last executing test programs:

9m18.64807164s ago: executing program 3 (id=1166):
r0 = syz_usbip_server_init(0x3)
write$usbip_server(r0, 0x0, 0xfffffffffffffd8e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x1d, 0x2, 0x6)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
lsm_set_self_attr(0x68, 0x0, 0x0, 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000004700))
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000880)=ANY=[@ANYBLOB="60000000baa5c185c71d353ec5460f38f8601733494cce7161fd4a7431fc52831094fc9fbb1e0639f589a25808672fb03a793f07bca5e43b2f3b0c92da1920934dc3a99de3fe6337bf022b8aef5aa26f1432998b7e456d5cbe2c5e71667c9e703e24e0fd00cea6a0c30aba29bbb7c995c1c09e0f88a55c271b13e29ccedd75357b3d172b3ba2aedb2e4f69d9a2b3403d59ef6aec5be84a848ebb61af9272ce544b6b1393de21e3c0838dcabdc063d93e0e8f0c071af5f208dfa5fa36689c758ec36ca15acf1bc64ea5a3cd926822b88e0a3821ac8e737aacc76865b35d922a688f5d492337e3af1883b9eb3b843d65b1791a54c3", @ANYRES64=r3, @ANYRESHEX=r1], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r6 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000340)={0x0, r6}, 0x0, 0x0, 0x0)

9m16.00950537s ago: executing program 3 (id=1181):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYBLOB, @ANYRES16, @ANYRESOCT], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x67, &(0x7f0000000040)=0x401, 0x4)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000380), r3)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x20000041)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)

9m15.031058124s ago: executing program 3 (id=1186):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01"], 0xfc}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x44004)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a30000000001400038008000240000000000800014000000000140000001100"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'vlan0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4dc1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r3}, @IFLA_HSR_SLAVE1={0x8, 0x1, r2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4)

9m14.939283532s ago: executing program 3 (id=1188):
socket(0x1e, 0x4, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f00000020c0)='./file0\x00', 0x20)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0x91)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x40049366, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000005540)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/166, 0xa6}, {&(0x7f00000000c0)=""/67, 0x43}, {&(0x7f0000000280)=""/60, 0x3c}, {&(0x7f0000000300)=""/85, 0x55}, {&(0x7f00000005c0)=""/207, 0xcf}, {&(0x7f00000006c0)=""/187, 0xbb}], 0x7, &(0x7f0000000440)=""/28, 0x1c}, 0x7}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)=""/97, 0x61}, {&(0x7f0000000900)=""/27, 0x1b}], 0x2, &(0x7f0000005640)=""/261, 0x105}, 0x5}, {{&(0x7f0000000a80)=@in6, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000b00)=""/150, 0x96}, {&(0x7f0000001c40)=""/116, 0x74}], 0x2, &(0x7f0000001cc0)=""/206, 0xce}, 0x2}, {{&(0x7f0000001dc0)=@vsock, 0x80, &(0x7f0000002080)=[{&(0x7f0000001e40)=""/185, 0xb9}, {&(0x7f0000000980)=""/207, 0xcf}, {&(0x7f0000005600)=""/39, 0x27}, {&(0x7f0000002100)=""/4096, 0x1000}, {&(0x7f0000002040)=""/29, 0x1d}], 0x5, &(0x7f0000003100)=""/100, 0x64}, 0x8}, {{&(0x7f0000003180)=@alg, 0x80, &(0x7f0000004280)=[{&(0x7f0000003200)=""/119, 0x77}, {&(0x7f0000003280)=""/4096, 0x1000}], 0x2, &(0x7f00000042c0)=""/4094, 0xffe}, 0x9}, {{0x0, 0x0, &(0x7f0000005500)=[{&(0x7f00000052c0)=""/251, 0xfb}, {&(0x7f00000053c0)=""/5, 0x5}, {&(0x7f0000005400)=""/235, 0xeb}], 0x3}, 0x6}], 0x6, 0x2000, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setregid(0xffffffffffffffff, 0x0)
setuid(0xee01)
r4 = syz_init_net_socket$ax25(0x3, 0x7, 0xcc)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r4, &(0x7f0000000040), 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])

9m14.031252902s ago: executing program 3 (id=1195):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$video4linux(&(0x7f0000000240), 0x6000000, 0x10401)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x1c9243, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f018581c0bc0065666765f36f0f33f0100a660f3a0cb9000000752066b9800000c00f3a32c632c6004000a50f01d70f0901", 0x32}], 0x1, 0x54, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x900000001, 0x800000000, 0x45b, 0x0, 0x0, 0x7, 0x5, 0x0, 0xfc, 0xfffffffdfffffffc, 0xfdfffffffffffffc, 0x0, 0x9, 0x4000000000000004, 0x767], 0xeeef0000, 0x80082})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000088000f0000100080c95000000000000000200", 0x49}], 0x1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000b00)=0x6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000100)={0x2, 0x0, 0x0, 0x0})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

9m13.759994544s ago: executing program 3 (id=1196):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x6363, &(0x7f0000000080)={0x0, 0xd49c, 0x80, 0x0, 0x345}, &(0x7f0000000100), 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0, r0], 0x3, 0x0, 0x0, {0x0, r4}})
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x36}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_ct={0x34, 0x2, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r5 = syz_io_uring_setup(0x82e, &(0x7f0000000180)={0x0, 0x0, 0x4000, 0x400000}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
r8 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r8, 0x0, 0x0, 0x0, 0x200440c0, 0x1})
io_uring_enter(r5, 0x27e2, 0x0, 0x0, 0x0, 0x0)
r9 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
connect$unix(r10, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r11, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r9, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)=""/159, 0x9f}], 0x1, &(0x7f0000000280)=""/22, 0x16}, 0x3}], 0x1, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000440)={{0x84, @private=0xa010101, 0x4e22, 0x3, 'lc\x00', 0x6, 0x8, 0x43}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f000000e400)={0x2020, 0x0, 0x0, <r12=>0x0, <r13=>0x0}, 0x2b0e413b)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78, 0x0, 0x0, {0x410000003, 0x10, 0x0, {0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0x7, 0x0, 0x8001, 0x0, r12, r13}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

9m13.684292797s ago: executing program 32 (id=1196):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x6363, &(0x7f0000000080)={0x0, 0xd49c, 0x80, 0x0, 0x345}, &(0x7f0000000100), 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0, r0], 0x3, 0x0, 0x0, {0x0, r4}})
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x36}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_ct={0x34, 0x2, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r5 = syz_io_uring_setup(0x82e, &(0x7f0000000180)={0x0, 0x0, 0x4000, 0x400000}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
r8 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r8, 0x0, 0x0, 0x0, 0x200440c0, 0x1})
io_uring_enter(r5, 0x27e2, 0x0, 0x0, 0x0, 0x0)
r9 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
connect$unix(r10, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r11, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r9, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)=""/159, 0x9f}], 0x1, &(0x7f0000000280)=""/22, 0x16}, 0x3}], 0x1, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000440)={{0x84, @private=0xa010101, 0x4e22, 0x3, 'lc\x00', 0x6, 0x8, 0x43}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f000000e400)={0x2020, 0x0, 0x0, <r12=>0x0, <r13=>0x0}, 0x2b0e413b)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78, 0x0, 0x0, {0x410000003, 0x10, 0x0, {0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0x7, 0x0, 0x8001, 0x0, r12, r13}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

8.236992265s ago: executing program 1 (id=3277):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000b00)=0x6)
r1 = openat$dsp(0xffffff9c, &(0x7f0000000080), 0x82040, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f0000000100)=0x9)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x10, 0xffffffffffffffff, 0x2}, 0x50)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = epoll_create1(0x80000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000440)='./file1\x00', &(0x7f0000000480), 0x1a0045, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000100)={0x80000006})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="66511cd0be32da18000000fdffffff0000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8.209920014s ago: executing program 1 (id=3278):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$isdn_base(0x22, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
socket$rxrpc(0x21, 0x2, 0xa)
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
msgget(0x0, 0x291)
setrlimit(0x0, &(0x7f0000000000)={0x0, 0xfffffffffffffffd})
r5 = shmget(0x0, 0x1000, 0x4, &(0x7f0000ffc000/0x1000)=nil)
shmctl$SHM_INFO(r5, 0xe, &(0x7f00000002c0)=""/233)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)={0x14, 0x33, 0x1, 0x70bd2a, 0x25dbdbff, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x24001}, 0x4000000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGPGRP(r7, 0x540f, &(0x7f0000000080))
socket(0x40000000015, 0x5, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRES8=r4, @ANYBLOB=',group_id=', @ANYRES16=r1])
read$FUSE(r8, &(0x7f000000e280)={0x2020}, 0x2020)
mount$fuse(0x0, &(0x7f0000000180)='./file0/../file0/file0\x00', 0x0, 0x1009808, 0x0)

8.084690147s ago: executing program 1 (id=3280):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x20000840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000400)={0x0, <r4=>0x0}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000001000)=ANY=[@ANYRES32=r4, @ANYRES8=r4, @ANYRES16, @ANYRES16=0x0, @ANYRES16=r3, @ANYRES64=r0], &(0x7f00000000c0)='GPL\x00'}, 0x94)
fstatat64(0xffffff9c, 0x0, 0x0, 0x1000)
ioctl$UI_SET_ABSBIT(r5, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x23)
write$uinput_user_dev(r5, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x1000000], [0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfaea, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74fd9428, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x110}}, 0x5)
sched_setattr(r0, &(0x7f0000000000)={0x38, 0x6, 0x18000068, 0x9, 0x3, 0x7, 0x40800000000000, 0x100000000, 0x9, 0x4}, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
fsopen(&(0x7f0000000000)='configfs\x00', 0x0)
getsockopt$bt_hci(r6, 0x84, 0x18, &(0x7f0000000000)=""/4071, &(0x7f0000001080)=0xfe7)

6.043910071s ago: executing program 1 (id=3285):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0xcf)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x44, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010100}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @remote}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x4, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x1000, 0x2, {0x2, @sliced={0x0, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1001]}}})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8000, 0x2)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f0000000180)={0x101ff, 0x0, &(0x7f00008aa000/0x4000)=nil})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_open_procfs(0x0, 0x0)
r5 = openat$cdrom(0xffffff9c, &(0x7f0000000240), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
ioctl$DVD_WRITE_STRUCT(r5, 0x5390, &(0x7f00000002c0)=@disckey={0x2, 0x1, "d9e48ef872305b67276fea35bb8b52148b1ea14dd777c80747e654f9358d4b9709d1419114bd7d6cb9f81422857321090fcaed8d178ce24d906a44e47c6fc50fddabf393d4eaabeaf211702064a6730f6eee8a72d6277c3f8b2d3375738cce61c49012eeb2893561f1832e4fde4cd5d6dbd72f361634a66a984e968c7ce32eae81bf239792b70096785f1f5ba0ccfd62626bb604049cd46864f6b5c1e9293d501b580048a9f4bf02d4d440df10daafac307b969394e41a2abaa753f78712f1af062d3a8d79f7399d43cf18bd382239d6e114eca35b4fe18a41d760d55ab903f2b97c6fd5f1859f891d1a4003532fe3624d7237f088299f3ac95667a609eb9583830d1dd6d3ba003e67e33d3ebf77d34b9e637facc96cb5baa6e397b0b714e0c288638146f2dc8feb1eb26fac3074f1ddb780dbe897f2339ea6a4381308116cf4b713752a78eb629e39a941b684c62365336dac46ad392497ce98e26327eabc54ffc7b1db5bb882b584296c985d9bf6f7d1dae47b5f02800c5505fff990a090a49632501800d69b80bfc65f2e19afc51971fe5eaa6dcfb6e2668514b7b16140ae9a2f0024bea692c142076965468d02523664c90564b3a5df89b8f9509616ab7c268f5890583123c90614b84f98911ebf85174d131344cf06d199cacfe71cf63a0a0ebdea7729151a134e6e1ebc43c4661e22251b318abbb6408cee6d83838784108ced4ccee2a462315a7fa19dfa0e308f2c73e5774d96c411b23f27a65db2b02bd3cbab5becb4e62a55df6bf70bc3a412a51f3ba7567287f1eac5cb53d573b67e02189c3b7da0d03e01a918a9db940deb7fd6349a047f6d53e5d8efa963b6fd4ac2661f7709a14b06b9cd9eee79fe4873a114885323c0c99cd922a125a933ffc9136cf938dd6f39056a27806db1a99f6f84c068a4e3232beb04abdc9ddebfa3c56591339418baa9f4d7a5795e2471ae9c25a2d74c3ae51def757cddf114eec7e249537c8e9a149663b807d79c6bec875456c56ec4fe9bbc189da13432c7409f7fa8afe0cb13da4765f1f56b9ce47e58a6c112c1874b927a10c90f5748fa93dfbe1f6ace0ff08c908a806cfe473330b8ffa71f8130e90c5f0a845107b48fa9145dcab9eddcb1ead99329707749df3493c4187626fb3d76f5bd8b2a3924fafd7c20817a11c147df8fa132ee19fb3738c128b6f3a1c6dbb86a27a6a8b2033e5f181a0856aaee9b43e651912397667dae5560c96e2f8c2cdb472f9e6984b2cf3c86abf4e80765e30fdf7c0b8653161686eb7fa5fb03ec6c7b15de3e7e3091daa660b2e4ae385407815dd52cba2fa2c144f21072ac3f6cb9af8941d73acd631a7971754d03008fcef06a465b0eda79e70cc0a2c7c4b27e0ea76a9c62b198772d1083baa56ec645607f5b8277ccbae4f8e0b29dde531cb082f641cc7aa9a6cddc931888a7e5d167190dd4817a2e56e44b4dca448824cf82b5d0164883d10215f3af5647583778b254b31374c2d3ea99d24e2e2cabdecc31acb7bc735ef957933f193ea18202ee5010578a432ca9e77de9601c9e459dac9c7cfd201c8fa0719d82bb494d1502c2846b3de9c4a74745ac126eee448eeecef7855f549890b8c9f4182dda282b75ca1c4013069d0e0a608f76734f2ccb30905dd76a01c941d7da288acd05ee984136818c3dba168756270c26e892e08919493dd374d542ad1c639259be8eb5779124480d04b6430e7529466262ed138ad6542150988c4369fd3383ade7d5d30ec0fd90ed48acd5c4e31f4a21cc7f077a0d12a9688c6b5f2d546999a39ca5182f11e7346a2beb1972f307cb3e8b303e2a7e320c4d36fc4afe58206bd3122f139705b26a964c34ce505b6e6d027b03ac0dc7fc764e10cbb115f606b1da71ced7db8ba9e00cf31dae68c9953c1198c0ffb443893ae28a68545383f1e110c81f3c0914ad9d280c88a1888ee7a4cd3bbbf06d9732ab90ca476e16affcd45626ccb9fd7bcb7fe25ff37e090702a928acf2f29f5270079335d191c7482f5b8df394d0a6dcf1d73c670c34b85bd211604bf5bbe13a071239f66460be3a5a666b3e029a363408e480bac566664483e040af1f5824a61e5124553454ac9227f983e90de1fb923b37312f1498c9bd134a0a98677ace12ac690c0327ea53f574faf0817f64b6b262192bc662981a5df72bde96ac17c56e7ea1e4f46cc2543f572145b0017e3f270d00fdb77d5858d9d1087793b5f7d84a84c11101e89680e8d39b7e8535a81ad40c5df6a993437dd0daff918c0eac2af73b2cd74dc097570f9772cf2a2067e586aba247b70ce382a9673c2fdb0ca860d996626d3f550c728aa4db5423821327e54a865ea43e09420048ce2385537897caad77369fd25178619b41c3664e74f58da2815f1e79fd3bafc518bbaa92d96d53786ed55d839bd429f854cda9980bbea4be724f22bb0ba804e76cd55a839189042c8d44d553561e2f399b0e1ad74bceeec35e642bf3435f0d229d6cd215d9118bef13a233f8566fa3e59d171087ffbc059339a7c61aae417b019be28262097dfff0358e00080fb47df051e96d4b23a9e9b78ca69a377a377d86b98432c38b5494495e9889fbe7558c5d7eef4d66c4b7d5da720abdd6ad799f33f468fe8cafb62d7e75e96208c197e7697e9b37a43dbe122ca657c366338b5edbd5fd00684be51792f8d944020b3ba3143b4f5eeea4ad13432daea10da567e0f8a65757d090da245c98972a55540048b12240f15c2e0341abb96b534d3b1b0e9dacda836602b77fc7850cc872cd802c91d6e0dbe79bed1bf0a17b5dfe0c2abccec590889a05a3f04f4f3d9791d1baa4d83d92a113810d54830eed38545c5d21d96247000d769d3ef6569436bcba8b8e69b09000a3"})

