last executing test programs:

4.690626897s ago: executing program 3 (id=896):
ioperm(0x0, 0x5, 0x5e3b)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f0000000140), 0x1100000002, 0x40080)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000440)=ANY=[@ANYRESHEX], 0x34)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x4, "00fa00"})
pwritev(r1, &(0x7f0000000600), 0x0, 0x800000, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {0x0}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000680)=ANY=[@ANYBLOB="043e320d021b"], 0x35)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f00000041c0)={0x4}, 0x2)
shutdown(r4, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

4.489882501s ago: executing program 3 (id=897):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1e, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
gettid()
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000040)={0x5})
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r2, 0x4020565b, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c9, &(0x7f0000000100))
r4 = openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)={0x64, 0x12, 0x400, 0x70bd2a, 0x25dfdbfd, {0x1e, 0x0, 0x7, 0x9, {0x4e21, 0x4e20, [0x1a54, 0x2], [0xd7af, 0x2, 0xb, 0x35d], 0x0, [0xe1b, 0x81]}, 0x4, 0x2fe7c6a}, [@INET_DIAG_REQ_BYTECODE={0x16, 0x1, "b9848dedf3576317b13687c3ac79dc2a5b2a"}]}, 0x64}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_emit_ethernet(0x3b6, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, 0x0, 0x0, 0x1, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r6, 0x0, 0xa0028000}, 0x38)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)

4.082046214s ago: executing program 0 (id=898):
ioperm(0x0, 0xbbd3, 0x1)
r0 = syz_io_uring_setup(0x1af4, &(0x7f0000000080)={0x0, 0x0, 0x3e00}, &(0x7f0000000100), &(0x7f0000001000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
futex(&(0x7f0000001300)=0x80000001, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r3 = signalfd(0xffffffffffffffff, &(0x7f00000002c0), 0x8)
read$FUSE(r3, &(0x7f0000002900)={0x2020}, 0x2020)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec85"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x84})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000280)={0x3, r8, 0x0, 0x0, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r6, 0xc02464bb, &(0x7f0000000180)={0x3, r8})
ppoll(&(0x7f00000002c0)=[{r0}], 0x1, 0x0, 0x0, 0x0)

3.66705878s ago: executing program 3 (id=899):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x454, 0x0, 0x1170, 0x1170, 0x0, 0x1170, 0x38c, 0x1398, 0x1398, 0x38c, 0x1398, 0x3, 0x0, {[{{@uncond, 0x0, 0x120, 0x168, 0x0, {}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connmark={{0x2c}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast2, 'netpci0\x00'}}}, {{@uncond, 0x0, 0x1dc, 0x224, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @local, @remote, @remote, @private2, @rand_addr=' \x01\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @local}, @mcast1, @loopback, @remote, @mcast2, @empty, @rand_addr=' \x01\x00', @mcast1, @remote]}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x4b0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000011c0)={0x18, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x840, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0xffff0000, 0x7, 0x0, &(0x7f0000001a40)="2b206d074843b3", 0x0, 0x3, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000), &(0x7f0000000000))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4}, &(0x7f0000000040), &(0x7f00000003c0))
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r7 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r7, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket(0x1e, 0x1, 0x0)
connect$tipc(r9, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r9, &(0x7f0000000340)=ANY=[], 0x2000011a)
syz_usb_connect$uac1(0x5, 0x71, &(0x7f00000001c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x10, 0x0, 0x1, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x4d1}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x3d, 0x4e, 0xa, {0x7, 0x25, 0x1, 0x81, 0x9, 0x3}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0x4, 0x5, 0x9, {0x7, 0x25, 0x1, 0x80, 0x1, 0x5}}}}}}}]}}, 0x0)
splice(r9, 0x0, r8, 0x0, 0x4ff9c, 0x0)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)

3.666032362s ago: executing program 1 (id=900):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000300))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000cae000/0x1000)=nil, 0x1000}, 0x7})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000bfd000/0x400000)=nil, &(0x7f0000bd1000/0x2000)=nil, 0x400000, 0x3})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280), 0x6)
write(r5, &(0x7f0000000340)="05000000", 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYRES16=r3], 0x0, 0x2a, 0x0, 0x1, 0x2, 0x10000, @value}, 0x28)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000"], 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000380)=ANY=[@ANYRES16=r8, @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O\x00\x00\x00\x00\x00\x00', @ANYRES32=r10, @ANYRES32=r7, @ANYRESOCT=r4], 0x48)
socket$inet(0x2b, 0x801, 0x0)

