0x6, 0x6}, {0x7, 0x2}, {0x3, 0x4}, {0x0, 0x1}, {0x0, 0x1}, {0x6, 0x5}, {0x0, 0xa}, {0x4, 0xa}, {0x5, 0x9}, {0x1, 0x4}, {0x4, 0x4}, {0x6}, {0x0, 0x3}, {0x2, 0xa}, {0x1}, {0x4, 0x5}, {0x1, 0x5}, {0x7, 0x7}, {0x6, 0x1}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x9}, {0x3, 0x4}, {0x0, 0x5}, {0x6}, {0x2, 0x1}, {0x2, 0x9}, {0x3, 0x5}, {0x6, 0x9}, {0x1, 0x7}, {0x6, 0x1}, {0x6, 0x2}, {0x1, 0x1}, {0x5, 0x6}, {0x6, 0x1}, {0x6, 0x8}, {0x0, 0x3}, {0x0, 0x5}, {0x5, 0x2}, {0x0, 0x1}, {0x7, 0x6}, {0x6, 0x1}, {0x5, 0x9}, {0x1, 0x7}, {0x1, 0x9}, {0x3, 0x1}, {0x0, 0x3}, {0x3, 0x4}, {0x6, 0x7}]}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x4, 0x30, 0xb, 0x30, 0x24, 0x1, 0x36, 0x24, 0x16, 0x16, 0x9, 0x48, 0x12, 0x0, 0x18, 0x2, 0x12, 0x30, 0x2, 0x16, 0x24, 0x18, 0x3, 0x6]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xe4, 0x6, 0x1, 0x9, 0x2, 0x1000, 0x4]}}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x8000, 0xa374, 0xd, 0x9, 0xc8, 0x2, 0x7]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x4, 0x2}, {0x6, 0x2}, {0x7, 0x4}, {0x3}, {0x2, 0x5}, {0x7, 0x6}, {0x6, 0x2}, {0x2, 0x4}, {0x0, 0x3}, {0x1, 0x7}, {}, {0x1, 0x2}, {0x7, 0x9}, {0x0, 0x9}, {0x1, 0x4}, {0x1, 0x3}, {0x3, 0x6}, {0x4, 0x6}, {0x3, 0x2}, {0x6}, {0x6, 0x7}, {0x6, 0x2}, {0x7, 0x3}, {0x3, 0x7}, {0x3, 0x7}, {0x4, 0x7}, {0x4, 0x5}, {0x3, 0x7}, {0x2, 0x6}, {0x1, 0x4}, {0x5, 0x7}, {0x7, 0x2}, {0x5}, {0x1, 0x4}, {0x3, 0x9}, {0x4, 0x6}, {0x1, 0x9}, {0x7}, {0x7, 0x4}, {0x5, 0x9}, {0x2, 0x3}, {0x1, 0x1}, {0x5, 0xa}, {0x0, 0x9}, {0x0, 0x8}, {0x2, 0x3}, {0x3, 0x7}, {0x0, 0xa}, {0x0, 0x8}, {0x6, 0x9}, {0x6, 0x5}, {0x6}, {0x6, 0x6}, {0x1, 0x9}, {0x7, 0x8}, {0x0, 0x4}, {0x3}, {0x2, 0x7}, {0x4, 0x1}, {0x2, 0x9}, {0x6, 0x6}, {0x4, 0x1}, {0x2, 0xa}, {0x5, 0x1}, {0x2, 0x5}, {0x7, 0xa}, {0x1, 0xa}, {0x0, 0x9}, {0x0, 0x5}]}]}, @NL80211_BAND_5GHZ={0x24, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x8, 0x1, [0x5, 0x2, 0x1b, 0x2]}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x3, 0x9, 0x6c, 0xc, 0x6, 0x6c, 0x9, 0x24, 0x6c, 0x6, 0x12, 0x1, 0x36, 0xb, 0x1, 0x6c, 0x36, 0x24, 0x16]}]}, @NL80211_BAND_5GHZ={0x7c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6, 0x5, 0x30, 0x60, 0x6c, 0x1b, 0x6, 0x5, 0x33, 0x36, 0x6c, 0x60, 0x48, 0xb, 0x2]}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x2, 0x9}, {0x3}, {0x6, 0x7}, {0x1, 0x3}, {0x5, 0x4}, {0x7, 0x2}, {0x0, 0x7}, {0x3, 0x4}, {0x1, 0x3}, {0x7, 0x8}, {0x4, 0x6}, {0x2, 0x8}, {0x1, 0x6}, {0x5, 0x6}, {0x0, 0x9}, {0x3, 0x1}, {0x0, 0x7}, {0x3, 0xa}, {0x7, 0x2}, {}, {0x6, 0x3}, {0x3, 0x5}, {0x4, 0x6}, {0x7, 0xa}, {0x2, 0x2}, {0x1, 0x2}, {0x1, 0x9}, {0x6, 0x1}, {0x6, 0x6}, {0x0, 0xa}, {}, {0x0, 0xa}, {0x3, 0x7}, {0x4, 0x6}, {0x6, 0x3}, {0x1, 0x1}, {0x1, 0x6}, {0x3}, {0x6, 0x6}, {0x3}, {0x7, 0x8}, {0x1, 0x1}, {0x4, 0x6}, {0x6}, {0x4, 0x4}, {0x0, 0x4}, {0x5, 0x2}, {0x5, 0x5}, {0x3, 0x1}, {}, {0x1, 0x3}, {0x6, 0x2}, {0x6, 0x4}, {0x2, 0xa}, {0x4, 0x9}, {0x7, 0x6}, {0x7, 0xa}, {0x3, 0xa}, {}, {0x5, 0x3}, {0x0, 0x1}, {0x7, 0xa}, {0x6, 0x3}, {0x2, 0x5}, {0x0, 0x8}, {0x7, 0x4}, {0x4}, {0x4, 0x8}, {0x7, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x0, 0x3, 0x30, 0x48, 0x1b, 0x16, 0x5, 0x9, 0xc]}]}]}, @NL80211_ATTR_TX_RATES={0x2c8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x3c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x9, 0x3, 0x0, 0x6, 0x2, 0x8, 0x80]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x101, 0x29, 0x3, 0x1, 0x2, 0x2, 0x3]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x74, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x36, 0x2, [{0x6, 0x1}, {0x2}, {0x3, 0x8}, {0x2, 0x6}, {0x3, 0x3}, {0x0, 0x3}, {0x2, 0x1}, {}, {0x5, 0x1}, {0x0, 0x5}, {0x2, 0x9}, {0x2, 0x3}, {0x4, 0x9}, {0x6, 0x6}, {0x1, 0x6}, {}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x2}, {0x0, 0xa}, {0x5}, {0x3, 0xa}, {0x0, 0x6}, {0x0, 0x1}, {0x5, 0xa}, {0x2, 0x7}, {0x0, 0x4}, {0x0, 0x2}, {0x3, 0x8}, {0x3, 0x3}, {0x1, 0x9}, {0x1, 0x7}, {0x0, 0xa}, {0x0, 0x8}, {0x1, 0x1}, {0x7, 0x4}, {0x3, 0x7}, {0x2}, {0x6, 0x2}, {0x5, 0x8}, {0x1, 0x7}, {0x6}, {0x7, 0x5}, {0x1, 0x6}, {0x0, 0x5}, {0x7, 0x9}, {0x5, 0x9}, {0x0, 0x5}, {0x0, 0x8}, {0x7, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xc, 0x5, 0xe, 0xffff, 0x1b, 0xf, 0x3]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x7, 0x40, 0x4, 0x800, 0xfff7, 0xffff]}}]}, @NL80211_BAND_60GHZ={0xcc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x2, 0x36, 0x24, 0x6, 0x5]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x5, 0x5}, {0x6, 0x6}, {0x0, 0x2}, {0x6, 0x2}, {0x1, 0x3}, {0x4, 0x7}, {0x0, 0x1}, {0x0, 0x6}, {0x2, 0xa}, {0x7, 0x2}, {0x7, 0x3}, {0x4, 0x4}, {0x6, 0x1}, {0x3, 0x3}, {0x3, 0x9}, {0x1, 0x2}, {0x1, 0x1}, {0x6, 0x4}, {0x4, 0x3}, {0x5, 0x6}, {0x0, 0x8}, {0x4, 0x3}, {0x1, 0x3}, {0x5, 0x1}, {0x0, 0x8}, {0x3, 0xa}, {0x6, 0x8}, {0x0, 0x4}, {0x3}, {0x6, 0x4}, {0x0, 0x3}, {0x2, 0x5}, {0x6, 0x5}, {0x3, 0x1}, {0x6, 0x3}, {0x6, 0xa}, {0x0, 0x8}, {0x6, 0x9}, {0x4, 0x1}, {0x0, 0x6}, {0x1, 0x7}, {0x4, 0xa}, {0x1, 0x4}, {0x1, 0x8}, {0x1, 0x7}, {0x2, 0x7}, {0x6, 0xa}, {0x5, 0x5}, {0x1, 0x4}, {0x2, 0x4}, {0x1, 0x9}, {0x0, 0x7}, {0x0, 0x8}, {0x4, 0x7}, {0x5, 0x3}, {0x5, 0x5}, {0x6, 0x6}, {0x3, 0x5}, {0x2, 0x6}, {0x5, 0x6}, {0x3, 0x7}, {0x3, 0x6}, {0x6}, {0x3, 0x4}, {0x6, 0x9}, {0x3, 0xa}, {0x1, 0x7}, {0x4, 0x6}, {0x3, 0x6}, {0x5, 0xa}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x2d, 0x2, [{0x3, 0x1}, {0x2, 0x3}, {0x2, 0x4}, {0x7, 0x2}, {0x3, 0x5}, {0x5, 0x1}, {0x5, 0x6}, {0x0, 0x5}, {0x5, 0x1}, {0x1, 0x6}, {0x5, 0x9}, {0x1, 0x6}, {0x5, 0x5}, {0x3, 0xa}, {0x6, 0x1}, {0x4, 0x3}, {0x0, 0x9}, {0x5, 0x1}, {0x4, 0xa}, {0x4, 0x7}, {0x7, 0x6}, {0x5, 0x9}, {0x7}, {0x2, 0xb}, {0x7, 0x9}, {0x3, 0x3}, {0x4, 0x5}, {0x1, 0x4}, {0x3, 0x3}, {0x5, 0x3}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x3}, {0x1, 0x1}, {0x1, 0x4}, {0x1, 0xa}, {0x4, 0x2}, {0x1, 0x9}, {0x1, 0x9}, {0x5, 0x7}, {0x3, 0x6}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x7, 0xa}, {0x7, 0x3}, {0x1, 0x1}, {0x7, 0xa}, {0x3, 0x8}, {0x0, 0x6}, {0x3, 0x2}, {0x2, 0x1}, {0x2, 0x4}, {0x4, 0x9}, {0x4, 0x8}, {0x0, 0x3}, {0x5, 0x9}, {0x6, 0x5}, {0x0, 0xa}, {0x1, 0x8}, {0x0, 0x4}, {0x1, 0x3}, {0x5, 0x17}, {0x5, 0x4}, {0x2, 0x4}, {0x6, 0x9}, {0x0, 0x5}, {0x5, 0x7}, {0x3, 0xa}]}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x3c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xd, 0x8, 0xf, 0x2, 0x1ff, 0x6, 0xdf6c, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x8, 0x1d44, 0x6, 0x8, 0x9, 0x6, 0xd]}}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x2, 0x1b, 0x75a4e16b6a62b13f, 0x60, 0xc, 0x2, 0x12, 0x6, 0xc, 0x9]}]}, @NL80211_BAND_6GHZ={0x7c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff5, 0x9, 0x2, 0xb, 0x9, 0x1ff, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x7, 0xa, 0x1, 0x9, 0x3, 0x9, 0x98]}}, @NL80211_TXRATE_HT={0x5, 0x2, [{}]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x3, 0x2}, {0x4}, {0x0, 0x7}, {0x7, 0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x7, 0x7}, {0x6}, {0x1}, {0x4, 0x2}, {0x4}, {0x7, 0x7}, {0x5, 0x3}, {0x5, 0xa}, {0x4, 0x6}, {0x5, 0x7}, {0x1, 0x9}, {0x0, 0x7}, {0x3, 0x5}, {0x0, 0x1}, {0x2, 0x4}, {0x1, 0x4}, {0x5, 0x7}, {0x5, 0x5}, {0x2, 0xa}, {0x1, 0x8}, {0x4, 0x5}, {0x4}, {0x1, 0x9}, {0x0, 0x2}, {0x0, 0x1}, {0x0, 0x3}, {0x4, 0x3}, {0x3, 0x7}, {0x7, 0x9}, {0x0, 0x2}, {0x6, 0xa}, {0x4, 0x4}, {0x3, 0x6}, {0x6, 0x6}, {0x0, 0x3}, {0x1, 0xa}, {0x4, 0x3}, {0x4, 0x7}, {0x2, 0x4}, {0x0, 0x2}, {0x4, 0x1}, {0x7, 0x9}, {0x1, 0x3}, {0x6, 0x9}, {0x3, 0x1}, {0x6, 0xa}, {0x7, 0x8}, {0x7, 0x9}, {0x1, 0x5}, {0x0, 0x5}, {0x3, 0x2}, {0x6}]}]}, @NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x58, 0x18, 0x2, 0x6c, 0x4, 0x2, 0x6, 0x48, 0xc, 0x1b, 0x1b, 0x1b, 0x16, 0x2, 0x3, 0xb, 0xc]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7, 0x2, 0x1ff, 0x6, 0x5, 0x3, 0x9f]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x5, 0xffff, 0x1, 0x4, 0x7, 0x6, 0x5]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x30, 0xb, 0x9, 0xc, 0x1b, 0x1, 0x5, 0x6c, 0x1, 0x3, 0x16, 0x1, 0xb, 0x30, 0x9, 0x60, 0x1, 0x4, 0x24, 0x16, 0x9, 0x5, 0xc, 0xc, 0x1b, 0xc, 0xb, 0x6c, 0x24]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x200, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x54, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x7082, 0x1, 0xf772, 0x3, 0x8, 0x6, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xd1, 0xa, 0xc, 0x9, 0x8cf, 0x6, 0x7, 0x800]}}, @NL80211_TXRATE_HT={0x17, 0x2, [{0x3, 0x2}, {0x0, 0x9}, {0x0, 0x9}, {0x1, 0x6}, {0x7, 0x6}, {0x2, 0x2}, {0x3, 0x4}, {0x7, 0x8}, {0x5, 0x5}, {0x0, 0x6}, {0x5, 0x5}, {0x0, 0x8}, {0x5, 0x5}, {0x1, 0x1}, {0x1, 0x5}, {0x7, 0x7}, {0x5, 0x1}, {0x5, 0x7}, {0x5, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6a, 0x3, 0x5, 0x6c, 0x18, 0x65, 0x9, 0x24, 0x30, 0x12, 0x4, 0x60, 0x3, 0x2, 0x4]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7fff, 0x1, 0xfff4, 0x8, 0x8, 0x2e0, 0x9, 0x8001]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_5GHZ={0x34, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x0, 0x4}, {0x4, 0x6}, {0x1, 0x3}, {0x7, 0x1}, {0x0, 0x3}, {0x3, 0x6}, {0x4}, {0x0, 0x1}, {0x3, 0x6}, {0x0, 0x3}, {0x5, 0x6}, {0x1, 0x9}, {0x4}, {0x3, 0x5}, {0x7, 0x4}, {0x1, 0x8}, {0x3, 0x2}, {0x1, 0x4}, {0x5, 0x7}, {0x7}, {0x6, 0xa}, {0x6, 0x5}, {0x4}, {0x2}, {0x6, 0xa}, {0x5, 0x6}, {0x3, 0x1}, {0x2, 0x4}, {0x0, 0x1}, {0x1, 0x5}, {0x2, 0x7}, {0x3, 0x8}, {0x5, 0x3}]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7, 0x8, 0x40, 0x8, 0xfff3, 0x6, 0xb09]}}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1ff, 0x800, 0x8000, 0x6, 0x4, 0x200d, 0x5, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x6, 0xffff, 0x200, 0x7, 0xa, 0x9, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x8001, 0xc, 0x53d4, 0x5, 0x1c0, 0x8, 0x324]}}]}, @NL80211_BAND_2GHZ={0x30, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x3, 0x0, 0x7, 0xb60f, 0x5, 0x1ff, 0x40]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x60, 0x2]}]}, @NL80211_BAND_6GHZ={0x58, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x10, 0x75a, 0x3ff, 0x3, 0x90c, 0xd2b, 0x0, 0x1ed]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x4, 0x800, 0x46, 0x5, 0xffff, 0x9, 0x800]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x89, 0x7, 0x0, 0x8c48, 0x3, 0x0, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x48, 0x18802e93217dbdc6, 0x6c, 0xc, 0x36, 0x6c, 0x6c, 0x0, 0x5, 0x18, 0x16, 0x0, 0x4, 0x36, 0x12, 0x36, 0x1b]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x9, 0xc, 0xe7b, 0x7, 0x2, 0x5, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9dc7, 0x7, 0x2, 0xffff, 0xc, 0x7, 0x400, 0x64]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0xbb8}, 0x1, 0x0, 0x0, 0x48044}, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

2.568116294s ago: executing program 0 (id=1399):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x2, &(0x7f0000000200)=@raw=[@jmp={0x7, 0x0, 0xa, 0x1}, @exit], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xc8781, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1c1002, 0x50)
ftruncate(r3, 0x2007ffb)
sendfile(r3, r4, 0x0, 0x1000000201005)

1.989622666s ago: executing program 1 (id=1400):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x400, &(0x7f0000000140)=ANY=[@ANYRESOCT=0x0])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010022bd7000ffcbdfa52100000008000300aa420b97ad0db3cbab848af6c971120ff0192b8329e7958a4d982c679acd8c1e05f3592298d3b8bba9f46e9b2d2c3a1a230036bbc85ffc4f6c4a00d14811bb5d99ae46853f4aca70924e4f7e82bc4a0f5cb8a2de194508b058d506dc09589012902143fdfcb2ca30c6986e41bae6de204c5aa729bad597a5dc5b9479cfc888885020fba96818a5e4cac210f89eebe4332993232fa7af810f43a9425f153f552664ffffffffffffff7fa64bc314c8e809d45200", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8840)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
getrlimit(0x4, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r6 = openat(r5, &(0x7f0000000040)='./file1\x00', 0x8040, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f00000002c0)='./file0\x00', 0x1d7)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r7, 0x112, 0xb, &(0x7f0000001340)=0x33, 0x2)

1.760181558s ago: executing program 3 (id=1401):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000603000/0x3000)=nil, 0x3000, 0x0, 0x4, 0x1c0000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
syz_emit_vhci(&(0x7f00000005c0)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "a731fa", 0x1}}}, 0xd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x844)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x9a974000)
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)

1.444219078s ago: executing program 2 (id=1402):
r0 = syz_open_dev$rtc(&(0x7f0000000000), 0x0, 0x8000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0xb00, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$ptmx(0xffffff9c, &(0x7f0000000040), 0x200042, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0xf, 0x0, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0xa0, 0x80}}, 0x1c}, 0x1, 0x0, 0x0, 0x400c0d4}, 0x8800)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r5, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r6, &(0x7f0000000080)='system.posix_acl_default\x00', 0x0, 0x0, 0x1)
mknod(&(0x7f0000000040)='./file0\x00', 0xffff8000, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

1.349703202s ago: executing program 0 (id=1403):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'mangle\x00', 0x0, [0x2, 0x0, 0xb65, 0x0, 0x2070]}, &(0x7f0000000080)=0x54)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
r3 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r3, &(0x7f0000000000)={0xa0000001})
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x8084)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
unshare(0x22020400)
r8 = memfd_create(&(0x7f00000001c0)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\v\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\xd5)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
execveat(r8, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r9 = dup(r7)
write$UHID_INPUT(r9, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b37090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f383b6c090890e0879b0a0ac6e70a9b3361959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000040)=@x86={0x5, 0x3, 0x6, 0x0, 0x8, 0x7, 0x6, 0x0, 0x4, 0x9, 0x48, 0x9, 0x0, 0x7, 0x1, 0xa, 0x1, 0x40, 0x10, '\x00', 0x4d, 0x1f})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003a00)=[{{&(0x7f0000000180)={0xa, 0x4e24, 0x0, @loopback, 0xa}, 0x1c, 0x0, 0x0, &(0x7f0000001f40)=[@pktinfo={{0x20, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0xe}}}}], 0x20}}], 0x1, 0x1000)
epoll_pwait(r3, &(0x7f00000000c0)=[{}, {}], 0x2, 0xfe, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="440000001000010404000000fdffffff00000000", @ANYRES8, @ANYBLOB="38410000440b00002400128009000100626f6e640000000014000280050001000100000008000200", @ANYBLOB="f7"], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

612.60231ms ago: executing program 3 (id=1404):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x2, &(0x7f0000000200)=@raw=[@jmp={0x7, 0x0, 0xa, 0x1}, @exit], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
listen(0xffffffffffffffff, 0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xc8781, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0x320e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x4c)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r2, 0x0, 0x0)
fchdir(r5)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1c1002, 0x50)
ftruncate(r6, 0x2007ffb)
sendfile(r6, r7, 0x0, 0x1000000201005)
mount$9p_fd(0x0, &(0x7f0000000280)='./cgroup\x00', &(0x7f0000000340), 0x8401, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4}, 0x50)

470.273804ms ago: executing program 1 (id=1405):
r0 = socket$alg(0x26, 0x5, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bind$alg(r0, &(0x7f00000025c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x7, &(0x7f0000000100)="fbffffff", 0x4)

327.567531ms ago: executing program 1 (id=1406):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$SNDCTL_SYNTH_ID(r1, 0xc08c5114, &(0x7f00000003c0)={"637bf629b5896eeb77e137c6e7f24b7891d6f012acc9fe23b2a34566bb56", 0x2, 0x1, 0x0, 0x101, 0x81, 0x5, 0x1, 0x6, [0x5, 0x4, 0x1, 0x401, 0x3, 0x2ab9, 0x4e2edc8b, 0x80000001, 0x8, 0x7, 0x3, 0x4, 0x7ef, 0xc, 0xffff0000, 0x2, 0x6, 0x7, 0x6]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r4, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003580)=ANY=[@ANYRES64=r2], 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@cgroup=r1, 0x36, 0x0, 0x1, &(0x7f00000001c0)=[0x0], 0x1, 0x0, &(0x7f0000000480), &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000600), <r6=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)={@fallback, r1, 0x36, 0x0, 0x0, @void, @value=r1, @void, @void, r6}, 0x20)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYRESHEX=r2], 0x38}, 0x1, 0x0, 0x0, 0x8040044}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08786eb8", @ANYRES64=r6], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x980902, 0x5})