5.347003958s ago: executing program 1 (id=3286):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @private2, 0x6}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000680)="c8fcc46303fd419ae9c96ca1725d334b706ea9740668a292190b158669268a7e119adf66f37f1222c7acf1b5a781288a38e96e703266fdefaf168254f724c4462b9b2cfff0b8e28537275ddf5f07ac39483698d21be15bf941ed7fb64ba2350caed1c8ea1b81b40c177d071d61b6f5adc31241101274f367808b085790dc9cd334a3418441935b0d7debd9c1f90e08bc051dcb1c258b991baf29000f74bffc3a9da5ef2668f7bd97728b448c9eb420b6d57e7aebf6c00100065e55d65c57f567d07407520dd53e5213000c30cf8b5f0d5db3b9ad884b4057cee726229a871c964ed45e7967dc9a56897814a7338dd4132d3b821653ca02cd44f291950920c65ae66920de3fa087730000409a", 0x10c}], 0x1}, 0x4040042)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
write$binfmt_misc(r2, &(0x7f0000000640)="dfcb", 0x2)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup(r3)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000840)='{', 0x1}], 0x1}, 0x20048843)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x85, &(0x7f00000012c0)={0x0, @in={{0x2, 0x4c24, @empty}}, 0x6, 0x6}, 0x90)
r5 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x5b23, 0x0)
writev(r3, &(0x7f0000000c40)=[{&(0x7f0000000500)="678a82ef4321927df7321d7e6111b3df8a40c29cc2d891cbd056eb1bb62c454be007bde085acf8db13d58eab4868f95b88089e7fc5d7a6853530f60df2e8a7bd690a0308ed44c22ad1dcf987", 0x4c}, {&(0x7f0000000580)="0b2ae58ee4f635c719e8146d538d117db9dcd9115a644eb0c20a9d70e9f2f6e8924f887eff9a1cef055a197b91ceaf7a07297570778fc591855582ba0c69aeb929040a2961e1cb1dd862eb4594f98930a2a0204e7e1473a960e076651c224962252e52d6f2cbd8706a9aef80c8c0407e4951332b1d5b7635145ea0c094d1d76d3e19f2eaf11a16046465f919d69af1629a34a510c5450ed140f55f", 0x9b}, {&(0x7f0000001380)="8ab422dd70e15985b77b5f800b966cebd3cf432f4002df49d0224f67b950f075f59139c15af2027b4c78225a94065222a295f573e54e40879c9a8bd9d813f03982496ae5fcb6e7e19420b8d84e72349b6fd1f119207a2ac4527593a5eb067488de10172b4f11615ec3a0192038ad6d8e541670497df98ef027055279f572200d3b9ac8f933a7f98086e938dea1eb44486b5dc42ca511f61341507cd96d47b714e403450af7b9630924cfb24bb068232d47ee5ab177f808a17cbc32f6e6d2620bea3ed824c8aa866883e4dbc7dd65063acd34064bb9d1e88daa3f64e9ad11d151a83090cd6bb0cd4bdf37bba611b622c9df0d27808d4fe26dbd5751ffcafff72fc541e16e729468e97ffeac1d2d83469efad38dfd0bd8b6ccadb88115dc29638d00d99200a32772acbb9ca904e704be96075f6da15e7de4439a86d610313e40d237a013a858cb55648e49c3ddd146bc49611dcccd8836cb2d34675a855a1e6c778a1d5de7e1ec442fb1043935d34fbaf6ae2b77a1ad3f5583f141974b3eb70e7f4234a0b10c1abc6782f2d5a96411294d52877acfb7142ca57962fd0d6c4c34ad41c7e6cdcb25d7ceb9c685add07b399fbba26c500d00a6a7cb4fa08f45386a2cc85319403f5cef3e6895a4476439607389a41ab135220fd51845ee7937c758fc235f838fc9b86b057cb0997d653fdf81ccb05a053de33f93dd648d3d611e1fd182091131a9ee31ad8a96b93d445ff8816067e101bcf0a9dc92e0de238249a68f011f01e0d3fda38e3d17527196a5e9a40c4a2ac62bc183e8e1cffb4ac47cd695044579608c4f97fb47ffebd02a07d83135d1d5b8b81d116436cf3e22c89cd046fd84fa3caee1bb82a994e7651cc6094046cd4d9ee9c1351451016cf286c4c5af87e7ecd294afbaa2fb139b2c5291d9b11438a785ff4ca158010dcbadbd554aab96bd6d77869ef5c1c5313a4b80a1e7a37e33e10648f5e929434c6c71b4450418afd2cdbc616f5f6a47e470d93cb3c6be42389d9639ce4d1643bb0e9ab984479b0d519d4d582ea296bf51238f657c0fc45ae88c28a0c0cbac55f98907c41c53c38411ba51bfa0ed64638fb03ea5844b67c0ddba8929b290ad6abd8d9f0fa66be3bf388ba9ab43582cc16ea7bc88888473c4076bbbb1bc8b4ecda101008267f692d49c179676f90c62209d760c00e745b6a32bc606b06fbd555299ffb6cf22379d73163f474d21069062e2ec6ca60f3bca198b81051565ae693a2baac48e80540a19d8cef0c55c6df0b1fa0553f6445bcc0ff5894b4f79f25528d224cd6a9263105128e0ff5155b130a2c4eb9cf4799facc9638af5ae52cc29291fb7956aec1872c1dc1ac3f38c249b2d7d8240c16e3bb24327747afbb7f250abdf30af904b3209f3e3e9a9b0f535cf08196573ace2d29a238821546285d31cf8bc5e90dc9929518c41b5574e778e8573dba75a83febc0f65f161c8526647b8b3031ef57610b114bad91dfae518f0f9420f05f1d9701af487d9eac1cbbb187171afe8df83e185a7d3479735731cc207fe671f673f62e9c2422ea2547ab68de9c7aedbd72b20b9c8bfb45c6ff5e11d48ec0bd64315c8a398055418fc38f7fe997041056fb64d9f3cea1b6b5503b8f3eb808d9c406978246054449ef9b149444ec0ac45c9cfccda5f128856169ae7743a5514a24ed442c498e227e1981d63b9e7ffe1e7b339c4c09c30c39f39d669d476bd1085d35b742c5e400e7a048428a1759c9a6f0904861ec29a30f9082ab559ee64470b82406afc47419a69e9f5524e36ddd3c722c8f68e69579000a8f35747984d3308df31c43da7846e48fe4c38a1d2d2df4d5b9f87166be133adc337b1d08f9d24dd5ba83dcef34c576f56c8322f34b451a9bf76200c2745252743ef6e51d7c2943f4d5b93a5df8f607037f53fc91700886fe48492266ed4fd8062f4671af07977ec815c778779a57a3d8622858e87067aaae6ea80ab62d190fec33f9123bf0818fd8ef83ac0634455d61d118e07c18d828d1fa85f0af8fd6cdb15f3beac64eb37b946b115827d8bd88f0686583dc7d454cb72700ce037af216e2fba23f41cc9ec4d8ec2758fda28b1c9b59e84d30fa167d51353b07f46370eff4060f1195270a2ed654e60532db8247b49811c0b82c088147615a37b4e6f219abb3ea682f0fbc870bb9c67a357cce286aefabf8170b805c873cb4a36ff839f313b8a71d3cf4f551f0ec9da3a5a9256ada87b2a027c6fcdd36da6db47c2d73600204cfe02374d1ac455a148ba2fb066798ac8c38a499421251be784e5322045b8beae84c43cf3a8e3f2e240a28b5f36c6d2c83c1fcdf4986d63910d8b4252c274239f127ed0960b6b83560474333cbb52ca7e5702946ef0f7816f7de294aadb8b4a3ad4960629ace9cd8191224c27a0c055cb80a87313c70ee4666ade4232e84884e8a3a02ad2ab97e13a13a4e58cc71ea626b8bc645ecf5b03db61b179f59306cd6e9270539d3ea83e8b7711d48bd508b189a440d9feb56bbd3228c065b60e3b1631f657609763d6e9b8da3c5d7551bab71ef88d82d2e37caa7f5c04d31b6c1c5c18cf353f813dd924e7f8a8760efea3b5632ce67069be5e2495e79dd48a8c5ed75ed41866c47b5013d8a322885c401ff6729b35df0b143c8d4c30b112c0b00e6ce2105cd87d9d0056e0242c69a0694305f75057971c4103827af9ac84bf0dfafe8499ccbcf1d1f316a06001d799c2193d55ce47332240cae1a4622cba5864fe4138d02fc528ae3d5215155d72f51b12818903eb978f98906d60a7fff64aa702b5bce57121eaff486a5beee383bc6f6f6a09762aa6a47d918262e67576768a8b5d374978c47c5c5d533e9cc4f5cfccb0185c7554fdd52b5d509e95700f4066ebfb6f35092c10b8fc1dd3b5a64b3d4515c16e6ebd2bb562d646f69912ec7fe38075db1215576f1f713e1f0e362c85e521bae1ebded7a757512cd5673fe0840d3e03a77d7e56125724ac85e81555f906d5e0f46a57d9eed9f166b753f191aaf7fb5d9df58b30a87cd0d8f5ef877ef4465e092c638114de4610cca11723b009d1a4ce76ca1fa7ec3c50cc5cb4533eda6cb6752886163b8ac53f9af1e722d80d9ae2663c5806954de7966c2a5e92dc20d2eec704c319c3e74eca24d6fa477eb7addac1054e40df3f728b73ad02335f2d1179cbf2dcb366b95762d978e630364631920e7d8847c1b11001e886d619b131c8550ab53adde6b574decdd120306fd15b16eaecf37c7daabff8dee1c1e297af01bbb67c17a81cf31f9c6288b1f7d83486cafd640e9990d64d43105a9a7f9eb39d8aa72d98777327cb234ca0d1882cc08cb38f4d523e7c154f96dda4e63bcab68dbfc7a8e7567d0c7e1457d5454dcb64341c06d64ccbee3dc5c2aa40f3b167e365ae1a562b785e1324274f35fac3a3ea10a376d862a30352b76af8c5498d32aeac8708fa5c3b88664b60e5b4f988decb3844154941ecdab6dbd8173d13707f182d905501713812aa8a74e29cdc70528d2f3ed0d8609c9761e8a4aa490364e7e7fbb2d1115de55d2042f4056c5a86f26c270ffe64be99a537ad6d033979bec9f8606fe8ddc4bb69017cf1a64bb29172152f0a8ddae4000695f2c6f3e32e92258ae4dc9feed88a0b163a2c5886e1b82d3eb2b6779bee39931c3b8af8506b35b448a3f0d3738fb43d0e68cfa6f6cf10f5293ffbc2f0a55df4cf851f62e865c658f970a40f05a14f14a773a0347314f57c30a1882ffdb2136735099be80c7c918b1179f58a7593778051130cb84352df304a63da8a2c6b82e77d8563475e6c2648880bcb8562b7394b5aa4e43f5f042a1240ecb02e8579b34ddf8af8e6cdca4f82e4a019397fa11bdbb3a8418f6b2fa51b76138b2e4b8da2e08f7a626ad2245a6599ec386b3459757add71b545c16db36db98bc9289b3104d299700f51b9c099605f229c37847afa236a77475feb5c51cc64dac6ab41e45a085097e81c04de8fb24404f60f51f4a8e8545f179dee2aac4ad365a5e2ee2eb8c97da1aeda5aba40e53eb87da9534f54f3eb7f1402df81a27ce6dab16d5cbb50664d0f51557c108142be7e49b0fcce8c1268ad52f08319d598b30f5b9102811ff9d4a05282f655aca57deb570547a6cf0786d26c249a0454c511db765a990e234ece95246653c2f093ced50a0722a4deaab2a1d10418e798e7d43c9b19d7a1334f9bf08188269bcfe09fffb45916dcf6c0ccf4e2ce2b1b96b3b600a7ef854b8f58a1765281831c968880252ee159c3ebb605b6ca986495c844763c6310cdd75dc832476a7a8f4f9f611a4193c485d7b96a1dfa56c44b429e6499a438e6797055b0fe438f85725cdb69f9f430c81c79f60492c57a85f875301de183d4ce70ee8b09d0f90a61a0531293458536b73fd38cd90c72a61a34e1acac0c4db6e267edf48ca059834e7b9d4a9add55c38f32172552e33fb69c080e839771c80c2494fdd521052ea0361e153f5f7c8faf496a8c8c353400f8d863ae83eb583363f3f3803aeb4210cabc90d0b99c6801afeae94d4c31b79d3b1a3664b81ad3c997fbad7f98ad2fd104ba69de3f9257794ba0bb26b5dbc23b25f49d1c17ff81282eb20b2a432cc968ddee4abca6a72cac8b1d83fdcbe16cad2f96d3634de0ec5aaf5b4cdcab693b69fd28048bdd515042c2c5c80622b76c1687ca7fba62df4eca6f193d382599f516e0238e9ac48204b2ddb887944c085940d3fab41877527d84237b55bf5a857ff5304caa53dbca091aef0828e568687b853fccce54c0cb1f0faed2e843a5254a1bc460dacd410ccfa9853b5d61105f03e8b86eaacc6aae75a30104738c1f76e9cb5cbb7b98c0c89b68d85e183de52a811ccc8f60cb6012c522719d7822560ad7e2db5392a394c2a3d5dcb7424873256b5712aa3e324c9f771a6f0ba63ab49a4108f3b82bb7a677981c7994ca3a91015b82c287d43e77f2a1b20b4e22da208a7b14bd1c4a49c194ebd92d7558db31cafe358c77f39e82b783a306242ca64b9a7690138259c4f71bb6f762d1ff2b865e0b0d6d150f9c72b28dec5b9966fb55bda8ed9eae654f9a02df032486f534f9f18ed7e40c3e244e7b83aca2620317eded7fabc156164aa1f777ab667c3f4075603c498d95e1729851076d2bbce085ae9bb0e600cf1b6eb5db0db2d433a9a2aec320a0e00fa27932dbb0088fffabb2120fa2926d2bca853663a3a56b1e7e6a91b23c63515430acb5a14b6f37484ca447b6248b7e6ce2735ea698fbd9b17104fb627d7dfd10353f50a1105ab844a437d4147eeea58e4788cc29f53ba9a122cb8c97d9f7a5fcc6ae4f1840a5410e929f5c9630fcb8e09d139ef38251fc75dbae10558b74ec21cacd351ac84fcc21f693c773dbc9f21c47ac3beab9328ef07278d80237b2ab4ae711decae54df2105198d8b6300fc7d7f44f2eca2cd88c16c01cd718f9cee23cca7c4e1b2a0eb52fb03860c3596bc62ec9e5cc7b280fc9255fcff8599aae4195ba642b8d522706b258eaaab0c93a719120bfc3e894c932f3c3023d1ab138b080897e4e04a67ccc126cce3ca4d900c46eaa67fc368e8ec01693f8ba6b50758d214442d7b4e8c621c1ddd9f010a86caffca70c76bfbc3a785f2eb50cc23c63574cc0a33f7eb646cdc2f5172a467e42ded8de764c204a959515a6b596d8fc375c4f5ab23742cdf6401d2e4241756335b220948676ea8018035a4b77c9ddb3fc8b19acfd266315f4ef749832b9e73866c87fc55f90d9efa5060f696ab832caee73304e944bb3", 0x1000}, {&(0x7f00000000c0)="342a27131a0b2b6ad6028d8877e75ee2bc4ae2993438f2969c166b42d07d3727aef1e1a6532cb7ea2c868c113af458830e0be2035ef9e6e3b9cd4b9d4f1e", 0x3e}, {&(0x7f0000000880)="ccab696fe9ae319a59b17fe184b5f906dddf49b5be374f812e937151d5ef6399ef19c0e50850e615cf23802d07ca03c14665c0cb7bbe0c0393f9e37fe330f1c32e80e5391711cba46be53a4f604e43600152392c593501916e405e7d2ce8f758e5dc50bca93c3373ba767e4c308a797665a3da4ae65e5281511052fc28d99541c7b9c5386b6a6327d59115dbe73914be87c0f57dd9b58ae3cc4a28c25ab8604ffe922eed6931686d8c0ba3be5feea56178949437653677fdbf1500a033a8e9ab473d7e3720707cbbb91bbe40eeaecb6100b7beed12b127318551a6c91d286d745ca679c930f1d333b0b45ec42279ad025d013631c7", 0xf5}, {&(0x7f0000000980)="bba6d989c1797aa1d255de28ec022b6508365782ad1fa66fa5aea02295f918ac387c642f77c54a9eb69579c4860e44d05d5e9d2a610523b6c631b9b4ea8cb0921e3fab3bbdfab4faa6281a3641ecd6e85f740b8fad56519226da80e859a7860896728d7766019b4bac030366cbc722503228f2475fdbba5b23f701f559bdbdf1087b25c9fc9ce545a247b44baacdfce84d47e08ae8f02839822515aef88ca76aad45fda209faf29777d09dea89b132f04309e5fdd2178f040b556a51c17e2911cb8959052cb19a78a2da1379430e55740b354a36c9bd9061de167b6f7dc0d66df15d8c362eccf9a3412c2222c5d1bbb7fc3c26e12082b8ec2684", 0xfa}, {&(0x7f0000000a80)="3417e96f9890989d148a94967e90d1e2e45a0520cc9c1d51bfb0bb3b80c0e14acd82c0b9cb8c6cfba635b063c31134102d38eace6c5a2224b0122edbd55110f7055d195d709e", 0x46}, {&(0x7f0000000340)="a3583403bfcc0596fd0522001afbba2185af933ac2a322fcfb96c42f19f400378878f742716ddf7b9461c23ab64df5b6c283fde1aaf9cbd41b09ff51db", 0x3d}, {&(0x7f0000000b40)="723683efccbee24b056dc37358ad60f6cccd2b117bab1ea91fbc3c277a9cf78ca4fda54ce569fc45d1a42ad2eb1a1f724fc136cdf52bfd6b55c8fea78534399f9018bae47ea3173e53edc172cbc46066c7075d24cb0a8449261681e5d2a5956783cc45c54bed53b998bf06d7ada99e05e0be96de4270814b1a14ed5e2f29978ad49577635e7366dac94e4fa50f8d57b3142ac83e683c1920639226904857d66d7ef1a9ea4b21e1018c6fd26bf3bdf14c4cfece8c308691b7a6021abf3f8ed2d90ed7505483546ef93b8fe176495311cee37de2f67d396ed8ecdc2e0e034560c257", 0xe1}], 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, 0x0)
r7 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e24, 0x5, @loopback, 0x1}}, 0x4, 0x1, 0xf06, 0x0, 0xac, 0x7d, 0x5}, 0x9c)
tee(r1, r7, 0x101, 0x8)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x0, 0x1b}, 0x9c)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r7)

5.129284771s ago: executing program 0 (id=3290):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7fe, 0xf83, 0x8}, 0x1c)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'macsec0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, &(0x7f00000000c0)='z', 0x12, 0x0, &(0x7f0000000100)={0x11, 0x88a8, r2, 0x1, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r5 = openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_REJECT(r5, &(0x7f0000000100)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x0, '#SP', "d54a1ea6e2b95d3efd47dcdbb5fb1f112aaf0064d79486cdf50f6206540890b35529e047d3829c53d46ee13c92479127dca6a93a8e4c9c21560c97c06c9cbd9f48aa4308e58a1f9a85a0172b8f9f4ad82d37a0f0158b4af6b1021fbd9de91f63ccd448e294d8ebc0a223dc070c8b065b875d1d8603ba1a62599c9119f09f6879de151b90226df149cae7217a7c43ddc0d68a3d40616fdb186a18cdd5faacaa55875d5640df0b9a89eddad750b037dc480c92603e121562927a598e5c7121dc9934a8497eb43f25962094ad4e8da38859d6f1f0d12630e17a2f1bb4ead33879ef51c26a506f8b3d08882bf06b3f269c403172bd61186a0217a93d47e8798f6f2b"}}, 0x110)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat2$dir(0xffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x224500, 0x144, 0x6}, 0x18)
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
write$evdev(r8, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)
ioctl$EVIOCSCLOCKID(r8, 0x400445a0, &(0x7f0000000100)=0x7)
renameat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', r7, &(0x7f0000000300)='./file0\x00')
openat$kvm(0xffffff9c, &(0x7f0000000440), 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r9}, 0x10)
sched_getattr(0x0, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000180)={0x2, 0x2, 0x0, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r11 = socket(0x18, 0x2, 0x1)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x40003}, 0x44811)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x0, 0x6000, 0x1000, &(0x7f0000fd3000/0x1000)=nil})
r12 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)

4.818519417s ago: executing program 0 (id=3292):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5) (async, rerun: 64)
rseq(0x0, 0x0, 0x0, 0x0) (rerun: 64)
fsmount(0xffffffffffffffff, 0x1, 0x84) (async)
openat$kvm(0xffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x4) (async, rerun: 32)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async, rerun: 32)
ioperm(0x0, 0x6, 0x2da3b9f3) (async)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0xb001, 0x4, 0x3ac, 0x10c, 0x0, 0x1ec, 0x2cc, 0x2cc, 0x2cc, 0x7fffffe, 0x0, {[{{@arp={@empty, @local, 0xff000000, 0xff000000, 0xd, 0x6, {@mac=@broadcast, {[0xff, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0xff, 0x0, 0xff]}}, 0x1, 0x2, 0x7ff, 0x2, 0xfffb, 0x7f6, 'wlan1\x00', 'veth0_vlan\x00', {0xff}, {}, 0x0, 0x28}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @rand_addr=0x64010111, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}}}, {{@uncond, 0xbc, 0xe0, 0x0, {0x0, 0x1e03}}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0x10c}}, {{@uncond, 0xbc, 0xe0}, @unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0x31caf518}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x3f8) (async)
openat$binder_debug(0xffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981) (rerun: 64)
r3 = socket$nl_route(0x10, 0x3, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="71756f74612c67727071754b74615f626c6f636b5f686172646c696d2c000e65b1134755fdd5ce324ea28500000000"]) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 32)
ioctl(r3, 0x8b21, &(0x7f0000000040))
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="6d892bbd7000000000000100000008"], 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x0) (async)
syz_genetlink_get_family_id$nfc(&(0x7f0000000300), 0xffffffffffffffff) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) (async)
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)

4.476094292s ago: executing program 2 (id=3293):
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020003000000000000000000000000fe8000000000000000000000000000aa223427d5c9a46b9fa14172170a013589317d2af31ba554311bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e"], 0x0)

4.407554407s ago: executing program 2 (id=3294):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x22001)
ioctl$NBD_PRINT_DEBUG(r0, 0xab06)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x205, 0x202)
mmap(&(0x7f00008f1000/0x1000)=nil, 0x1000, 0x4, 0x11012, r1, 0x0)
io_setup(0x9, &(0x7f0000000b80))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040))
semget$private(0x0, 0x4, 0x72e)
r2 = fsopen(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="04081800c80009"], 0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x11, 0x81, 0x6, 0x1, 0x40, @loopback, @loopback, 0x8, 0x7800, 0x9, 0x3ff}})
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}]}, 0x24}}, 0x0)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r7, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000180)='z', 0x1}], 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003c0007010000000000000000010000000400fc800c00018008000600ffff0000080002800400728008000900", @ANYRES32=r8], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

3.980976391s ago: executing program 4 (id=3295):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0xcf)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x44, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010100}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @remote}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x4, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x1000, 0x2, {0x2, @sliced={0x0, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1001]}}})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8000, 0x2)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f0000000180)={0x101ff, 0x0, &(0x7f00008aa000/0x4000)=nil})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_open_procfs(0x0, 0x0)
r5 = openat$cdrom(0xffffff9c, &(0x7f0000000240), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
ioctl$DVD_WRITE_STRUCT(r5, 0x5390, &(0x7f00000002c0)=@disckey={0x2, 0x1, "d9e48ef872305b67276fea35bb8b52148b1ea14dd777c80747e654f9358d4b9709d1419114bd7d6cb9f81422857321090fcaed8d178ce24d906a44e47c6fc50fddabf393d4eaabeaf211702064a6730f6eee8a72d6277c3f8b2d3375738cce61c49012eeb2893561f1832e4fde4cd5d6dbd72f361634a66a984e968c7ce32eae81bf239792b70096785f1f5ba0ccfd62626bb604049cd46864f6b5c1e9293d501b580048a9f4bf02d4d440df10daafac307b969394e41a2abaa753f78712f1af062d3a8d79f7399d43cf18bd382239d6e114eca35b4fe18a41d760d55ab903f2b97c6fd5f1859f891d1a4003532fe3624d7237f088299f3ac95667a609eb9583830d1dd6d3ba003e67e33d3ebf77d34b9e637facc96cb5baa6e397b0b714e0c288638146f2dc8feb1eb26fac3074f1ddb780dbe897f2339ea6a4381308116cf4b713752a78eb629e39a941b684c62365336dac46ad392497ce98e26327eabc54ffc7b1db5bb882b584296c985d9bf6f7d1dae47b5f02800c5505fff990a090a49632501800d69b80bfc65f2e19afc51971fe5eaa6dcfb6e2668514b7b16140ae9a2f0024bea692c142076965468d02523664c90564b3a5df89b8f9509616ab7c268f5890583123c90614b84f98911ebf85174d131344cf06d199cacfe71cf63a0a0ebdea7729151a134e6e1ebc43c4661e22251b318abbb6408cee6d83838784108ced4ccee2a462315a7fa19dfa0e308f2c73e5774d96c411b23f27a65db2b02bd3cbab5becb4e62a55df6bf70bc3a412a51f3ba7567287f1eac5cb53d573b67e02189c3b7da0d03e01a918a9db940deb7fd6349a047f6d53e5d8efa963b6fd4ac2661f7709a14b06b9cd9eee79fe4873a114885323c0c99cd922a125a933ffc9136cf938dd6f39056a27806db1a99f6f84c068a4e3232beb04abdc9ddebfa3c56591339418baa9f4d7a5795e2471ae9c25a2d74c3ae51def757cddf114eec7e249537c8e9a149663b807d79c6bec875456c56ec4fe9bbc189da13432c7409f7fa8afe0cb13da4765f1f56b9ce47e58a6c112c1874b927a10c90f5748fa93dfbe1f6ace0ff08c908a806cfe473330b8ffa71f8130e90c5f0a845107b48fa9145dcab9eddcb1ead99329707749df3493c4187626fb3d76f5bd8b2a3924fafd7c20817a11c147df8fa132ee19fb3738c128b6f3a1c6dbb86a27a6a8b2033e5f181a0856aaee9b43e651912397667dae5560c96e2f8c2cdb472f9e6984b2cf3c86abf4e80765e30fdf7c0b8653161686eb7fa5fb03ec6c7b15de3e7e3091daa660b2e4ae385407815dd52cba2fa2c144f21072ac3f6cb9af8941d73acd631a7971754d03008fcef06a465b0eda79e70cc0a2c7c4b27e0ea76a9c62b198772d1083baa56ec645607f5b8277ccbae4f8e0b29dde531cb082f641cc7aa9a6cddc931888a7e5d167190dd4817a2e56e44b4dca448824cf82b5d0164883d10215f3af5647583778b254b31374c2d3ea99d24e2e2cabdecc31acb7bc735ef957933f193ea18202ee5010578a432ca9e77de9601c9e459dac9c7cfd201c8fa0719d82bb494d1502c2846b3de9c4a74745ac126eee448eeecef7855f549890b8c9f4182dda282b75ca1c4013069d0e0a608f76734f2ccb30905dd76a01c941d7da288acd05ee984136818c3dba168756270c26e892e08919493dd374d542ad1c639259be8eb5779124480d04b6430e7529466262ed138ad6542150988c4369fd3383ade7d5d30ec0fd90ed48acd5c4e31f4a21cc7f077a0d12a9688c6b5f2d546999a39ca5182f11e7346a2beb1972f307cb3e8b303e2a7e320c4d36fc4afe58206bd3122f139705b26a964c34ce505b6e6d027b03ac0dc7fc764e10cbb115f606b1da71ced7db8ba9e00cf31dae68c9953c1198c0ffb443893ae28a68545383f1e110c81f3c0914ad9d280c88a1888ee7a4cd3bbbf06d9732ab90ca476e16affcd45626ccb9fd7bcb7fe25ff37e090702a928acf2f29f5270079335d191c7482f5b8df394d0a6dcf1d73c670c34b85bd211604bf5bbe13a071239f66460be3a5a666b3e029a363408e480bac566664483e040af1f5824a61e5124553454ac9227f983e90de1fb923b37312f1498c9bd134a0a98677ace12ac690c0327ea53f574faf0817f64b6b262192bc662981a5df72bde96ac17c56e7ea1e4f46cc2543f572145b0017e3f270d00fdb77d5858d9d1087793b5f7d84a84c11101e89680e8d39b7e8535a81ad40c5df6a993437dd0daff918c0eac2af73b2cd74dc097570f9772cf2a2067e586aba247b70ce382a9673c2fdb0ca860d996626d3f550c728aa4db5423821327e54a865ea43e09420048ce2385537897caad77369fd25178619b41c3664e74f58da2815f1e79fd3bafc518bbaa92d96d53786ed55d839bd429f854cda9980bbea4be724f22bb0ba804e76cd55a839189042c8d44d553561e2f399b0e1ad74bceeec35e642bf3435f0d229d6cd215d9118bef13a233f8566fa3e59d171087ffbc059339a7c61aae417b019be28262097dfff0358e00080fb47df051e96d4b23a9e9b78ca69a377a377d86b98432c38b5494495e9889fbe7558c5d7eef4d66c4b7d5da720abdd6ad799f33f468fe8cafb62d7e75e96208c197e7697e9b37a43dbe122ca657c366338b5edbd5fd00684be51792f8d944020b3ba3143b4f5eeea4ad13432daea10da567e0f8a65757d090da245c98972a55540048b12240f15c2e0341abb96b534d3b1b0e9dacda836602b77fc7850cc872cd802c91d6e0dbe79bed1bf0a17b5dfe0c2abccec590889a05a3f04f4f3d9791d1baa4d83d92a113810d54830eed38545c5d21d96247000d769d3ef6569436bcba8b8e69b09000a3"})