2.935727864s ago: executing program 0 (id=902):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x100010, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
setrlimit(0xf, &(0x7f0000000640))
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYRES64=<r3=>0xffffffffffffffff], 0x28}, 0x1, 0x0, 0x0, 0x20004000}, 0x40000000)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r5 = openat$cgroup_freezer_state(r4, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r5, &(0x7f0000000040)='FROZEN\x00', 0x7)
read(r4, &(0x7f00000000c0)=""/29, 0x1d)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRES64], 0x19)
r6 = openat$cgroup_procs(r4, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000240), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB, @ANYRESHEX=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="0300"/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x15, 0xd, &(0x7f0000000540)=ANY=[@ANYRES64, @ANYRESHEX, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000500)='scmi_xfer_end\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xe, &(0x7f0000000280)=ANY=[@ANYRESDEC=r0], &(0x7f0000000340)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x8, @empty, 0xfffff021}, 0x1c)
listen(r0, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES32=r3, @ANYBLOB="069992d05addfd3469e93f45667266976485f3ab06b71f00b6c354fb48552ea43fbe4e854afcb9d5f8d8d3e4dcd8a15b7d189b8f8142e8ff1627da6e9860025eef341d16c8faae449bde783f2c42d82ad641399c9be514a67cee0e01946a4f678a33a9e13f57fdfe5a2aaef71abd4dcaa26e32cadc84bf59bbda13bdcd9cada4040000000000000074f62b1308244684a290d8eca7d38c6ef4580bd2ae0384e80b3df6b1a4944d118ee220a78ca51dca2e8d28a26a87ad04f7a8b2ad9ff64fe5b6bb4884a6d13f0dff0281105bd92ae644336156fb4d6010f004c9bc5d204a61855d773dfb49309ec7808e6c3720359ab07f4bba469301577f65fe5cdfb3000000", @ANYRES8], 0x0)

2.829227956s ago: executing program 0 (id=903):
socket$nl_netfilter(0x10, 0x3, 0xc)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002b0001000000000000000000040100800c0000000000000000000000140001000100000000000000000000000000ff0000002d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e888448c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7"], 0x114}], 0x1, 0x0, 0x0, 0x8040}, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000010c0)=ANY=[], 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000440)=ANY=[], 0x34)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x4, "00fa00"})
pwritev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000180)}], 0x1, 0x800000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f00000041c0)={0x4}, 0x2)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$inet6(0xa, 0x5, 0x0)

2.623742103s ago: executing program 1 (id=904):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7d20}]})
getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f0000000440)=""/171, &(0x7f00000003c0)=0xab)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000340))

2.471554909s ago: executing program 0 (id=906):
r0 = syz_open_dev$evdev(&(0x7f0000000540), 0x0, 0x0)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000001580)={0x3, 0x1, &(0x7f0000000580)='G'})
socket$netlink(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000001280), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETISPACE(r2, 0xc0045002, &(0x7f0000000100))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000010a0300000000000000301000e74d"], 0x20}}, 0x0)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_io_uring_setup(0x7f11, &(0x7f0000000340)={0x0, 0x40002254, 0x2, 0x0, 0x177}, &(0x7f0000000000), &(0x7f0000000280))
syz_io_uring_setup(0x67fd, &(0x7f0000000100)={0x0, 0x3400, 0x822a28cc43044cf8, 0x2, 0x0, 0x0, r5}, 0x0, 0x0)
r6 = io_uring_setup(0x4d63, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x2d6})
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
sysfs$1(0x64, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$char_usb(r7, &(0x7f0000000080)=""/139, 0x8b)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()

2.390047212s ago: executing program 2 (id=907):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce) (async)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) (async)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@dev={0xac, 0x14, 0x14, 0xa}, @in=@multicast2, 0x0, 0x3, 0x0, 0x0, 0x2, 0xc0}, {0x200000000}, {0x0, 0x0, 0x6, 0xf}, 0x0, 0x0, 0x2}, {{@in6=@loopback, 0x4d5, 0x33}, 0x0, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0xe4) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r1, 0x0) (async)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x2, 0x103) (async)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000004200)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50) (async, rerun: 64)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (rerun: 64)
acct(&(0x7f00000001c0)='./file0\x00') (async, rerun: 64)
acct(0x0) (rerun: 64)
umount2(&(0x7f0000000000)='./file0\x00', 0x0) (async, rerun: 32)
acct(0x0) (rerun: 32)
keyctl$revoke(0x6, 0x0) (async)
r4 = io_uring_setup(0x30d3, &(0x7f0000000000)) (async, rerun: 32)
r5 = socket$kcm(0x29, 0x5, 0x0) (rerun: 32)
write$cgroup_pressure(r5, &(0x7f0000000140)={'full'}, 0xfffffdef) (async)
sendmsg$kcm(r5, &(0x7f0000000d00)={0x0, 0x0, 0x0}, 0x40461c0) (async, rerun: 64)
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x0) (rerun: 64)
close_range(r4, 0xffffffffffffffff, 0x0)