r8 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r8, 0x40086603, &(0x7f0000000040))

254.586122ms ago: executing program 3 (id=1407):
r0 = socket(0x2, 0x1, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
fcntl$getown(r2, 0x9)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x44040}, 0x8000)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r3=>0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = creat(&(0x7f0000000240)='./bus\x00', 0xc2)
io_setup(0x5, &(0x7f0000000100)=<r7=>0x0)
io_submit(r7, 0x2, &(0x7f0000000200)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x1ca, r6, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, r6}])
write$P9_RVERSION(r6, &(0x7f0000000100)={0x15, 0x65, 0xffff, 0x5, 0x8, '9P2000.u'}, 0x15)
sendmsg$NL80211_CMD_SET_CQM(r5, 0x0, 0x800)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
ioctl$NBD_SET_SOCK(r1, 0xab00, r0)
ioctl$NBD_DO_IT(r1, 0xab03)
ioctl$NBD_CLEAR_SOCK(r1, 0xab04)

0s ago: executing program 1 (id=1408):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x2, &(0x7f0000000200)=@raw=[@jmp={0x7, 0x0, 0xa, 0x1}, @exit], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xc8781, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0x320e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x4c)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r2, 0x0, 0x0)
fchdir(r5)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1c1002, 0x50)
ftruncate(r6, 0x2007ffb)
sendfile(r6, r7, 0x0, 0x1000000201005)
mount$9p_fd(0x0, &(0x7f0000000280)='./cgroup\x00', &(0x7f0000000340), 0x8401, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4}, 0x50)

kernel console output (not intermixed with test programs):

repare+0x2db/0x5e0
[  204.737427][ T8801]  ? __anon_vma_prepare+0x2db/0x5e0
[  204.737445][ T8801]  folio_alloc_mpol_noprof+0x36/0x260
[  204.737462][ T8801]  vma_alloc_folio_noprof+0xed/0x1d0
[  204.737477][ T8801]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  204.737492][ T8801]  ? __anon_vma_prepare+0x2e2/0x5e0
[  204.737511][ T8801]  do_wp_page+0xd75/0x4350
[  204.737530][ T8801]  ? __pfx_do_wp_page+0x10/0x10
[  204.737545][ T8801]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  204.737561][ T8801]  __handle_mm_fault+0x1ab6/0x2a00
[  204.737580][ T8801]  ? mt_find+0x45e/0x8e0
[  204.737597][ T8801]  ? __pfx___handle_mm_fault+0x10/0x10
[  204.737612][ T8801]  ? __pfx_mt_find+0x10/0x10
[  204.737636][ T8801]  ? find_vma+0xbf/0x140
[  204.737648][ T8801]  ? __pfx_find_vma+0x10/0x10
[  204.737661][ T8801]  handle_mm_fault+0x37b/0xa30
[  204.737680][ T8801]  do_user_addr_fault+0x74c/0x12f0
[  204.737695][ T8801]  ? trace_page_fault_kernel+0x7a/0x200
[  204.737721][ T8801]  exc_page_fault+0x6f/0xd0
[  204.737738][ T8801]  asm_exc_page_fault+0x26/0x30
[  204.737749][ T8801] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[  204.737765][ T8801] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca e9 87 d9 03 00 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  204.737775][ T8801] RSP: 0018:ffffc90004e47988 EFLAGS: 00050293
[  204.737789][ T8801] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000800004d8
[  204.737796][ T8801] RDX: ffff888025538000 RSI: ffffffff8951865e RDI: ffff888025538000
[  204.737803][ T8801] RBP: ffffc90004e47d30 R08: 0000000000000005 R09: 0000000000000000
[  204.737809][ T8801] R10: 00000000800000f0 R11: 0000000000000000 R12: 0000000000000000
[  204.737816][ T8801] R13: 00000000800004c0 R14: ffffc90004e47d74 R15: 00000000800000f0
[  204.737827][ T8801]  ? ____sys_recvmsg+0x3ae/0x640
[  204.737844][ T8801]  ____sys_recvmsg+0x3b9/0x640
[  204.737860][ T8801]  ? __pfx_____sys_recvmsg+0x10/0x10
[  204.737881][ T8801]  ? __lock_acquire+0x4a5/0x2630
[  204.737900][ T8801]  ___sys_recvmsg+0x16a/0x1a0
[  204.737916][ T8801]  ? __pfx____sys_recvmsg+0x10/0x10
[  204.737943][ T8801]  do_recvmmsg+0x563/0x760
[  204.737961][ T8801]  ? __pfx_do_recvmmsg+0x10/0x10
[  204.737978][ T8801]  ? ksys_write+0x190/0x250
[  204.737993][ T8801]  ? ksys_write+0x190/0x250
[  204.738009][ T8801]  ? __fget_files+0x215/0x3d0
[  204.738022][ T8801]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  204.738042][ T8801]  __sys_recvmmsg+0x21f/0x270
[  204.738055][ T8801]  ? __pfx___sys_recvmmsg+0x10/0x10
[  204.738068][ T8801]  ? ksys_write+0x1ac/0x250
[  204.738082][ T8801]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  204.738096][ T8801]  ? __do_fast_syscall_32+0x98/0x970
[  204.738112][ T8801]  ? lockdep_hardirqs_on+0x78/0x100
[  204.738127][ T8801]  __do_fast_syscall_32+0xe7/0x970
[  204.738143][ T8801]  ? lockdep_hardirqs_on+0x78/0x100
[  204.738159][ T8801]  do_fast_syscall_32+0x32/0x70
[  204.738175][ T8801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.738189][ T8801] RIP: 0023:0xf702ef7c
[  204.738197][ T8801] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  204.738207][ T8801] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  204.738217][ T8801] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800004c0
[  204.738223][ T8801] RDX: 0000000000000f02 RSI: 00000000000000f0 RDI: 0000000000000000
[  204.738229][ T8801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.738235][ T8801] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  204.738241][ T8801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.738255][ T8801]  </TASK>
[  204.953755][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'.
[  204.959914][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'.
[  204.991810][ T8809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.857'.
[  205.176220][ T8763] vhci_hcd: connection reset by peer
[  205.179361][ T1169] vhci_hcd vhci_hcd.1: stop threads
[  205.181552][ T1169] vhci_hcd vhci_hcd.1: release socket
[  205.184948][ T1169] vhci_hcd vhci_hcd.1: disconnect device
[  205.207192][    T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  205.287232][ T1349] usb 6-1: USB disconnect, device number 15
[  205.537061][    T9] usb 5-1: Using ep0 maxpacket: 16
[  206.210174][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.213795][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  206.217135][    T9] usb 5-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  206.220206][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.267687][    T9] usb 5-1: config 0 descriptor??
[  206.289859][ T8826] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  206.298775][ T8826] FAULT_INJECTION: forcing a failure.
[  206.298775][ T8826] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  206.303840][ T8826] CPU: 1 UID: 0 PID: 8826 Comm: syz.1.864 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  206.303857][ T8826] Tainted: [L]=SOFTLOCKUP
[  206.303861][ T8826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  206.303868][ T8826] Call Trace:
[  206.303872][ T8826]  <TASK>
[  206.303876][ T8826]  dump_stack_lvl+0x100/0x190
[  206.303898][ T8826]  should_fail_ex.cold+0x5/0xa
[  206.303923][ T8826]  ? prepare_alloc_pages+0x16d/0x5f0
[  206.303941][ T8826]  should_fail_alloc_page+0xeb/0x140
[  206.303956][ T8826]  prepare_alloc_pages+0x1f0/0x5f0
[  206.303973][ T8826]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  206.303995][ T8826]  ? rcu_is_watching+0x12/0xc0
[  206.304008][ T8826]  ? trace_mm_page_alloc+0x163/0x1d0
[  206.304022][ T8826]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  206.304042][ T8826]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  206.304062][ T8826]  ? __pfx_stack_trace_save+0x10/0x10
[  206.304077][ T8826]  ? stack_depot_save_flags+0x27/0x9d0
[  206.304095][ T8826]  ? is_bpf_text_address+0x8a/0x1a0
[  206.304110][ T8826]  ? is_bpf_text_address+0x8a/0x1a0
[  206.304126][ T8826]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  206.304143][ T8826]  ? kasan_save_stack+0x3f/0x50
[  206.304154][ T8826]  ? kasan_save_stack+0x30/0x50
[  206.304164][ T8826]  ? kasan_save_track+0x14/0x30
[  206.304174][ T8826]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  206.304193][ T8826]  ? __get_vm_area_node+0x1ca/0x330
[  206.304210][ T8826]  ? __vmalloc_node_range_noprof+0x228/0x1630
[  206.304224][ T8826]  ? __vmalloc_node_noprof+0xad/0xf0
[  206.304238][ T8826]  ? copy_process+0x7fb/0x7ed0
[  206.304252][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304262][ T8826]  ? kvm_mmu_post_init_vm+0x1b3/0x370
[  206.304276][ T8826]  ? kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  206.304290][ T8826]  ? kvm_vcpu_ioctl+0x730/0x1720
[  206.304306][ T8826]  ? kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  206.304326][ T8826]  alloc_pages_bulk_noprof+0x649/0x1360
[  206.304348][ T8826]  ? policy_nodemask+0xed/0x4f0
[  206.304362][ T8826]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  206.304389][ T8826]  __kasan_populate_vmalloc+0xf0/0x210
[  206.304411][ T8826]  alloc_vmap_area+0x95d/0x2b70
[  206.304429][ T8826]  ? __pfx_alloc_vmap_area+0x10/0x10
[  206.304446][ T8826]  __get_vm_area_node+0x1ca/0x330
[  206.304463][ T8826]  __vmalloc_node_range_noprof+0x228/0x1630
[  206.304478][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304488][ T8826]  ? __pfx_clockevents_program_event+0x10/0x10
[  206.304501][ T8826]  ? find_held_lock+0x2b/0x80
[  206.304515][ T8826]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  206.304528][ T8826]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  206.304543][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304555][ T8826]  ? irqentry_exit+0x24d/0x970
[  206.304572][ T8826]  ? irqentry_exit+0x24d/0x970
[  206.304587][ T8826]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  206.304604][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304616][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304627][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304637][ T8826]  __vmalloc_node_noprof+0xad/0xf0
[  206.304652][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.304664][ T8826]  copy_process+0x7fb/0x7ed0
[  206.304687][ T8826]  ? __pfx_copy_process+0x10/0x10
[  206.304705][ T8826]  ? lockdep_init_map_type+0x5c/0x250
[  206.304723][ T8826]  ? lockdep_init_map_type+0x5c/0x250
[  206.304742][ T8826]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  206.304761][ T8826]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  206.304777][ T8826]  vhost_task_create+0x1db/0x370
[  206.304788][ T8826]  ? __pfx_vhost_task_create+0x10/0x10
[  206.304798][ T8826]  ? register_lock_class+0x40/0x560
[  206.304820][ T8826]  ? __pfx_vhost_task_fn+0x10/0x10
[  206.304832][ T8826]  ? __pfx___mutex_lock+0x10/0x10
[  206.304852][ T8826]  kvm_mmu_post_init_vm+0x1b3/0x370
[  206.304867][ T8826]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  206.304881][ T8826]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  206.304901][ T8826]  kvm_vcpu_ioctl+0x730/0x1720
[  206.304919][ T8826]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  206.304937][ T8826]  ? tomoyo_path_number_perm+0x188/0x580
[  206.304952][ T8826]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  206.304966][ T8826]  ? get_pid_task+0x106/0x250
[  206.304986][ T8826]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  206.305002][ T8826]  ? do_vfs_ioctl+0x226/0x13e0
[  206.305014][ T8826]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  206.305031][ T8826]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  206.305049][ T8826]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  206.305067][ T8826]  ? __fget_files+0x21f/0x3d0
[  206.305083][ T8826]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  206.305101][ T8826]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  206.305114][ T8826]  __do_fast_syscall_32+0xe7/0x970
[  206.305130][ T8826]  ? lockdep_hardirqs_on+0x78/0x100
[  206.305146][ T8826]  do_fast_syscall_32+0x32/0x70
[  206.305163][ T8826]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.305177][ T8826] RIP: 0023:0xf7fa5f7c
[  206.305187][ T8826] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  206.305201][ T8826] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  206.305233][ T8826] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000ae80
[  206.305244][ T8826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  206.305253][ T8826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.305263][ T8826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  206.305272][ T8826] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.305292][ T8826]  </TASK>
[  206.305441][ T8826] syz.1.864: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  206.538877][ T8826] CPU: 1 UID: 0 PID: 8826 Comm: syz.1.864 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  206.538897][ T8826] Tainted: [L]=SOFTLOCKUP
[  206.538901][ T8826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  206.538907][ T8826] Call Trace:
[  206.538924][ T8826]  <TASK>
[  206.538929][ T8826]  dump_stack_lvl+0x100/0x190
[  206.538952][ T8826]  warn_alloc.cold+0x95/0x1c1
[  206.538964][ T8826]  ? __pfx_warn_alloc+0x10/0x10
[  206.538982][ T8826]  ? lockdep_hardirqs_on+0x78/0x100
[  206.538999][ T8826]  ? __get_vm_area_node+0x2cd/0x330
[  206.539016][ T8826]  ? __get_vm_area_node+0x208/0x330
[  206.539033][ T8826]  __vmalloc_node_range_noprof+0xccd/0x1630
[  206.539049][ T8826]  ? __pfx_clockevents_program_event+0x10/0x10
[  206.539063][ T8826]  ? find_held_lock+0x2b/0x80
[  206.539076][ T8826]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  206.539090][ T8826]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  206.539105][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.539117][ T8826]  ? irqentry_exit+0x24d/0x970
[  206.539133][ T8826]  ? irqentry_exit+0x24d/0x970
[  206.539148][ T8826]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  206.539165][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.539177][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.539189][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.539199][ T8826]  __vmalloc_node_noprof+0xad/0xf0
[  206.539213][ T8826]  ? vhost_task_create+0x1db/0x370
[  206.539225][ T8826]  copy_process+0x7fb/0x7ed0
[  206.539248][ T8826]  ? __pfx_copy_process+0x10/0x10
[  206.539265][ T8826]  ? lockdep_init_map_type+0x5c/0x250
[  206.539284][ T8826]  ? lockdep_init_map_type+0x5c/0x250
[  206.539302][ T8826]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  206.539321][ T8826]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  206.539338][ T8826]  vhost_task_create+0x1db/0x370
[  206.539348][ T8826]  ? __pfx_vhost_task_create+0x10/0x10
[  206.539358][ T8826]  ? register_lock_class+0x40/0x560
[  206.539379][ T8826]  ? __pfx_vhost_task_fn+0x10/0x10
[  206.539391][ T8826]  ? __pfx___mutex_lock+0x10/0x10
[  206.539412][ T8826]  kvm_mmu_post_init_vm+0x1b3/0x370
[  206.539427][ T8826]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  206.539441][ T8826]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  206.539462][ T8826]  kvm_vcpu_ioctl+0x730/0x1720
[  206.539480][ T8826]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  206.539498][ T8826]  ? tomoyo_path_number_perm+0x188/0x580
[  206.539513][ T8826]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  206.539527][ T8826]  ? get_pid_task+0x106/0x250
[  206.539546][ T8826]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  206.539563][ T8826]  ? do_vfs_ioctl+0x226/0x13e0
[  206.539575][ T8826]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  206.539592][ T8826]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  206.539610][ T8826]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  206.539632][ T8826]  ? __fget_files+0x21f/0x3d0
[  206.539648][ T8826]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  206.539666][ T8826]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  206.539679][ T8826]  __do_fast_syscall_32+0xe7/0x970
[  206.539695][ T8826]  ? lockdep_hardirqs_on+0x78/0x100
[  206.539711][ T8826]  do_fast_syscall_32+0x32/0x70
[  206.539728][ T8826]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.539742][ T8826] RIP: 0023:0xf7fa5f7c
[  206.539751][ T8826] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  206.539762][ T8826] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  206.539773][ T8826] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000ae80
[  206.539780][ T8826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  206.539786][ T8826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.539791][ T8826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  206.539798][ T8826] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.539811][ T8826]  </TASK>
[  206.539874][ T8826] Mem-Info:
[  206.667796][ T8826] active_anon:5663 inactive_anon:25 isolated_anon:0
[  206.667796][ T8826]  active_file:14532 inactive_file:15198 isolated_file:0
[  206.667796][ T8826]  unevictable:1770 dirty:358 writeback:0
[  206.667796][ T8826]  slab_reclaimable:6096 slab_unreclaimable:52428
[  206.667796][ T8826]  mapped:24046 shmem:2240 pagetables:1312
[  206.667796][ T8826]  sec_pagetables:305 bounce:0
[  206.667796][ T8826]  kernel_misc_reclaimable:0
[  206.667796][ T8826]  free:64514 free_pcp:16979 free_cma:0
[  206.681540][ T8826] Node 0 active_anon:28kB inactive_anon:8kB active_file:0kB inactive_file:16kB unevictable:3544kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8652kB pagetables:1388kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  206.696412][ T8826] Node 1 active_anon:22624kB inactive_anon:92kB active_file:58128kB inactive_file:60776kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96160kB dirty:1432kB writeback:0kB shmem:5424kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5304kB pagetables:3760kB sec_pagetables:72kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  206.707800][ T8826] Node 0 DMA free:2060kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:472kB local_pcp:4kB free_cma:0kB
[  206.716780][ T8826] lowmem_reserve[]: 0 285 285 285 285
[  206.719204][ T8826] Node 0 DMA32 free:16360kB boost:0kB min:13096kB low:16368kB high:19640kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:8kB active_file:0kB inactive_file:16kB unevictable:3544kB writepending:0kB zspages:20kB present:1032196kB managed:292792kB mlocked:8kB bounce:0kB free_pcp:13580kB local_pcp:2872kB free_cma:0kB
[  206.729104][ T8826] lowmem_reserve[]: 0 0 0 0 0
[  206.730768][ T8826] Node 1 DMA32 free:239572kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22624kB inactive_anon:92kB active_file:58128kB inactive_file:60776kB unevictable:3536kB writepending:1436kB zspages:2980kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:54148kB local_pcp:11688kB free_cma:0kB
[  206.741431][ T8826] lowmem_reserve[]: 0 0 0 0 0
[  206.743158][ T8826] Node 0 DMA: 71*4kB (UM) 8*8kB (UM) 3*16kB (U) 16*32kB (U) 6*64kB (UM) 4*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2060kB
[  206.750385][ T8826] Node 0 DMA32: 666*4kB (UME) 384*8kB (UME) 100*16kB (UME) 62*32kB (UME) 42*64kB (UME) 20*128kB (UME) 5*256kB (UE) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 16360kB
[  206.762858][ T8826] Node 1 DMA32: 1153*4kB (UME) 696*8kB (UME) 651*16kB (UME) 169*32kB (UME) 87*64kB (ME) 151*128kB (UME) 145*256kB (UME) 92*512kB (UME) 74*1024kB (UM) 8*2048kB (UM) 3*4096kB (UM) = 239572kB
[  206.771002][ T8826] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  206.774210][ T8826] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  206.780484][ T8826] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  206.783632][ T8826] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  206.783726][   T40] kauditd_printk_skb: 47 callbacks suppressed
[  206.783741][   T40] audit: type=1326 audit(1779944331.665:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8830 comm="syz.3.866" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef7c code=0x0
[  206.786588][ T8826] 32164 total pagecache pages
[  206.797090][ T8826] 196 pages in swap cache
[  206.798596][ T8826] Free swap  = 118960kB
[  206.799984][ T8826] Total swap = 124996kB
[  206.801403][ T8826] 524155 pages RAM
[  206.802695][ T8826] 0 pages HighMem/MovableOnly
[  206.804293][ T8826] 210064 pages reserved
[  206.805744][ T8826] 0 pages cma reserved
[  207.758864][ T8850] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'.
[  208.101590][ T8861] sit0: left allmulticast mode
[  208.107801][ T8861] netlink: 'syz.1.873': attribute type 1 has an invalid length.
[  208.110274][ T8861] netlink: 1 bytes leftover after parsing attributes in process `syz.1.873'.
[  208.282256][ T8867] FAULT_INJECTION: forcing a failure.
[  208.282256][ T8867] name failslab, interval 1, probability 0, space 0, times 0
[  208.287359][ T8867] CPU: 2 UID: 0 PID: 8867 Comm: syz.2.875 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  208.287376][ T8867] Tainted: [L]=SOFTLOCKUP
[  208.287380][ T8867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  208.287387][ T8867] Call Trace:
[  208.287391][ T8867]  <TASK>
[  208.287397][ T8867]  dump_stack_lvl+0x100/0x190
[  208.287420][ T8867]  should_fail_ex.cold+0x5/0xa
[  208.287435][ T8867]  ? tomoyo_encode2+0xfb/0x3c0
[  208.287450][ T8867]  should_failslab+0xc2/0x120
[  208.287464][ T8867]  __kmalloc_noprof+0xe0/0x850
[  208.287474][ T8867]  ? d_absolute_path+0x136/0x1b0
[  208.287488][ T8867]  tomoyo_encode2+0xfb/0x3c0
[  208.287505][ T8867]  tomoyo_encode+0x29/0x50
[  208.287519][ T8867]  tomoyo_realpath_from_path+0x18c/0x690
[  208.287539][ T8867]  tomoyo_path_number_perm+0x23c/0x580
[  208.287552][ T8867]  ? tomoyo_path_number_perm+0x22e/0x580
[  208.287566][ T8867]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  208.287580][ T8867]  ? get_pid_task+0x106/0x250
[  208.287608][ T8867]  ? find_held_lock+0x2b/0x80
[  208.287622][ T8867]  ? __fget_files+0x215/0x3d0
[  208.287634][ T8867]  ? hook_file_ioctl_common+0x149/0x410
[  208.287647][ T8867]  ? __fget_files+0x215/0x3d0
[  208.287663][ T8867]  ? __fget_files+0x21f/0x3d0
[  208.287677][ T8867]  security_file_ioctl_compat+0xd3/0x230
[  208.287693][ T8867]  __ia32_compat_sys_ioctl+0xc2/0x360
[  208.287706][ T8867]  __do_fast_syscall_32+0xe7/0x970
[  208.287729][ T8867]  ? lockdep_hardirqs_on+0x78/0x100
[  208.287746][ T8867]  do_fast_syscall_32+0x32/0x70
[  208.287762][ T8867]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.287776][ T8867] RIP: 0023:0xf7f58f7c
[  208.287785][ T8867] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  208.287796][ T8867] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  208.287807][ T8867] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000040047435
[  208.287814][ T8867] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  208.287820][ T8867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.287826][ T8867] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  208.287833][ T8867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.287846][ T8867]  </TASK>
[  208.287858][ T8867] ERROR: Out of memory at tomoyo_realpath_from_path.
[  208.338212][ T8868] sit0: entered promiscuous mode
[  208.362426][ T8868] netlink: 'syz.2.875': attribute type 1 has an invalid length.
[  208.364802][ T8868] netlink: 1 bytes leftover after parsing attributes in process `syz.2.875'.
[  208.387105][ T7479] usb 40-1: device descriptor read/8, error -110
[  208.808039][ T7479] usb usb40-port1: attempt power cycle
[  208.810026][ T5913] usb 5-1: USB disconnect, device number 13
[  209.075340][ T8893] FAULT_INJECTION: forcing a failure.
[  209.075340][ T8893] name failslab, interval 1, probability 0, space 0, times 0
[  209.080904][ T8893] CPU: 1 UID: 0 PID: 8893 Comm: syz.1.878 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  209.080931][ T8893] Tainted: [L]=SOFTLOCKUP
[  209.080937][ T8893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  209.080947][ T8893] Call Trace:
[  209.080953][ T8893]  <TASK>
[  209.080960][ T8893]  dump_stack_lvl+0x100/0x190
[  209.080995][ T8893]  should_fail_ex.cold+0x5/0xa
[  209.081019][ T8893]  should_failslab+0xc2/0x120
[  209.081040][ T8893]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  209.081068][ T8893]  ? prepare_creds+0x2c/0x950
[  209.081089][ T8893]  prepare_creds+0x2c/0x950
[  209.081108][ T8893]  __do_sys_capset+0x270/0x460
[  209.081128][ T8893]  ? __pfx___do_sys_capset+0x10/0x10
[  209.081154][ T8893]  ? xfd_validate_state+0x129/0x190
[  209.081198][ T8893]  ? syscall_user_dispatch+0x76/0x130
[  209.081227][ T8893]  __do_fast_syscall_32+0xe7/0x970
[  209.081253][ T8893]  ? lockdep_hardirqs_on+0x78/0x100
[  209.081278][ T8893]  do_fast_syscall_32+0x32/0x70
[  209.081303][ T8893]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.081325][ T8893] RIP: 0023:0xf7fa5f7c
[  209.081339][ T8893] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  209.081354][ T8893] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 00000000000000b9
[  209.081372][ T8893] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000080000080
[  209.081383][ T8893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  209.081393][ T8893] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.081402][ T8893] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  209.081412][ T8893] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.081435][ T8893]  </TASK>
[  209.442015][ T7479] usb usb40-port1: unable to enumerate USB device
[  210.442577][ T8937] FAULT_INJECTION: forcing a failure.
[  210.442577][ T8937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.448013][ T8937] CPU: 2 UID: 0 PID: 8937 Comm: syz.2.891 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  210.448041][ T8937] Tainted: [L]=SOFTLOCKUP
[  210.448047][ T8937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  210.448058][ T8937] Call Trace:
[  210.448064][ T8937]  <TASK>
[  210.448070][ T8937]  dump_stack_lvl+0x100/0x190
[  210.448101][ T8937]  should_fail_ex.cold+0x5/0xa
[  210.448123][ T8937]  _copy_to_user+0x32/0xd0
[  210.448145][ T8937]  keyctl_read_key+0x329/0x510
[  210.448166][ T8937]  __ia32_compat_sys_keyctl+0x3a8/0x550
[  210.448192][ T8937]  __do_fast_syscall_32+0xe7/0x970
[  210.448220][ T8937]  ? lockdep_hardirqs_on+0x78/0x100
[  210.448247][ T8937]  do_fast_syscall_32+0x32/0x70
[  210.448274][ T8937]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.448296][ T8937] RIP: 0023:0xf7f58f7c
[  210.448309][ T8937] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  210.448326][ T8937] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000120
[  210.448343][ T8937] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020bfd65d
[  210.448355][ T8937] RDX: 0000000080000240 RSI: 00000000349b7f55 RDI: 0000000000000000
[  210.448366][ T8937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  210.448375][ T8937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.448384][ T8937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.448407][ T8937]  </TASK>
[  211.481799][ T8952] netlink: 8 bytes leftover after parsing attributes in process `syz.2.895'.
[  212.137218][ T8960] FAULT_INJECTION: forcing a failure.
[  212.137218][ T8960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.141179][ T8960] CPU: 1 UID: 0 PID: 8960 Comm: syz.0.898 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  212.141197][ T8960] Tainted: [L]=SOFTLOCKUP
[  212.141201][ T8960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  212.141207][ T8960] Call Trace:
[  212.141212][ T8960]  <TASK>
[  212.141217][ T8960]  dump_stack_lvl+0x100/0x190
[  212.141240][ T8960]  should_fail_ex.cold+0x5/0xa
[  212.141254][ T8960]  _copy_from_user+0x2e/0xd0
[  212.141271][ T8960]  kstrtouint_from_user+0xd6/0x1d0
[  212.141283][ T8960]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  212.141294][ T8960]  ? __lock_acquire+0x4a5/0x2630
[  212.141320][ T8960]  proc_fail_nth_write+0x83/0x220
[  212.141339][ T8960]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  212.141360][ T8960]  vfs_write+0x2aa/0x1070
[  212.141373][ T8960]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  212.141392][ T8960]  ? __pfx_vfs_write+0x10/0x10
[  212.141403][ T8960]  ? find_held_lock+0x2b/0x80
[  212.141417][ T8960]  ? __fget_files+0x215/0x3d0
[  212.141432][ T8960]  ? __fget_files+0x21f/0x3d0
[  212.141448][ T8960]  ksys_write+0x12a/0x250
[  212.141461][ T8960]  ? __pfx_ksys_write+0x10/0x10
[  212.141475][ T8960]  ? rcu_is_watching+0x12/0xc0
[  212.141489][ T8960]  do_int80_emulation+0x14b/0x720
[  212.141508][ T8960]  asm_int80_emulation+0x1a/0x20
[  212.141519][ T8960] RIP: 0023:0xf71661ab
[  212.141528][ T8960] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  212.141539][ T8960] RSP: 002b:00000000f53fc4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  212.141550][ T8960] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53fc5d0
[  212.141556][ T8960] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  212.141562][ T8960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.141568][ T8960] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  212.141574][ T8960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.141588][ T8960]  </TASK>
[  212.244217][ T1919] libceph: connect (1)[c::]:6789 error -99
[  212.248711][ T1919] libceph: mon0 (1)[c::]:6789 connect error
[  212.292945][ T8964] ceph: No mds server is up or the cluster is laggy
[  214.196884][ T9004] netlink: 12 bytes leftover after parsing attributes in process `syz.2.911'.
[  214.202544][ T9004] nbd: illegal input index 131084
[  214.400490][ T9015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.917'.
[  214.405679][ T9015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.917'.
[  214.858254][   T40] audit: type=1326 audit(1779944339.745:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  214.867352][ T9032] syz.3.918 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  214.943663][   T40] audit: type=1326 audit(1779944339.745:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  214.983128][   T40] audit: type=1326 audit(1779944339.755:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.003213][   T40] audit: type=1326 audit(1779944339.745:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.025596][   T40] audit: type=1326 audit(1779944339.755:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.092445][   T40] audit: type=1326 audit(1779944339.755:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.120820][   T40] audit: type=1326 audit(1779944339.755:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.208863][   T40] audit: type=1326 audit(1779944339.825:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.240147][   T40] audit: type=1326 audit(1779944339.835:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.299775][   T40] audit: type=1326 audit(1779944339.835:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.3.918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef7c code=0x7ffc0000
[  215.394217][ T9032] 9pnet_virtio: no channels available for device syz
[  215.952268][ T9050] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  215.952268][ T9050] �U�e�[���%#s'
[  217.461208][ T9066] program syz.1.929 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  217.717249][ T1919] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  217.877474][ T1919] usb 6-1: Using ep0 maxpacket: 16
[  217.880722][ T1919] usb 6-1: too many configurations: 123, using maximum allowed: 8
[  217.885116][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.890231][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.894860][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.899479][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.904336][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.909462][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.914343][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.919496][ T1919] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.924810][ T1919] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  217.929023][ T1919] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  217.932674][ T1919] usb 6-1: SerialNumber: syz
[  217.964483][ T1919] usb 6-1: config 0 descriptor??
[  217.978526][ T1919] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input27
[  218.059839][ T9082] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  218.059839][ T9082] �U�e�[���%#s'
[  218.269790][ T9086] netlink: 44 bytes leftover after parsing attributes in process `syz.1.929'.
[  218.273962][ T9086] tipc: Resetting bearer <eth:bridge0>
[  218.279871][ T9086] bridge0: left allmulticast mode
[  218.288601][ T9086] netlink: 44 bytes leftover after parsing attributes in process `syz.1.929'.
[  219.100925][ T9112] vlan2: entered allmulticast mode
[  219.102928][ T9112] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  219.775552][ T9118] netlink: 16 bytes leftover after parsing attributes in process `syz.0.937'.
[  219.778983][ T9118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.937'.
[  219.838858][ T9121] syzkaller0: entered promiscuous mode
[  219.840599][ T9121] syzkaller0: entered allmulticast mode
[  219.986390][ T9123] netlink: 8 bytes leftover after parsing attributes in process `syz.3.939'.
[  219.989579][ T9123] netlink: 'syz.3.939': attribute type 20 has an invalid length.
[  219.992268][ T9123] netlink: 'syz.3.939': attribute type 21 has an invalid length.
[  220.014676][ T9123] netlink: 20 bytes leftover after parsing attributes in process `syz.3.939'.
[  220.018025][ T9123] netlink: 20 bytes leftover after parsing attributes in process `syz.3.939'.