3.723722068s ago: executing program 4 (id=3296):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$UFFDIO_POISON(r0, 0xc020aa08, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x40, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x3, @empty}}, {{0xa, 0x4e25, 0x0, @empty, 0xfffffffc}}}, 0x104)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000180)={0xc05e, 0x0, 0x8000, 0xffff, 0x5, 0x400, 0x7ff, 0x9}, 0x20)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2, 0x1}}}, 0x104)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), &(0x7f0000000500), 0x2, 0x3)
open(&(0x7f00000001c0)='./file0\x00', 0x4000, 0x8)
mmap$qrtrtun(&(0x7f0000457000/0x1000)=nil, 0x1000, 0x1000000, 0x30, 0xffffffffffffffff, 0x8)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f0000000340)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x5}}, {{0xa, 0x0, 0x8, @empty}}}, 0x108)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f00000000c0)=0xa, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r4=>0x0})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003000afe6cbf96caa5debdad61b67ddb2fb68fcf19f7807076430a0001"], 0xc8}, 0x1, 0x0, 0x0, 0x4000005}, 0x20000004)
sendto$packet(r3, &(0x7f0000000180)="10031200e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
r6 = openat$bsg(0xffffff9c, &(0x7f0000000000)='/dev/bsg/0:0:0:0\x00', 0x2402, 0x0)
ioctl$SCSI_IOCTL_START_UNIT(r6, 0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3.416891735s ago: executing program 2 (id=3297):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x271d, 0x0, &(0x7f0000000300))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000180)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0x0, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x2200}], 0x0, 0xa}, 0x20)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
mount$9p_rdma(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=rdma,port=0'])
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4`\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000430009002abd700000000000030000000800ef00", @ANYRES32=r5, @ANYBLOB="24a66ea11db0cd30d2d811b3cff931064ddfa4c310353e76aaf1032816c3a58353683125c496c5a9aa46eb2f9eb0823f013b6c8b2972ade71d6665c7826035beb1bca52078040000000000000089c4f4c06061b5", @ANYRESOCT=r5], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x24000044)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x5)
fcntl$setpipe(r6, 0x407, 0x7000000)
fcntl$setpipe(r6, 0x407, 0x100000)

3.13120169s ago: executing program 0 (id=3298):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x12, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000001240)={'IDLETIMER\x00'}, &(0x7f0000001280)=0x1e)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @local, @remote, @link_local, @private=0xac1414bb}}}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
fsopen(&(0x7f0000000000)='erofs\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
connect$qrtr(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_io_uring_setup(0x8d2, &(0x7f0000000240)={0x0, 0x0, 0x400, 0x0, 0x2fb}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x3e80, 0xff95, 0x0, 0x0)

2.85054366s ago: executing program 4 (id=3299):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x551e531b54736393, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES8, @ANYRESHEX, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x13, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045011, 0x0) (async)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045011, 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000300000000000000000000020000000000000000000004000000000000289258"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000200000823502dd4eea5486f000000000000000000000095000000000000007ee34743a1ec3048bf66ef060d17a7eb60481ce0c763c4428e991235eeb206a8322e7268bd023420c33fd22416aff6cfda5ced3fc1028fee5bd9b3d1e6336096619119968509c4fd4f0f66e1b1a293b398e5b9ca55affa63bc3d2673f3cefa456f313ea5904add0086a460892915eac8f6c3562d5ab879dbe6df9f5d4d9b3a"], &(0x7f0000000080)='GPL\x00', 0xa, 0x10, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x1c}, 0x6d)
openat$rtc(0xffffff9c, 0x0, 0x8103, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x80000000, 0x9, 0x31363553, 0x0, 0xa, [{0x2, 0x5}, {0x6, 0x7f36}, {0x200, 0x60}, {0x3, 0xf}, {0xa, 0x100}, {0x6, 0x589}, {0x8, 0x7}, {0x10041, 0x8}], 0x10, 0x8, 0x2, 0x2, 0x3}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$uinput(0xffffff9c, 0x0, 0x802, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
openat$nmem0(0xffffff9c, &(0x7f0000000040), 0x101040, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$kcm(0x10, 0x2, 0x4) (async)
socket$kcm(0x10, 0x2, 0x4)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, 0xffffffffffffffff, 0x0)
r2 = openat$procfs(0xffffff9c, &(0x7f0000000300)='/proc/diskstats\x00', 0x0, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2) (async)
socket$phonet_pipe(0x23, 0x5, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex;De', 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0xc04c561a, &(0x7f00000000c0)) (async)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0xc04c561a, &(0x7f00000000c0))
syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r2) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r2)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
setfsgid(0xee00)
syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x300, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e77, 0x20000000, 0x94a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x300, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e77, 0x20000000, 0x94a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)

2.329135904s ago: executing program 1 (id=3300):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x14, 0x0, 0x0, &(0x7f0000000500)={0x0, 0x22, 0xfffffffffffffd54}, 0x0}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000080)="240000004e0025000307f4f9002304000a04f55f08000100020100020800038005000000", 0x24)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x14, &(0x7f00000000c0)={0x40, 0x2, 0x25, {0x25, 0x9, "96eb3f194cf05b374929daae222019c18858a1c8c2c7c6ae9d9af1f906302f5553fc22"}}, &(0x7f0000000140)={0x0, 0x3, 0xeb, @string={0xeb, 0x3, "95dd6bf16af30f42c20cb97eab3e8c820cd1a961d52066129091a6cae67e15e336e4b3067fb1aa4acb0ce1ec401f109162e395b25e96648dc3ed4954c3459d4d129b95ff02b7c81b076a430200c88c7225fdbc93bead30be2997a86817edb6902fc0d78059db629deea243f917145bbacd2d9bebdd50a937e344a190fa5040a3bed9de7d0dccee5b677123b3c2820aaf4909a56087d944c88dc4fecda28a6c5af4d2b9a21d6efd7d1cd4e45f17c981146071668f5925466e474a34b263780e3520aa5e86d96775ed8cf05ad5b3ed45501163f44a3a9334760d9a7cc9f75fd91b2e9bd329ad4ed5abeb"}}, &(0x7f0000000240), &(0x7f0000000280)={0x0, 0x21, 0x9, {0x9, 0x21, 0x31a7, 0x8, 0x1, {0x22, 0xa24}}}}, &(0x7f00000004c0)={0x18, &(0x7f0000000300)={0x40, 0xe, 0x38, "c12306c1f5d13488dcd4c9230f609dd9f05d1bd98754d7f369e7515c22a839841b3d571c644cf5589501627181714f8362137b7e12c4665a"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0xd4}, &(0x7f00000003c0)={0x20, 0x1, 0xab, "c68b7a5773f172aad9c5bf658b2d6e34cd202ff2a518055c7b72cec3423419a7caef33d295bcdba0c34095909c9cd7e5d602f42aad76bdbdf06cc1bfb440ea32df535567e12ca471172d5efa3e8e1d0f9f43a56c9e7e4a21712f5652ee49cbb5c79e9dc94f525904d0b9235dccb64c03463c7d4854c40807d8579749b9fbfc83f8ca13f1dc639a6d6873f848b15a5cebc05c5292d192d9ea738ed60707561681081453baea4716c7665729"}, &(0x7f0000000480)={0x20, 0x3, 0x1, 0x34}})
r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGPHYS(r2, 0x80404812, &(0x7f0000000100))

2.110485224s ago: executing program 0 (id=3301):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, r1, 0x0, 0x3}}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x20)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0xc0189436, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001b00)=@gettclass={0x24, 0x2a, 0x1, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf, 0x9}, {0xb, 0xd}, {0xfff3, 0x9}}, ["", "", "", "", "", "", ""]}, 0x61}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000180)=<r4=>0x0)
syz_open_procfs(r4, &(0x7f00000001c0)='fdinfo/3\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8}, @TCA_MPLS_TTL={0x5, 0x7, 0x8}, @TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x2}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, 0x0, 0x8001)

2.018341676s ago: executing program 4 (id=3302):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x9}}}, 0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCCONS(r4, 0x541d)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r3, 0x100)
syz_emit_ethernet(0x4e, &(0x7f0000001600)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x1, {[@mptcp=@ack={0x1e, 0x4}]}}}}}}}}, 0x0)

2.000381855s ago: executing program 2 (id=3303):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4008840)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000001c0), 0x0)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)

1.242440493s ago: executing program 0 (id=3304):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYRES64=r2, @ANYRES32=r1, @ANYBLOB="0000000000000000bf91000000000000b7020000000000008500000085eaffffb60000000000000095a9380000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000400)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x0, 0x2}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
dup3(r5, r4, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xe)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x200000000000000)
syz_io_uring_setup(0x88f, &(0x7f0000000340)={0x0, 0xaee4, 0x400, 0x1, 0xbfdffffc}, &(0x7f0000000000)=<r7=>0x0, 0x0)
syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000, 0x1})
listen(0xffffffffffffffff, 0xfffffff7)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000080)={0x8000, 0x0, 0x0, 0x1, 0x0, "000100"})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
openat$pfkey(0xffffff9c, 0x0, 0x14000, 0x0)
unshare(0x6e060000)
r8 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030000000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r8, 0x50009402, 0x0)

1.135460137s ago: executing program 2 (id=3305):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0xcf)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x44, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010100}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @remote}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x4, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x1000, 0x2, {0x2, @sliced={0x0, [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1001]}}})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8000, 0x2)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f0000000180)={0x101ff, 0x0, &(0x7f00008aa000/0x4000)=nil})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_open_procfs(0x0, 0x0)
r5 = openat$cdrom(0xffffff9c, &(0x7f0000000240), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
ioctl$DVD_WRITE_STRUCT(r5, 0x5390, &(0x7f00000002c0)=@disckey={0x2, 0x1, "d9e48ef872305b67276fea35bb8b52148b1ea14dd777c80747e654f9358d4b9709d1419114bd7d6cb9f81422857321090fcaed8d178ce24d906a44e47c6fc50fddabf393d4eaabeaf211702064a6730f6eee8a72d6277c3f8b2d3375738cce61c49012eeb2893561f1832e4fde4cd5d6dbd72f361634a66a984e968c7ce32eae81bf239792b70096785f1f5ba0ccfd62626bb604049cd46864f6b5c1e9293d501b580048a9f4bf02d4d440df10daafac307b969394e41a2abaa753f78712f1af062d3a8d79f7399d43cf18bd382239d6e114eca35b4fe18a41d760d55ab903f2b97c6fd5f1859f891d1a4003532fe3624d7237f088299f3ac95667a609eb9583830d1dd6d3ba003e67e33d3ebf77d34b9e637facc96cb5baa6e397b0b714e0c288638146f2dc8feb1eb26fac3074f1ddb780dbe897f2339ea6a4381308116cf4b713752a78eb629e39a941b684c62365336dac46ad392497ce98e26327eabc54ffc7b1db5bb882b584296c985d9bf6f7d1dae47b5f02800c5505fff990a090a49632501800d69b80bfc65f2e19afc51971fe5eaa6dcfb6e2668514b7b16140ae9a2f0024bea692c142076965468d02523664c90564b3a5df89b8f9509616ab7c268f5890583123c90614b84f98911ebf85174d131344cf06d199cacfe71cf63a0a0ebdea7729151a134e6e1ebc43c4661e22251b318abbb6408cee6d83838784108ced4ccee2a462315a7fa19dfa0e308f2c73e5774d96c411b23f27a65db2b02bd3cbab5becb4e62a55df6bf70bc3a412a51f3ba7567287f1eac5cb53d573b67e02189c3b7da0d03e01a918a9db940deb7fd6349a047f6d53e5d8efa963b6fd4ac2661f7709a14b06b9cd9eee79fe4873a114885323c0c99cd922a125a933ffc9136cf938dd6f39056a27806db1a99f6f84c068a4e3232beb04abdc9ddebfa3c56591339418baa9f4d7a5795e2471ae9c25a2d74c3ae51def757cddf114eec7e249537c8e9a149663b807d79c6bec875456c56ec4fe9bbc189da13432c7409f7fa8afe0cb13da4765f1f56b9ce47e58a6c112c1874b927a10c90f5748fa93dfbe1f6ace0ff08c908a806cfe473330b8ffa71f8130e90c5f0a845107b48fa9145dcab9eddcb1ead99329707749df3493c4187626fb3d76f5bd8b2a3924fafd7c20817a11c147df8fa132ee19fb3738c128b6f3a1c6dbb86a27a6a8b2033e5f181a0856aaee9b43e651912397667dae5560c96e2f8c2cdb472f9e6984b2cf3c86abf4e80765e30fdf7c0b8653161686eb7fa5fb03ec6c7b15de3e7e3091daa660b2e4ae385407815dd52cba2fa2c144f21072ac3f6cb9af8941d73acd631a7971754d03008fcef06a465b0eda79e70cc0a2c7c4b27e0ea76a9c62b198772d1083baa56ec645607f5b8277ccbae4f8e0b29dde531cb082f641cc7aa9a6cddc931888a7e5d167190dd4817a2e56e44b4dca448824cf82b5d0164883d10215f3af5647583778b254b31374c2d3ea99d24e2e2cabdecc31acb7bc735ef957933f193ea18202ee5010578a432ca9e77de9601c9e459dac9c7cfd201c8fa0719d82bb494d1502c2846b3de9c4a74745ac126eee448eeecef7855f549890b8c9f4182dda282b75ca1c4013069d0e0a608f76734f2ccb30905dd76a01c941d7da288acd05ee984136818c3dba168756270c26e892e08919493dd374d542ad1c639259be8eb5779124480d04b6430e7529466262ed138ad6542150988c4369fd3383ade7d5d30ec0fd90ed48acd5c4e31f4a21cc7f077a0d12a9688c6b5f2d546999a39ca5182f11e7346a2beb1972f307cb3e8b303e2a7e320c4d36fc4afe58206bd3122f139705b26a964c34ce505b6e6d027b03ac0dc7fc764e10cbb115f606b1da71ced7db8ba9e00cf31dae68c9953c1198c0ffb443893ae28a68545383f1e110c81f3c0914ad9d280c88a1888ee7a4cd3bbbf06d9732ab90ca476e16affcd45626ccb9fd7bcb7fe25ff37e090702a928acf2f29f5270079335d191c7482f5b8df394d0a6dcf1d73c670c34b85bd211604bf5bbe13a071239f66460be3a5a666b3e029a363408e480bac566664483e040af1f5824a61e5124553454ac9227f983e90de1fb923b37312f1498c9bd134a0a98677ace12ac690c0327ea53f574faf0817f64b6b262192bc662981a5df72bde96ac17c56e7ea1e4f46cc2543f572145b0017e3f270d00fdb77d5858d9d1087793b5f7d84a84c11101e89680e8d39b7e8535a81ad40c5df6a993437dd0daff918c0eac2af73b2cd74dc097570f9772cf2a2067e586aba247b70ce382a9673c2fdb0ca860d996626d3f550c728aa4db5423821327e54a865ea43e09420048ce2385537897caad77369fd25178619b41c3664e74f58da2815f1e79fd3bafc518bbaa92d96d53786ed55d839bd429f854cda9980bbea4be724f22bb0ba804e76cd55a839189042c8d44d553561e2f399b0e1ad74bceeec35e642bf3435f0d229d6cd215d9118bef13a233f8566fa3e59d171087ffbc059339a7c61aae417b019be28262097dfff0358e00080fb47df051e96d4b23a9e9b78ca69a377a377d86b98432c38b5494495e9889fbe7558c5d7eef4d66c4b7d5da720abdd6ad799f33f468fe8cafb62d7e75e96208c197e7697e9b37a43dbe122ca657c366338b5edbd5fd00684be51792f8d944020b3ba3143b4f5eeea4ad13432daea10da567e0f8a65757d090da245c98972a55540048b12240f15c2e0341abb96b534d3b1b0e9dacda836602b77fc7850cc872cd802c91d6e0dbe79bed1bf0a17b5dfe0c2abccec590889a05a3f04f4f3d9791d1baa4d83d92a113810d54830eed38545c5d21d96247000d769d3ef6569436bcba8b8e69b09000a3"})

1.104518341s ago: executing program 4 (id=3306):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYBLOB, @ANYRES16, @ANYRESOCT], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x67, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_genetlink_get_family_id$l2tp(0x0, r3)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x20000041)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)

832.769044ms ago: executing program 2 (id=3307):
socket$alg(0x26, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x9, 0x0, 0x0, 0x40, 0x4, {0x5, 0x4, 0x2, 0x1, 0x4, 0x67, 0x5, 0x5, 0x67, 0x598f, @local, @local}}}}}}, 0x0)
socket$inet6_sctp(0xa, 0x2, 0x84)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000580), 0x1, 0x100)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000080)=0xffffbf7f)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2, 0x3032, 0xffffffffffffffff, 0xc51e000)
mmap(&(0x7f0000539000/0x1000)=nil, 0x1000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
msync(&(0x7f0000539000/0x4000)=nil, 0x4000, 0x4)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r2, 0xfffffffc)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000019100)='net/rt_acct\x00')
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000d40), 0x2, 0x0)
write$apparmor_current(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="6368616e67ffffffffffffff7f3030409ecd76303030303030303030303030315e9065d8f4be7437eae4a02d9b0743c9f2ca5252925d2a0bd84b1dfc339aa1fe0a178e470e144928453a9648fd180ce7ebf7bfbb510b770467ed09356d9c6cc74f04d69599f90b7e2644f27b8a84cda834526ba6473138657d9de75c8671f5671a73b0d6d1ce5177"], 0x1d)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

371.766195ms ago: executing program 0 (id=3308):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01040000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010067656e6576653000000000000000000048000000180a0101000b00000000000001000000e98154c60a695c860900020073797a30000000000900010073797a30000000001c0035e77ec5249b0380180003801400010067656e6576682c000000000000000000140000001000010000000000000000000000000a16b6ceb57507afa8d7e5b1d89e8e2aad155837e89e5fb53c67367669fb2b085196dfd721c9d2b2473922e9fc34beafd799f5b6358e99097c8e814406"], 0xe8}}, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000001600), 0x42fffffe)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x24fd, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r1, 0x2d3e, 0x8389, 0x13, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x1}, &(0x7f0000000700)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_gettime(r5, &(0x7f0000000080))
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0xffffffff, 0x0, 0x0, 0x200004, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
r6 = openat$rdma_cm(0xffffff9c, &(0x7f0000000140), 0x2, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000140)="f9", 0x1}], 0x1, 0x3, 0xd4bd)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r6, &(0x7f0000000300)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @private=0xa010100}, @in6={0xa, 0x4e21, 0x9, @mcast2, 0x2}}}, 0x118)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800})
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x100}, 0x1, 0x0, 0x0, 0x20000044}, 0x4000040)
socket$nl_netfilter(0x10, 0x3, 0xc)

0s ago: executing program 4 (id=3309):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) (fail_nth: 10)
ioctl$SNAPSHOT_FREE(r3, 0x3305)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)={0x28, r4, 0x10ada85e65c25349, 0x3, 0x0, {{0x67}, {@val={0x8}, @val={0xc}}}}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = socket(0x11, 0x3, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
accept4$nfc_llcp(r6, &(0x7f0000000300), &(0x7f0000000100)=0x58, 0x800)
setsockopt$inet_tcp_int(r3, 0x6, 0x9, &(0x7f0000000280)=0x4, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/tcp6\x00')
readv(r8, &(0x7f0000000480), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x1000000, {0x0, 0x0, 0x12, r7, {0x0, 0x300}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x0, 0x0, 0x0, 0xd645, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffff]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4, 0x3f}]}]}}]}, 0x9c}, 0x1, 0x7a00}, 0x4000000)

kernel console output (not intermixed with test programs):