1.825693376s ago: executing program 0 (id=908):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000380))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f00000006c0)=""/236, &(0x7f00000000c0)=""/80, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000300)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xa, 0x4, 0x6, 0x80, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000300)="61bf59ee7aa2993715b71166f2d369478d10c0c6839e9a40ce4786b6fcfd37273deef96cd7a63639d85f6a9a3137bee04281bbc8750fdee2e0d3b5edb72cf18c9e7e08c620d6205f5813a2e8c911d4f777cfca1e8b664df967bebc70e1062ab7c664a41c7d3c3521bafea132809c797aef994bfd16b301ff342b0a73", 0x619, r4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x10, 0xffffffffffffffff, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
fchdir(r0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x73, @local, 0x4e24, 0x1, 'ovf\x00', 0x2, 0x3, 0x80000023}, 0x2c)
openat$sr(0xffffff9c, &(0x7f0000000540), 0x0, 0x0)
unshare(0x20040600)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace(0x8, r6)

1.722196315s ago: executing program 1 (id=909):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_MSRS(r4, 0xc048aeca, &(0x7f0000000200)=ANY=[@ANYRES16=r0])
r5 = openat$ipvs(0xffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000580)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0xecb, 0x0, 0x0, 0x0, 0x0, 0x0, "3d9f38728190c900f9d86f6c482ef62a8179e244d86237ac79ced3f0b6269fda9b24acb319cef7bcb65414736ebbc4828e8c86470e256dc26bbeb1ba88e744f37948cbee495c1ed2f6658df1a9457dcf5fdc26d5bc50ec35b5627b81e456d10ccd24ee7280d4d1bc4b188cfebe34c82cf22886c0a2cb7f35b1f83ed5775b33e518d9ee8909e71eeb62d6b32970b41c0c609db15deeaf896cde8e5de75de71dab0d830aef1f9ab15d0c96be7ccacb587653a92e811971e8eac2e7e8b8163341c8a41b9616cdf40f099753693595984475eee068b956130a15acab3747933d68257cdc63e7091e70b3b72f1043370289185748f7448b5611086d8d0d6f4230928793b28f87907c87cad4a7a84eb40883dbcba2ebef0d57e648bbdb3424dd655260b26a8ab73efcf04562fbeeb348fff4c68427c886e001bc3053c0a81a004021c4cf723027e98e7c80ec99291754b96ebd9a6438fa2fa205feeef7bd6a39536d9eb81f4f29bd3e83c440e0448e64d88944758ee4b18003632414bec638195ff3e07577d9bdad1ab14da9c34ccecf3718a7022110c979e1c9ac5a1ee528c7f52e65fe6c23199dd1fb93f6893c3c3af9298923f91fa6bff3655e91f314452b4e279919e2206fa77522c583d64ca252077e7d33e093d83ba513b360025c5b61d6b6822395ab6da13d476182247f4ee7d6e2b76d21260c5f3fc388a4b0addb6ca716570175b8a9cdce0162eb2ddf49606459792a687db7dc0a1a66fb7324a49044ab0a005f5b4ad7937b98d4c7938f10ae7e548f2f60b22c9e0614db665a7992407732bdbd91705887757032eacc374d29bc6757d8f34f70e6258138fee04ceffb4eac5dd2d7b98bf9a2ffd75d6405982f7dee189a64288cf5ebfc9214d1fab403b324682141fd8077c01a78293235f3dee1816dfcbfe7e21adc1d0b5b7ed4b5132b92efcd0f5a2597b3bf12e70f8e6e45c58d422442e06a8a07b1f6710b21930b05f6ad126ca07b91b0b0761df1d379f37b1ac19fa2c33a26abd4bdc2acc4fd85ed975622699dc059907589132bcd107de2171fd4f39a1c2ba925f0df0cdd360481ef3b781146a6109ccf1f632d77a7c41d6a0030f6d21bb5b9c349d3e5f57ca22cfd94c17f4babec13b1ba64a8b93cd5b999eb6919b25ee1a828430b0f27cd79d3fa30f31669d19d52bd43eba9927b1c58cf7ab5011cc66a90e3fd3f5a0f68e0b14f1ae65f84cbf7b1f929e04c945573d71a4e48c1e51172425edb0b81416beb903058a352a3257