[  220.027157][ T5913] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  220.177148][ T5913] usb 5-1: Using ep0 maxpacket: 8
[  220.181251][ T5913] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  220.184849][ T5913] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  220.192199][ T5913] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  220.196430][ T5913] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  220.200729][ T5913] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  220.206101][ T5913] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  220.211986][ T5913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.423719][ T1038] usb 6-1: USB disconnect, device number 16
[  220.426457][ T6178] bcm5974 6-1:0.0: could not read from device
[  220.428712][ T5913] usb 5-1: usb_control_msg returned -32
[  220.430499][ T5913] usbtmc 5-1:16.0: can't read capabilities
[  220.462225][ T5136] bcm5974 6-1:0.0: could not read from device
[  220.519508][ T9135] FAULT_INJECTION: forcing a failure.
[  220.519508][ T9135] name failslab, interval 1, probability 0, space 0, times 0
[  220.523457][ T9135] CPU: 3 UID: 0 PID: 9135 Comm: syz.1.942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  220.523475][ T9135] Tainted: [L]=SOFTLOCKUP
[  220.523479][ T9135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  220.523486][ T9135] Call Trace:
[  220.523490][ T9135]  <TASK>
[  220.523495][ T9135]  dump_stack_lvl+0x100/0x190
[  220.523518][ T9135]  should_fail_ex.cold+0x5/0xa
[  220.523532][ T9135]  should_failslab+0xc2/0x120
[  220.523547][ T9135]  __kmalloc_cache_node_noprof+0x7d/0x770
[  220.523560][ T9135]  ? __get_vm_area_node+0x101/0x330
[  220.523576][ T9135]  __get_vm_area_node+0x101/0x330
[  220.523592][ T9135]  __vmalloc_node_range_noprof+0x228/0x1630
[  220.523608][ T9135]  ? create_io_thread+0xc2/0x110
[  220.523628][ T9135]  ? create_io_thread+0xc2/0x110
[  220.523646][ T9135]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  220.523665][ T9135]  ? rcu_is_watching+0x12/0xc0
[  220.523678][ T9135]  ? trace_kmem_cache_alloc+0xd5/0x100
[  220.523692][ T9135]  ? create_io_thread+0xc2/0x110
[  220.523706][ T9135]  __vmalloc_node_noprof+0xad/0xf0
[  220.523720][ T9135]  ? create_io_thread+0xc2/0x110
[  220.523736][ T9135]  copy_process+0x7fb/0x7ed0
[  220.523750][ T9135]  ? stack_trace_save+0x8e/0xc0
[  220.523765][ T9135]  ? __pfx_stack_trace_save+0x10/0x10
[  220.523779][ T9135]  ? stack_trace_save+0x8e/0xc0
[  220.523793][ T9135]  ? stack_depot_save_flags+0x27/0x9d0
[  220.523811][ T9135]  ? stack_depot_save_flags+0x27/0x9d0
[  220.523832][ T9135]  ? __pfx_copy_process+0x10/0x10
[  220.523845][ T9135]  ? __do_sys_io_uring_enter+0xa88/0x1b50
[  220.523863][ T9135]  ? do_fast_syscall_32+0x32/0x70
[  220.523880][ T9135]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.523898][ T9135]  ? __pfx_io_wq_worker+0x10/0x10
[  220.523915][ T9135]  create_io_thread+0xc2/0x110
[  220.523930][ T9135]  ? __pfx_create_io_thread+0x10/0x10
[  220.523948][ T9135]  ? __pfx_io_wq_worker+0x10/0x10
[  220.523965][ T9135]  ? lockdep_init_map_type+0x5c/0x250
[  220.523989][ T9135]  ? lockdep_init_map_type+0x5c/0x250
[  220.524007][ T9135]  ? __init_swait_queue_head+0xca/0x150
[  220.524021][ T9135]  create_io_worker+0x1cd/0x5b0
[  220.524038][ T9135]  io_wq_enqueue+0x4d8/0x970
[  220.524055][ T9135]  ? __pfx_io_wq_enqueue+0x10/0x10
[  220.524070][ T9135]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  220.524086][ T9135]  ? io_prep_async_work+0x3ab/0x720
[  220.524104][ T9135]  io_queue_iowq+0x232/0x5c0
[  220.524119][ T9135]  io_queue_sqe_fallback+0x16b/0x210
[  220.524137][ T9135]  io_submit_sqes+0x1e4d/0x24b0
[  220.524160][ T9135]  __do_sys_io_uring_enter+0xa88/0x1b50
[  220.524179][ T9135]  ? clockevents_program_event+0x1ef/0x820
[  220.524193][ T9135]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  220.524212][ T9135]  ? __pfx_clockevents_program_event+0x10/0x10
[  220.524224][ T9135]  ? find_held_lock+0x2b/0x80
[  220.524237][ T9135]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  220.524251][ T9135]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  220.524266][ T9135]  ? rcu_is_watching+0x12/0xc0
[  220.524280][ T9135]  __do_fast_syscall_32+0xe7/0x970
[  220.524299][ T9135]  do_fast_syscall_32+0x32/0x70
[  220.524315][ T9135]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.524329][ T9135] RIP: 0023:0xf7fa5f7c
[  220.524338][ T9135] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  220.524349][ T9135] RSP: 002b:00000000f54664ac EFLAGS: 00000282 ORIG_RAX: 00000000000001aa
[  220.524360][ T9135] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001
[  220.524366][ T9135] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000
[  220.524372][ T9135] RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000
[  220.524378][ T9135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  220.524384][ T9135] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.524398][ T9135]  </TASK>
[  220.524403][ T9135] syz.1.942: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  220.647881][ T9135] CPU: 3 UID: 0 PID: 9135 Comm: syz.1.942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  220.647899][ T9135] Tainted: [L]=SOFTLOCKUP
[  220.647903][ T9135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  220.647909][ T9135] Call Trace:
[  220.647913][ T9135]  <TASK>
[  220.647918][ T9135]  dump_stack_lvl+0x100/0x190
[  220.647942][ T9135]  warn_alloc.cold+0x95/0x1c1
[  220.647954][ T9135]  ? __pfx_warn_alloc+0x10/0x10
[  220.647973][ T9135]  ? trace_kmalloc+0xe3/0x110
[  220.647989][ T9135]  ? __kmalloc_cache_node_noprof+0x2d9/0x770
[  220.648003][ T9135]  ? __kasan_kmalloc+0x8a/0xb0
[  220.648015][ T9135]  ? __get_vm_area_node+0x208/0x330
[  220.648033][ T9135]  __vmalloc_node_range_noprof+0xccd/0x1630
[  220.648053][ T9135]  ? create_io_thread+0xc2/0x110
[  220.648072][ T9135]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  220.648090][ T9135]  ? rcu_is_watching+0x12/0xc0
[  220.648103][ T9135]  ? trace_kmem_cache_alloc+0xd5/0x100
[  220.648118][ T9135]  ? create_io_thread+0xc2/0x110
[  220.648132][ T9135]  __vmalloc_node_noprof+0xad/0xf0
[  220.648146][ T9135]  ? create_io_thread+0xc2/0x110
[  220.648162][ T9135]  copy_process+0x7fb/0x7ed0
[  220.648176][ T9135]  ? stack_trace_save+0x8e/0xc0
[  220.648191][ T9135]  ? __pfx_stack_trace_save+0x10/0x10
[  220.648205][ T9135]  ? stack_trace_save+0x8e/0xc0
[  220.648219][ T9135]  ? stack_depot_save_flags+0x27/0x9d0
[  220.648237][ T9135]  ? stack_depot_save_flags+0x27/0x9d0
[  220.648258][ T9135]  ? __pfx_copy_process+0x10/0x10
[  220.648271][ T9135]  ? __do_sys_io_uring_enter+0xa88/0x1b50
[  220.648289][ T9135]  ? do_fast_syscall_32+0x32/0x70
[  220.648306][ T9135]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.648325][ T9135]  ? __pfx_io_wq_worker+0x10/0x10
[  220.648341][ T9135]  create_io_thread+0xc2/0x110
[  220.648356][ T9135]  ? __pfx_create_io_thread+0x10/0x10
[  220.648375][ T9135]  ? __pfx_io_wq_worker+0x10/0x10
[  220.648392][ T9135]  ? lockdep_init_map_type+0x5c/0x250
[  220.648411][ T9135]  ? lockdep_init_map_type+0x5c/0x250
[  220.648429][ T9135]  ? __init_swait_queue_head+0xca/0x150
[  220.648443][ T9135]  create_io_worker+0x1cd/0x5b0
[  220.648460][ T9135]  io_wq_enqueue+0x4d8/0x970
[  220.648482][ T9135]  ? __pfx_io_wq_enqueue+0x10/0x10
[  220.648497][ T9135]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  220.648513][ T9135]  ? io_prep_async_work+0x3ab/0x720
[  220.648530][ T9135]  io_queue_iowq+0x232/0x5c0
[  220.648545][ T9135]  io_queue_sqe_fallback+0x16b/0x210
[  220.648563][ T9135]  io_submit_sqes+0x1e4d/0x24b0
[  220.648586][ T9135]  __do_sys_io_uring_enter+0xa88/0x1b50
[  220.648605][ T9135]  ? clockevents_program_event+0x1ef/0x820
[  220.648620][ T9135]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  220.648638][ T9135]  ? __pfx_clockevents_program_event+0x10/0x10
[  220.648651][ T9135]  ? find_held_lock+0x2b/0x80
[  220.648664][ T9135]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  220.648679][ T9135]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  220.648694][ T9135]  ? rcu_is_watching+0x12/0xc0
[  220.648708][ T9135]  __do_fast_syscall_32+0xe7/0x970
[  220.648726][ T9135]  do_fast_syscall_32+0x32/0x70
[  220.648743][ T9135]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.648757][ T9135] RIP: 0023:0xf7fa5f7c
[  220.648766][ T9135] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  220.648777][ T9135] RSP: 002b:00000000f54664ac EFLAGS: 00000282 ORIG_RAX: 00000000000001aa
[  220.648787][ T9135] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001
[  220.648794][ T9135] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000
[  220.648800][ T9135] RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000
[  220.648806][ T9135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  220.648812][ T9135] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.648825][ T9135]  </TASK>
[  220.648829][ T9135] Mem-Info:
[  220.768927][ T9135] active_anon:8652 inactive_anon:25 isolated_anon:0
[  220.768927][ T9135]  active_file:15561 inactive_file:15204 isolated_file:0
[  220.768927][ T9135]  unevictable:1770 dirty:789 writeback:0
[  220.768927][ T9135]  slab_reclaimable:6103 slab_unreclaimable:52631
[  220.768927][ T9135]  mapped:28208 shmem:5113 pagetables:1275
[  220.768927][ T9135]  sec_pagetables:308 bounce:0
[  220.768927][ T9135]  kernel_misc_reclaimable:0
[  220.768927][ T9135]  free:60455 free_pcp:16406 free_cma:0
[  220.782388][ T9135] Node 0 active_anon:28kB inactive_anon:8kB active_file:0kB inactive_file:16kB unevictable:3544kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8576kB pagetables:1388kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  220.792852][ T9135] Node 1 active_anon:34580kB inactive_anon:92kB active_file:62244kB inactive_file:60800kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:112808kB dirty:3156kB writeback:0kB shmem:16916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5508kB pagetables:3712kB sec_pagetables:84kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  220.804802][ T9135] Node 0 DMA free:2060kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:472kB local_pcp:36kB free_cma:0kB
[  220.814572][ T9135] lowmem_reserve[]: 0 285 285 285 285
[  220.816344][ T9135] Node 0 DMA32 free:16360kB boost:0kB min:13096kB low:16368kB high:19640kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:8kB active_file:0kB inactive_file:16kB unevictable:3544kB writepending:0kB zspages:20kB present:1032196kB managed:292792kB mlocked:8kB bounce:0kB free_pcp:13984kB local_pcp:3628kB free_cma:0kB
[  220.818306][ T9136] usbtmc 5-1:16.0: control status returned 0
[  220.827448][ T9135] lowmem_reserve[]: 0 0 0 0 0
[  220.831402][ T9135] Node 1 DMA32 free:223400kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:34580kB inactive_anon:92kB active_file:62244kB inactive_file:60800kB unevictable:3536kB writepending:3156kB zspages:2920kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:51120kB local_pcp:18808kB free_cma:0kB
[  220.844190][ T9135] lowmem_reserve[]: 0 0 0 0 0
[  220.845774][ T9135] Node 0 DMA: 71*4kB (UM) 8*8kB (UM) 3*16kB (U) 16*32kB (U) 6*64kB (UM) 4*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2060kB
[  220.850733][ T9135] Node 0 DMA32: 666*4kB (UME) 384*8kB (UME) 100*16kB (UME) 62*32kB (UME) 42*64kB (UME) 20*128kB (UME) 5*256kB (UE) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 16360kB
[  220.855935][ T9135] Node 1 DMA32: 1348*4kB (UME) 663*8kB (UME) 530*16kB (UME) 23*32kB (ME) 53*64kB (UME) 119*128kB (UME) 134*256kB (UME) 92*512kB (UME) 69*1024kB (UM) 6*2048kB (UM) 5*4096kB (UM) = 223368kB
[  220.862114][ T9135] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  220.865451][ T9135] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  220.868623][ T9135] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  220.871631][ T9135] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  220.874557][ T9135] 36155 total pagecache pages
[  220.876057][ T9135] 279 pages in swap cache
[  220.878617][ T9135] Free swap  = 118964kB
[  220.879994][ T9135] Total swap = 124996kB
[  220.881393][ T9135] 524155 pages RAM
[  220.882632][ T9135] 0 pages HighMem/MovableOnly
[  220.884126][ T9135] 210064 pages reserved
[  220.885473][ T9135] 0 pages cma reserved
[  221.017460][ T1038] usb 5-1: USB disconnect, device number 14
[  221.643594][ T9145] syzkaller0: entered promiscuous mode
[  221.646003][ T9145] syzkaller0: entered allmulticast mode
[  221.711485][ T9149] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  221.715721][ T9149] netlink: 'syz.2.945': attribute type 1 has an invalid length.
[  221.734666][ T9149] 8021q: adding VLAN 0 to HW filter on device bond1
[  221.843320][ T9154] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  221.843320][ T9154] �U�e�[���%#s'
[  222.446308][ T9144] tipc: Resetting bearer <eth:syzkaller0>
[  222.465362][ T9144] tipc: Disabling bearer <eth:syzkaller0>
[  222.846656][ T9161] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  222.846656][ T9161] �U�e�[���%#s'
[  224.465810][ T9197] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  224.465810][ T9197] �U�e�[���%#s'
[  226.474887][ T9210] netlink: 16 bytes leftover after parsing attributes in process `syz.0.962'.
[  228.713581][   T40] kauditd_printk_skb: 111 callbacks suppressed
[  228.713599][   T40] audit: type=1800 audit(1779944353.595:479): pid=9245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.973" name="/" dev="fuse" ino=1 res=0 errno=0
[  229.907832][ T9256] i2c i2c-1: Frontend requested software zigzag, but didn't set the frequency step size
[  230.488475][ T9282] loop7: detected capacity change from 0 to 7
[  230.633445][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.986'.
[  231.016256][ T1349] libceph: connect (1)[c::]:6789 error -101
[  231.019196][ T1349] libceph: mon0 (1)[c::]:6789 connect error
[  231.283883][ T1349] libceph: connect (1)[c::]:6789 error -101
[  231.286743][ T1349] libceph: mon0 (1)[c::]:6789 connect error
[  231.365309][ T9298] netlink: 20 bytes leftover after parsing attributes in process `syz.2.988'.
[  231.375708][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.988'.
[  231.899251][ T1349] libceph: connect (1)[c::]:6789 error -101
[  231.909651][ T1349] libceph: mon0 (1)[c::]:6789 connect error
[  231.912927][ T9287] ceph: No mds server is up or the cluster is laggy
[  232.704054][ T9320] autofs4:pid:9320:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.768), cmd(0xc0189375)
[  232.708688][ T9320] autofs4:pid:9320:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375)
[  233.925673][ T9343] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  233.925673][ T9343] �U�e�[���%#s'
[  235.124245][ T9350] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  235.124245][ T9350] �U�e�[���%#s'
[  236.937502][ T9392] bridge_slave_0: left allmulticast mode
[  236.939830][ T9392] bridge_slave_0: left promiscuous mode
[  236.942238][ T9392] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.951048][ T9392] bridge_slave_1: left promiscuous mode
[  236.969635][ T9392] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.987423][ T9392] bond0: (slave bond_slave_0): Releasing backup interface
[  236.990342][ T9392] bond_slave_0: left allmulticast mode
[  236.995431][ T9392] bond0: (slave bond_slave_1): Releasing backup interface
[  237.009511][ T9393] fuse: Bad value for 'fd'
[  237.018068][ T9392] bond_slave_1: left allmulticast mode
[  237.026292][ T9392] team0: Port device team_slave_0 removed
[  237.035007][ T9392] team0: Port device team_slave_1 removed
[  237.039706][ T9392] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.046384][ T9392] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.059369][ T9392] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  237.143434][ T9392] team0: Mode changed to "loadbalance"
[  237.173571][ T9389] binder: 9388:9389 ioctl 40309410 80000300 returned -22
[  237.385660][ T9403] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  237.385660][ T9403] �U�e�[���%#s'
[  239.374916][ T9427] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  239.374916][ T9427] �U�e�[���%#s'
[  239.480008][ T9430] FAULT_INJECTION: forcing a failure.