ease socket
[  711.269031][ T1151] vhci_hcd: disconnect device
[  711.543458][T16331] team0: Port device bond0 removed
[  712.873286][   T40] audit: type=1804 audit(2000001208.153:97): pid=16351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2775" name="/newroot/380/file1" dev="fuse" ino=1 res=1 errno=0
[  712.884857][   T40] audit: type=1800 audit(2000001208.163:98): pid=16351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2775" name="/" dev="fuse" ino=1 res=0 errno=0
[  712.901495][   T40] audit: type=1800 audit(2000001208.163:99): pid=16351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2775" name="/" dev="fuse" ino=1 res=0 errno=0
[  713.053813][T16358] blktrace: Concurrent blktraces are not allowed on sg0
[  713.820693][ T5824] usb 9-1: new full-speed USB device number 8 using dummy_hcd
[  713.992262][ T5824] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  713.995681][ T5824] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  714.000050][ T5824] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  714.012207][ T5824] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.253686][ T5824] usb 9-1: usb_control_msg returned -32
[  714.255465][ T5824] usbtmc 9-1:16.0: can't read capabilities
[  715.104934][   T63] Bluetooth: hci4: command 0x0406 tx timeout
[  715.560123][T16394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2787'.
[  715.681592][T16399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2788'.
[  715.684031][T16399] netlink: 'syz.2.2788': attribute type 15 has an invalid length.
[  715.690756][T16399] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  715.692754][T16401] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  715.693616][T16399] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  715.695826][T16401] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  715.697127][T16401] vhci_hcd vhci_hcd.0: Device attached
[  715.698804][T16399] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  715.706078][T16399] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  715.707985][T16402] usbip_core: unknown command
[  715.709034][T16399] vxlan0: entered promiscuous mode
[  715.710401][T16402] vhci_hcd: unknown pdu 0
[  715.713503][T16402] usbip_core: unknown command
[  715.715544][T15545] vhci_hcd: stop threads
[  715.716919][T15545] vhci_hcd: release socket
[  715.718332][T15545] vhci_hcd: disconnect device
[  715.834947][T16408] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  715.836999][T16408] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  715.839916][T16408] vhci_hcd vhci_hcd.0: Device attached
[  715.845442][T16409] usbip_core: unknown command
[  715.846941][T16409] vhci_hcd: unknown pdu 0
[  715.848680][T16409] usbip_core: unknown command
[  715.850255][ T1151] vhci_hcd: stop threads
[  715.852713][ T1151] vhci_hcd: release socket
[  715.854213][ T1151] vhci_hcd: disconnect device
[  717.544285][   T29] usb 9-1: USB disconnect, device number 8
[  717.904610][T16406] team0: Port device bond0 removed
[  718.284060][T16417] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  718.286099][T16417] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  718.288917][T16417] vhci_hcd vhci_hcd.0: Device attached
[  718.333936][T16418] vhci_hcd: connection closed
[  718.334332][T15545] vhci_hcd: stop threads
[  718.337181][T15545] vhci_hcd: release socket
[  718.340542][T15545] vhci_hcd: disconnect device
[  718.393698][T16422] tmpfs: Unknown parameter '8'Iù‚+æüjk·'
[  718.421406][T16412] team0: Port device bond0 removed
[  719.601217][T15129] usb 7-1: new full-speed USB device number 20 using dummy_hcd
[  720.234495][T15129] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  720.237575][T15129] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  720.268928][T15129] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  720.271750][T15129] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.366718][T16448] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  720.368783][T16448] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  720.371937][T16448] vhci_hcd vhci_hcd.0: Device attached
[  720.380935][T16449] usbip_core: unknown command
[  720.382615][T16449] vhci_hcd: unknown pdu 0
[  720.384038][T16449] usbip_core: unknown command
[  720.385844][T15545] vhci_hcd: stop threads
[  720.387244][T15545] vhci_hcd: release socket
[  720.388687][T15545] vhci_hcd: disconnect device
[  720.479260][T15129] usb 7-1: usb_control_msg returned -32
[  720.481054][T15129] usbtmc 7-1:16.0: can't read capabilities
[  720.773247][T16456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2805'.
[  720.776939][T16456] netlink: 'syz.4.2805': attribute type 15 has an invalid length.
[  720.874761][   T40] audit: type=1326 audit(2000001216.551:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16454 comm="syz.4.2805" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  722.173179][ T5824] usb 7-1: USB disconnect, device number 20
[  722.641978][T16475] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  722.644686][T16475] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  722.649075][T16475] vhci_hcd vhci_hcd.0: Device attached
[  722.657383][T16476] usbip_core: unknown command
[  722.659442][T16476] vhci_hcd: unknown pdu 0
[  722.661345][T16476] usbip_core: unknown command
[  722.663847][T13357] vhci_hcd: stop threads
[  722.665676][T13357] vhci_hcd: release socket
[  722.715500][T13357] vhci_hcd: disconnect device
[  723.281805][T16484] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2812'.
[  724.398973][T16499] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2814'.
[  724.852522][   T63] Bluetooth: hci2: command 0x0406 tx timeout
[  725.214518][   T40] audit: type=1804 audit(2000001221.107:101): pid=16504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2816" name="/newroot/391/file1" dev="fuse" ino=1 res=1 errno=0
[  725.226006][   T40] audit: type=1800 audit(2000001221.107:102): pid=16504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2816" name="/" dev="fuse" ino=1 res=0 errno=0
[  725.234222][   T40] audit: type=1800 audit(2000001221.107:103): pid=16504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2816" name="/" dev="fuse" ino=1 res=0 errno=0
[  725.529077][T16510] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  725.531384][T16510] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  725.536554][T16510] vhci_hcd vhci_hcd.0: Device attached
[  725.546763][T16512] usbip_core: unknown command
[  725.548343][T16512] vhci_hcd: unknown pdu 0
[  725.549736][T16512] usbip_core: unknown command
[  725.562543][T13357] vhci_hcd: stop threads
[  725.567809][T13357] vhci_hcd: release socket
[  725.569836][T13357] vhci_hcd: disconnect device
[  726.658417][T16517] FAULT_INJECTION: forcing a failure.
[  726.658417][T16517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  726.664312][T16517] CPU: 2 UID: 0 PID: 16517 Comm: syz.4.2820 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  726.664327][T16517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  726.664334][T16517] Call Trace:
[  726.664338][T16517]  <TASK>
[  726.664342][T16517]  dump_stack_lvl+0x16c/0x1f0
[  726.664357][T16517]  should_fail_ex+0x512/0x640
[  726.664370][T16517]  _copy_from_user+0x2e/0xd0
[  726.664383][T16517]  move_addr_to_kernel+0x65/0x170
[  726.664399][T16517]  __sys_connect+0xb1/0x160
[  726.664414][T16517]  ? __pfx___sys_connect+0x10/0x10
[  726.664428][T16517]  ? handle_mm_fault+0x250/0xd10
[  726.664448][T16517]  ? __pfx_ksys_write+0x10/0x10
[  726.664462][T16517]  __ia32_sys_connect+0x71/0xb0
[  726.664484][T16517]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  726.664499][T16517]  __do_fast_syscall_32+0x7c/0x3a0
[  726.664516][T16517]  do_fast_syscall_32+0x32/0x80
[  726.664532][T16517]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  726.664553][T16517] RIP: 0023:0xf7fd8579
[  726.664567][T16517] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  726.664582][T16517] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  726.664597][T16517] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000040
[  726.664608][T16517] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
[  726.664618][T16517] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  726.664628][T16517] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  726.664638][T16517] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  726.664684][T16517]  </TASK>
[  727.748126][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  727.756929][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  728.039472][T16529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2819'.
[  729.303137][T16553] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2827'.
[  729.359601][T16554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2828'.
[  730.548096][T16567] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  730.550734][T16567] syzkaller0: entered promiscuous mode
[  730.552510][T16567] syzkaller0: entered allmulticast mode
[  730.565553][T16567] tipc: Resetting bearer <eth:syzkaller0>
[  730.568572][T16566] tipc: Resetting bearer <eth:syzkaller0>
[  730.575243][T16566] tipc: Disabling bearer <eth:syzkaller0>
[  730.707836][T11024] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  730.777712][T16572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2831'.
[  730.854509][T11024] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  730.857779][T11024] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  730.862296][T11024] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  730.865852][T11024] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.070601][T11024] usb 6-1: usb_control_msg returned -32
[  731.073925][T11024] usbtmc 6-1:16.0: can't read capabilities
[  731.326274][T16579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2835'.
[  731.329684][T16579] netlink: 'syz.0.2835': attribute type 15 has an invalid length.
[  731.395311][   T40] audit: type=1326 audit(2000001227.606:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16577 comm="syz.0.2835" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  731.459046][ T1138] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  732.171813][T16588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2837'.
[  732.274754][T16593] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2838'.
[  732.278474][T16593] netlink: 'syz.2.2838': attribute type 15 has an invalid length.
[  732.662039][   T40] audit: type=1326 audit(2000001228.928:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16589 comm="syz.2.2838" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x0
[  733.202031][T16606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2841'.
[  733.336446][   T24] usb 6-1: USB disconnect, device number 6
[  733.944544][T16616] overlayfs: failed to resolve './file1': -2
[  734.306849][   T40] audit: type=1804 audit(2000001230.650:106): pid=16624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2847" name="/newroot/84/file1" dev="fuse" ino=1 res=1 errno=0
[  734.309255][T16628] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2848'.
[  734.318384][   T40] audit: type=1800 audit(2000001230.661:107): pid=16624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2847" name="/" dev="fuse" ino=1 res=0 errno=0
[  734.326395][   T40] audit: type=1800 audit(2000001230.661:108): pid=16624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2847" name="/" dev="fuse" ino=1 res=0 errno=0
[  734.328041][T16628] netlink: 'syz.4.2848': attribute type 15 has an invalid length.
[  734.404270][   T40] audit: type=1326 audit(2000001230.755:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16625 comm="syz.4.2848" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  734.653157][T16635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2850'.
[  734.656474][T16635] netlink: 'syz.2.2850': attribute type 15 has an invalid length.
[  734.773429][T16639] syz_tun: entered allmulticast mode
[  734.778120][T16639] syz_tun: left allmulticast mode
[  734.781864][T16639] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2851'.
[  734.808687][   T40] audit: type=1326 audit(2000001231.186:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16631 comm="syz.2.2850" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x0
[  734.998647][T16642] net_ratelimit: 11 callbacks suppressed
[  734.998659][T16642] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  735.852406][T16656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2855'.
[  735.864131][T16656] netlink: 'syz.2.2855': attribute type 15 has an invalid length.
[  736.019702][   T40] audit: type=1326 audit(2000001232.445:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.2855" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x0
[  736.131222][T16654] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2849'.
[  736.659010][T16667] FAULT_INJECTION: forcing a failure.
[  736.659010][T16667] name failslab, interval 1, probability 0, space 0, times 0
[  736.663430][T16667] CPU: 2 UID: 0 PID: 16667 Comm: syz.4.2859 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  736.663452][T16667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.663462][T16667] Call Trace:
[  736.663468][T16667]  <TASK>
[  736.663475][T16667]  dump_stack_lvl+0x16c/0x1f0
[  736.663496][T16667]  should_fail_ex+0x512/0x640
[  736.663512][T16667]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  736.663539][T16667]  should_failslab+0xc2/0x120
[  736.663558][T16667]  __kmalloc_cache_noprof+0x6a/0x3e0
[  736.663581][T16667]  ? __genradix_ptr_alloc+0x340/0x5f0
[  736.663599][T16667]  ? sctp_auth_shkey_create+0x9e/0x210
[  736.663622][T16667]  sctp_auth_shkey_create+0x9e/0x210
[  736.663641][T16667]  sctp_auth_asoc_copy_shkeys+0x1f2/0x360
[  736.663665][T16667]  sctp_association_new+0x19ad/0x2a00
[  736.663691][T16667]  sctp_connect_new_asoc+0x1b6/0x790
[  736.663718][T16667]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  736.663745][T16667]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  736.663770][T16667]  sctp_sendmsg+0x15f9/0x1ee0
[  736.663793][T16667]  ? __pfx_sctp_sendmsg+0x10/0x10
[  736.663808][T16667]  ? __pfx___might_resched+0x10/0x10
[  736.663824][T16667]  ? __might_fault+0xe3/0x190
[  736.663836][T16667]  ? __pfx_aa_sk_perm+0x10/0x10
[  736.663854][T16667]  ? __pfx_sctp_sendmsg+0x10/0x10
[  736.663868][T16667]  inet_sendmsg+0x11c/0x140
[  736.663885][T16667]  __sys_sendto+0x43c/0x520
[  736.663902][T16667]  ? __pfx___sys_sendto+0x10/0x10
[  736.663930][T16667]  ? ksys_write+0x1ac/0x250
[  736.663940][T16667]  ? __pfx_ksys_write+0x10/0x10
[  736.663951][T16667]  __ia32_sys_sendto+0xdd/0x1b0
[  736.663967][T16667]  ? lockdep_hardirqs_on+0x7c/0x110
[  736.663977][T16667]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  736.663988][T16667]  __do_fast_syscall_32+0x7c/0x3a0
[  736.664000][T16667]  do_fast_syscall_32+0x32/0x80
[  736.664011][T16667]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.664024][T16667] RIP: 0023:0xf7fd8579
[  736.664033][T16667] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.664043][T16667] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  736.664053][T16667] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  736.664059][T16667] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000080000200
[  736.664066][T16667] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  736.664072][T16667] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  736.664078][T16667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.664095][T16667]  </TASK>
[  736.780345][T16671] FAULT_INJECTION: forcing a failure.
[  736.780345][T16671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.784397][T16671] CPU: 3 UID: 0 PID: 16671 Comm: syz.4.2861 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  736.784411][T16671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.784418][T16671] Call Trace:
[  736.784422][T16671]  <TASK>
[  736.784427][T16671]  dump_stack_lvl+0x16c/0x1f0
[  736.784441][T16671]  should_fail_ex+0x512/0x640
[  736.784454][T16671]  _copy_to_user+0x32/0xd0
[  736.784474][T16671]  simple_read_from_buffer+0xcb/0x170
[  736.784491][T16671]  proc_fail_nth_read+0x197/0x270
[  736.784506][T16671]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.784521][T16671]  ? rw_verify_area+0xcf/0x680
[  736.784536][T16671]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.784550][T16671]  vfs_read+0x1e4/0xc60
[  736.784560][T16671]  ? fdget_pos+0x2a2/0x370
[  736.784587][T16671]  ? __pfx_vfs_read+0x10/0x10
[  736.784596][T16671]  ? find_held_lock+0x2b/0x80
[  736.784612][T16671]  ? __fget_files+0x20e/0x3c0
[  736.784626][T16671]  ? handle_mm_fault+0x250/0xd10
[  736.784646][T16671]  ksys_read+0x12a/0x250
[  736.784655][T16671]  ? __pfx_ksys_read+0x10/0x10
[  736.784666][T16671]  ? rcu_is_watching+0x12/0xc0
[  736.784679][T16671]  __do_fast_syscall_32+0x7c/0x3a0
[  736.784692][T16671]  do_fast_syscall_32+0x32/0x80
[  736.784703][T16671]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.784716][T16671] RIP: 0023:0xf7fd8579
[  736.784724][T16671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.784735][T16671] RSP: 002b:00000000f50f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  736.784745][T16671] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50f6620
[  736.784752][T16671] RDX: 000000000000000f RSI: 00000000f7464ff4 RDI: 0000000000000000
[  736.784758][T16671] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  736.784764][T16671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  736.784770][T16671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.784783][T16671]  </TASK>
[  736.860232][T16674] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  736.998542][T16683] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2864'.
[  737.001485][T16683] netlink: 'syz.4.2864': attribute type 15 has an invalid length.
[  737.011828][T16684] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2866'.
[  737.015746][T16684] netlink: 'syz.1.2866': attribute type 15 has an invalid length.
[  737.136166][   T40] audit: type=1326 audit(2000001233.621:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16681 comm="syz.1.2866" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  737.281225][   T40] audit: type=1326 audit(2000001233.779:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16679 comm="syz.4.2864" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  737.295541][T16688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2865'.
[  738.890570][T16702] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2870'.
[  738.978678][T16702] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2870'.
[  739.155099][T16711] FAULT_INJECTION: forcing a failure.
[  739.155099][T16711] name failslab, interval 1, probability 0, space 0, times 0
[  739.160609][T16711] CPU: 0 UID: 0 PID: 16711 Comm: syz.1.2872 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  739.160633][T16711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  739.160644][T16711] Call Trace:
[  739.160651][T16711]  <TASK>
[  739.160659][T16711]  dump_stack_lvl+0x16c/0x1f0
[  739.160681][T16711]  should_fail_ex+0x512/0x640
[  739.160699][T16711]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  739.160721][T16711]  should_failslab+0xc2/0x120
[  739.160742][T16711]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  739.160761][T16711]  ? __d_alloc+0x31/0xaa0
[  739.160793][T16711]  __d_alloc+0x31/0xaa0
[  739.160810][T16711]  ? trace_kmem_cache_alloc+0x28/0xc0
[  739.160835][T16711]  d_alloc_pseudo+0x1c/0xc0
[  739.160856][T16711]  alloc_file_pseudo+0xcf/0x230
[  739.160881][T16711]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  739.160912][T16711]  sock_alloc_file+0x50/0x210
[  739.160935][T16711]  do_accept+0x240/0x530
[  739.160960][T16711]  ? rcu_read_unlock+0x17/0x60
[  739.160982][T16711]  ? __pfx_do_accept+0x10/0x10
[  739.161027][T16711]  io_accept+0x415/0x950
[  739.161051][T16711]  ? __pfx_io_accept+0x10/0x10
[  739.161077][T16711]  __io_issue_sqe+0xe8/0x7c0
[  739.161102][T16711]  io_issue_sqe+0x86/0xe50
[  739.161130][T16711]  io_submit_sqes+0x92d/0x2580
[  739.161174][T16711]  __do_sys_io_uring_enter+0xd6a/0x1630
[  739.161205][T16711]  ? __fget_files+0x20e/0x3c0
[  739.161230][T16711]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  739.161260][T16711]  ? fput+0x70/0xf0
[  739.161280][T16711]  ? ksys_write+0x1ac/0x250
[  739.161296][T16711]  ? __pfx_ksys_write+0x10/0x10
[  739.161314][T16711]  ? rcu_is_watching+0x12/0xc0
[  739.161338][T16711]  __do_fast_syscall_32+0x7c/0x3a0
[  739.161359][T16711]  do_fast_syscall_32+0x32/0x80
[  739.161378][T16711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  739.161399][T16711] RIP: 0023:0xf7f25579
[  739.161413][T16711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  739.161429][T16711] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  739.161446][T16711] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000047bc
[  739.161457][T16711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  739.161466][T16711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  739.161476][T16711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  739.161486][T16711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  739.161510][T16711]  </TASK>
[  739.597758][T16720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2876'.
[  739.690930][T16723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2875'.
[  739.781789][T16726] overlayfs: failed to resolve './file1': -2
[  739.930475][T16731] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2878'.
[  739.933358][T16731] netlink: 'syz.0.2878': attribute type 15 has an invalid length.
[  740.099026][T16737] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2879'.
[  740.141534][   T40] audit: type=1326 audit(2000001236.781:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16727 comm="syz.0.2878" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  742.390317][T16784] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2892'.
[  742.775769][T16793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2893'.
[  742.809392][T16791] blktrace: Concurrent blktraces are not allowed on sg0
[  743.667892][T16810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2898'.
[  743.668586][T16809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2899'.
[  743.670695][T16810] netlink: 'syz.2.2898': attribute type 15 has an invalid length.
[  743.674645][T16809] netlink: 'syz.1.2899': attribute type 15 has an invalid length.
[  743.757796][T16813] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2901'.
[  743.767010][T16813] tipc: Started in network mode
[  743.771334][T16813] tipc: Node identity ac14140f, cluster identity 4711
[  743.774439][T16813] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  743.802335][   T40] audit: type=1326 audit(2000001240.623:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.1.2899" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  744.034056][   T40] audit: type=1326 audit(2000001240.865:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16805 comm="syz.2.2898" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x0
[  744.800401][T16826] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  744.802580][T16826] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  744.805827][T16826] vhci_hcd vhci_hcd.0: Device attached
[  744.806680][T16830] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  744.809633][T16830] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  744.810779][T16828] usbip_core: unknown command
[  744.814065][T16828] vhci_hcd: unknown pdu 0
[  744.815014][T16830] vhci_hcd vhci_hcd.0: Device attached
[  744.816404][T16828] usbip_core: unknown command
[  744.821918][ T1138] vhci_hcd: stop threads
[  744.823501][ T1138] vhci_hcd: release socket
[  744.825168][ T1138] vhci_hcd: disconnect device
[  744.852241][T16831] usbip_core: unknown command
[  744.854801][T16831] vhci_hcd: unknown pdu 0
[  744.856700][T16831] usbip_core: unknown command
[  744.858837][ T1151] vhci_hcd: stop threads
[  744.861994][ T1151] vhci_hcd: release socket
[  744.873030][ T1151] vhci_hcd: disconnect device
[  744.911178][T16833] team0: Port device bond0 removed
[  745.152077][T16837] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  745.154076][T16837] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  745.170120][T16837] vhci_hcd vhci_hcd.0: Device attached
[  745.331382][T16838] usbip_core: unknown command
[  745.340737][T16838] vhci_hcd: unknown pdu 0
[  745.342750][T16838] usbip_core: unknown command
[  745.387499][T15129] usb 41-1: new high-speed USB device number 30 using vhci_hcd
[  745.392956][   T59] vhci_hcd: stop threads
[  745.463020][   T59] vhci_hcd: release socket
[  745.553079][   T59] vhci_hcd: disconnect device
[  748.084294][T16850] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2908'.
[  748.196061][T16858] FAULT_INJECTION: forcing a failure.
[  748.196061][T16858] name failslab, interval 1, probability 0, space 0, times 0
[  748.200251][T16858] CPU: 2 UID: 0 PID: 16858 Comm: syz.0.2912 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  748.200265][T16858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  748.200272][T16858] Call Trace:
[  748.200276][T16858]  <TASK>
[  748.200281][T16858]  dump_stack_lvl+0x16c/0x1f0
[  748.200296][T16858]  should_fail_ex+0x512/0x640
[  748.200307][T16858]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  748.200326][T16858]  should_failslab+0xc2/0x120
[  748.200343][T16858]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  748.200358][T16858]  ? __alloc_skb+0x2b2/0x380
[  748.200380][T16858]  __alloc_skb+0x2b2/0x380
[  748.200397][T16858]  ? __pfx___alloc_skb+0x10/0x10
[  748.200410][T16858]  ? __pfx___mutex_trylock_common+0x10/0x10
[  748.200429][T16858]  ? rcu_is_watching+0x12/0xc0
[  748.200442][T16858]  netlink_dump+0x192/0xd00
[  748.200454][T16858]  ? __rhashtable_lookup.constprop.0+0x3a5/0x760
[  748.200493][T16858]  ? __pfx_netlink_dump+0x10/0x10
[  748.200516][T16858]  __netlink_dump_start+0x6d6/0x990
[  748.200530][T16858]  ? __pfx_tc_dump_tfilter+0x10/0x10
[  748.200543][T16858]  rtnetlink_rcv_msg+0xb3e/0xe90
[  748.200555][T16858]  ? __pfx_tc_dump_tfilter+0x10/0x10
[  748.200568][T16858]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  748.200580][T16858]  ? __pfx_rtnl_dumpit+0x10/0x10
[  748.200594][T16858]  ? __pfx_tc_dump_tfilter+0x10/0x10
[  748.200608][T16858]  ? ref_tracker_free+0x37c/0x830
[  748.200621][T16858]  netlink_rcv_skb+0x155/0x420
[  748.200634][T16858]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  748.200653][T16858]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  748.200670][T16858]  ? netlink_deliver_tap+0x1ae/0xd30
[  748.200684][T16858]  netlink_unicast+0x58d/0x850
[  748.200698][T16858]  ? __pfx_netlink_unicast+0x10/0x10
[  748.200714][T16858]  netlink_sendmsg+0x8d1/0xdd0
[  748.200729][T16858]  ? __pfx_netlink_sendmsg+0x10/0x10
[  748.200742][T16858]  ? __import_iovec+0x1dd/0x650
[  748.200757][T16858]  ____sys_sendmsg+0xa98/0xc70
[  748.200770][T16858]  ? gfs2_fileattr_set+0x690/0xae0
[  748.200783][T16858]  ? __pfx_____sys_sendmsg+0x10/0x10
[  748.200796][T16858]  ? get_compat_msghdr+0x11a/0x170
[  748.200814][T16858]  ___sys_sendmsg+0x134/0x1d0
[  748.200825][T16858]  ? __pfx____sys_sendmsg+0x10/0x10
[  748.200842][T16858]  ? find_held_lock+0x2b/0x80
[  748.200861][T16858]  __sys_sendmsg+0x16d/0x220
[  748.200872][T16858]  ? __pfx___sys_sendmsg+0x10/0x10
[  748.200891][T16858]  ? rcu_is_watching+0x12/0xc0
[  748.200903][T16858]  __do_fast_syscall_32+0x7c/0x3a0
[  748.200915][T16858]  do_fast_syscall_32+0x32/0x80
[  748.200926][T16858]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  748.200939][T16858] RIP: 0023:0xf711e579
[  748.200948][T16858] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  748.200958][T16858] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  748.200974][T16858] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000180
[  748.200984][T16858] RDX: 0000000004041080 RSI: 0000000000000000 RDI: 0000000000000000
[  748.200996][T16858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  748.201007][T16858] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  748.201018][T16858] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  748.201041][T16858]  </TASK>
[  748.471106][T16866] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2914'.
[  748.477857][T16866] netlink: 'syz.0.2914': attribute type 15 has an invalid length.
[  748.556311][   T40] audit: type=1326 audit(2000001245.610:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16862 comm="syz.0.2914" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  749.380766][T16879] FAULT_INJECTION: forcing a failure.
[  749.380766][T16879] name failslab, interval 1, probability 0, space 0, times 0
[  749.384802][T16879] CPU: 3 UID: 0 PID: 16879 Comm: syz.1.2920 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  749.384826][T16879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  749.384838][T16879] Call Trace:
[  749.384845][T16879]  <TASK>
[  749.384851][T16879]  dump_stack_lvl+0x16c/0x1f0
[  749.384874][T16879]  should_fail_ex+0x512/0x640
[  749.384892][T16879]  ? __kmalloc_noprof+0xbf/0x510
[  749.384918][T16879]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  749.384943][T16879]  should_failslab+0xc2/0x120
[  749.384963][T16879]  __kmalloc_noprof+0xd2/0x510
[  749.384981][T16879]  ? kmem_cache_free+0x2d1/0x4d0
[  749.385001][T16879]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  749.385030][T16879]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  749.385056][T16879]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  749.385081][T16879]  ? trace_cap_capable+0x18d/0x200
[  749.385108][T16879]  ? bpf_lsm_capable+0x9/0x10
[  749.385131][T16879]  ? security_capable+0x7e/0x260
[  749.385154][T16879]  ? ns_capable+0xd7/0x110
[  749.385175][T16879]  genl_rcv_msg+0x55c/0x800
[  749.385202][T16879]  ? __pfx_genl_rcv_msg+0x10/0x10
[  749.385225][T16879]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  749.385241][T16879]  ? __pfx_nl80211_set_interface+0x10/0x10
[  749.385260][T16879]  ? __pfx_nl80211_post_doit+0x10/0x10
[  749.385287][T16879]  netlink_rcv_skb+0x155/0x420
[  749.385307][T16879]  ? __pfx_genl_rcv_msg+0x10/0x10
[  749.385331][T16879]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  749.385360][T16879]  ? netlink_deliver_tap+0x1ae/0xd30
[  749.385384][T16879]  genl_rcv+0x28/0x40
[  749.385404][T16879]  netlink_unicast+0x58d/0x850
[  749.385428][T16879]  ? __pfx_netlink_unicast+0x10/0x10
[  749.385456][T16879]  netlink_sendmsg+0x8d1/0xdd0
[  749.385480][T16879]  ? __pfx_netlink_sendmsg+0x10/0x10
[  749.385511][T16879]  ? __import_iovec+0x1dd/0x650
[  749.385538][T16879]  ____sys_sendmsg+0xa98/0xc70
[  749.385564][T16879]  ? __pfx_____sys_sendmsg+0x10/0x10
[  749.385585][T16879]  ? get_compat_msghdr+0x11a/0x170
[  749.385618][T16879]  ___sys_sendmsg+0x134/0x1d0
[  749.385639][T16879]  ? __pfx____sys_sendmsg+0x10/0x10
[  749.385672][T16879]  ? find_held_lock+0x2b/0x80
[  749.385711][T16879]  __sys_sendmsg+0x16d/0x220
[  749.385731][T16879]  ? __pfx___sys_sendmsg+0x10/0x10
[  749.385764][T16879]  ? rcu_is_watching+0x12/0xc0
[  749.385788][T16879]  __do_fast_syscall_32+0x7c/0x3a0
[  749.385810][T16879]  do_fast_syscall_32+0x32/0x80
[  749.385828][T16879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  749.385850][T16879] RIP: 0023:0xf7f25579
[  749.385864][T16879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  749.385881][T16879] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  749.385898][T16879] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  749.385915][T16879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  749.385925][T16879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  749.385936][T16879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  749.385946][T16879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  749.385970][T16879]  </TASK>
[  749.614908][T16888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2916'.
[  750.293132][T15129] vhci_hcd: vhci_device speed not set
[  750.811744][T16905] netlink: 120 bytes leftover after parsing attributes in process `syz.1.2924'.
[  751.457456][T16912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2927'.
[  751.460783][T16912] netlink: 'syz.1.2927': attribute type 15 has an invalid length.
[  751.548905][   T40] audit: type=1326 audit(2000001248.749:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16910 comm="syz.1.2927" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  752.359448][T16928] FAULT_INJECTION: forcing a failure.
[  752.359448][T16928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  752.364029][T16928] CPU: 1 UID: 0 PID: 16928 Comm: syz.1.2933 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  752.364044][T16928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  752.364051][T16928] Call Trace:
[  752.364055][T16928]  <TASK>
[  752.364059][T16928]  dump_stack_lvl+0x16c/0x1f0
[  752.364074][T16928]  should_fail_ex+0x512/0x640
[  752.364088][T16928]  _copy_from_user+0x2e/0xd0
[  752.364100][T16928]  get_compat_msghdr+0xa7/0x170
[  752.364112][T16928]  ? __pfx_get_compat_msghdr+0x10/0x10
[  752.364124][T16928]  ? __pfx__kstrtoull+0x10/0x10
[  752.364141][T16928]  ___sys_sendmsg+0x1ae/0x1d0
[  752.364153][T16928]  ? __pfx____sys_sendmsg+0x10/0x10
[  752.364163][T16928]  ? __lock_acquire+0x622/0x1c90
[  752.364190][T16928]  ? __pfx___might_resched+0x10/0x10
[  752.364204][T16928]  __sys_sendmmsg+0x2f9/0x420
[  752.364217][T16928]  ? __pfx___sys_sendmmsg+0x10/0x10
[  752.364232][T16928]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  752.364249][T16928]  ? fput+0x70/0xf0
[  752.364261][T16928]  ? ksys_write+0x1ac/0x250
[  752.364271][T16928]  ? __pfx_ksys_write+0x10/0x10
[  752.364283][T16928]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  752.364295][T16928]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  752.364306][T16928]  __do_fast_syscall_32+0x7c/0x3a0
[  752.364319][T16928]  do_fast_syscall_32+0x32/0x80
[  752.364329][T16928]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  752.364343][T16928] RIP: 0023:0xf7f25579
[  752.364351][T16928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  752.364362][T16928] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  752.364372][T16928] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800020c0
[  752.364378][T16928] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000000
[  752.364385][T16928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  752.364391][T16928] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  752.364397][T16928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  752.364409][T16928]  </TASK>
[  752.535684][T16937] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2931'.
[  752.627586][T16945] blktrace: Concurrent blktraces are not allowed on sg0
[  752.741866][T16949] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  752.743955][T16949] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  752.752002][T16949] vhci_hcd vhci_hcd.0: Device attached
[  752.759602][T16950] usbip_core: unknown command
[  752.762370][T16950] vhci_hcd: unknown pdu 0
[  752.764245][T16950] usbip_core: unknown command
[  752.766647][ T1138] vhci_hcd: stop threads
[  752.768083][ T1138] vhci_hcd: release socket
[  752.769582][ T1138] vhci_hcd: disconnect device
[  752.818612][T16952] blktrace: Concurrent blktraces are not allowed on sg0
[  754.477323][T16959] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2941'.
[  754.482206][T16959] netlink: 'syz.2.2941': attribute type 15 has an invalid length.
[  754.602198][   T40] audit: type=1326 audit(2000001251.951:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16955 comm="syz.2.2941" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x0
[  755.448852][T16973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2946'.
[  755.455539][T16973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2946'.
[  755.997857][T16992] FAULT_INJECTION: forcing a failure.
[  755.997857][T16992] name failslab, interval 1, probability 0, space 0, times 0
[  756.003570][T16992] CPU: 3 UID: 0 PID: 16992 Comm: syz.1.2951 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  756.003594][T16992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  756.003605][T16992] Call Trace:
[  756.003612][T16992]  <TASK>
[  756.003619][T16992]  dump_stack_lvl+0x16c/0x1f0
[  756.003641][T16992]  should_fail_ex+0x512/0x640
[  756.003664][T16992]  ? __kmalloc_noprof+0xbf/0x510
[  756.003683][T16992]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  756.003710][T16992]  should_failslab+0xc2/0x120
[  756.003730][T16992]  __kmalloc_noprof+0xd2/0x510
[  756.003745][T16992]  ? __pfx___mutex_trylock_common+0x10/0x10
[  756.003777][T16992]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  756.003808][T16992]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  756.003834][T16992]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  756.003872][T16992]  ? rcu_is_watching+0x12/0xc0
[  756.003901][T16992]  ? bpf_lsm_capable+0x9/0x10
[  756.003924][T16992]  ? security_capable+0x7e/0x260
[  756.003949][T16992]  genl_rcv_msg+0x55c/0x800
[  756.003976][T16992]  ? __pfx_genl_rcv_msg+0x10/0x10
[  756.003998][T16992]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  756.004021][T16992]  ? __pfx_nl802154_del_llsec_seclevel+0x10/0x10
[  756.004043][T16992]  ? __pfx_nl802154_post_doit+0x10/0x10
[  756.004069][T16992]  ? __lock_acquire+0x622/0x1c90
[  756.004096][T16992]  netlink_rcv_skb+0x155/0x420
[  756.004114][T16992]  ? __pfx_genl_rcv_msg+0x10/0x10
[  756.004138][T16992]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  756.004172][T16992]  ? netlink_deliver_tap+0x1ae/0xd30
[  756.004191][T16992]  ? is_vmalloc_addr+0x86/0xa0
[  756.004211][T16992]  genl_rcv+0x28/0x40
[  756.004231][T16992]  netlink_unicast+0x58d/0x850
[  756.004257][T16992]  ? __pfx_netlink_unicast+0x10/0x10
[  756.004287][T16992]  netlink_sendmsg+0x8d1/0xdd0
[  756.004314][T16992]  ? __pfx_netlink_sendmsg+0x10/0x10
[  756.004338][T16992]  ? __import_iovec+0x1dd/0x650
[  756.004365][T16992]  ____sys_sendmsg+0xa98/0xc70
[  756.004410][T16992]  ? __pfx_____sys_sendmsg+0x10/0x10
[  756.004435][T16992]  ? get_compat_msghdr+0x11a/0x170
[  756.004468][T16992]  ___sys_sendmsg+0x134/0x1d0
[  756.004490][T16992]  ? __pfx____sys_sendmsg+0x10/0x10
[  756.004524][T16992]  ? find_held_lock+0x2b/0x80
[  756.004564][T16992]  __sys_sendmsg+0x16d/0x220
[  756.004582][T16992]  ? __pfx___sys_sendmsg+0x10/0x10
[  756.004615][T16992]  ? rcu_is_watching+0x12/0xc0
[  756.004636][T16992]  __do_fast_syscall_32+0x7c/0x3a0
[  756.004664][T16992]  do_fast_syscall_32+0x32/0x80
[  756.004683][T16992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  756.004705][T16992] RIP: 0023:0xf7f25579
[  756.004718][T16992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  756.004735][T16992] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  756.004752][T16992] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000200
[  756.004763][T16992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  756.004773][T16992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  756.004783][T16992] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  756.004793][T16992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  756.004816][T16992]  </TASK>
[  756.031587][T16993] blktrace: Concurrent blktraces are not allowed on sg0
[  756.404784][T17005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2954'.
[  756.407618][T17005] netlink: 'syz.1.2954': attribute type 15 has an invalid length.
[  756.724666][   T40] audit: type=1326 audit(2000001254.050:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17001 comm="syz.1.2954" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  757.380435][T17022] tipc: Enabled bearer <udp:s>, priority 10
[  758.347787][T17039] FAULT_INJECTION: forcing a failure.
[  758.347787][T17039] name failslab, interval 1, probability 0, space 0, times 0
[  758.351782][T17039] CPU: 1 UID: 0 PID: 17039 Comm: syz.2.2961 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  758.351808][T17039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  758.351816][T17039] Call Trace:
[  758.351820][T17039]  <TASK>
[  758.351825][T17039]  dump_stack_lvl+0x16c/0x1f0
[  758.351838][T17039]  should_fail_ex+0x512/0x640
[  758.351849][T17039]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  758.351862][T17039]  should_failslab+0xc2/0x120
[  758.351874][T17039]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  758.351885][T17039]  ? do_raw_spin_lock+0x12c/0x2b0
[  758.351907][T17039]  ? sock_alloc_inode+0x25/0x1c0
[  758.351923][T17039]  ? __pfx_sock_alloc_inode+0x10/0x10
[  758.351935][T17039]  sock_alloc_inode+0x25/0x1c0
[  758.351947][T17039]  alloc_inode+0x61/0x240
[  758.351961][T17039]  sock_alloc+0x40/0x280
[  758.351973][T17039]  __sock_create+0xc1/0x8d0
[  758.351989][T17039]  __sys_socketpair+0x1d8/0x5a0
[  758.352004][T17039]  ? __pfx___sys_socketpair+0x10/0x10
[  758.352024][T17039]  __ia32_compat_sys_socketcall+0x444/0x770
[  758.352037][T17039]  ? __fget_files+0x20e/0x3c0
[  758.352053][T17039]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  758.352067][T17039]  ? fput+0x70/0xf0
[  758.352082][T17039]  ? rcu_is_watching+0x12/0xc0
[  758.352096][T17039]  __do_fast_syscall_32+0x7c/0x3a0
[  758.352109][T17039]  do_fast_syscall_32+0x32/0x80
[  758.352119][T17039]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  758.352132][T17039] RIP: 0023:0xf7fd1579
[  758.352141][T17039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  758.352151][T17039] RSP: 002b:00000000f50b4490 EFLAGS: 00000286 ORIG_RAX: 0000000000000066
[  758.352161][T17039] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f50b44ac
[  758.352168][T17039] RDX: 00000000f7464ff4 RSI: 00000000f7495000 RDI: 0000000000000000
[  758.352174][T17039] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[  758.352180][T17039] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  758.352186][T17039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  758.352199][T17039]  </TASK>
[  758.352228][T17039] socket: no more sockets
[  758.437611][T17038] loop6: detected capacity change from 0 to 524287999
[  758.457850][   T53] tipc: Node number set to 872719191
[  758.613860][T17044] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2962'.
[  758.999184][ T5967] Bluetooth: hci1: command 0x0406 tx timeout
[  759.320190][T17051] tipc: Enabled bearer <udp:s>, priority 10
[  760.246805][  T837] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  760.390048][T11024] tipc: Node number set to 2886997007
[  760.391345][  T837] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  760.398425][  T837] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  760.406084][  T837] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  760.411630][  T837] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.538196][T17068] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  760.540709][T17068] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  760.544604][T17068] vhci_hcd vhci_hcd.0: Device attached
[  760.615780][  T837] usb 9-1: usb_control_msg returned -32
[  760.617693][  T837] usbtmc 9-1:16.0: can't read capabilities
[  760.780299][   T53] usb 39-1: new high-speed USB device number 18 using vhci_hcd
[  761.013421][T14356] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  761.110619][T17069] vhci_hcd: connection reset by peer
[  761.116265][ T1141] vhci_hcd: stop threads
[  761.124217][ T1141] vhci_hcd: release socket
[  761.126401][ T1141] vhci_hcd: disconnect device
[  762.084520][T17093] FAULT_INJECTION: forcing a failure.
[  762.084520][T17093] name failslab, interval 1, probability 0, space 0, times 0
[  762.088448][T17093] CPU: 1 UID: 0 PID: 17093 Comm: syz.0.2977 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  762.088473][T17093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  762.088480][T17093] Call Trace:
[  762.088485][T17093]  <TASK>
[  762.088489][T17093]  dump_stack_lvl+0x16c/0x1f0
[  762.088503][T17093]  should_fail_ex+0x512/0x640
[  762.088514][T17093]  ? fs_reclaim_acquire+0xae/0x150
[  762.088530][T17093]  ? tomoyo_encode2+0x100/0x3e0
[  762.088539][T17093]  should_failslab+0xc2/0x120
[  762.088552][T17093]  __kmalloc_noprof+0xd2/0x510
[  762.088562][T17093]  ? d_absolute_path+0x136/0x1a0
[  762.088583][T17093]  tomoyo_encode2+0x100/0x3e0
[  762.088595][T17093]  tomoyo_encode+0x29/0x50
[  762.088604][T17093]  tomoyo_realpath_from_path+0x18f/0x6e0
[  762.088618][T17093]  tomoyo_path_number_perm+0x245/0x580
[  762.088632][T17093]  ? tomoyo_path_number_perm+0x237/0x580
[  762.088647][T17093]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  762.088676][T17093]  ? find_held_lock+0x2b/0x80
[  762.088687][T17093]  ? hook_file_ioctl_common+0x145/0x410
[  762.088704][T17093]  ? __fget_files+0x20e/0x3c0
[  762.088719][T17093]  ? __fput_deferred+0x480/0x480
[  762.088734][T17093]  security_file_ioctl_compat+0x9b/0x240
[  762.088750][T17093]  __ia32_compat_sys_ioctl+0xc3/0x370
[  762.088766][T17093]  __do_fast_syscall_32+0x7c/0x3a0
[  762.088779][T17093]  do_fast_syscall_32+0x32/0x80
[  762.088789][T17093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  762.088802][T17093] RIP: 0023:0xf711e579
[  762.088811][T17093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  762.088822][T17093] RSP: 002b:00000000f50cc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  762.088832][T17093] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000005412
[  762.088838][T17093] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  762.088844][T17093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  762.088850][T17093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  762.088856][T17093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  762.088869][T17093]  </TASK>
[  762.088899][T17093] ERROR: Out of memory at tomoyo_realpath_from_path.
[  762.357523][T17096] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2976'.
[  762.840855][T17100] FAULT_INJECTION: forcing a failure.
[  762.840855][T17100] name failslab, interval 1, probability 0, space 0, times 0
[  762.845855][T17100] CPU: 3 UID: 0 PID: 17100 Comm: syz.0.2978 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  762.845879][T17100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  762.845890][T17100] Call Trace:
[  762.845897][T17100]  <TASK>
[  762.845904][T17100]  dump_stack_lvl+0x16c/0x1f0
[  762.845927][T17100]  should_fail_ex+0x512/0x640
[  762.845946][T17100]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  762.845968][T17100]  should_failslab+0xc2/0x120
[  762.845989][T17100]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  762.846006][T17100]  ? sock_write_iter+0x4fc/0x5b0
[  762.846029][T17100]  ? do_iter_readv_writev+0x657/0x950
[  762.846054][T17100]  ? __alloc_skb+0x2b2/0x380
[  762.846069][T17100]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  762.846095][T17100]  __alloc_skb+0x2b2/0x380
[  762.846111][T17100]  ? __pfx___alloc_skb+0x10/0x10
[  762.846128][T17100]  ? aa_get_newest_label+0x375/0x680
[  762.846151][T17100]  ? __pfx_aa_get_newest_label+0x10/0x10
[  762.846179][T17100]  netlink_dump+0x192/0xd00
[  762.846203][T17100]  ? __pfx_netlink_dump+0x10/0x10
[  762.846231][T17100]  ? __inet_diag_dump_start+0x434/0x7f0
[  762.846260][T17100]  __netlink_dump_start+0x6d6/0x990
[  762.846286][T17100]  inet_diag_handler_cmd+0x282/0x2e0
[  762.846309][T17100]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  762.846330][T17100]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  762.846350][T17100]  ? __pfx_inet_diag_dump+0x10/0x10
[  762.846369][T17100]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  762.846393][T17100]  ? sock_diag_lock_handler+0x10f/0x2e0
[  762.846426][T17100]  sock_diag_rcv_msg+0x438/0x790
[  762.846456][T17100]  netlink_rcv_skb+0x155/0x420
[  762.846477][T17100]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  762.846506][T17100]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  762.846535][T17100]  ? netlink_deliver_tap+0x1ae/0xd30
[  762.846566][T17100]  netlink_unicast+0x58d/0x850
[  762.846593][T17100]  ? __pfx_netlink_unicast+0x10/0x10
[  762.846637][T17100]  netlink_sendmsg+0x8d1/0xdd0
[  762.846664][T17100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  762.846695][T17100]  sock_write_iter+0x4fc/0x5b0
[  762.846721][T17100]  ? __pfx_sock_write_iter+0x10/0x10
[  762.846755][T17100]  ? __lock_acquire+0x622/0x1c90
[  762.846784][T17100]  do_iter_readv_writev+0x657/0x950
[  762.846809][T17100]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  762.846839][T17100]  ? bpf_lsm_file_permission+0x9/0x10
[  762.846861][T17100]  ? security_file_permission+0x71/0x210
[  762.846884][T17100]  ? rw_verify_area+0xcf/0x680
[  762.846911][T17100]  vfs_writev+0x35f/0xde0
[  762.846945][T17100]  ? __pfx_vfs_writev+0x10/0x10
[  762.846972][T17100]  ? find_held_lock+0x2b/0x80
[  762.847006][T17100]  ? __fget_files+0x20e/0x3c0
[  762.847031][T17100]  ? __fget_files+0x1b0/0x3c0
[  762.847064][T17100]  ? do_writev+0x28c/0x340
[  762.847089][T17100]  do_writev+0x28c/0x340
[  762.847115][T17100]  ? __pfx_do_writev+0x10/0x10
[  762.847142][T17100]  ? rcu_is_watching+0x12/0xc0
[  762.847165][T17100]  __do_fast_syscall_32+0x7c/0x3a0
[  762.847186][T17100]  do_fast_syscall_32+0x32/0x80
[  762.847206][T17100]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  762.847227][T17100] RIP: 0023:0xf711e579
[  762.847243][T17100] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  762.847260][T17100] RSP: 002b:00000000f50ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  762.847277][T17100] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000800000c0
[  762.847288][T17100] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  762.847298][T17100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  762.847309][T17100] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  762.847320][T17100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  762.847344][T17100]  </TASK>
[  762.853509][T17102] FAULT_INJECTION: forcing a failure.
[  762.853509][T17102] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  762.866205][  T837] usb 9-1: USB disconnect, device number 9
[  762.868919][T17102] CPU: 0 UID: 0 PID: 17102 Comm: syz.1.2979 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  762.868942][T17102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  762.868953][T17102] Call Trace:
[  762.868959][T17102]  <TASK>
[  762.868965][T17102]  dump_stack_lvl+0x16c/0x1f0
[  762.868988][T17102]  should_fail_ex+0x512/0x640
[  762.869009][T17102]  _copy_from_iter+0x29f/0x16f0
[  762.869032][T17102]  ? __alloc_skb+0x200/0x380
[  762.869050][T17102]  ? __pfx__copy_from_iter+0x10/0x10
[  762.869071][T17102]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  762.869099][T17102]  netlink_sendmsg+0x829/0xdd0
[  762.869124][T17102]  ? __pfx_netlink_sendmsg+0x10/0x10
[  762.869146][T17102]  ? __import_iovec+0x1dd/0x650
[  762.869170][T17102]  ____sys_sendmsg+0xa98/0xc70
[  762.869195][T17102]  ? __pfx_____sys_sendmsg+0x10/0x10
[  762.869216][T17102]  ? get_compat_msghdr+0x11a/0x170
[  762.869246][T17102]  ___sys_sendmsg+0x134/0x1d0
[  762.869265][T17102]  ? __pfx____sys_sendmsg+0x10/0x10
[  762.869294][T17102]  ? find_held_lock+0x2b/0x80
[  762.869328][T17102]  __sys_sendmsg+0x16d/0x220
[  762.869347][T17102]  ? __pfx___sys_sendmsg+0x10/0x10
[  762.869377][T17102]  ? rcu_is_watching+0x12/0xc0
[  762.869398][T17102]  __do_fast_syscall_32+0x7c/0x3a0
[  762.869419][T17102]  do_fast_syscall_32+0x32/0x80
[  762.869437][T17102]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  762.869458][T17102] RIP: 0023:0xf7f25579
[  762.869472][T17102] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  762.869489][T17102] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  762.869506][T17102] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800001c0
[  762.869517][T17102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  762.869527][T17102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  762.869537][T17102] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  762.869546][T17102] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  762.869568][T17102]  </TASK>
[  763.505300][T17112] FAULT_INJECTION: forcing a failure.
[  763.505300][T17112] name failslab, interval 1, probability 0, space 0, times 0
[  763.510080][T17112] CPU: 3 UID: 0 PID: 17112 Comm: syz.4.2982 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  763.510095][T17112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  763.510101][T17112] Call Trace:
[  763.510106][T17112]  <TASK>
[  763.510110][T17112]  dump_stack_lvl+0x16c/0x1f0
[  763.510125][T17112]  should_fail_ex+0x512/0x640
[  763.510137][T17112]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  763.510150][T17112]  should_failslab+0xc2/0x120
[  763.510163][T17112]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  763.510174][T17112]  ? ptlock_alloc+0x1f/0x70
[  763.510191][T17112]  ptlock_alloc+0x1f/0x70
[  763.510206][T17112]  pte_alloc_one+0x82/0x3a0
[  763.510216][T17112]  do_huge_pmd_anonymous_page+0x8c9/0x2080
[  763.510233][T17112]  ? find_held_lock+0x2b/0x80
[  763.510247][T17112]  __handle_mm_fault+0x23d2/0x5490
[  763.510266][T17112]  ? __pfx___handle_mm_fault+0x10/0x10
[  763.510283][T17112]  ? __lock_acquire+0xb8a/0x1c90
[  763.510305][T17112]  handle_mm_fault+0x589/0xd10
[  763.510323][T17112]  __get_user_pages+0x589/0x3b80
[  763.510342][T17112]  ? __pfx___get_user_pages+0x10/0x10
[  763.510356][T17112]  ? register_lock_class+0x41/0x4c0
[  763.510368][T17112]  ? __ia32_sys_process_vm_readv+0xdf/0x1b0
[  763.510380][T17112]  ? __do_fast_syscall_32+0x7c/0x3a0
[  763.510395][T17112]  __gup_longterm_locked+0x20d/0x1840
[  763.510410][T17112]  ? __lock_acquire+0xb8a/0x1c90
[  763.510425][T17112]  ? __pfx___gup_longterm_locked+0x10/0x10
[  763.510446][T17112]  pin_user_pages_remote+0xed/0x140
[  763.510460][T17112]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  763.510474][T17112]  ? mm_access+0x22d/0x2e0
[  763.510491][T17112]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  763.510509][T17112]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  763.510529][T17112]  ? iovec_from_user+0xbb/0x140
[  763.510543][T17112]  process_vm_rw+0x216/0x2c0
[  763.510555][T17112]  ? __pfx_process_vm_rw+0x10/0x10
[  763.510575][T17112]  ? ksys_write+0x190/0x250
[  763.510589][T17112]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  763.510606][T17112]  ? fput+0x70/0xf0
[  763.510617][T17112]  ? ksys_write+0x1ac/0x250
[  763.510629][T17112]  __ia32_sys_process_vm_readv+0xdf/0x1b0
[  763.510642][T17112]  ? lockdep_hardirqs_on+0x7c/0x110
[  763.510651][T17112]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  763.510663][T17112]  __do_fast_syscall_32+0x7c/0x3a0
[  763.510675][T17112]  do_fast_syscall_32+0x32/0x80
[  763.510686][T17112]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  763.510699][T17112] RIP: 0023:0xf7fd8579
[  763.510707][T17112] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  763.510717][T17112] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 000000000000015b
[  763.510728][T17112] RAX: ffffffffffffffda RBX: 00000000000005d3 RCX: 0000000080008400
[  763.510735][T17112] RDX: 0000000000000002 RSI: 0000000080008640 RDI: 0000000000000286
[  763.510741][T17112] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  763.510747][T17112] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  763.510753][T17112] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  763.510766][T17112]  </TASK>
[  763.736420][T17116] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  763.782848][T17119] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  763.836912][T17121] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  763.839532][T17121] syzkaller0: entered promiscuous mode
[  763.841332][T17121] syzkaller0: entered allmulticast mode
[  763.916517][T17121] tipc: Resetting bearer <eth:syzkaller0>
[  763.952459][T17120] tipc: Resetting bearer <eth:syzkaller0>
[  763.983115][T17120] tipc: Disabling bearer <eth:syzkaller0>
[  764.527379][T17132] x_tables: ip6_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT/POSTROUTING
[  764.536382][T17132] new mount options do not match the existing superblock, will be ignored
[  764.581439][   T24] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  764.600701][   T29] usb 7-1: new full-speed USB device number 21 using dummy_hcd
[  764.742331][   T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  764.745121][   T29] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  764.745448][   T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  764.752538][   T29] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  764.753401][   T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  764.758100][   T29] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  764.760819][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  764.771777][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  764.850170][T17141] blktrace: Concurrent blktraces are not allowed on sg0
[  764.957658][   T24] usb 6-1: usb_control_msg returned -32
[  764.959667][   T24] usbtmc 6-1:16.0: can't read capabilities
[  764.976114][   T29] usb 7-1: usb_control_msg returned -32
[  764.978459][   T29] usbtmc 7-1:16.0: can't read capabilities
[  765.506112][T17145] FAULT_INJECTION: forcing a failure.
[  765.506112][T17145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  765.510160][T17145] CPU: 1 UID: 0 PID: 17145 Comm: syz.4.2993 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  765.510175][T17145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  765.510182][T17145] Call Trace:
[  765.510186][T17145]  <TASK>
[  765.510190][T17145]  dump_stack_lvl+0x16c/0x1f0
[  765.510205][T17145]  should_fail_ex+0x512/0x640
[  765.510217][T17145]  save_fsave_header+0x14c/0x2f0
[  765.510231][T17145]  ? __pfx_save_fsave_header+0x10/0x10
[  765.510249][T17145]  ? copy_fpstate_to_sigframe+0x2c3/0xaf0
[  765.510261][T17145]  ? rcu_is_watching+0x12/0xc0
[  765.510272][T17145]  ? __local_bh_enable_ip+0xa4/0x120
[  765.510286][T17145]  copy_fpstate_to_sigframe+0x77c/0xaf0
[  765.510307][T17145]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  765.510324][T17145]  ? posixtimer_deliver_signal+0xed/0x6a0
[  765.510352][T17145]  ? x86_task_fpu+0x5f/0x90
[  765.510373][T17145]  get_sigframe+0x4a8/0x9c0
[  765.510396][T17145]  ? __pfx_get_sigframe+0x10/0x10
[  765.510412][T17145]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  765.510437][T17145]  ? _raw_spin_unlock_irq+0x29/0x50
[  765.510463][T17145]  ? siginfo_layout+0x177/0x290
[  765.510485][T17145]  ia32_setup_rt_frame+0xe3/0xb30
[  765.510514][T17145]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  765.510546][T17145]  arch_do_signal_or_restart+0x480/0x790
[  765.510567][T17145]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  765.510594][T17145]  ? __pfx_do_readv+0x10/0x10
[  765.510625][T17145]  exit_to_user_mode_loop+0x84/0x110
[  765.510653][T17145]  do_int80_emulation+0x352/0x460
[  765.510674][T17145]  asm_int80_emulation+0x1a/0x20
[  765.510692][T17145] RIP: 0023:0xf7fd8577
[  765.510706][T17145] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  765.510722][T17145] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  765.510740][T17145] RAX: 0000000000000091 RBX: 0000000000000004 RCX: 0000000080000000
[  765.510751][T17145] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  765.510769][T17145] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  765.510780][T17145] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  765.510790][T17145] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  765.510815][T17145]  </TASK>
[  765.750630][   T53] vhci_hcd: vhci_device speed not set
[  766.623935][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2996'.
[  766.627488][T17159] netlink: 'syz.4.2996': attribute type 15 has an invalid length.
[  766.660895][T17160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2997'.
[  766.664556][T17160] netlink: 'syz.0.2997': attribute type 15 has an invalid length.
[  766.697100][   T40] audit: type=1326 audit(2000001264.653:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.4.2996" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  766.749756][   T40] audit: type=1326 audit(2000001264.706:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17157 comm="syz.0.2997" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  766.883541][ T5824] usb 7-1: USB disconnect, device number 21
[  766.993641][   T53] usb 6-1: USB disconnect, device number 7
[  767.102011][T17172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2999'.
[  767.104864][T17172] netlink: 'syz.1.2999': attribute type 15 has an invalid length.
[  767.171190][   T40] audit: type=1326 audit(2000001265.147:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17168 comm="syz.1.2999" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  768.290197][T17183] blktrace: Concurrent blktraces are not allowed on sg0
[  769.038670][T17193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3004'.
[  769.298115][   T63] Bluetooth: hci4: unexpected event for opcode 0x1002
[  769.602271][T17207] dlm: no locking on control device