[  239.480008][ T9430] name failslab, interval 1, probability 0, space 0, times 0
[  239.484020][ T9430] CPU: 2 UID: 0 PID: 9430 Comm: syz.2.1033 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  239.484039][ T9430] Tainted: [L]=SOFTLOCKUP
[  239.484042][ T9430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  239.484049][ T9430] Call Trace:
[  239.484053][ T9430]  <TASK>
[  239.484058][ T9430]  dump_stack_lvl+0x100/0x190
[  239.484082][ T9430]  should_fail_ex.cold+0x5/0xa
[  239.484096][ T9430]  should_failslab+0xc2/0x120
[  239.484111][ T9430]  __kmalloc_cache_noprof+0x7a/0x6f0
[  239.484127][ T9430]  ? binder_alloc_new_buf+0x1bb/0x30b0
[  239.484146][ T9430]  binder_alloc_new_buf+0x1bb/0x30b0
[  239.484161][ T9430]  ? binder_debug+0xe0/0x190
[  239.484172][ T9430]  ? __pfx_binder_debug+0x10/0x10
[  239.484187][ T9430]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[  239.484206][ T9430]  binder_transaction+0x1eb0/0x9c10
[  239.484230][ T9430]  ? ktime_expiry_to_cycles+0xc0/0x2c0
[  239.484247][ T9430]  ? ktime_expiry_to_cycles+0x3c/0x2c0
[  239.484266][ T9430]  ? __pfx_binder_transaction+0x10/0x10
[  239.484279][ T9430]  ? clockevents_program_event+0x1ef/0x820
[  239.484295][ T9430]  ? __pfx_clockevents_program_event+0x10/0x10
[  239.484308][ T9430]  ? find_held_lock+0x2b/0x80
[  239.484322][ T9430]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  239.484339][ T9430]  ? __lock_acquire+0x4a5/0x2630
[  239.484355][ T9430]  ? irqentry_exit+0x24d/0x970
[  239.484371][ T9430]  ? lockdep_hardirqs_on+0x78/0x100
[  239.484386][ T9430]  ? irqentry_exit+0x24d/0x970
[  239.484406][ T9430]  ? __lock_acquire+0x4a5/0x2630
[  239.484423][ T9430]  ? __lock_acquire+0x4a5/0x2630
[  239.484441][ T9430]  ? is_bpf_text_address+0x94/0x1a0
[  239.484459][ T9430]  ? find_held_lock+0x2b/0x80
[  239.484472][ T9430]  ? __might_fault+0xc5/0x140
[  239.484489][ T9430]  ? __might_fault+0xc5/0x140
[  239.484510][ T9430]  binder_thread_write+0x9d6/0x4db0
[  239.484529][ T9430]  ? __lock_acquire+0x4a5/0x2630
[  239.484545][ T9430]  ? __pfx_binder_thread_write+0x10/0x10
[  239.484560][ T9430]  ? binder_debug+0xe0/0x190
[  239.484571][ T9430]  ? __pfx_binder_debug+0x10/0x10
[  239.484586][ T9430]  ? __might_fault+0xc5/0x140
[  239.484607][ T9430]  ? __pfx_binder_ioctl+0x10/0x10
[  239.484620][ T9430]  binder_ioctl+0x28f8/0x7550
[  239.484636][ T9430]  ? find_held_lock+0x2b/0x80
[  239.484648][ T9430]  ? tomoyo_path_number_perm+0x28f/0x580
[  239.484663][ T9430]  ? tomoyo_path_number_perm+0x28f/0x580
[  239.484678][ T9430]  ? tomoyo_path_number_perm+0x188/0x580
[  239.484692][ T9430]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  239.484707][ T9430]  ? __pfx_binder_ioctl+0x10/0x10
[  239.484723][ T9430]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  239.484758][ T9430]  ? do_vfs_ioctl+0x226/0x13e0
[  239.484771][ T9430]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  239.484786][ T9430]  ? find_held_lock+0x2b/0x80
[  239.484803][ T9430]  ? __fget_files+0x215/0x3d0
[  239.484816][ T9430]  ? hook_file_ioctl_common+0x149/0x410
[  239.484833][ T9430]  ? __fget_files+0x21f/0x3d0
[  239.484846][ T9430]  ? __pfx_binder_ioctl+0x10/0x10
[  239.484859][ T9430]  compat_ptr_ioctl+0x6e/0xa0
[  239.484870][ T9430]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  239.484880][ T9430]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  239.484893][ T9430]  __do_fast_syscall_32+0xe7/0x970
[  239.484909][ T9430]  ? lockdep_hardirqs_on+0x78/0x100
[  239.484925][ T9430]  do_fast_syscall_32+0x32/0x70
[  239.484942][ T9430]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.484956][ T9430] RIP: 0023:0xf7f58f7c
[  239.484965][ T9430] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  239.484976][ T9430] RSP: 002b:00000000f53f550c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  239.484988][ T9430] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0306201
[  239.484994][ T9430] RDX: 0000000080004a40 RSI: 0000000000000000 RDI: 0000000000000000
[  239.485001][ T9430] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  239.485007][ T9430] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  239.485013][ T9430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.485026][ T9430]  </TASK>
[  240.667159][ T1349] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  240.828998][ T1349] usb 7-1: config 0 interface 0 altsetting 255 has an endpoint descriptor with address 0xFA, changing to 0x8A
[  240.839382][ T1349] usb 7-1: config 0 interface 0 altsetting 255 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  240.845993][ T1349] usb 7-1: config 0 interface 0 altsetting 255 endpoint 0x8A has invalid maxpacket 92, setting to 64
[  240.857117][ T1349] usb 7-1: config 0 interface 0 has no altsetting 0
[  240.860890][ T1349] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  240.863770][ T1349] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  240.871566][ T1349] usb 7-1: Product: syz
[  240.872876][ T1349] usb 7-1: Manufacturer: syz
[  240.877296][ T1349] usb 7-1: SerialNumber: syz
[  240.887972][ T1349] usb 7-1: config 0 descriptor??
[  240.892340][ T9445] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  240.907341][ T1349] usb 7-1: selecting invalid altsetting 0
[  241.105491][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.109709][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.113351][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.116891][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.120693][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.124645][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.128399][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.131961][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.135551][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.139502][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.143044][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.146540][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.150558][ T9445] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  241.156592][ T5913] usb 7-1: USB disconnect, device number 7
[  241.159540][ T9445] usb 7-1: cannot submit urb 0, error -19: no device
[  241.852116][ T9460] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  241.852116][ T9460] �U�e�[���%#s'
[  242.685120][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1041'.
[  243.359879][ T9466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1043'.
[  244.313196][ T9493] overlayfs: workdir and upperdir must be separate subtrees
[  244.452375][ T9501] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1053'.
[  244.669987][ T9520] 9p: Could not find request transport: ���V�
P0xffffffffffffffff
[  245.356802][ T9532] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  245.432747][ T9537] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1062'.
[  245.439539][ T9537] FAULT_INJECTION: forcing a failure.
[  245.439539][ T9537] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.447380][ T9537] CPU: 1 UID: 0 PID: 9537 Comm: syz.2.1062 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  245.447399][ T9537] Tainted: [L]=SOFTLOCKUP
[  245.447403][ T9537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  245.447421][ T9537] Call Trace:
[  245.447425][ T9537]  <TASK>
[  245.447430][ T9537]  dump_stack_lvl+0x100/0x190
[  245.447453][ T9537]  should_fail_ex.cold+0x5/0xa
[  245.447468][ T9537]  _copy_from_user+0x2e/0xd0
[  245.447484][ T9537]  kstrtouint_from_user+0xd6/0x1d0
[  245.447497][ T9537]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  245.447508][ T9537]  ? __lock_acquire+0x4a5/0x2630
[  245.447532][ T9537]  proc_fail_nth_write+0x83/0x220
[  245.447551][ T9537]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  245.447572][ T9537]  vfs_write+0x2aa/0x1070
[  245.447585][ T9537]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  245.447604][ T9537]  ? __pfx_vfs_write+0x10/0x10
[  245.447615][ T9537]  ? find_held_lock+0x2b/0x80
[  245.447629][ T9537]  ? __fget_files+0x215/0x3d0
[  245.447645][ T9537]  ? __fget_files+0x21f/0x3d0
[  245.447662][ T9537]  ksys_write+0x12a/0x250
[  245.447674][ T9537]  ? __pfx_ksys_write+0x10/0x10
[  245.447688][ T9537]  ? rcu_is_watching+0x12/0xc0
[  245.447703][ T9537]  do_int80_emulation+0x14b/0x720
[  245.447722][ T9537]  asm_int80_emulation+0x1a/0x20
[  245.447733][ T9537] RIP: 0023:0xf71561ab
[  245.447747][ T9537] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  245.447758][ T9537] RSP: 002b:00000000f54164bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  245.447781][ T9537] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54165d0
[  245.447789][ T9537] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  245.447795][ T9537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  245.447801][ T9537] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  245.447807][ T9537] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  245.447822][ T9537]  </TASK>
[  245.586727][ T9539] netlink: 'syz.1.1063': attribute type 4 has an invalid length.
[  245.695754][ T9541] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1064'.
[  245.712002][ T9541] syzkaller1: entered promiscuous mode
[  245.714435][ T9541] syzkaller1: entered allmulticast mode
[  246.602836][ T9565] FAULT_INJECTION: forcing a failure.
[  246.602836][ T9565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.607406][ T9565] CPU: 3 UID: 0 PID: 9565 Comm: syz.2.1066 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  246.607442][ T9565] Tainted: [L]=SOFTLOCKUP
[  246.607447][ T9565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  246.607455][ T9565] Call Trace:
[  246.607461][ T9565]  <TASK>
[  246.607466][ T9565]  dump_stack_lvl+0x100/0x190
[  246.607494][ T9565]  should_fail_ex.cold+0x5/0xa
[  246.607512][ T9565]  _copy_from_user+0x2e/0xd0
[  246.607532][ T9565]  get_compat_msghdr+0xb3/0x4b0
[  246.607549][ T9565]  ? __pfx_get_compat_msghdr+0x10/0x10
[  246.607566][ T9565]  ? rcu_is_watching+0x12/0xc0
[  246.607582][ T9565]  ? ___sys_sendmsg+0x19d/0x1e0
[  246.607600][ T9565]  ? kfree+0x1dd/0x6c0
[  246.607619][ T9565]  ? __pfx__kstrtoull+0x10/0x10
[  246.607635][ T9565]  ___sys_sendmsg+0x1b6/0x1e0
[  246.607656][ T9565]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.607676][ T9565]  ? __lock_acquire+0x4a5/0x2630
[  246.607714][ T9565]  ? __pfx___might_resched+0x10/0x10
[  246.607733][ T9565]  __sys_sendmmsg+0x2ff/0x430
[  246.607751][ T9565]  ? __pfx___sys_sendmmsg+0x10/0x10
[  246.607777][ T9565]  ? __fget_files+0x215/0x3d0
[  246.607803][ T9565]  ? fput+0x79/0x100
[  246.607821][ T9565]  ? ksys_write+0x1ac/0x250
[  246.607840][ T9565]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  246.607858][ T9565]  ? lockdep_hardirqs_on+0x78/0x100
[  246.607879][ T9565]  __do_fast_syscall_32+0xe7/0x970
[  246.607900][ T9565]  ? lockdep_hardirqs_on+0x78/0x100
[  246.607921][ T9565]  do_fast_syscall_32+0x32/0x70
[  246.607942][ T9565]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  246.607961][ T9565] RIP: 0023:0xf7f58f7c
[  246.607973][ T9565] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  246.607988][ T9565] RSP: 002b:00000000f53f550c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  246.608002][ T9565] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080003b80
[  246.608011][ T9565] RDX: 0000000004000070 RSI: 0000000000008000 RDI: 0000000000000000
[  246.608019][ T9565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  246.608027][ T9565] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  246.608034][ T9565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  246.608053][ T9565]  </TASK>
[  249.597228][   T24] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  249.758312][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.761729][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.764641][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  249.768710][   T24] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  249.771811][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.775454][   T24] usb 6-1: config 0 descriptor??
[  249.975960][ T9619] FAULT_INJECTION: forcing a failure.
[  249.975960][ T9619] name failslab, interval 1, probability 0, space 0, times 0
[  249.981351][ T9619] CPU: 1 UID: 0 PID: 9619 Comm: syz.0.1089 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  249.981378][ T9619] Tainted: [L]=SOFTLOCKUP
[  249.981384][ T9619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  249.981393][ T9619] Call Trace:
[  249.981401][ T9619]  <TASK>
[  249.981408][ T9619]  dump_stack_lvl+0x100/0x190
[  249.981439][ T9619]  should_fail_ex.cold+0x5/0xa
[  249.981459][ T9619]  ? ioctx_alloc+0x6a5/0x21a0
[  249.981480][ T9619]  should_failslab+0xc2/0x120
[  249.981499][ T9619]  __kmalloc_noprof+0xe0/0x850
[  249.981519][ T9619]  ioctx_alloc+0x6a5/0x21a0
[  249.981548][ T9619]  ? find_held_lock+0x2b/0x80
[  249.981570][ T9619]  ? __pfx_ioctx_alloc+0x10/0x10
[  249.981604][ T9619]  __ia32_compat_sys_io_setup+0xc8/0x220
[  249.981630][ T9619]  __do_fast_syscall_32+0xe7/0x970
[  249.981654][ T9619]  ? lockdep_hardirqs_on+0x78/0x100
[  249.981677][ T9619]  do_fast_syscall_32+0x32/0x70
[  249.981700][ T9619]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.981720][ T9619] RIP: 0023:0xf702ef7c
[  249.981734][ T9619] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  249.981749][ T9619] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 00000000000000f5
[  249.981766][ T9619] RAX: ffffffffffffffda RBX: 000000000000239f RCX: 0000000080000380
[  249.981777][ T9619] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  249.981785][ T9619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.981795][ T9619] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  249.981804][ T9619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.981826][ T9619]  </TASK>
[  250.204330][   T24] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  250.469011][   T24] usb 6-1: USB disconnect, device number 17
[  250.589384][ T9641] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1096'.
[  250.700420][ T9644] bridge2: entered promiscuous mode
[  251.101723][ T9654] bridge3: entered promiscuous mode
[  251.245386][ T9664] lo speed is unknown, defaulting to 1000
[  251.248949][ T9664] lo speed is unknown, defaulting to 1000
[  251.252367][ T9664] lo speed is unknown, defaulting to 1000
[  251.449005][   T24] lo speed is unknown, defaulting to 1000
[  251.452386][ T9664] infiniband s
z1: set down
[  251.454544][ T9664] infiniband s
z1: added lo
[  251.467446][ T9664] smbdirect: ib_dev[s
z1]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  251.472023][ T9664] smbdirect: ib_dev[s
z1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  251.477330][ T9664] smbdirect: ib_dev[s
z1]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  251.501221][ T9664] RDS/IB: s
z1: added
[  251.502590][ T9664] smc: adding ib device s
z1 with port count 1
[  251.504552][ T9664] smc:    ib device s
z1 port 1 has no pnetid
[  251.509474][   T24] lo speed is unknown, defaulting to 1000
[  251.512729][ T9664] lo speed is unknown, defaulting to 1000
[  251.611600][ T9664] lo speed is unknown, defaulting to 1000
[  251.617235][ T5913] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  251.700929][ T9664] lo speed is unknown, defaulting to 1000
[  251.769534][ T5913] usb 7-1: config 0 has no interfaces?
[  251.771305][ T5913] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  251.774635][ T5913] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.780407][ T5913] usb 7-1: config 0 descriptor??
[  251.794136][ T9664] lo speed is unknown, defaulting to 1000
[  251.833672][ T9673] FAULT_INJECTION: forcing a failure.
[  251.833672][ T9673] name failslab, interval 1, probability 0, space 0, times 0
[  251.839963][ T9673] CPU: 3 UID: 0 PID: 9673 Comm: syz.3.1106 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  251.839993][ T9673] Tainted: [L]=SOFTLOCKUP
[  251.839999][ T9673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  251.840011][ T9673] Call Trace:
[  251.840017][ T9673]  <TASK>
[  251.840023][ T9673]  dump_stack_lvl+0x100/0x190
[  251.840065][ T9673]  should_fail_ex.cold+0x5/0xa
[  251.840090][ T9673]  should_failslab+0xc2/0x120
[  251.840113][ T9673]  __kmalloc_cache_noprof+0x7a/0x6f0
[  251.840139][ T9673]  ? kvm_dev_ioctl+0xa8d/0x1a50
[  251.840169][ T9673]  kvm_dev_ioctl+0xa8d/0x1a50
[  251.840198][ T9673]  ? find_held_lock+0x2b/0x80
[  251.840221][ T9673]  ? __fget_files+0x215/0x3d0
[  251.840243][ T9673]  ? hook_file_ioctl_common+0x149/0x410
[  251.840268][ T9673]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  251.840296][ T9673]  ? __fget_files+0x21f/0x3d0
[  251.840322][ T9673]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  251.840347][ T9673]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  251.840371][ T9673]  __do_fast_syscall_32+0xe7/0x970
[  251.840397][ T9673]  ? lockdep_hardirqs_on+0x78/0x100
[  251.840424][ T9673]  do_fast_syscall_32+0x32/0x70
[  251.840451][ T9673]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  251.840474][ T9673] RIP: 0023:0xf706ef7c
[  251.840490][ T9673] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  251.840508][ T9673] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  251.840526][ T9673] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01
[  251.840537][ T9673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  251.840548][ T9673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  251.840557][ T9673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.840593][ T9673] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  251.840618][ T9673]  </TASK>
[  251.885525][ T9664] lo speed is unknown, defaulting to 1000
[  251.953790][ T9679] 9pnet_fd: p9_fd_create_unix (9679): problem connecting socket: ./cgroup: -111
[  252.042713][   T24] usb 7-1: USB disconnect, device number 8
[  252.231896][ T9686] lo speed is unknown, defaulting to 1000
[  252.677226][   T24] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  252.848527][   T24] usb 5-1: Using ep0 maxpacket: 32
[  252.852486][   T24] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  252.855886][   T24] usb 5-1: config 0 has no interface number 0
[  252.863471][   T24] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  252.869672][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.873158][   T24] usb 5-1: Product: syz
[  252.874975][   T24] usb 5-1: Manufacturer: syz
[  252.877511][   T24] usb 5-1: SerialNumber: syz
[  252.882159][   T24] usb 5-1: config 0 descriptor??
[  252.887371][   T24] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  253.096746][   T24] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  253.116971][   T24] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  253.292052][ T9698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1115'.
[  253.514405][    C2] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  253.514667][ T5913] usb 5-1: USB disconnect, device number 15
[  253.534128][ T5913] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  253.546384][ T5913] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  253.547693][ T9718] sg_write: data in/out 34844/42 bytes for SCSI command 0x1a-- guessing data in;
[  253.547693][ T9718]    program syz.2.1121 not setting count and/or reply_len properly
[  253.555340][ T5913] quatech2 5-1:0.51: device disconnected
[  255.057494][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  255.187461][   T24] usb 5-1: device descriptor read/64, error -71
[  255.437416][   T24] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  255.587882][   T24] usb 5-1: device descriptor read/64, error -71
[  255.709390][   T24] usb usb5-port1: attempt power cycle
[  255.789939][ T9764] FAULT_INJECTION: forcing a failure.