[  770.018657][T17210] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  770.020727][T17210] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  770.027679][T17210] vhci_hcd vhci_hcd.0: Device attached
[  770.057274][T17211] usbip_core: unknown command
[  770.058901][T17211] vhci_hcd: unknown pdu 0
[  770.060372][T17211] usbip_core: unknown command
[  770.064015][T14356] vhci_hcd: stop threads
[  770.065606][T14356] vhci_hcd: release socket
[  770.067213][T14356] vhci_hcd: disconnect device
[  771.758297][T17225] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3011'.
[  772.179672][T17235] FAULT_INJECTION: forcing a failure.
[  772.179672][T17235] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  772.184167][T17235] CPU: 2 UID: 0 PID: 17235 Comm: syz.1.3014 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  772.184193][T17235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  772.184201][T17235] Call Trace:
[  772.184205][T17235]  <TASK>
[  772.184209][T17235]  dump_stack_lvl+0x16c/0x1f0
[  772.184223][T17235]  should_fail_ex+0x512/0x640
[  772.184237][T17235]  _copy_to_user+0x32/0xd0
[  772.184266][T17235]  simple_read_from_buffer+0xcb/0x170
[  772.184284][T17235]  proc_fail_nth_read+0x197/0x270
[  772.184299][T17235]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  772.184314][T17235]  ? rw_verify_area+0xcf/0x680
[  772.184328][T17235]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  772.184343][T17235]  vfs_read+0x1e4/0xc60
[  772.184352][T17235]  ? fdget_pos+0x2a2/0x370
[  772.184364][T17235]  ? __pfx_vfs_read+0x10/0x10
[  772.184372][T17235]  ? find_held_lock+0x2b/0x80
[  772.184387][T17235]  ? __fget_files+0x20e/0x3c0
[  772.184407][T17235]  ksys_read+0x12a/0x250
[  772.184416][T17235]  ? __pfx_ksys_read+0x10/0x10
[  772.184426][T17235]  ? rcu_is_watching+0x12/0xc0
[  772.184440][T17235]  __do_fast_syscall_32+0x7c/0x3a0
[  772.184453][T17235]  do_fast_syscall_32+0x32/0x80
[  772.184464][T17235]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  772.184477][T17235] RIP: 0023:0xf7f25579
[  772.184485][T17235] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  772.184500][T17235] RSP: 002b:00000000f5025590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  772.184511][T17235] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f5025620
[  772.184517][T17235] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  772.184524][T17235] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  772.184529][T17235] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  772.184535][T17235] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  772.184549][T17235]  </TASK>
[  772.564780][   T29] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  772.721369][   T29] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  772.725208][   T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  772.729605][   T29] usb 7-1: Product: syz
[  772.731649][   T29] usb 7-1: Manufacturer: syz
[  772.733663][   T29] usb 7-1: SerialNumber: syz
[  772.745192][   T29] usb 7-1: config 0 descriptor??
[  772.791384][T17254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  772.796767][T17253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  773.002837][T17265] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3022'.
[  773.006015][T17265] netlink: 'syz.4.3022': attribute type 15 has an invalid length.
[  773.091891][ T1342] usb 7-1: USB disconnect, device number 22
[  773.179167][   T40] audit: type=1326 audit(2000001271.466:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17263 comm="syz.4.3022" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  773.926245][ T3240] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  774.090229][ T3240] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  774.093898][ T3240] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  774.100615][ T3240] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  774.103528][ T3240] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.297751][T17296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3031'.
[  774.300643][T17296] netlink: 'syz.0.3031': attribute type 15 has an invalid length.
[  774.311153][ T3240] usb 6-1: usb_control_msg returned -32
[  774.316331][ T3240] usbtmc 6-1:16.0: can't read capabilities
[  774.378477][   T40] audit: type=1326 audit(2000001272.726:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17292 comm="syz.0.3031" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  774.393302][T17301] FAULT_INJECTION: forcing a failure.
[  774.393302][T17301] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  774.398347][T17301] CPU: 3 UID: 0 PID: 17301 Comm: syz.4.3033 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  774.398362][T17301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  774.398368][T17301] Call Trace:
[  774.398373][T17301]  <TASK>
[  774.398377][T17301]  dump_stack_lvl+0x16c/0x1f0
[  774.398391][T17301]  should_fail_ex+0x512/0x640
[  774.398404][T17301]  should_fail_alloc_page+0xe7/0x130
[  774.398418][T17301]  prepare_alloc_pages+0x3c2/0x610
[  774.398439][T17301]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  774.398453][T17301]  ? css_rstat_updated+0x9d/0xd30
[  774.398466][T17301]  ? find_held_lock+0x2b/0x80
[  774.398477][T17301]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  774.398488][T17301]  ? __up_read+0x1f8/0x750
[  774.398508][T17301]  ? __pfx___up_read+0x10/0x10
[  774.398531][T17301]  ? do_user_addr_fault+0x843/0x1370
[  774.398547][T17301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  774.398563][T17301]  ? policy_nodemask+0xea/0x4e0
[  774.398576][T17301]  alloc_pages_mpol+0x1fb/0x550
[  774.398593][T17301]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  774.398617][T17301]  alloc_pages_noprof+0x131/0x390
[  774.398631][T17301]  bpf_prog_test_run_xdp+0x1028/0x1590
[  774.398659][T17301]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  774.398676][T17301]  ? __might_fault+0xe0/0x190
[  774.398689][T17301]  ? fput+0x70/0xf0
[  774.398701][T17301]  ? __bpf_prog_get+0x97/0x2a0
[  774.398718][T17301]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  774.398736][T17301]  __sys_bpf+0x1707/0x4ea0
[  774.398753][T17301]  ? __pfx___sys_bpf+0x10/0x10
[  774.398768][T17301]  ? ksys_write+0x190/0x250
[  774.398786][T17301]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  774.398811][T17301]  ? fput+0x70/0xf0
[  774.398823][T17301]  ? ksys_write+0x1ac/0x250
[  774.398836][T17301]  ? __pfx_ksys_write+0x10/0x10
[  774.398855][T17301]  __ia32_sys_bpf+0x76/0xe0
[  774.398871][T17301]  __do_fast_syscall_32+0x7c/0x3a0
[  774.398890][T17301]  do_fast_syscall_32+0x32/0x80
[  774.398906][T17301]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  774.398920][T17301] RIP: 0023:0xf7fd8579
[  774.398933][T17301] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  774.398948][T17301] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  774.398963][T17301] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  774.398973][T17301] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  774.398983][T17301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  774.398992][T17301] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  774.399001][T17301] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  774.399022][T17301]  </TASK>
[  775.052957][ T1141] bond0 (unregistering): Released all slaves
[  775.472965][ T1141] mac80211_hwsim hwsim2 wlan0 (unregistering): left allmulticast mode
[  775.586908][ T1141] hsr_slave_0: left promiscuous mode
[  775.588891][ T1141] hsr_slave_1: left promiscuous mode
[  775.614271][ T1141] batadv_slave_1: left promiscuous mode
[  775.615964][ T1141] veth1_macvtap: left promiscuous mode
[  775.617632][ T1141] veth0_macvtap: left promiscuous mode
[  775.619541][ T1141] veth1_vlan: left promiscuous mode
[  775.623085][ T1141] veth0_vlan: left promiscuous mode
[  775.722792][T17324] FAULT_INJECTION: forcing a failure.
[  775.722792][T17324] name failslab, interval 1, probability 0, space 0, times 0
[  775.728201][T17324] CPU: 0 UID: 0 PID: 17324 Comm: syz.0.3039 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  775.728237][T17324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  775.728245][T17324] Call Trace:
[  775.728250][T17324]  <TASK>
[  775.728255][T17324]  dump_stack_lvl+0x16c/0x1f0
[  775.728270][T17324]  should_fail_ex+0x512/0x640
[  775.728283][T17324]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  775.728301][T17324]  should_failslab+0xc2/0x120
[  775.728314][T17324]  __kmalloc_cache_noprof+0x6a/0x3e0
[  775.728331][T17324]  ? genl_start+0x1e8/0x980
[  775.728348][T17324]  genl_start+0x1e8/0x980
[  775.728364][T17324]  __netlink_dump_start+0x60e/0x990
[  775.728380][T17324]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  775.728396][T17324]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  775.728411][T17324]  ? genl_op_from_small+0x25/0x440
[  775.728428][T17324]  ? __pfx_genl_get_cmd+0x10/0x10
[  775.728441][T17324]  ? __pfx_genl_start+0x10/0x10
[  775.728453][T17324]  ? __pfx_genl_dumpit+0x10/0x10
[  775.728467][T17324]  ? __pfx_genl_done+0x10/0x10
[  775.728489][T17324]  ? __radix_tree_lookup+0x21f/0x2c0
[  775.728509][T17324]  genl_rcv_msg+0x46e/0x800
[  775.728526][T17324]  ? __pfx_genl_rcv_msg+0x10/0x10
[  775.728541][T17324]  ? __pfx_nl80211_dump_scan+0x10/0x10
[  775.728564][T17324]  netlink_rcv_skb+0x155/0x420
[  775.728577][T17324]  ? __pfx_genl_rcv_msg+0x10/0x10
[  775.728592][T17324]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  775.728611][T17324]  ? netlink_deliver_tap+0x1ae/0xd30
[  775.728626][T17324]  genl_rcv+0x28/0x40
[  775.728639][T17324]  netlink_unicast+0x58d/0x850
[  775.728654][T17324]  ? __pfx_netlink_unicast+0x10/0x10
[  775.728671][T17324]  netlink_sendmsg+0x8d1/0xdd0
[  775.728687][T17324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  775.728701][T17324]  ? __import_iovec+0x1dd/0x650
[  775.728718][T17324]  ____sys_sendmsg+0xa98/0xc70
[  775.728734][T17324]  ? __pfx_____sys_sendmsg+0x10/0x10
[  775.728747][T17324]  ? get_compat_msghdr+0x11a/0x170
[  775.728764][T17324]  ___sys_sendmsg+0x134/0x1d0
[  775.728776][T17324]  ? __pfx____sys_sendmsg+0x10/0x10
[  775.728793][T17324]  ? find_held_lock+0x2b/0x80
[  775.728813][T17324]  __sys_sendmsg+0x16d/0x220
[  775.728824][T17324]  ? __pfx___sys_sendmsg+0x10/0x10
[  775.728841][T17324]  ? rcu_is_watching+0x12/0xc0
[  775.728854][T17324]  __do_fast_syscall_32+0x7c/0x3a0
[  775.728866][T17324]  do_fast_syscall_32+0x32/0x80
[  775.728877][T17324]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  775.728890][T17324] RIP: 0023:0xf711e579
[  775.728899][T17324] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  775.728910][T17324] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  775.728920][T17324] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000f00
[  775.728927][T17324] RDX: 0000000000044000 RSI: 0000000000000000 RDI: 0000000000000000
[  775.728933][T17324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  775.728939][T17324] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  775.728945][T17324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  775.728958][T17324]  </TASK>
[  776.068144][T17330] blktrace: Concurrent blktraces are not allowed on sg0
[  776.552856][  T837] usb 6-1: USB disconnect, device number 8
[  776.605669][T17338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3043'.
[  776.608605][T17338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3043'.
[  776.609311][T17337] binder: 17334:17337 ioctl c00c620f 80000740 returned -22
[  776.799356][T17340] netlink: 67 bytes leftover after parsing attributes in process `syz.0.3044'.
[  777.360446][T17334] block nbd2: shutting down sockets
[  777.569475][T17340] FAULT_INJECTION: forcing a failure.
[  777.569475][T17340] name failslab, interval 1, probability 0, space 0, times 0
[  777.583367][T17340] CPU: 1 UID: 0 PID: 17340 Comm: syz.0.3044 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  777.583399][T17340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  777.583409][T17340] Call Trace:
[  777.583415][T17340]  <TASK>
[  777.583422][T17340]  dump_stack_lvl+0x16c/0x1f0
[  777.583459][T17340]  should_fail_ex+0x512/0x640
[  777.583476][T17340]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  777.583496][T17340]  should_failslab+0xc2/0x120
[  777.583516][T17340]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  777.583532][T17340]  ? __alloc_skb+0x2b2/0x380
[  777.583546][T17340]  ? __pfx_try_to_wake_up+0x10/0x10
[  777.583564][T17340]  __alloc_skb+0x2b2/0x380
[  777.583579][T17340]  ? __pfx___alloc_skb+0x10/0x10
[  777.583595][T17340]  ? __queue_work+0x370/0x10f0
[  777.583626][T17340]  rtmsg_ifa+0x16a/0x2a0
[  777.583645][T17340]  ? __pfx_rtmsg_ifa+0x10/0x10
[  777.583662][T17340]  ? queue_delayed_work_on+0x12f/0x200
[  777.583676][T17340]  ? lockdep_hardirqs_on+0x7c/0x110
[  777.583695][T17340]  __inet_insert_ifa+0x911/0xcd0
[  777.583721][T17340]  ? __pfx___inet_insert_ifa+0x10/0x10
[  777.583750][T17340]  inet_rtm_newaddr+0xd87/0x1540
[  777.583777][T17340]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  777.583812][T17340]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  777.583832][T17340]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  777.583850][T17340]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  777.583869][T17340]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  777.583889][T17340]  rtnetlink_rcv_msg+0x95b/0xe90
[  777.583910][T17340]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  777.583929][T17340]  ? ref_tracker_free+0x37c/0x830
[  777.583949][T17340]  netlink_rcv_skb+0x155/0x420
[  777.583969][T17340]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  777.583988][T17340]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  777.584015][T17340]  ? netlink_deliver_tap+0x1ae/0xd30
[  777.584032][T17340]  netlink_unicast+0x58d/0x850
[  777.584055][T17340]  ? __pfx_netlink_unicast+0x10/0x10
[  777.584072][T17340]  ? __build_skb_around+0x278/0x3b0
[  777.584095][T17340]  ? is_vmalloc_addr+0x86/0xa0
[  777.584114][T17340]  netlink_sendmsg+0x8d1/0xdd0
[  777.584136][T17340]  ? __pfx_netlink_sendmsg+0x10/0x10
[  777.584159][T17340]  __sys_sendto+0x4a3/0x520
[  777.584184][T17340]  ? __pfx___sys_sendto+0x10/0x10
[  777.584252][T17340]  ? ksys_write+0x1ac/0x250
[  777.584268][T17340]  ? __pfx_ksys_write+0x10/0x10
[  777.584285][T17340]  __ia32_sys_sendto+0xdd/0x1b0
[  777.584309][T17340]  ? lockdep_hardirqs_on+0x7c/0x110
[  777.584325][T17340]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  777.584341][T17340]  __do_fast_syscall_32+0x7c/0x3a0
[  777.584360][T17340]  do_fast_syscall_32+0x32/0x80
[  777.584373][T17340]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  777.584399][T17340] RIP: 0023:0xf711e579
[  777.584412][T17340] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  777.584428][T17340] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  777.584444][T17340] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  777.584455][T17340] RDX: 0000000000010a73 RSI: 0000000000000800 RDI: 0000000000000000
[  777.584464][T17340] RBP: 000000005a5de35b R08: 0000000000000000 R09: 0000000000000000
[  777.584470][T17340] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  777.584479][T17340] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  777.584501][T17340]  </TASK>
[  777.769068][T17349] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  777.771139][T17349] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  777.775294][T17349] vhci_hcd vhci_hcd.0: Device attached
[  777.780990][T17350] usbip_core: unknown command
[  777.782551][T17350] vhci_hcd: unknown pdu 0
[  777.784030][T17350] usbip_core: unknown command
[  777.788348][T17353] netlink: 67 bytes leftover after parsing attributes in process `syz.1.3047'.
[  777.790884][   T13] vhci_hcd: stop threads
[  777.792856][   T13] vhci_hcd: release socket
[  777.794734][   T13] vhci_hcd: disconnect device
[  778.208005][ T1141] IPVS: stop unused estimator thread 0...
[  779.088520][   T40] audit: type=1800 audit(2000001277.660:126): pid=17366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3052" name="file1" dev="tmpfs" ino=2368 res=0 errno=0
[  779.475706][T17377] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3057'.
[  779.480938][T17377] netlink: 'syz.4.3057': attribute type 15 has an invalid length.
[  779.752986][   T40] audit: type=1326 audit(2000001278.364:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17375 comm="syz.4.3057" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  780.886135][T17405] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  781.188419][T17417] netlink: 'syz.4.3069': attribute type 4 has an invalid length.
[  781.621831][T17434] FAULT_INJECTION: forcing a failure.
[  781.621831][T17434] name failslab, interval 1, probability 0, space 0, times 0
[  781.628079][T17434] CPU: 3 UID: 0 PID: 17434 Comm: syz.2.3076 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  781.628094][T17434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  781.628101][T17434] Call Trace:
[  781.628105][T17434]  <TASK>
[  781.628109][T17434]  dump_stack_lvl+0x16c/0x1f0
[  781.628124][T17434]  should_fail_ex+0x512/0x640
[  781.628135][T17434]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  781.628148][T17434]  should_failslab+0xc2/0x120
[  781.628184][T17434]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  781.628198][T17434]  ? __alloc_skb+0x2b2/0x380
[  781.628211][T17434]  __alloc_skb+0x2b2/0x380
[  781.628220][T17434]  ? __pfx___alloc_skb+0x10/0x10
[  781.628235][T17434]  netlink_ack+0x15d/0xb80
[  781.628248][T17434]  ? __pfx___dev_queue_xmit+0x10/0x10
[  781.628266][T17434]  netlink_rcv_skb+0x332/0x420
[  781.628279][T17434]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  781.628295][T17434]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  781.628313][T17434]  ? ns_capable+0xd7/0x110
[  781.628327][T17434]  nfnetlink_rcv+0x1b3/0x430
[  781.628342][T17434]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  781.628355][T17434]  ? netlink_deliver_tap+0x1ae/0xd30
[  781.628374][T17434]  netlink_unicast+0x58d/0x850
[  781.628388][T17434]  ? __pfx_netlink_unicast+0x10/0x10
[  781.628404][T17434]  netlink_sendmsg+0x8d1/0xdd0
[  781.628418][T17434]  ? __pfx_netlink_sendmsg+0x10/0x10
[  781.628432][T17434]  ? __import_iovec+0x1dd/0x650
[  781.628446][T17434]  ____sys_sendmsg+0xa98/0xc70
[  781.628461][T17434]  ? __pfx_____sys_sendmsg+0x10/0x10
[  781.628474][T17434]  ? get_compat_msghdr+0x11a/0x170
[  781.628491][T17434]  ___sys_sendmsg+0x134/0x1d0
[  781.628503][T17434]  ? __pfx____sys_sendmsg+0x10/0x10
[  781.628519][T17434]  ? find_held_lock+0x2b/0x80
[  781.628538][T17434]  __sys_sendmsg+0x16d/0x220
[  781.628549][T17434]  ? __pfx___sys_sendmsg+0x10/0x10
[  781.628565][T17434]  ? rcu_is_watching+0x12/0xc0
[  781.628578][T17434]  __do_fast_syscall_32+0x7c/0x3a0
[  781.628590][T17434]  do_fast_syscall_32+0x32/0x80
[  781.628601][T17434]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  781.628614][T17434] RIP: 0023:0xf7fd1579
[  781.628625][T17434] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  781.628635][T17434] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  781.628646][T17434] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  781.628652][T17434] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[  781.628659][T17434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  781.628665][T17434] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  781.628671][T17434] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  781.628683][T17434]  </TASK>
[  781.723392][    C3] vkms_vblank_simulate: vblank timer overrun
[  781.759709][   T40] audit: type=1800 audit(2000001280.474:128): pid=17437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3077" name="file1" dev="tmpfs" ino=710 res=0 errno=0
[  781.882101][T17441] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3071'.
[  782.923118][T17457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3082'.
[  782.926059][T17457] netlink: 'syz.1.3082': attribute type 15 has an invalid length.
[  783.066051][   T40] audit: type=1326 audit(2000001281.838:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17455 comm="syz.1.3082" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  785.168745][T17488] FAULT_INJECTION: forcing a failure.
[  785.168745][T17488] name failslab, interval 1, probability 0, space 0, times 0
[  785.173765][T17488] CPU: 0 UID: 0 PID: 17488 Comm: syz.1.3090 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  785.173783][T17488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  785.173790][T17488] Call Trace:
[  785.173794][T17488]  <TASK>
[  785.173798][T17488]  dump_stack_lvl+0x16c/0x1f0
[  785.173812][T17488]  should_fail_ex+0x512/0x640
[  785.173824][T17488]  ? __kmalloc_noprof+0xbf/0x510
[  785.173836][T17488]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  785.173852][T17488]  should_failslab+0xc2/0x120
[  785.173865][T17488]  __kmalloc_noprof+0xd2/0x510
[  785.173874][T17488]  ? __pfx___mutex_trylock_common+0x10/0x10
[  785.173892][T17488]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  785.173911][T17488]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  785.173926][T17488]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  785.173940][T17488]  ? trace_cap_capable+0x18d/0x200
[  785.173957][T17488]  ? bpf_lsm_capable+0x9/0x10
[  785.173972][T17488]  ? security_capable+0x7e/0x260
[  785.173985][T17488]  ? ns_capable+0xd7/0x110
[  785.173997][T17488]  genl_rcv_msg+0x55c/0x800
[  785.174013][T17488]  ? __pfx_genl_rcv_msg+0x10/0x10
[  785.174027][T17488]  ? __pfx_wg_set_device+0x10/0x10
[  785.174045][T17488]  netlink_rcv_skb+0x155/0x420
[  785.174058][T17488]  ? __pfx_genl_rcv_msg+0x10/0x10
[  785.174072][T17488]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  785.174090][T17488]  ? netlink_deliver_tap+0x1ae/0xd30
[  785.174104][T17488]  genl_rcv+0x28/0x40
[  785.174116][T17488]  netlink_unicast+0x58d/0x850
[  785.174130][T17488]  ? __pfx_netlink_unicast+0x10/0x10
[  785.174146][T17488]  netlink_sendmsg+0x8d1/0xdd0
[  785.174161][T17488]  ? __pfx_netlink_sendmsg+0x10/0x10
[  785.174174][T17488]  ? __import_iovec+0x1dd/0x650
[  785.174189][T17488]  ____sys_sendmsg+0xa98/0xc70
[  785.174205][T17488]  ? __pfx_____sys_sendmsg+0x10/0x10
[  785.174218][T17488]  ? get_compat_msghdr+0x11a/0x170
[  785.174236][T17488]  ___sys_sendmsg+0x134/0x1d0
[  785.174247][T17488]  ? __pfx____sys_sendmsg+0x10/0x10
[  785.174265][T17488]  ? find_held_lock+0x2b/0x80
[  785.174284][T17488]  __sys_sendmsg+0x16d/0x220
[  785.174295][T17488]  ? __pfx___sys_sendmsg+0x10/0x10
[  785.174311][T17488]  ? rcu_is_watching+0x12/0xc0
[  785.174329][T17488]  __do_fast_syscall_32+0x7c/0x3a0
[  785.174341][T17488]  do_fast_syscall_32+0x32/0x80
[  785.174352][T17488]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  785.174366][T17488] RIP: 0023:0xf7f25579
[  785.174374][T17488] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  785.174385][T17488] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  785.174395][T17488] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  785.174402][T17488] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  785.174409][T17488] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  785.174415][T17488] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  785.174421][T17488] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  785.174434][T17488]  </TASK>
[  785.313715][T17490] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3091'.
[  785.844476][T17497] 9pnet: p9_errstr2errno: server reported unknown error ÿÿ
[  786.452781][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  786.454977][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  786.853049][ T5967] Bluetooth: hci4: adv larger than maximum supported
[  786.853086][ T5967] Bluetooth: hci4: Malformed LE Event: 0x0d
[  787.010182][T17528] FAULT_INJECTION: forcing a failure.
[  787.010182][T17528] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  787.015904][T17528] CPU: 3 UID: 0 PID: 17528 Comm: syz.1.3101 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  787.015941][T17528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  787.015951][T17528] Call Trace:
[  787.015957][T17528]  <TASK>
[  787.015963][T17528]  dump_stack_lvl+0x16c/0x1f0
[  787.015985][T17528]  should_fail_ex+0x512/0x640
[  787.016008][T17528]  _copy_from_user+0x2e/0xd0
[  787.016029][T17528]  get_compat_msghdr+0xa7/0x170
[  787.016049][T17528]  ? __pfx_get_compat_msghdr+0x10/0x10
[  787.016075][T17528]  ___sys_sendmsg+0x1ae/0x1d0
[  787.016094][T17528]  ? __pfx____sys_sendmsg+0x10/0x10
[  787.016140][T17528]  ? find_held_lock+0x2b/0x80
[  787.016172][T17528]  __sys_sendmsg+0x16d/0x220
[  787.016186][T17528]  ? __pfx___sys_sendmsg+0x10/0x10
[  787.016213][T17528]  ? rcu_is_watching+0x12/0xc0
[  787.016235][T17528]  __do_fast_syscall_32+0x7c/0x3a0
[  787.016257][T17528]  do_fast_syscall_32+0x32/0x80
[  787.016276][T17528]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  787.016298][T17528] RIP: 0023:0xf7f25579
[  787.016311][T17528] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  787.016334][T17528] RSP: 002b:00000000f500455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  787.016350][T17528] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  787.016361][T17528] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  787.016371][T17528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  787.016380][T17528] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  787.016391][T17528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  787.016413][T17528]  </TASK>
[  787.248339][T17529] xt_CT: You must specify a L4 protocol and not use inversions on it
[  787.280043][T17537] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3103'.
[  787.998899][T17544] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  788.001489][T17544] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  788.007936][T17544] vhci_hcd vhci_hcd.0: Device attached
[  788.013120][T17545] usbip_core: unknown command
[  788.015168][T17545] vhci_hcd: unknown pdu 0
[  788.016950][T17545] usbip_core: unknown command
[  788.162889][ T1138] vhci_hcd: stop threads
[  788.165743][ T1138] vhci_hcd: release socket
[  788.172605][ T1138] vhci_hcd: disconnect device
[  788.204586][ T5824] vhci_hcd: vhci_device speed not set
[  788.332651][T17529] 9p: Unknown Cache mode or invalid value fscach
[  790.476997][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  790.797025][   T53] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  790.841255][T17569] FAULT_INJECTION: forcing a failure.
[  790.841255][T17569] name failslab, interval 1, probability 0, space 0, times 0
[  790.848955][T17569] CPU: 1 UID: 0 PID: 17569 Comm: syz.0.3109 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  790.848980][T17569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  790.848992][T17569] Call Trace:
[  790.848998][T17569]  <TASK>
[  790.849006][T17569]  dump_stack_lvl+0x16c/0x1f0
[  790.849029][T17569]  should_fail_ex+0x512/0x640
[  790.849047][T17569]  ? __kvmalloc_node_noprof+0x124/0x620
[  790.849078][T17569]  should_failslab+0xc2/0x120
[  790.849099][T17569]  __kvmalloc_node_noprof+0x137/0x620
[  790.849125][T17569]  ? __pfx___mutex_lock+0x10/0x10
[  790.849143][T17569]  ? traverse.part.0.constprop.0+0x392/0x640
[  790.849168][T17569]  ? __pfx_aa_file_perm+0x10/0x10
[  790.849189][T17569]  ? traverse.part.0.constprop.0+0x392/0x640
[  790.849212][T17569]  traverse.part.0.constprop.0+0x392/0x640
[  790.849236][T17569]  ? find_held_lock+0x2b/0x80
[  790.849262][T17569]  seq_read_iter+0x932/0x12c0
[  790.849298][T17569]  vfs_read+0x8bc/0xc60
[  790.849320][T17569]  ? __pfx_vfs_read+0x10/0x10
[  790.849333][T17569]  ? find_held_lock+0x2b/0x80
[  790.849368][T17569]  ksys_pread64+0x161/0x1a0
[  790.849385][T17569]  ? __pfx_ksys_pread64+0x10/0x10
[  790.849404][T17569]  ? rcu_is_watching+0x12/0xc0
[  790.849426][T17569]  __do_fast_syscall_32+0x7c/0x3a0
[  790.849447][T17569]  do_fast_syscall_32+0x32/0x80
[  790.849465][T17569]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  790.849486][T17569] RIP: 0023:0xf711e579
[  790.849499][T17569] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  790.849515][T17569] RSP: 002b:00000000f50cc55c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4
[  790.849531][T17569] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080002240
[  790.849542][T17569] RDX: 00000000000000ed RSI: 00000000000004eb RDI: 0000000000000000
[  790.849552][T17569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  790.849567][T17569] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  790.849577][T17569] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  790.849601][T17569]  </TASK>
[  791.019436][   T53] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  791.022453][   T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.025047][   T53] usb 6-1: Product: syz
[  791.026620][   T53] usb 6-1: Manufacturer: syz
[  791.028333][   T53] usb 6-1: SerialNumber: syz
[  791.038834][   T53] usb 6-1: config 0 descriptor??
[  791.186219][   T24] usb 7-1: new full-speed USB device number 23 using dummy_hcd
[  791.356291][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  791.360447][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  791.365825][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  791.369473][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.433305][ T1342] usb 6-1: USB disconnect, device number 9
[  791.570967][   T24] usb 7-1: usb_control_msg returned -32
[  791.573366][   T24] usbtmc 7-1:16.0: can't read capabilities
[  792.040603][T17583] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  792.043977][T17583] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  792.047727][T17583] vhci_hcd vhci_hcd.0: Device attached
[  792.055887][T17584] usbip_core: unknown command
[  792.057976][T17584] vhci_hcd: unknown pdu 0
[  792.059785][T17584] usbip_core: unknown command
[  792.062068][ T1138] vhci_hcd: stop threads
[  792.065412][ T1138] vhci_hcd: release socket
[  792.067489][ T1138] vhci_hcd: disconnect device
[  792.069776][T17586] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3113'.
[  792.074612][T17586] netlink: 'syz.0.3113': attribute type 15 has an invalid length.
[  793.801543][ T5824] usb 7-1: USB disconnect, device number 23
[  795.831505][T17625] tmpfs: Bad value for 'mpol'
[  795.882148][T15129] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  796.169100][T17629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3125'.
[  796.173012][T17629] netlink: 'syz.0.3125': attribute type 15 has an invalid length.
[  796.607650][ T5824] usb 7-1: new full-speed USB device number 24 using dummy_hcd
[  796.794492][ T5824] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  796.798635][ T5824] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  796.804470][ T5824] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  796.816377][ T5824] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  797.020537][ T5824] usb 7-1: usb_control_msg returned -32
[  797.022516][ T5824] usbtmc 7-1:16.0: can't read capabilities
[  797.199344][T17641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3128'.
[  797.202179][T17641] netlink: 'syz.0.3128': attribute type 15 has an invalid length.
[  797.381087][   T40] audit: type=1326 audit(2000001296.872:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17639 comm="syz.0.3128" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  797.857955][T17625] Set syz1 is full, maxelem 65536 reached
[  797.938629][T17649] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  797.941407][T17649] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  797.944515][T17649] vhci_hcd vhci_hcd.0: Device attached
[  797.948938][T17650] usbip_core: unknown command
[  797.951180][T17650] vhci_hcd: unknown pdu 0
[  797.952996][T17650] usbip_core: unknown command
[  797.954740][ T1151] vhci_hcd: stop threads
[  797.956788][ T1151] vhci_hcd: release socket
[  797.958882][ T1151] vhci_hcd: disconnect device
[  799.153943][T17663] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  799.156685][T17663] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  799.160192][T17663] vhci_hcd vhci_hcd.0: Device attached
[  799.166145][T17664] usbip_core: unknown command
[  799.168212][T17664] vhci_hcd: unknown pdu 0
[  799.170202][T17664] usbip_core: unknown command
[  799.173075][T13357] vhci_hcd: stop threads
[  799.174531][T13357] vhci_hcd: release socket
[  799.175986][T13357] vhci_hcd: disconnect device
[  799.423229][  T838] usb 7-1: USB disconnect, device number 24
[  799.616949][T17674] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3133'.
[  800.994895][T17682] openvswitch: netlink: IP tunnel dst address not specified
[  801.188389][  T838] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  801.553951][  T838] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  801.556737][  T838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  801.559192][  T838] usb 7-1: Product: syz
[  801.560656][  T838] usb 7-1: Manufacturer: syz
[  801.562173][  T838] usb 7-1: SerialNumber: syz
[  801.564789][  T838] usb 7-1: config 0 descriptor??
[  801.920723][  T838] usb 7-1: USB disconnect, device number 25
[  802.064993][T17707] vivid-007: =================  START STATUS  =================
[  802.068163][T17707] vivid-007: Enable Output Cropping: true
[  802.071088][T17707] vivid-007: Enable Output Composing: true
[  802.073556][T17707] vivid-007: Enable Output Scaler: true
[  802.076015][T17707] vivid-007: Tx RGB Quantization Range: Automatic
[  802.079346][T17707] vivid-007: Transmit Mode: HDMI
[  802.081587][T17707] vivid-007: Hotplug Present: 0x00000000
[  802.084049][T17707] vivid-007: RxSense Present: 0x00000000
[  802.086421][T17707] vivid-007: EDID Present: 0x00000000
[  802.088715][T17707] vivid-007: ==================  END STATUS  ==================
[  802.134764][T17708] blktrace: Concurrent blktraces are not allowed on sg0
[  802.627917][T17712] tc_dump_action: action bad kind
[  803.646365][T17710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3147'.
[  803.771246][T17724] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3152'.
[  803.826929][ T1342] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  803.835785][   T40] audit: type=1804 audit(2000001303.643:131): pid=17724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3152" name="/newroot/284/file0/file0" dev="9p" ino=35913879 res=1 errno=0
[  803.944801][T17726] overlayfs: unescaped trailing colons in lowerdir mount option.
[  803.960999][T17726] netlink: 'syz.1.3153': attribute type 1 has an invalid length.
[  803.964166][T17726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3153'.
[  803.992807][ T1342] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  803.994880][T17726] bond1 (unregistering): Released all slaves
[  803.996339][ T1342] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  804.004742][ T1342] usb 7-1: Product: syz
[  804.006522][ T1342] usb 7-1: Manufacturer: syz
[  804.008866][ T1342] usb 7-1: SerialNumber: syz
[  804.020138][ T1342] usb 7-1: config 0 descriptor??
[  804.315917][ T5824] usb 7-1: USB disconnect, device number 26
[  804.456147][T17737] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  804.459190][T17737] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  804.466838][T17737] vhci_hcd vhci_hcd.0: Device attached
[  804.472266][T17738] usbip_core: unknown command
[  804.473810][T17738] vhci_hcd: unknown pdu 0
[  804.475665][T17738] usbip_core: unknown command
[  804.485440][T13357] vhci_hcd: stop threads
[  804.486825][T13357] vhci_hcd: release socket
[  804.502692][T13357] vhci_hcd: disconnect device
[  804.916055][T17746] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3158'.
[  804.918835][T17746] netlink: 'syz.2.3158': attribute type 15 has an invalid length.
[  804.939881][T17747] 9pnet_virtio: no channels available for device syz
[  805.424248][   T40] audit: type=1326 audit(2000001305.312:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17744 comm="syz.2.3158" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x0
[  806.566569][T17762] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3161'.
[  806.825128][T17766] netlink: 'syz.0.3163': attribute type 3 has an invalid length.
[  806.827980][T17766] netlink: 'syz.0.3163': attribute type 3 has an invalid length.
[  806.831400][T17766] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3163'.
[  807.246847][T17772] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  807.248954][T17772] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  807.252070][T17772] vhci_hcd vhci_hcd.0: Device attached
[  807.257575][T17773] usbip_core: unknown command
[  807.259087][T17773] vhci_hcd: unknown pdu 0
[  807.260480][T17773] usbip_core: unknown command
[  807.264768][T14356] vhci_hcd: stop threads
[  807.268851][T14356] vhci_hcd: release socket
[  807.270797][T14356] vhci_hcd: disconnect device
[  808.165057][ T5824] usb 9-1: new full-speed USB device number 10 using dummy_hcd
[  808.338613][ T5824] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  808.342996][ T5824] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  808.356721][ T5824] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  808.360609][ T5824] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.594034][ T5824] usb 9-1: usb_control_msg returned -32
[  808.595881][ T5824] usbtmc 9-1:16.0: can't read capabilities
[  808.973611][T17794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3170'.
[  808.976357][T17794] netlink: 'syz.0.3170': attribute type 15 has an invalid length.
[  809.042036][   T40] audit: type=1326 audit(2000001309.112:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17791 comm="syz.0.3170" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  810.797046][T17812] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  810.799805][T17812] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  810.805360][ T1342] usb 9-1: USB disconnect, device number 10
[  810.805536][T17812] vhci_hcd vhci_hcd.0: Device attached
[  810.834604][T17813] usbip_core: unknown command
[  810.836154][T17813] vhci_hcd: unknown pdu 0
[  810.837486][T17813] usbip_core: unknown command
[  810.843263][ T1151] vhci_hcd: stop threads
[  810.845089][ T1151] vhci_hcd: release socket
[  811.000341][ T1151] vhci_hcd: disconnect device
[  811.111095][T17822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3178'.
[  811.116793][T17822] netlink: 'syz.0.3178': attribute type 15 has an invalid length.
[  811.390426][   T40] audit: type=1326 audit(2000001311.432:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17820 comm="syz.0.3178" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  811.743055][ T3240] usb 41-1: new high-speed USB device number 31 using vhci_hcd
[  811.746165][ T3240] usb 41-1: enqueue for inactive port 0
[  813.057183][ T3240] vhci_hcd: vhci_device speed not set
[  814.823132][ T1342] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[  814.878255][T17850] x_tables: duplicate underflow at hook 1
[  814.917561][T17862] blktrace: Concurrent blktraces are not allowed on sg0
[  814.975261][ T1342] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  814.978328][ T1342] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  814.982983][ T1342] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  814.986418][ T1342] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  815.242951][ T1342] usb 9-1: usb_control_msg returned -32
[  815.244750][ T1342] usbtmc 9-1:16.0: can't read capabilities
[  815.387288][   T40] audit: type=1326 audit(2000001315.768:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.394300][   T40] audit: type=1326 audit(2000001315.768:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.402120][   T40] audit: type=1326 audit(2000001315.768:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.409535][   T40] audit: type=1326 audit(2000001315.768:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.416099][   T40] audit: type=1326 audit(2000001315.768:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.429038][   T40] audit: type=1326 audit(2000001315.768:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=349 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.435583][   T40] audit: type=1326 audit(2000001315.768:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.448005][   T40] audit: type=1326 audit(2000001315.768:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.454543][   T40] audit: type=1326 audit(2000001315.768:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=93 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.473730][   T40] audit: type=1326 audit(2000001315.768:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17867 comm="syz.0.3190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  815.867368][ T6021] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  816.016729][ T6021] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  816.019646][ T6021] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.022072][ T6021] usb 6-1: Product: syz
[  816.023354][ T6021] usb 6-1: Manufacturer: syz
[  816.026471][ T6021] usb 6-1: SerialNumber: syz
[  816.033814][ T6021] usb 6-1: config 0 descriptor??
[  816.422465][ T6021] usb 6-1: USB disconnect, device number 11
[  817.058978][ T6021] usb 9-1: USB disconnect, device number 11
[  820.124371][ T1138] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  820.278690][T17947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3212'.
[  820.361565][T17949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3213'.
[  821.670145][T17963] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3216'.
[  822.608610][T17984] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3221'.
[  822.611770][T17984] netlink: 'syz.1.3221': attribute type 15 has an invalid length.
[  822.735247][   T40] kauditd_printk_skb: 455 callbacks suppressed
[  822.738471][   T40] audit: type=1326 audit(2000001323.484:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17980 comm="syz.1.3221" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x0
[  823.398348][   T40] audit: type=1800 audit(2000001324.177:601): pid=17996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3225" name="file1" dev="tmpfs" ino=2573 res=0 errno=0
[  823.849245][T18007] blktrace: Concurrent blktraces are not allowed on sg0
[  824.733892][T18016] netlink: 'syz.1.3230': attribute type 1 has an invalid length.
[  824.736618][T18016] netlink: 'syz.1.3230': attribute type 1 has an invalid length.
[  824.936257][T11024] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  825.342658][   T40] audit: type=1800 audit(2000001326.224:602): pid=18034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3234" name="file1" dev="tmpfs" ino=909 res=0 errno=0
[  826.457041][T18062] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  826.460662][T18062] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  826.463459][T18062] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  826.466651][T18062] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  826.469570][T18062] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  826.472505][T18062] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  826.475050][T18062] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  826.477191][T18062] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  826.479279][T18062] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  826.481864][T18062] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  826.483899][T18062] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  826.485901][T18062] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  826.488500][T18062] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  826.491192][T18062] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  826.493899][T18062] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  831.537029][T18085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3241'.
[  831.537060][T18085] netlink: 'syz.0.3241': attribute type 15 has an invalid length.
[  831.654172][   T40] audit: type=1326 audit(2000001332.848:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18075 comm="syz.0.3241" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  832.108244][T18097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3247'.
[  834.292086][T18133] input: syz0 as /devices/virtual/input/input11
[  834.880748][T18146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3258'.
[  834.883873][T18146] netlink: 'syz.0.3258': attribute type 15 has an invalid length.
[  835.090412][ T1118] sr 2:0:0:0: [sr0] tag#23 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  835.093572][ T1118] sr 2:0:0:0: [sr0] tag#23 Sense Key : Illegal Request [current] 
[  835.096092][ T1118] sr 2:0:0:0: [sr0] tag#23 Add. Sense: Invalid command operation code
[  835.119052][   T40] audit: type=1326 audit(2000001336.481:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18144 comm="syz.0.3258" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0
[  835.128315][ T1118] sr 2:0:0:0: [sr0] tag#23 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00
[  835.131588][ T1118] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[  835.157145][ T1118] buffer_io_error: 5 callbacks suppressed
[  835.157190][ T1118] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  835.161794][ T1118] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  837.949029][T18198] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  837.951855][T18198] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  837.955154][T18198] vhci_hcd vhci_hcd.0: Device attached
[  837.963927][T18199] usbip_core: unknown command
[  837.966526][T18199] vhci_hcd: unknown pdu 0
[  837.968111][T18199] usbip_core: unknown command
[  837.969889][ T1141] vhci_hcd: stop threads
[  837.971240][ T1141] vhci_hcd: release socket
[  837.973093][ T1141] vhci_hcd: disconnect device
[  838.860963][T18205] program syz.4.3274 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  839.097945][T18223] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3275'.
[  839.349611][T18226] input: syz1 as /devices/virtual/input/input12
[  841.960913][T18248] FAULT_INJECTION: forcing a failure.
[  841.960913][T18248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.965003][T18248] CPU: 3 UID: 0 PID: 18248 Comm: syz.4.3288 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  841.965018][T18248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  841.965024][T18248] Call Trace:
[  841.965029][T18248]  <TASK>
[  841.965033][T18248]  dump_stack_lvl+0x16c/0x1f0
[  841.965048][T18248]  should_fail_ex+0x512/0x640
[  841.965062][T18248]  strncpy_from_user+0x3b/0x2e0
[  841.965080][T18248]  bpf_prog_load+0x1aef/0x2490
[  841.965099][T18248]  ? __pfx_bpf_prog_load+0x10/0x10
[  841.965126][T18248]  __sys_bpf+0x4d1a/0x4ea0
[  841.965137][T18248]  ? __pfx___sys_bpf+0x10/0x10
[  841.965146][T18248]  ? ksys_write+0x190/0x250
[  841.965170][T18248]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  841.965192][T18248]  ? fput+0x70/0xf0
[  841.965204][T18248]  ? ksys_write+0x1ac/0x250
[  841.965213][T18248]  ? __pfx_ksys_write+0x10/0x10
[  841.965225][T18248]  __ia32_sys_bpf+0x76/0xe0
[  841.965236][T18248]  __do_fast_syscall_32+0x7c/0x3a0
[  841.965248][T18248]  do_fast_syscall_32+0x32/0x80
[  841.965259][T18248]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.965273][T18248] RIP: 0023:0xf7fd8579
[  841.965282][T18248] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  841.965292][T18248] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  841.965303][T18248] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800001c0
[  841.965309][T18248] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  841.965319][T18248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  841.965325][T18248] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  841.965331][T18248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  841.965344][T18248]  </TASK>
[  842.098773][T18251] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3289'.
[  842.102090][T18251] netlink: 'syz.4.3289': attribute type 15 has an invalid length.
[  842.196403][  T837] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  842.333764][   T40] audit: type=1326 audit(2000001344.039:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18249 comm="syz.4.3289" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  842.361916][  T837] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  842.365552][  T837] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  842.373054][  T837] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  842.376038][  T837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.649258][  T837] usb 6-1: usb_control_msg returned -32
[  842.732314][  T837] usbtmc 6-1:16.0: can't read capabilities
[  844.317381][T18286] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  844.329809][T18286] CIFS mount error: No usable UNC path provided in device string!
[  844.329809][T18286] 
[  844.333214][T18286] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  844.799498][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  844.803087][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  844.852397][ T3240] usb 6-1: USB disconnect, device number 12
[  845.272699][ T3240] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  845.600318][   T40] audit: type=1804 audit(2000001347.493:606): pid=18305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3302" name="/newroot/516/file0/file0" dev="9p" ino=35913879 res=1 errno=0
[  846.100521][T18309] tipc: Failed to remove unknown binding: 66,1,1/2886997007:2517597479/2517597481
[  846.104801][T18309] tipc: Failed to remove unknown binding: 66,1,1/2886997007:2517597479/2517597481
[  846.207930][ T3240] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  846.211502][ T3240] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  846.215024][ T3240] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  846.219693][ T3240] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  846.222543][ T3240] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.232745][ T3240] usb 6-1: config 0 descriptor??
[  846.820345][T18295] netlink: 'syz.1.3300': attribute type 3 has an invalid length.
[  846.825781][T11024] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  846.847590][T18327] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3308'.
[  846.981408][T11024] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  846.985252][T11024] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.988622][T11024] usb 7-1: Product: syz
[  846.990375][T11024] usb 7-1: Manufacturer: syz
[  846.992153][T11024] usb 7-1: SerialNumber: syz
[  846.996258][T11024] usb 7-1: config 0 descriptor??
[  847.042796][ T3240] usbhid 6-1:0.0: can't add hid device: -71
[  847.044854][ T3240] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  847.055089][ T3240] usb 6-1: USB disconnect, device number 13
[  847.286798][ T6028] usb 7-1: USB disconnect, device number 27
[  847.421528][T18335] random: crng reseeded on system resumption
[  847.424298][T18335] FAULT_INJECTION: forcing a failure.
[  847.424298][T18335] name failslab, interval 1, probability 0, space 0, times 0
[  847.428512][T18335] CPU: 1 UID: 0 PID: 18335 Comm: syz.4.3309 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  847.428538][T18335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  847.428546][T18335] Call Trace:
[  847.428550][T18335]  <TASK>
[  847.428555][T18335]  dump_stack_lvl+0x16c/0x1f0
[  847.428569][T18335]  should_fail_ex+0x512/0x640
[  847.428583][T18335]  should_failslab+0xc2/0x120
[  847.428596][T18335]  __kmalloc_cache_noprof+0x6a/0x3e0
[  847.428611][T18335]  ? do_raw_spin_lock+0x12c/0x2b0
[  847.428627][T18335]  ? find_held_lock+0x2b/0x80
[  847.428637][T18335]  ? async_schedule_node_domain+0x54/0x120
[  847.428652][T18335]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  847.428669][T18335]  async_schedule_node_domain+0x54/0x120
[  847.428682][T18335]  dev_cache_fw_image+0x38e/0x490
[  847.428699][T18335]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  847.428715][T18335]  ? dev_cache_fw_image+0x398/0x490
[  847.428730][T18335]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  847.428746][T18335]  dpm_for_each_dev+0x5d/0xb0
[  847.428761][T18335]  fw_pm_notify+0x81/0x150
[  847.428774][T18335]  notifier_call_chain+0xbc/0x410
[  847.428787][T18335]  ? __pfx_fw_pm_notify+0x10/0x10
[  847.428804][T18335]  blocking_notifier_call_chain_robust+0xc8/0x160
[  847.428819][T18335]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  847.428837][T18335]  pm_notifier_call_chain_robust+0x27/0x60
[  847.428852][T18335]  snapshot_open+0x218/0x2b0
[  847.428865][T18335]  ? __pfx_snapshot_open+0x10/0x10
[  847.428878][T18335]  misc_open+0x35a/0x420
[  847.428894][T18335]  ? __pfx_misc_open+0x10/0x10
[  847.428908][T18335]  chrdev_open+0x231/0x6a0
[  847.428920][T18335]  ? __pfx_apparmor_file_open+0x10/0x10
[  847.428936][T18335]  ? __pfx_chrdev_open+0x10/0x10
[  847.428948][T18335]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  847.428967][T18335]  do_dentry_open+0x744/0x1c10
[  847.428978][T18335]  ? __pfx_chrdev_open+0x10/0x10
[  847.428992][T18335]  vfs_open+0x82/0x3f0
[  847.429007][T18335]  path_openat+0x1de4/0x2cb0
[  847.429022][T18335]  ? __pfx_path_openat+0x10/0x10
[  847.429042][T18335]  do_filp_open+0x20b/0x470
[  847.429052][T18335]  ? __pfx_do_filp_open+0x10/0x10
[  847.429062][T18335]  ? rcu_is_watching+0x12/0xc0
[  847.429083][T18335]  ? _raw_spin_unlock+0x28/0x50
[  847.429098][T18335]  ? alloc_fd+0x471/0x7d0
[  847.429118][T18335]  do_sys_openat2+0x11b/0x1d0
[  847.429131][T18335]  ? __pfx_do_sys_openat2+0x10/0x10
[  847.429146][T18335]  ? __fget_files+0x20e/0x3c0
[  847.429165][T18335]  __ia32_compat_sys_openat+0x16d/0x210
[  847.429179][T18335]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  847.429193][T18335]  ? ksys_write+0x1ac/0x250
[  847.429205][T18335]  ? rcu_is_watching+0x12/0xc0
[  847.429218][T18335]  __do_fast_syscall_32+0x7c/0x3a0
[  847.429231][T18335]  do_fast_syscall_32+0x32/0x80
[  847.429242][T18335]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  847.429255][T18335] RIP: 0023:0xf7fd8579
[  847.429264][T18335] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  847.429275][T18335] RSP: 002b:00000000f50b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  847.429285][T18335] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0
[  847.429292][T18335] RDX: 00000000000c2d41 RSI: 0000000000000000 RDI: 0000000000000000
[  847.429298][T18335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  847.429304][T18335] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  847.429310][T18335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  847.429323][T18335]  </TASK>
[  847.432856][T18335] 
[  847.544266][T18335] ============================================
[  847.545993][T18335] WARNING: possible recursive locking detected
[  847.547734][T18335] 6.16.0-rc7-syzkaller #0 Not tainted
[  847.549348][T18335] --------------------------------------------
[  847.553365][T18335] syz.4.3309/18335 is trying to acquire lock:
[  847.555061][T18335] ffffffff8f512b28 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640
[  847.557258][T18335] 
[  847.557258][T18335] but task is already holding lock:
[  847.559353][T18335] ffffffff8f512b28 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  847.561690][T18335] 
[  847.561690][T18335] other info that might help us debug this:
[  847.563914][T18335]  Possible unsafe locking scenario:
[  847.563914][T18335] 
[  847.566002][T18335]        CPU0
[  847.566961][T18335]        ----
[  847.567926][T18335]   lock(fw_lock);
[  847.569010][T18335]   lock(fw_lock);
[  847.570122][T18335] 
[  847.570122][T18335]  *** DEADLOCK ***
[  847.570122][T18335] 
[  847.572380][T18335]  May be due to missing lock nesting notation
[  847.572380][T18335] 
[  847.574624][T18335] 5 locks held by syz.4.3309/18335:
[  847.576024][T18335]  #0: ffffffff8f3002e8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  847.578303][T18335]  #1: ffffffff8e488228 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0
[  847.581338][T18335]  #2: ffffffff8e4c8910 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160
[  847.584636][T18335]  #3: ffffffff8f512b28 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  847.587036][T18335]  #4: ffffffff8f50d528 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0
[  847.589695][T18335] 
[  847.589695][T18335] stack backtrace:
[  847.591878][T18335] CPU: 1 UID: 0 PID: 18335 Comm: syz.4.3309 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  847.591892][T18335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  847.591899][T18335] Call Trace:
[  847.591903][T18335]  <TASK>
[  847.591907][T18335]  dump_stack_lvl+0x116/0x1f0
[  847.591920][T18335]  print_deadlock_bug+0x1e9/0x240
[  847.591934][T18335]  __lock_acquire+0x1106/0x1c90
[  847.591948][T18335]  ? __kasan_slab_free+0x51/0x70
[  847.591960][T18335]  lock_acquire+0x179/0x350
[  847.591973][T18335]  ? assign_fw+0x4e/0x640
[  847.591987][T18335]  ? __pfx___might_resched+0x10/0x10
[  847.591998][T18335]  ? do_sys_openat2+0x11b/0x1d0
[  847.592011][T18335]  ? __ia32_compat_sys_openat+0x16d/0x210
[  847.592024][T18335]  ? __do_fast_syscall_32+0x7c/0x3a0
[  847.592035][T18335]  __mutex_lock+0x199/0xb90
[  847.592045][T18335]  ? assign_fw+0x4e/0x640
[  847.592060][T18335]  ? assign_fw+0x4e/0x640
[  847.592074][T18335]  ? __pfx___mutex_lock+0x10/0x10
[  847.592086][T18335]  ? kasan_quarantine_put+0x10a/0x240
[  847.592096][T18335]  ? lockdep_hardirqs_on+0x7c/0x110
[  847.592106][T18335]  ? assign_fw+0x4e/0x640
[  847.592119][T18335]  assign_fw+0x4e/0x640
[  847.592133][T18335]  ? _request_firmware+0x957/0x1470
[  847.592149][T18335]  _request_firmware+0x988/0x1470
[  847.592166][T18335]  ? __pfx__request_firmware+0x10/0x10
[  847.592180][T18335]  ? dump_stack_lvl+0x197/0x1f0
[  847.592190][T18335]  ? dump_stack_lvl+0x1a3/0x1f0
[  847.592200][T18335]  __async_dev_cache_fw_image+0xb1/0x340
[  847.592209][T18335]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  847.592226][T18335]  ? mark_held_locks+0x49/0x80
[  847.592238][T18335]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  847.592253][T18335]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  847.592269][T18335]  async_schedule_node_domain+0xd4/0x120
[  847.592282][T18335]  dev_cache_fw_image+0x38e/0x490
[  847.592297][T18335]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  847.592312][T18335]  ? dev_cache_fw_image+0x398/0x490
[  847.592326][T18335]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  847.592341][T18335]  dpm_for_each_dev+0x5d/0xb0
[  847.592354][T18335]  fw_pm_notify+0x81/0x150
[  847.592368][T18335]  notifier_call_chain+0xbc/0x410
[  847.592379][T18335]  ? __pfx_fw_pm_notify+0x10/0x10
[  847.592394][T18335]  blocking_notifier_call_chain_robust+0xc8/0x160
[  847.592407][T18335]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  847.592422][T18335]  pm_notifier_call_chain_robust+0x27/0x60
[  847.592437][T18335]  snapshot_open+0x218/0x2b0
[  847.592449][T18335]  ? __pfx_snapshot_open+0x10/0x10
[  847.592461][T18335]  misc_open+0x35a/0x420
[  847.592476][T18335]  ? __pfx_misc_open+0x10/0x10
[  847.592490][T18335]  chrdev_open+0x231/0x6a0
[  847.592501][T18335]  ? __pfx_apparmor_file_open+0x10/0x10
[  847.592516][T18335]  ? __pfx_chrdev_open+0x10/0x10
[  847.592526][T18335]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  847.592543][T18335]  do_dentry_open+0x744/0x1c10
[  847.592553][T18335]  ? __pfx_chrdev_open+0x10/0x10
[  847.592564][T18335]  vfs_open+0x82/0x3f0
[  847.592577][T18335]  path_openat+0x1de4/0x2cb0
[  847.592588][T18335]  ? __pfx_path_openat+0x10/0x10
[  847.592599][T18335]  do_filp_open+0x20b/0x470
[  847.592608][T18335]  ? __pfx_do_filp_open+0x10/0x10
[  847.592617][T18335]  ? rcu_is_watching+0x12/0xc0
[  847.592632][T18335]  ? _raw_spin_unlock+0x28/0x50
[  847.592645][T18335]  ? alloc_fd+0x471/0x7d0
[  847.592661][T18335]  do_sys_openat2+0x11b/0x1d0
[  847.592674][T18335]  ? __pfx_do_sys_openat2+0x10/0x10
[  847.592687][T18335]  ? __fget_files+0x20e/0x3c0
[  847.592702][T18335]  __ia32_compat_sys_openat+0x16d/0x210
[  847.592716][T18335]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  847.592730][T18335]  ? ksys_write+0x1ac/0x250
[  847.592739][T18335]  ? rcu_is_watching+0x12/0xc0
[  847.592750][T18335]  __do_fast_syscall_32+0x7c/0x3a0
[  847.592761][T18335]  do_fast_syscall_32+0x32/0x80
[  847.592771][T18335]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  847.592784][T18335] RIP: 0023:0xf7fd8579
[  847.592793][T18335] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  847.592803][T18335] RSP: 002b:00000000f50b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  847.592813][T18335] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0
[  847.592819][T18335] RDX: 00000000000c2d41 RSI: 0000000000000000 RDI: 0000000000000000
[  847.592825][T18335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  847.592831][T18335] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  847.592837][T18335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  847.592846][T18335]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  849.680799][ T1151] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)