[  255.789939][ T9764] name failslab, interval 1, probability 0, space 0, times 0
[  255.794774][ T9764] CPU: 2 UID: 0 PID: 9764 Comm: syz.3.1133 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  255.794803][ T9764] Tainted: [L]=SOFTLOCKUP
[  255.794809][ T9764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  255.794820][ T9764] Call Trace:
[  255.794827][ T9764]  <TASK>
[  255.794834][ T9764]  dump_stack_lvl+0x100/0x190
[  255.794860][ T9764]  should_fail_ex.cold+0x5/0xa
[  255.794876][ T9764]  should_failslab+0xc2/0x120
[  255.794890][ T9764]  __kmalloc_cache_noprof+0x7a/0x6f0
[  255.794910][ T9764]  ? nf_tables_newtable+0xcff/0x19f0
[  255.794935][ T9764]  ? nf_tables_newtable+0x2c1/0x19f0
[  255.794965][ T9764]  nf_tables_newtable+0xcff/0x19f0
[  255.794997][ T9764]  ? __pfx_nf_tables_newtable+0x10/0x10
[  255.795029][ T9764]  ? __nla_parse+0x40/0x60
[  255.795053][ T9764]  nfnetlink_rcv_batch+0x1410/0x2880
[  255.795085][ T9764]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  255.795153][ T9764]  ? __nla_parse+0x40/0x60
[  255.795177][ T9764]  nfnetlink_rcv+0x3bd/0x440
[  255.795194][ T9764]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  255.795207][ T9764]  ? __rcu_read_unlock+0x27f/0x5e0
[  255.795228][ T9764]  netlink_unicast+0x585/0x850
[  255.795245][ T9764]  ? __pfx_netlink_unicast+0x10/0x10
[  255.795264][ T9764]  netlink_sendmsg+0x8b0/0xda0
[  255.795281][ T9764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.795297][ T9764]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  255.795311][ T9764]  ____sys_sendmsg+0x9e1/0xb70
[  255.795326][ T9764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.795342][ T9764]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.795360][ T9764]  ? __lock_acquire+0x4a5/0x2630
[  255.795379][ T9764]  ___sys_sendmsg+0x190/0x1e0
[  255.795395][ T9764]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.795411][ T9764]  ? lock_acquire+0x1b1/0x370
[  255.795432][ T9764]  ? find_held_lock+0x2b/0x80
[  255.795454][ T9764]  __sys_sendmsg+0x170/0x220
[  255.795466][ T9764]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.795481][ T9764]  ? exit_to_user_mode_loop+0xf3/0x670
[  255.795499][ T9764]  ? rcu_is_watching+0x12/0xc0
[  255.795511][ T9764]  ? rcu_is_watching+0x12/0xc0
[  255.795525][ T9764]  __do_fast_syscall_32+0xe7/0x970
[  255.795542][ T9764]  ? lockdep_hardirqs_on+0x78/0x100
[  255.795558][ T9764]  do_fast_syscall_32+0x32/0x70
[  255.795575][ T9764]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.795589][ T9764] RIP: 0023:0xf706ef7c
[  255.795602][ T9764] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  255.795626][ T9764] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  255.795637][ T9764] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  255.795643][ T9764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.795649][ T9764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.795656][ T9764] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  255.795661][ T9764] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.795676][ T9764]  </TASK>
[  255.891918][ T9765] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1134'.
[  256.123196][ T9769] bond1: Removing last arp target with arp_interval on
[  256.126296][ T9769] netlink: 'syz.3.1136': attribute type 27 has an invalid length.
[  256.129677][ T9769] gre0: left promiscuous mode
[  256.131532][ T9769] gre0: left allmulticast mode
[  256.135338][ T9769] batadv0: left promiscuous mode
[  256.149768][ T9777] FAULT_INJECTION: forcing a failure.
[  256.149768][ T9777] name failslab, interval 1, probability 0, space 0, times 0
[  256.154490][ T9777] CPU: 0 UID: 0 PID: 9777 Comm: syz.1.1139 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  256.154511][ T9777] Tainted: [L]=SOFTLOCKUP
[  256.154515][ T9777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  256.154521][ T9777] Call Trace:
[  256.154525][ T9777]  <TASK>
[  256.154530][ T9777]  dump_stack_lvl+0x100/0x190
[  256.154554][ T9777]  should_fail_ex.cold+0x5/0xa
[  256.154568][ T9777]  ? tomoyo_encode2+0xfb/0x3c0
[  256.154584][ T9777]  should_failslab+0xc2/0x120
[  256.154598][ T9777]  __kmalloc_noprof+0xe0/0x850
[  256.154608][ T9777]  ? d_absolute_path+0x136/0x1b0
[  256.154621][ T9777]  tomoyo_encode2+0xfb/0x3c0
[  256.154639][ T9777]  tomoyo_encode+0x29/0x50
[  256.154653][ T9777]  tomoyo_realpath_from_path+0x18c/0x690
[  256.154673][ T9777]  tomoyo_path2_perm+0x366/0x700
[  256.154687][ T9777]  ? __pfx_tomoyo_path2_perm+0x10/0x10
[  256.154714][ T9777]  ? do_raw_spin_unlock+0x145/0x1e0
[  256.154731][ T9777]  tomoyo_path_link+0xae/0x100
[  256.154748][ T9777]  ? __pfx_tomoyo_path_link+0x10/0x10
[  256.154770][ T9777]  security_path_link+0x12f/0x2a0
[  256.154784][ T9777]  filename_linkat+0x33a/0x640
[  256.154802][ T9777]  ? __pfx_filename_linkat+0x10/0x10
[  256.154821][ T9777]  ? do_getname+0x191/0x390
[  256.154839][ T9777]  __ia32_sys_linkat+0xf5/0x150
[  256.154856][ T9777]  __do_fast_syscall_32+0xe7/0x970
[  256.154873][ T9777]  ? lockdep_hardirqs_on+0x78/0x100
[  256.154889][ T9777]  do_fast_syscall_32+0x32/0x70
[  256.154905][ T9777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.154920][ T9777] RIP: 0023:0xf7fa5f7c
[  256.154929][ T9777] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  256.154940][ T9777] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 000000000000012f
[  256.154951][ T9777] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000500
[  256.154958][ T9777] RDX: 00000000ffffff9c RSI: 0000000080000540 RDI: 0000000000000000
[  256.154964][ T9777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  256.154970][ T9777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.154976][ T9777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  256.154990][ T9777]  </TASK>
[  256.155001][ T9777] ERROR: Out of memory at tomoyo_realpath_from_path.
[  256.155326][ T9769] bridge1: left promiscuous mode
[  256.231409][   T24] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  256.234906][ T9769] bridge1: left allmulticast mode
[  256.245748][ T9769] bridge2: left promiscuous mode
[  256.247822][   T24] usb 5-1: device descriptor read/8, error -71
[  256.252201][ T9769] bridge3: left promiscuous mode
[  256.273937][ T9770] can0: slcan on ptm0.
[  256.324615][ T9769] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.330210][ T9769] 8021q: adding VLAN 0 to HW filter on device team0
[  256.338692][ T9769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.398535][ T9769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.408069][ T9769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.415228][ T9769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  256.418788][ T9769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  256.423759][ T9769] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  256.432925][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.435185][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.439574][ T1169] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.441812][ T1169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.498080][   T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  256.518281][   T24] usb 5-1: device descriptor read/8, error -71
[  256.559346][ T9793] lo speed is unknown, defaulting to 1000
[  256.637712][   T24] usb usb5-port1: unable to enumerate USB device
[  256.658996][ T9768] can0 (unregistered): slcan off ptm0.
[  257.094529][ T9812] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1145'.
[  257.255908][ T9816] serio: Serial port ptm1
[  257.531026][ T9821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1148'.
[  257.808181][ T9847] FAULT_INJECTION: forcing a failure.
[  257.808181][ T9847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.817280][ T9847] CPU: 3 UID: 0 PID: 9847 Comm: syz.2.1150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  257.817310][ T9847] Tainted: [L]=SOFTLOCKUP
[  257.817316][ T9847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  257.817326][ T9847] Call Trace:
[  257.817333][ T9847]  <TASK>
[  257.817339][ T9847]  dump_stack_lvl+0x100/0x190
[  257.817372][ T9847]  should_fail_ex.cold+0x5/0xa
[  257.817395][ T9847]  _copy_from_user+0x2e/0xd0
[  257.817421][ T9847]  get_compat_msghdr+0xb3/0x4b0
[  257.817442][ T9847]  ? __pfx_get_compat_msghdr+0x10/0x10
[  257.817464][ T9847]  ? rcu_is_watching+0x12/0xc0
[  257.817483][ T9847]  ? ___sys_recvmsg+0x177/0x1a0
[  257.817506][ T9847]  ? kfree+0x1dd/0x6c0
[  257.817540][ T9847]  ___sys_recvmsg+0x193/0x1a0
[  257.817564][ T9847]  ? __pfx____sys_recvmsg+0x10/0x10
[  257.817601][ T9847]  ? __pfx___might_resched+0x10/0x10
[  257.817625][ T9847]  do_recvmmsg+0x563/0x760
[  257.817651][ T9847]  ? __pfx_do_recvmmsg+0x10/0x10
[  257.817677][ T9847]  ? ksys_write+0x190/0x250
[  257.817696][ T9847]  ? ksys_write+0x190/0x250
[  257.817722][ T9847]  ? __fget_files+0x215/0x3d0
[  257.817743][ T9847]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  257.817774][ T9847]  __sys_recvmmsg+0x21f/0x270
[  257.817793][ T9847]  ? __pfx___sys_recvmmsg+0x10/0x10
[  257.817814][ T9847]  ? ksys_write+0x1ac/0x250
[  257.817837][ T9847]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  257.817858][ T9847]  ? __do_fast_syscall_32+0x98/0x970
[  257.817882][ T9847]  ? lockdep_hardirqs_on+0x78/0x100
[  257.817904][ T9847]  __do_fast_syscall_32+0xe7/0x970
[  257.817928][ T9847]  ? lockdep_hardirqs_on+0x78/0x100
[  257.817952][ T9847]  do_fast_syscall_32+0x32/0x70
[  257.817976][ T9847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  257.817997][ T9847] RIP: 0023:0xf7f58f7c
[  257.818010][ T9847] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  257.818025][ T9847] RSP: 002b:00000000f53f550c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  257.818042][ T9847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  257.818052][ T9847] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  257.818062][ T9847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  257.818071][ T9847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  257.818080][ T9847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  257.818103][ T9847]  </TASK>
[  259.773364][ T9857] lo speed is unknown, defaulting to 1000
[  260.318100][ T1434] ieee802154 phy0 wpan0: encryption failed: -22
[  260.578719][ T9879] syzkaller0: entered promiscuous mode
[  260.581131][ T9879] syzkaller0: entered allmulticast mode
[  260.691924][ T9874] lo speed is unknown, defaulting to 1000
[  260.823513][ T9891] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1161'.
[  262.641437][ T9891] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1161'.
[  262.730674][ T9899] ipip0: entered allmulticast mode
[  263.114993][ T9905] could not allocate digest TFM handle cbcmac-aes-ce
[  263.863773][ T9918] loop8: detected capacity change from 0 to 8
[  263.872099][ T9918] Dev loop8: unable to read RDB block 8
[  263.880019][ T9918]  loop8: unable to read partition table
[  263.882674][ T9918] loop8: partition table beyond EOD, truncated
[  263.886055][ T9918] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[  263.970828][ T9922] batman_adv: batadv0: Adding interface: dummy0
[  263.973286][ T9922] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.982601][ T9922] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  264.223433][ T9927] netlink: 'syz.2.1171': attribute type 2 has an invalid length.
[  264.233609][ T9927] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1171'.
[  264.767284][ T9935] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  264.767284][ T9935] �U�e�[���%#s'
[  265.245453][ T9945] FAULT_INJECTION: forcing a failure.
[  265.245453][ T9945] name failslab, interval 1, probability 0, space 0, times 0
[  265.249627][ T9945] CPU: 3 UID: 0 PID: 9945 Comm: syz.1.1177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  265.249646][ T9945] Tainted: [L]=SOFTLOCKUP
[  265.249650][ T9945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  265.249657][ T9945] Call Trace:
[  265.249662][ T9945]  <TASK>
[  265.249667][ T9945]  dump_stack_lvl+0x100/0x190
[  265.249690][ T9945]  should_fail_ex.cold+0x5/0xa
[  265.249705][ T9945]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  265.249723][ T9945]  should_failslab+0xc2/0x120
[  265.249737][ T9945]  __kmalloc_noprof+0xe0/0x850
[  265.249751][ T9945]  genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  265.249772][ T9945]  genl_family_rcv_msg_doit+0xc7/0x300
[  265.249790][ T9945]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  265.249806][ T9945]  ? genl_get_cmd+0x3e7/0x760
[  265.249825][ T9945]  ? bpf_lsm_capable+0x9/0x10
[  265.249837][ T9945]  ? security_capable+0x80/0x260
[  265.249853][ T9945]  genl_rcv_msg+0x560/0x800
[  265.249872][ T9945]  ? __pfx_genl_rcv_msg+0x10/0x10
[  265.249889][ T9945]  ? __pfx_netlbl_calipso_add+0x10/0x10
[  265.249908][ T9945]  ? __lock_acquire+0x4a5/0x2630
[  265.249929][ T9945]  netlink_rcv_skb+0x159/0x420
[  265.249944][ T9945]  ? __pfx_genl_rcv_msg+0x10/0x10
[  265.249961][ T9945]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  265.249981][ T9945]  ? netlink_deliver_tap+0x1ae/0xcc0
[  265.249997][ T9945]  genl_rcv+0x28/0x40
[  265.250012][ T9945]  netlink_unicast+0x585/0x850
[  265.250029][ T9945]  ? __pfx_netlink_unicast+0x10/0x10
[  265.250047][ T9945]  netlink_sendmsg+0x8b0/0xda0
[  265.250064][ T9945]  ? __pfx_netlink_sendmsg+0x10/0x10
[  265.250081][ T9945]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  265.250095][ T9945]  ____sys_sendmsg+0x9e1/0xb70
[  265.250110][ T9945]  ? __pfx_netlink_sendmsg+0x10/0x10
[  265.250126][ T9945]  ? __pfx_____sys_sendmsg+0x10/0x10
[  265.250147][ T9945]  ___sys_sendmsg+0x190/0x1e0
[  265.250163][ T9945]  ? __pfx____sys_sendmsg+0x10/0x10
[  265.250185][ T9945]  ? find_held_lock+0x2b/0x80
[  265.250207][ T9945]  __sys_sendmsg+0x170/0x220
[  265.250219][ T9945]  ? __pfx___sys_sendmsg+0x10/0x10
[  265.250229][ T9945]  ? __fget_files+0x21f/0x3d0
[  265.250246][ T9945]  ? ksys_write+0x1ac/0x250
[  265.250260][ T9945]  ? rcu_is_watching+0x12/0xc0
[  265.250275][ T9945]  __do_fast_syscall_32+0xe7/0x970
[  265.250292][ T9945]  ? lockdep_hardirqs_on+0x78/0x100
[  265.250308][ T9945]  do_fast_syscall_32+0x32/0x70
[  265.250325][ T9945]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  265.250339][ T9945] RIP: 0023:0xf7fa5f7c
[  265.250353][ T9945] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  265.250364][ T9945] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  265.250375][ T9945] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080009dc0
[  265.250382][ T9945] RDX: 000000000000c050 RSI: 0000000000000000 RDI: 0000000000000000
[  265.250388][ T9945] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  265.250395][ T9945] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  265.250401][ T9945] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  265.250415][ T9945]  </TASK>
[  265.888066][ T9954] block device autoloading is deprecated and will be removed.
[  265.950160][ T1349] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  267.433564][   T40] audit: type=1326 audit(1779944392.315:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.440453][   T40] audit: type=1326 audit(1779944392.335:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.453896][   T40] audit: type=1326 audit(1779944392.335:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.463960][   T40] audit: type=1326 audit(1779944392.335:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.659825][   T40] audit: type=1326 audit(1779944392.335:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.669169][   T40] audit: type=1326 audit(1779944392.335:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.679075][   T40] audit: type=1326 audit(1779944392.335:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.728146][   T40] audit: type=1326 audit(1779944392.335:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.766105][   T40] audit: type=1326 audit(1779944392.335:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  267.796353][   T40] audit: type=1326 audit(1779944392.335:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1187" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  268.434181][ T1349] usb 6-1: unable to get BOS descriptor or descriptor too short
[  268.457304][ T1349] usb 6-1: no configurations
[  268.464164][ T1349] usb 6-1: can't read configurations, error -22
[  268.575488][ T9998] FAULT_INJECTION: forcing a failure.
[  268.575488][ T9998] name failslab, interval 1, probability 0, space 0, times 0
[  268.579981][ T9998] CPU: 2 UID: 0 PID: 9998 Comm: syz.2.1192 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  268.580000][ T9998] Tainted: [L]=SOFTLOCKUP
[  268.580003][ T9998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  268.580010][ T9998] Call Trace:
[  268.580016][ T9998]  <TASK>
[  268.580021][ T9998]  dump_stack_lvl+0x100/0x190
[  268.580045][ T9998]  should_fail_ex.cold+0x5/0xa
[  268.580060][ T9998]  ? tomoyo_realpath_from_path+0xb6/0x690
[  268.580076][ T9998]  should_failslab+0xc2/0x120
[  268.580089][ T9998]  __kmalloc_noprof+0xe0/0x850
[  268.580099][ T9998]  ? kfree+0x1dd/0x6c0
[  268.580116][ T9998]  tomoyo_realpath_from_path+0xb6/0x690
[  268.580136][ T9998]  tomoyo_path_number_perm+0x23c/0x580
[  268.580149][ T9998]  ? tomoyo_path_number_perm+0x22e/0x580
[  268.580163][ T9998]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  268.580178][ T9998]  ? rcu_is_watching+0x12/0xc0
[  268.580202][ T9998]  ? find_held_lock+0x2b/0x80
[  268.580216][ T9998]  ? __fget_files+0x215/0x3d0
[  268.580229][ T9998]  ? hook_file_ioctl_common+0x149/0x410
[  268.580247][ T9998]  ? __fget_files+0x215/0x3d0
[  268.580262][ T9998]  ? __fget_files+0x21f/0x3d0
[  268.580277][ T9998]  security_file_ioctl_compat+0xd3/0x230
[  268.580297][ T9998]  __ia32_compat_sys_ioctl+0xc2/0x360
[  268.580318][ T9998]  __do_fast_syscall_32+0xe7/0x970
[  268.580363][ T9998]  ? lockdep_hardirqs_on+0x78/0x100
[  268.580385][ T9998]  do_fast_syscall_32+0x32/0x70
[  268.580408][ T9998]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  268.580427][ T9998] RIP: 0023:0xf7f58f7c
[  268.580439][ T9998] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  268.580452][ T9998] RSP: 002b:00000000f53f550c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  268.580467][ T9998] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 000000000000ae80
[  268.580477][ T9998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  268.580487][ T9998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  268.580496][ T9998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  268.580505][ T9998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  268.580526][ T9998]  </TASK>
[  268.580534][ T9998] ERROR: Out of memory at tomoyo_realpath_from_path.
[  268.653789][T10000] netlink: 'syz.1.1191': attribute type 1 has an invalid length.
[  268.660019][T10000] netlink: 16150 bytes leftover after parsing attributes in process `syz.1.1191'.
[  268.670161][T10000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1191'.
[  268.674923][T10000] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1191'.
[  269.220703][T10006] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  269.873502][T10030] lo speed is unknown, defaulting to 1000
[  270.534869][T10038] lo speed is unknown, defaulting to 1000
[  271.500896][ T1919] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  271.778144][ T1919] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  271.961453][ T1919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.968533][ T1919] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.973882][ T1919] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  271.985633][ T1919] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  271.991944][ T1919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.004415][ T1919] usb 5-1: config 0 descriptor??
[  272.419392][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.422596][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.425754][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.429057][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.441378][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.447072][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.451890][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.456868][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.459633][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.464007][ T1919] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  272.478037][ T1919] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  272.620328][T10055] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1207'.
[  272.629047][T10055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.632737][T10055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.637205][ T7480] usb 5-1: USB disconnect, device number 20
[  272.685496][T10072] fido_id[10072]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb5/report_descriptor': No such file or directory
[  272.879187][T10084] lo speed is unknown, defaulting to 1000
[  273.853885][T10102] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  273.853885][T10102] �U�e�[���%#s'
[  274.381406][T10091] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  274.388148][T10091] block device autoloading is deprecated and will be removed.
[  274.823330][ T1349] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  275.011385][ T1349] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[  275.023438][ T1349] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.042155][ T1349] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.067194][ T1349] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  275.082979][ T1349] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  275.092622][ T1349] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.201566][ T1349] usb 6-1: config 0 descriptor??
[  275.603975][T10120] netlink: 'syz.3.1224': attribute type 10 has an invalid length.
[  275.609750][T10120] hsr0: entered allmulticast mode
[  275.611406][T10120] hsr_slave_0: entered allmulticast mode
[  275.613216][T10120] hsr_slave_1: entered allmulticast mode
[  275.699852][T10124] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  275.699852][T10124] �U�e�[���%#s'
[  275.708365][T10120] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1224'.
[  275.714820][T10120] hsr_slave_0: left promiscuous mode
[  275.718626][T10120] hsr_slave_1: left promiscuous mode
[  275.726042][T10120] hsr0 (unregistering): left allmulticast mode
[  275.791687][ T1349] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  275.908926][   T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  275.976433][T10104] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1221'.
[  275.983145][T10104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.988314][T10104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.060812][   T24] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  276.067097][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.074493][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.078168][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  276.082962][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  276.085895][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.093472][   T24] usb 5-1: config 0 descriptor??
[  276.188869][T10129] syzkaller1: entered promiscuous mode
[  276.192279][T10129] syzkaller1: entered allmulticast mode
[  276.515479][   T24] plantronics 0003:047F:FFFF.0008: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  276.604661][   T24] usb 6-1: USB disconnect, device number 20
[  276.718438][ T7480] usb 5-1: USB disconnect, device number 21
[  277.333960][T10142] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  277.339133][T10142] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  277.448080][T10145] overlayfs: failed lookup in lower (newroot/309, name='file0', err=-40): overlapping layers
[  278.158848][T10155] syzkaller1: left promiscuous mode
[  278.160708][T10155] syzkaller1: left allmulticast mode
[  279.202886][   T40] kauditd_printk_skb: 31 callbacks suppressed
[  279.202899][   T40] audit: type=1326 audit(1779944404.085:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10161 comm="syz.0.1239" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702ef7c code=0x0
[  279.313483][T10167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1240'.
[  280.284418][T10181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1244'.
[  280.305465][T10181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1244'.
[  280.326477][T10189] lo speed is unknown, defaulting to 1000
[  280.347085][T10170] comedi comedi0: reset error (fatal)
[  280.859240][T10200] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  280.862214][T10200] syzkaller0: entered promiscuous mode
[  280.863994][T10200] syzkaller0: entered allmulticast mode
[  280.869956][T10200] tipc: Resetting bearer <eth:syzkaller0>
[  280.946239][T10202] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1248'.
[  281.523038][T10204] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1249'.
[  281.825130][T10199] tipc: Resetting bearer <eth:syzkaller0>
[  281.849559][T10199] tipc: Disabling bearer <eth:syzkaller0>
[  283.031135][T10226] comedi comedi0: rti800: I/O base address not correctly aligned
[  283.072478][T10226] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  283.434442][T10219] nbd0: detected capacity change from 0 to 63
[  283.489775][ T5757] block nbd0: Receive control failed (result -104)
[  284.622480][T10252] FAULT_INJECTION: forcing a failure.
[  284.622480][T10252] name failslab, interval 1, probability 0, space 0, times 0
[  284.658504][T10252] CPU: 2 UID: 0 PID: 10252 Comm: syz.0.1262 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  284.658536][T10252] Tainted: [L]=SOFTLOCKUP
[  284.658541][T10252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  284.658551][T10252] Call Trace:
[  284.658556][T10252]  <TASK>
[  284.658562][T10252]  dump_stack_lvl+0x100/0x190
[  284.658594][T10252]  should_fail_ex.cold+0x5/0xa
[  284.658616][T10252]  ? do_handle_open+0x57d/0xce0
[  284.658639][T10252]  should_failslab+0xc2/0x120
[  284.658659][T10252]  __kmalloc_noprof+0xe0/0x850
[  284.658680][T10252]  do_handle_open+0x57d/0xce0
[  284.658705][T10252]  ? irqentry_exit+0x24d/0x970
[  284.658728][T10252]  ? __pfx_do_handle_open+0x10/0x10
[  284.658751][T10252]  ? irqentry_exit+0x24d/0x970
[  284.658787][T10252]  ? __do_fast_syscall_32+0xe7/0x970
[  284.658811][T10252]  __do_fast_syscall_32+0xe7/0x970
[  284.658835][T10252]  ? lockdep_hardirqs_on+0x78/0x100
[  284.658859][T10252]  do_fast_syscall_32+0x32/0x70
[  284.658884][T10252]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  284.658904][T10252] RIP: 0023:0xf702ef7c
[  284.658918][T10252] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  284.658934][T10252] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000156
[  284.658951][T10252] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  284.658962][T10252] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  284.658972][T10252] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  284.658980][T10252] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  284.658990][T10252] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  284.659013][T10252]  </TASK>
[  285.354220][T10265] lo speed is unknown, defaulting to 1000
[  285.835303][T10274] lo speed is unknown, defaulting to 1000
[  287.103822][T10299] IPVS: set_ctl: invalid protocol: 8 100.1.1.0:20004
[  288.406658][T10311] lo speed is unknown, defaulting to 1000
[  288.604108][T10316] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1278'.
[  288.703656][T10317] netlink: 'syz.1.1278': attribute type 3 has an invalid length.
[  288.707518][T10317] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1278'.
[  289.973343][ T6178] udevd[6178]: inotify_add_watch(7, /dev/pmem0p13, 10) failed: No such file or directory
[  290.025302][T10328] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1281'.
[  290.036485][T10328] netem: change failed
[  291.154001][T10345] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  291.154001][T10345] �U�e�[���%#s'
[  291.693498][T10349] netlink: 'syz.3.1288': attribute type 7 has an invalid length.
[  292.145879][T10352] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  292.510022][T10377] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  292.510022][T10377] �U�e�[���%#s'
[  292.519341][   T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  292.688296][   T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  292.691667][   T24] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  292.694682][   T24] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.700790][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  292.703686][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  292.706199][   T24] usb 7-1: Product: syz
[  292.707783][   T24] usb 7-1: Manufacturer: syz
[  292.709246][   T24] usb 7-1: SerialNumber: syz
[  292.934649][   T24] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  292.946821][   T24] usb 7-1: USB disconnect, device number 9
[  292.956926][   T24] usblp0: removed
[  293.821049][T10410] lo speed is unknown, defaulting to 1000
[  294.414905][T10407] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1297'.
[  295.894874][T10427] openvswitch: netlink: Geneve opt len 17 is not a multiple of 4.
[  296.524943][T10444] lo speed is unknown, defaulting to 1000
[  296.749417][T10452] FAULT_INJECTION: forcing a failure.
[  296.749417][T10452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.755104][T10452] CPU: 2 UID: 0 PID: 10452 Comm: syz.0.1309 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  296.755131][T10452] Tainted: [L]=SOFTLOCKUP
[  296.755136][T10452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  296.755146][T10452] Call Trace:
[  296.755152][T10452]  <TASK>
[  296.755159][T10452]  dump_stack_lvl+0x100/0x190
[  296.755193][T10452]  should_fail_ex.cold+0x5/0xa
[  296.755218][T10452]  _copy_from_user+0x2e/0xd0
[  296.755242][T10452]  compat_do_replace+0x417/0x500
[  296.755270][T10452]  ? __pfx_compat_do_replace+0x10/0x10
[  296.755293][T10452]  ? __local_bh_enable_ip+0x9e/0x120
[  296.755315][T10452]  ? lockdep_hardirqs_on+0x78/0x100
[  296.755339][T10452]  ? sockopt_release_sock+0x57/0x70
[  296.755368][T10452]  ? bpf_lsm_capable+0x9/0x10
[  296.755389][T10452]  ? security_capable+0x80/0x260
[  296.755410][T10452]  do_ip6t_set_ctl+0x562/0xb00
[  296.755437][T10452]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  296.755466][T10452]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  296.755496][T10452]  ? __pfx___might_resched+0x10/0x10
[  296.755523][T10452]  ? nf_sockopt_find.isra.0+0x222/0x290
[  296.755552][T10452]  nf_setsockopt+0x8d/0xf0
[  296.755581][T10452]  ipv6_setsockopt+0x135/0x170
[  296.755610][T10452]  tcp_setsockopt+0xa7/0x100
[  296.755632][T10452]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  296.755658][T10452]  do_sock_setsockopt+0xf3/0x1d0
[  296.755683][T10452]  __sys_setsockopt+0x119/0x190
[  296.755707][T10452]  __ia32_sys_setsockopt+0xbc/0x160
[  296.755725][T10452]  ? __do_fast_syscall_32+0x98/0x970
[  296.755753][T10452]  ? lockdep_hardirqs_on+0x78/0x100
[  296.755776][T10452]  __do_fast_syscall_32+0xe7/0x970
[  296.755799][T10452]  ? lockdep_hardirqs_on+0x78/0x100
[  296.755825][T10452]  do_fast_syscall_32+0x32/0x70
[  296.755852][T10452]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.755876][T10452] RIP: 0023:0xf702ef7c
[  296.755891][T10452] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  296.755909][T10452] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  296.755950][T10452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  296.755962][T10452] RDX: 0000000000000040 RSI: 0000000080000000 RDI: 0000000000000368
[  296.755973][T10452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.755984][T10452] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  296.755995][T10452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.756018][T10452]  </TASK>
[  297.224982][T10447] lo speed is unknown, defaulting to 1000
[  298.096521][T10465] netlink: 'syz.2.1313': attribute type 58 has an invalid length.
[  298.098988][T10465] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1313'.
[  298.122949][T10467] bridge0: port 1(vlan2) entered blocking state
[  298.125731][T10467] bridge0: port 1(vlan2) entered disabled state
[  298.129042][T10467] vlan2: entered allmulticast mode
[  298.131888][T10467] vlan2: entered promiscuous mode
[  298.140223][T10467] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  299.521037][T10477] lo speed is unknown, defaulting to 1000
[  300.067052][T10508] lo speed is unknown, defaulting to 1000
[  300.379176][T10519] xt_CT: No such helper "snmp"
[  300.384135][T10518] xt_CT: No such helper "snmp"
[  301.427994][T10560] comedi comedi1: aio_iiro_16: I/O port conflict (0x100,8)
[  302.228976][T10566] ubi16: attaching mtd0
[  302.234692][T10566] ubi16: scanning is finished
[  302.236360][T10566] ubi16: empty MTD device detected
[  302.372393][T10567] netlink: 'syz.3.1340': attribute type 21 has an invalid length.
[  302.375192][T10567] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1340'.
[  302.378662][   T40] audit: type=1326 audit(1779944427.255:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.386069][T10567] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1340'.
[  302.389540][   T40] audit: type=1326 audit(1779944427.255:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.401267][   T40] audit: type=1326 audit(1779944427.275:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.413736][   T40] audit: type=1326 audit(1779944427.275:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.431543][   T40] audit: type=1326 audit(1779944427.275:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.440561][   T40] audit: type=1326 audit(1779944427.275:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.457118][   T40] audit: type=1326 audit(1779944427.275:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.463890][   T40] audit: type=1326 audit(1779944427.275:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.473083][   T40] audit: type=1326 audit(1779944427.285:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10568 comm="syz.1.1341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5f7c code=0x7ffc0000
[  302.540293][ T7479] hid_parser_main: 35 callbacks suppressed
[  302.540308][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.545583][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.549993][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.552525][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.554984][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.557759][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.560582][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.563109][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.565637][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.568514][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: unknown main item tag 0x0
[  302.569974][T10566] ubi16: attached mtd0 (name "mtdram test device", size 0 MiB)
[  302.573682][T10566] ubi16: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  302.576055][T10566] ubi16: min./max. I/O unit sizes: 1/64, sub-page size 1
[  302.579050][T10566] ubi16: VID header offset: 64 (aligned 64), data offset: 128
[  302.581356][T10566] ubi16: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  302.584098][T10566] ubi16: user volume: 0, internal volumes: 1, max. volumes count: 23
[  302.587257][T10566] ubi16: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1749258817
[  302.590686][T10566] ubi16: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  302.598327][T10574] ubi16: background thread "ubi_bgt16d" started, PID 10574
[  302.608456][ T7479] hid-generic 0004:FFFFFFFF:0000.0009: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  302.913685][ T5913] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  303.105361][ T5913] usb 7-1: config 0 has no interfaces?
[  303.108201][ T5913] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  303.117242][ T5913] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.134126][ T5913] usb 7-1: config 0 descriptor??
[  303.289581][T10594] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  303.289581][T10594] �U�e�[���%#s'
[  304.868872][T10604] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1351'.
[  305.542357][ T7479] usb 7-1: USB disconnect, device number 10
[  305.613645][T10616] syzkaller0: entered promiscuous mode
[  305.615786][T10616] syzkaller0: entered allmulticast mode
[  305.757221][ T1919] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  305.917173][ T1919] usb 5-1: config 0 has an invalid interface number: 50 but max is 0
[  305.922359][ T1919] usb 5-1: config 0 has no interface number 0
[  305.932214][ T1919] usb 5-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  305.969707][T10629] FAULT_INJECTION: forcing a failure.
[  305.969707][T10629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.974744][T10629] CPU: 3 UID: 0 PID: 10629 Comm: syz.3.1359 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  305.974788][T10629] Tainted: [L]=SOFTLOCKUP
[  305.974794][T10629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  305.974804][T10629] Call Trace:
[  305.974810][T10629]  <TASK>
[  305.974818][T10629]  dump_stack_lvl+0x100/0x190
[  305.974849][T10629]  should_fail_ex.cold+0x5/0xa
[  305.974872][T10629]  _copy_from_user+0x2e/0xd0
[  305.974897][T10629]  get_compat_msghdr+0xb3/0x4b0
[  305.974919][T10629]  ? __pfx_get_compat_msghdr+0x10/0x10
[  305.974940][T10629]  ? rcu_is_watching+0x12/0xc0
[  305.974960][T10629]  ? ___sys_sendmsg+0x19d/0x1e0
[  305.974982][T10629]  ? kfree+0x1dd/0x6c0
[  305.975005][T10629]  ? __pfx__kstrtoull+0x10/0x10
[  305.975025][T10629]  ___sys_sendmsg+0x1b6/0x1e0
[  305.975051][T10629]  ? __pfx____sys_sendmsg+0x10/0x10
[  305.975075][T10629]  ? __lock_acquire+0x4a5/0x2630
[  305.975121][T10629]  ? __pfx___might_resched+0x10/0x10
[  305.975146][T10629]  __sys_sendmmsg+0x2ff/0x430
[  305.975168][T10629]  ? __pfx___sys_sendmmsg+0x10/0x10
[  305.975195][T10629]  ? __fget_files+0x215/0x3d0
[  305.975226][T10629]  ? fput+0x79/0x100
[  305.975248][T10629]  ? ksys_write+0x1ac/0x250
[  305.975271][T10629]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  305.975296][T10629]  ? lockdep_hardirqs_on+0x78/0x100
[  305.975320][T10629]  __do_fast_syscall_32+0xe7/0x970
[  305.975345][T10629]  ? lockdep_hardirqs_on+0x78/0x100
[  305.975371][T10629]  do_fast_syscall_32+0x32/0x70
[  305.975396][T10629]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.975418][T10629] RIP: 0023:0xf706ef7c
[  305.975431][T10629] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  305.975447][T10629] RSP: 002b:00000000f543c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  305.975464][T10629] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000080003b80
[  305.975475][T10629] RDX: 0000000004000070 RSI: 0000000000008000 RDI: 0000000000000000
[  305.975485][T10629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.975493][T10629] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  305.975503][T10629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.975526][T10629]  </TASK>
[  305.976961][ T1919] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  306.141922][ T1919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.145199][ T1919] usb 5-1: Product: syz
[  306.146750][ T1919] usb 5-1: Manufacturer: syz
[  306.150671][ T1919] usb 5-1: SerialNumber: syz
[  306.181683][ T1919] usb 5-1: config 0 descriptor??