VM DIAGNOSIS:
04:29:07  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffea0001583680 RCX=ffffffff822b5fdd RDX=ffff888027a5a440
RSI=0000000000000000 RDI=0000000000000007 RBP=ffffffff8df2c440 RSP=ffffc90004cf7418
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=000000000000001e
R12=0000000000000000 R13=0000000000000001 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81bb54d0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809752d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f155c0 CR3=000000005705b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000be70000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8556d065 RDI=ffffffff9b09f540 RBP=ffffffff9b09f500 RSP=ffffc9000c93ed00
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff9b09f500 R15=ffffffff8556d000
RIP=ffffffff8556d08f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809762d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50b3fac CR3=000000004a451000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e9364efa10949409 584ee26c8551b29f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e9a11a8c46ba76b8 0b2fb3a63e2905cd
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 04f8e23ea84d773c 7b00b3a8fb263338
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ef77f4a751260d04 a7b666138959bd8d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000068
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000028
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5634f53a4ae75d04 0000000100000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bbb6a75600000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1016dfe7a293774c ad0c8511bbc457e4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000c88f9bdb
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f064b215f8ae32aa 8c073618f9e55d04
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9f7d35358ae4eafd 91c3d4e5492e59d1
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000002818 RBX=ffffc90007422818 RCX=ffffffff86a387eb RDX=0000000000000000
RSI=ffffffff86a387f9 RDI=ffff88802398f3b6 RBP=00000000000000d8 RSP=ffffc900005389f8
R8 =0000000000000005 R9 =0000000000000000 R10=00000000000000d9 R11=0000000000000001
R12=00000000000000d9 R13=ffff88802398f380 R14=00000000ff89cd40 R15=0000000000000000
RIP=ffffffff86a38862 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007eff2a841300 ffffffff 00c00000
GS =0000 ffff88809772d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055b9387fe230 CR3=000000004b947000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 189fffffffff8b81 1882ffffffff8b81 1867ffffffff8b81 1819ffffffff8b81
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1fe3ffffffff8b81 1fc6ffffffff8b81 1fa5ffffffff8b81 1f8dffffffff8b81
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 269fffffffff8b81 25f7ffffffff8b81 2576ffffffff8b81 2434ffffffff8b81
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 476cffffffff8b82 45c8ffffffff8b81 4030ffffffff8b81 3bfcffffffff8b81
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3993ffffffff8b81 3825ffffffff8b81 37cfffffffff8b81 37c1ffffffff8b81
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 377effffffff8b81 373fffffffff8b81 32ffffffffff8b81 32b9ffffffff8b81
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 32a6ffffffff8b81 3294ffffffff8b81 3272ffffffff8b81 323dffffffff8b81
ZMM24=fd835865fd835865 fd835865fd835865 fd835865fd835865 fd835865fd835865 fd835865fd835865 fd835865fd835865 fd835865fd835865 fd835865fd835865
ZMM25=f9f93775f9f93775 f9f93775f9f93775 f9f93775f9f93775 f9f93775f9f93775 f9f93775f9f93775 f9f93775f9f93775 f9f93775f9f93775 f9f93775f9f93775
ZMM26=060e1e1f060e1e1f 060e1e1f060e1e1f 060e1e1f060e1e1f 060e1e1f060e1e1f 060e1e1f060e1e1f 060e1e1f060e1e1f 060e1e1f060e1e1f 060e1e1f060e1e1f
ZMM27=085c14a4085c14a4 085c14a4085c14a4 085c14a4085c14a4 085c14a4085c14a4 085c14a4085c14a4 085c14a4085c14a4 085c14a4085c14a4 085c14a4085c14a4
ZMM28=000001c0000001bf 000001be000001bd 000001bc000001bb 000001ba000001b9 000001b8000001b7 000001b6000001b5 000001b4000001b3 000001b2000001b1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=d6470000d6470000 d6470000d6470000 d6470000d6470000 d6470000d6470000 d6470000d6470000 d6470000d6470000 d6470000d6470000 d6470000d6470000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b341f60 RCX=ffffffff81af48fd RDX=ffff88806a9a4880
RSI=ffffffff81af48d9 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90002f6f8a0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed10056683ed R15=ffff88802b53b6c0
RIP=ffffffff81af48db RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809782d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055b9387e7ce0 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000004 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000