[  306.258168][ T1919] yurex 5-1:0.50: USB YUREX device now attached to Yurex #0
[  306.947850][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  306.989313][T10638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  307.016459][T10638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  307.643237][T10648] hugetlbfs: syz.1.1366 (10648): Using mlock ulimits for SHM_HUGETLB is obsolete
[  307.909058][T10662] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  307.909058][T10662] �U�e�[���%#s'
[  308.109628][T10666] lo speed is unknown, defaulting to 1000
[  309.124911][T10682] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1375'.
[  309.127730][T10682] netlink: 'syz.1.1375': attribute type 7 has an invalid length.
[  309.130141][T10682] netlink: 'syz.1.1375': attribute type 8 has an invalid length.
[  309.132517][T10682] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1375'.
[  309.143656][T10682] hsr1: Slave A (team0) is not up; please bring it up to get a fully working HSR network
[  309.146690][T10682] hsr1: Slave B (bond0) is not up; please bring it up to get a fully working HSR network
[  309.153459][T10682] 8021q: adding VLAN 0 to HW filter on device hsr1
[  309.995934][ T7477] usb 5-1: USB disconnect, device number 22
[  310.006277][ T7477] yurex 5-1:0.50: USB YUREX #0 now disconnected
[  310.082163][   T40] audit: type=1326 audit(1779944434.965:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10687 comm="syz.1.1377" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa5f7c code=0x0
[  310.554670][T10696] syzkaller0: entered promiscuous mode
[  310.559187][T10696] syzkaller0: entered allmulticast mode
[  310.568017][T10696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1380'.
[  310.572433][T10696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1380'.
[  310.827156][ T5909] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  310.990356][ T5909] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  310.995031][ T5909] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.000971][ T5909] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.005015][ T5909] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  311.013085][ T5909] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  311.016812][ T5909] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  311.020624][ T5909] usb 7-1: Manufacturer: syz
[  311.024936][ T5909] usb 7-1: config 0 descriptor??
[  311.228326][T10715] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  311.228326][T10715] �U�e�[���%#s'
[  312.162042][ T5909] hid_parser_main: 22 callbacks suppressed
[  312.162056][ T5909] appleir 0003:05AC:8243.000A: unknown main item tag 0x0
[  312.335018][ T5909] appleir 0003:05AC:8243.000A: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  312.362132][ T5909] usb 7-1: USB disconnect, device number 11
[  312.373670][T10716] QAT: failed to copy from user cfg_data.
[  312.424309][T10723] fido_id[10723]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb7/report_descriptor': No such file or directory
[  314.114908][ T5922] block nbd0: Possible stuck request ffff888058350000: control (read@0,1024B). Runtime 30 seconds
[  314.121104][ T5922] block nbd0: Possible stuck request ffff8880583501c0: control (read@1024,1024B). Runtime 30 seconds
[  314.125365][ T5922] block nbd0: Possible stuck request ffff888058350380: control (read@2048,1024B). Runtime 30 seconds
[  314.155332][ T5922] block nbd0: Possible stuck request ffff888058350540: control (read@3072,1024B). Runtime 30 seconds
[  314.449324][T10734] lo speed is unknown, defaulting to 1000
[  316.524775][T10776] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1403'.
[  317.405669][ T5757] block nbd3: Receive control failed (result -107)
[  317.410971][ T5757] 
[  317.411985][ T5757] ======================================================
[  317.414561][ T5757] WARNING: possible circular locking dependency detected
[  317.416759][ T5757] syzkaller #0 Tainted: G             L     
[  317.418952][ T5757] ------------------------------------------------------
[  317.421228][ T5757] kworker/u33:7/5757 is trying to acquire lock:
[  317.423200][ T5757] ffff88801307a960 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x67/0x410
[  317.426084][ T5757] 
[  317.426084][ T5757] but task is already holding lock:
[  317.428313][ T5757] ffff88805d569468 (&nsock->tx_lock){+.+.}-{4:4}, at: recv_work+0x5e7/0x8c0
[  317.430989][ T5757] 
[  317.430989][ T5757] which lock already depends on the new lock.
[  317.430989][ T5757] 
[  317.434141][ T5757] 
[  317.434141][ T5757] the existing dependency chain (in reverse order) is:
[  317.436888][ T5757] 
[  317.436888][ T5757] -> #6 (&nsock->tx_lock){+.+.}-{4:4}:
[  317.439228][ T5757]        __mutex_lock+0x1a4/0x1b10
[  317.440828][ T5757]        nbd_queue_rq+0x428/0x1080
[  317.442390][ T5757]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  317.444252][ T5757]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  317.446354][ T5757]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  317.448348][ T5757]        blk_mq_run_hw_queue+0x23c/0x670
[  317.450099][ T5757]        blk_mq_dispatch_list+0x51d/0x1360
[  317.451886][ T5757]        blk_mq_flush_plug_list+0x130/0x600
[  317.453664][ T5757]        __blk_flush_plug+0x2c4/0x4b0
[  317.455309][ T5757]        __submit_bio+0x584/0x6c0
[  317.456887][ T5757]        submit_bio_noacct_nocheck+0x543/0xbf0
[  317.458752][ T5757]        submit_bio_noacct+0xd18/0x2000
[  317.460398][ T5757]        submit_bh_wbc+0x681/0x890
[  317.461959][ T5757]        block_read_full_folio+0x264/0x8e0
[  317.463730][ T5757]        filemap_read_folio+0xfc/0x3b0
[  317.465447][ T5757]        do_read_cache_folio+0x2d7/0x6b0
[  317.467232][ T5757]        read_part_sector+0xd1/0x370
[  317.468891][ T5757]        adfspart_check_ICS+0x91/0x7d0
[  317.470573][ T5757]        bdev_disk_changed+0x7a3/0x1250
[  317.472299][ T5757]        blkdev_get_whole+0x187/0x290
[  317.473950][ T5757]        bdev_open+0x2c7/0xe40
[  317.475469][ T5757]        blkdev_open+0x34e/0x4f0
[  317.476994][ T5757]        do_dentry_open+0x6ab/0x14d0
[  317.478598][ T5757]        vfs_open+0x82/0x3f0
[  317.480067][ T5757]        path_openat+0x208c/0x31a0
[  317.481630][ T5757]        do_file_open+0x20e/0x430
[  317.483161][ T5757]        do_sys_openat2+0x10d/0x1e0
[  317.484835][ T5757]        __x64_sys_openat+0x12d/0x210
[  317.486471][ T5757]        do_syscall_64+0x115/0x840
[  317.488048][ T5757]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.490022][ T5757] 
[  317.490022][ T5757] -> #5 (&cmd->lock){+.+.}-{4:4}:
[  317.492125][ T5757]        __mutex_lock+0x1a4/0x1b10
[  317.493704][ T5757]        nbd_queue_rq+0xba/0x1080
[  317.495263][ T5757]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  317.497117][ T5757]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  317.499149][ T5757]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  317.501152][ T5757]        blk_mq_run_hw_queue+0x23c/0x670
[  317.502848][ T5757]        blk_mq_dispatch_list+0x51d/0x1360
[  317.504670][ T5757]        blk_mq_flush_plug_list+0x130/0x600
[  317.506461][ T5757]        __blk_flush_plug+0x2c4/0x4b0
[  317.508103][ T5757]        __submit_bio+0x584/0x6c0
[  317.509660][ T5757]        submit_bio_noacct_nocheck+0x543/0xbf0
[  317.511553][ T5757]        submit_bio_noacct+0xd18/0x2000
[  317.513263][ T5757]        submit_bh_wbc+0x681/0x890
[  317.514958][ T5757]        block_read_full_folio+0x264/0x8e0
[  317.516757][ T5757]        filemap_read_folio+0xfc/0x3b0
[  317.518413][ T5757]        do_read_cache_folio+0x2d7/0x6b0
[  317.520160][ T5757]        read_part_sector+0xd1/0x370
[  317.521778][ T5757]        adfspart_check_ICS+0x91/0x7d0
[  317.523446][ T5757]        bdev_disk_changed+0x7a3/0x1250
[  317.525198][ T5757]        blkdev_get_whole+0x187/0x290
[  317.526832][ T5757]        bdev_open+0x2c7/0xe40
[  317.528322][ T5757]        blkdev_open+0x34e/0x4f0
[  317.529885][ T5757]        do_dentry_open+0x6ab/0x14d0
[  317.531492][ T5757]        vfs_open+0x82/0x3f0
[  317.532933][ T5757]        path_openat+0x208c/0x31a0
[  317.534586][ T5757]        do_file_open+0x20e/0x430
[  317.536166][ T5757]        do_sys_openat2+0x10d/0x1e0
[  317.537829][ T5757]        __x64_sys_openat+0x12d/0x210
[  317.539535][ T5757]        do_syscall_64+0x115/0x840
[  317.541005][ T5757]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.542854][ T5757] 
[  317.542854][ T5757] -> #4 (set->srcu){.+.+}-{0:0}:
[  317.545083][ T5757]        __synchronize_srcu+0xa2/0x300
[  317.546760][ T5757]        blk_mq_quiesce_queue+0x149/0x1c0
[  317.548544][ T5757]        elevator_switch+0x17b/0x7e0
[  317.550206][ T5757]        elevator_change+0x352/0x530
[  317.551856][ T5757]        elevator_set_default+0x29e/0x360
[  317.553624][ T5757]        blk_register_queue+0x48e/0x630
[  317.555369][ T5757]        __add_disk+0x73f/0xe40
[  317.556871][ T5757]        add_disk_fwnode+0x118/0x5c0
[  317.558483][ T5757]        nbd_dev_add+0x77a/0xb10
[  317.560042][ T5757]        nbd_init+0x291/0x2b0
[  317.561489][ T5757]        do_one_initcall+0x121/0x750
[  317.563027][ T5757]        kernel_init_freeable+0x6ea/0x7b0
[  317.564934][ T5757]        kernel_init+0x1f/0x1e0
[  317.566437][ T5757]        ret_from_fork+0x72b/0xd50
[  317.568023][ T5757]        ret_from_fork_asm+0x1a/0x30
[  317.569655][ T5757] 
[  317.569655][ T5757] -> #3 (&q->elevator_lock){+.+.}-{4:4}:
[  317.572065][ T5757]        __mutex_lock+0x1a4/0x1b10
[  317.573643][ T5757]        elevator_change+0x1bc/0x530
[  317.575306][ T5757]        elevator_set_none+0x92/0xf0
[  317.576933][ T5757]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  317.578851][ T5757]        nbd_start_device+0x1a6/0xbd0
[  317.580524][ T5757]        nbd_genl_connect+0xff2/0x1a40
[  317.582174][ T5757]        genl_family_rcv_msg_doit+0x214/0x300
[  317.584027][ T5757]        genl_rcv_msg+0x560/0x800
[  317.585619][ T5757]        netlink_rcv_skb+0x159/0x420
[  317.587252][ T5757]        genl_rcv+0x28/0x40
[  317.588684][ T5757]        netlink_unicast+0x585/0x850
[  317.590349][ T5757]        netlink_sendmsg+0x8b0/0xda0
[  317.591969][ T5757]        ____sys_sendmsg+0x9e1/0xb70
[  317.593585][ T5757]        ___sys_sendmsg+0x190/0x1e0
[  317.595202][ T5757]        __sys_sendmsg+0x170/0x220
[  317.596760][ T5757]        __do_fast_syscall_32+0xe7/0x970
[  317.598462][ T5757]        do_fast_syscall_32+0x32/0x70
[  317.600141][ T5757]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.602498][ T5757] 
[  317.602498][ T5757] -> #2 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  317.605200][ T5757]        blk_alloc_queue+0x610/0x790
[  317.606804][ T5757]        blk_mq_alloc_queue+0x174/0x290
[  317.608422][ T5757]        __blk_mq_alloc_disk+0x29/0x120
[  317.610120][ T5757]        nbd_dev_add+0x492/0xb10
[  317.611590][ T5757]        nbd_init+0x291/0x2b0
[  317.613002][ T5757]        do_one_initcall+0x121/0x750
[  317.614634][ T5757]        kernel_init_freeable+0x6ea/0x7b0
[  317.616373][ T5757]        kernel_init+0x1f/0x1e0
[  317.617844][ T5757]        ret_from_fork+0x72b/0xd50
[  317.619412][ T5757]        ret_from_fork_asm+0x1a/0x30
[  317.621058][ T5757] 
[  317.621058][ T5757] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  317.623229][ T5757]        fs_reclaim_acquire+0xc4/0x100
[  317.625032][ T5757]        kmem_cache_alloc_node_noprof+0x53/0x6f0
[  317.626938][ T5757]        __alloc_skb+0x140/0x710
[  317.628466][ T5757]        tcp_stream_alloc_skb+0x34/0x660
[  317.630216][ T5757]        tcp_sendmsg_locked+0x13cd/0x4500
[  317.631947][ T5757]        tcp_sendmsg+0x2e/0x50
[  317.633412][ T5757]        inet_sendmsg+0xb9/0x140
[  317.634955][ T5757]        sock_write_iter+0x4ea/0x5a0
[  317.636593][ T5757]        vfs_write+0x6ac/0x1070
[  317.638092][ T5757]        ksys_write+0x1f8/0x250
[  317.639600][ T5757]        do_syscall_64+0x115/0x840
[  317.641208][ T5757]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.643148][ T5757] 
[  317.643148][ T5757] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}:
[  317.645665][ T5757]        __lock_acquire+0x14b8/0x2630
[  317.647340][ T5757]        lock_acquire+0x1b1/0x370
[  317.648945][ T5757]        lock_sock_nested+0x41/0xf0
[  317.650571][ T5757]        inet_shutdown+0x67/0x410
[  317.652148][ T5757]        nbd_mark_nsock_dead+0xae/0x5c0
[  317.653879][ T5757]        recv_work+0x5fb/0x8c0
[  317.655407][ T5757]        process_one_work+0xa0e/0x1980
[  317.657099][ T5757]        worker_thread+0x5ef/0xe50
[  317.658679][ T5757]        kthread+0x370/0x450
[  317.660151][ T5757]        ret_from_fork+0x72b/0xd50
[  317.661751][ T5757]        ret_from_fork_asm+0x1a/0x30
[  317.663409][ T5757] 
[  317.663409][ T5757] other info that might help us debug this:
[  317.663409][ T5757] 
[  317.666653][ T5757] Chain exists of:
[  317.666653][ T5757]   sk_lock-AF_INET --> &cmd->lock --> &nsock->tx_lock
[  317.666653][ T5757] 
[  317.671596][ T5757]  Possible unsafe locking scenario:
[  317.671596][ T5757] 
[  317.674630][ T5757]        CPU0                    CPU1
[  317.676942][ T5757]        ----                    ----
[  317.679146][ T5757]   lock(&nsock->tx_lock);
[  317.681043][ T5757]                                lock(&cmd->lock);
[  317.683712][ T5757]                                lock(&nsock->tx_lock);
[  317.686557][ T5757]   lock(sk_lock-AF_INET);
[  317.688429][ T5757] 
[  317.688429][ T5757]  *** DEADLOCK ***
[  317.688429][ T5757] 
[  317.691763][ T5757] 3 locks held by kworker/u33:7/5757:
[  317.693986][ T5757]  #0: ffff888027f59940 ((wq_completion)nbd3-recv){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980
[  317.698353][ T5757]  #1: ffffc9000440fd08 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980
[  317.702898][ T5757]  #2: ffff88805d569468 (&nsock->tx_lock){+.+.}-{4:4}, at: recv_work+0x5e7/0x8c0
[  317.706644][ T5757] 
[  317.706644][ T5757] stack backtrace:
[  317.709108][ T5757] CPU: 1 UID: 0 PID: 5757 Comm: kworker/u33:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  317.709134][ T5757] Tainted: [L]=SOFTLOCKUP
[  317.709139][ T5757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  317.709151][ T5757] Workqueue: nbd3-recv recv_work
[  317.709168][ T5757] Call Trace:
[  317.709176][ T5757]  <TASK>
[  317.709183][ T5757]  dump_stack_lvl+0x100/0x190
[  317.709217][ T5757]  print_circular_bug.cold+0x178/0x1c7
[  317.709245][ T5757]  check_noncircular+0x146/0x160
[  317.709274][ T5757]  __lock_acquire+0x14b8/0x2630
[  317.709300][ T5757]  ? irqentry_exit+0x24d/0x970
[  317.709325][ T5757]  lock_acquire+0x1b1/0x370
[  317.709349][ T5757]  ? inet_shutdown+0x67/0x410
[  317.709376][ T5757]  lock_sock_nested+0x41/0xf0
[  317.709399][ T5757]  ? inet_shutdown+0x67/0x410
[  317.709421][ T5757]  inet_shutdown+0x67/0x410
[  317.709444][ T5757]  nbd_mark_nsock_dead+0xae/0x5c0
[  317.709469][ T5757]  recv_work+0x5fb/0x8c0
[  317.709483][ T5757]  ? irqentry_exit+0x24d/0x970
[  317.709506][ T5757]  ? __pfx_recv_work+0x10/0x10
[  317.709526][ T5757]  ? rcu_is_watching+0x12/0xc0
[  317.709545][ T5757]  process_one_work+0xa0e/0x1980
[  317.709566][ T5757]  ? __pfx_process_one_work+0x10/0x10
[  317.709585][ T5757]  ? __pfx_recv_work+0x10/0x10
[  317.709601][ T5757]  worker_thread+0x5ef/0xe50
[  317.709619][ T5757]  ? __pfx_worker_thread+0x10/0x10
[  317.709635][ T5757]  ? kthread+0x13a/0x450
[  317.709657][ T5757]  ? __pfx_worker_thread+0x10/0x10
[  317.709672][ T5757]  kthread+0x370/0x450
[  317.709695][ T5757]  ? __pfx_kthread+0x10/0x10
[  317.709719][ T5757]  ret_from_fork+0x72b/0xd50
[  317.709736][ T5757]  ? __pfx_ret_from_fork+0x10/0x10
[  317.709753][ T5757]  ? __switch_to+0x800/0x1100
[  317.709776][ T5757]  ? __pfx_kthread+0x10/0x10
[  317.709798][ T5757]  ret_from_fork_asm+0x1a/0x30
[  317.709824][ T5757]  </TASK>
[  317.852465][T10787] block nbd3: shutting down sockets
[  321.748600][ T1434] ieee802154 phy0 wpan0: encryption failed: -22