c3a4df781c71afaa9c9384b31a821fe3da713da2143327515a2b1f39d23a9765f9bc9b63573d38e24d0c5f627c83ffc2b96a2b7cf5149e2dce47ead914e001eed4e47923aff6ffa1c4f7a8491c4eca4deb5c56f3d550b326dd3f0929a5c50ddeb74559809907bfb162cefb867ebe37e8905ea936f3cf2c33ee3e18442ee916c18bfa0af2d1c46d6608ea5e95b1fd03a0b6f2ec233a958c6cf5d374c219f9e483d7b3d9a967637fdfb1f5fdd289abaf0bfa074b316c0098ff257dc2e97d7bbefa6432b4cc25af6fdb031411c57ff76a89425f76ef1c7163992735945335eceebc8cc7b11dd88bb73c159dcb8989d3c8ee55ead6c4d84ddd8007ed879aa9399788c0a16256e9b92f0e9401f5fb8557f412b9015b452fa595a72dc86f5dca101a974add9fea759905c317cfa89e7ec94909be0d4c7978163cfdcd12d98cee153389f2a6eff1bd5ea785fcbfc1911badbf509eae05b6435b472ae40b89cc68f446364f92eeea17349ea14ef40ec51823f6aba0980b016de468e26a81bbcc8c1117b324918d2a3feaa3889cc2505c622581b73c9b512ba4eaf51db563bb755fc9a61eabce64bb407234b41e91fd6efe5d9c4f31138ff465a74bdea93768147c55a1481342a88dfe3d187720a77b02232f3e699cc340b599f91fb7fa06cb92e9da5874463445a9b696eda57fc748a3c067a84a58b154ff7d3055d9fbeed9d38e34928a29718111506c1b292996a41935cf27a21b54d213495680bc4e470127622261c93e8d4005ee47575b242563bf6f9686b3957ab1958b6c1710d8196e1e86bb88c419509b5142bd7d6a6f61f765ab3f2c57afd0579815d41d60990249f6cb5df572f57e161227e2f5d3be68ce945e78d820b78d44f31d4e85f8dc5e3de10fbf99e0684c0b524ea6c6b5fec9f438407bd3c12d400e724ece0871c0779b754c6414569bb5cef112a49cca156dbcd7c41a07917af2b24a1c03a901f327bba333fc2c53948a94290c1568be9d94bdd6c2b43e41a6cc899c4d2a60f6a538eba9eb39e0ca53a7c6127a075f1892489c8d8ffd7b1f673267804f32f3d378e499529da4eb7ffe226acc62fd1007cfe9c1538f2d408c8164a2ed21f96b40a6ec802184e4c98be4c020f7c2b93193c0601c711eccaba428a56c5c7741e08e80c878a9ac5e53038b56989a1132983cae9392e7e24fa9eeaee01563af104d7557e70ca0af32b7fcf90237314144e2b1628f0dcf4ebf60ae8450c345b7cd8a139c2dc698a4791022fe5767ba8c2301adb874ecbcaa58b947edb4b573787b9493c8c846e25d8405d6680d41cbd0f65405218208b712fbc4b304917c024c69cf70d59f3a15cc1a50472459dcd97ebaa4e80601fcc3c72aa7dceb9f9c021d6507d340596149f7ea6762d323f6c976f0a2fdc905955dcf7ce12d65a4c37afd7f25147c5dcdec47361c16ddcbfdb80273e71265665387a029f41c938e26c063becbb93f380e4db9207563df39e2912a3a609be821feb340c34e665f3585baf0d2713b9a9bf2f65b7740f1e87e5f22f364e76055c96c49014498abc4e05605da770c941b8867212c84d9c350300175dfba49671bfc00326fc6e4d351db258097d1f120f873a67ff1b088af3bd466b19d1f28be490fdd362f3b3cb59dbfece3169333d9c726837378331cd29879060830f5e5f405c03de21179eba5b6bf95679fee56ed076b88d405087eca312aa3a3f5424d8dd99423989ea43b07d4794cfa2804a3714633e30c83611b0018f6f1daa8e41af69d4481b1c5cbab84a2e19635978f626375647ad1b1e3c37ce324a5d61f9a493a82393582065ec78719900619bbab75da4a11198773dc8d88a737b722e5cc6d695dfd0ed0f1f7621c2068c63fcb9b3115c4c3cbe9ed218d920e1547ffc25feb1374371982f3c686a8244ffe9e55f7486044ef2bf9edfcc496ce2facc8f2ea7edc7decebe65e6d116b28032d236f3b0af053ac1d85273952d9a372d2e839d975c19114f4b54c9d64a154a830edf37dadb986b1b98984723eb81c265a0e25becfe26d6a1e75c31221cbb2bdecb5288e6b3deb1260dd14d976d4b7edf0e6ac729fc97c153ad78375b7031af4606b618f65d9aba02cd801bec7396f3c23c91d39a26bf622e09d553ca8f8b4de7a7a563d77e3ced426df35cba20391f4ad772bfb8483f58e2b8ddd8696d81e5f36f24fdf0b1ec9cc5f019c56a5fbe0e66974c460838bdc36e4d0b21bb979283339d497ed9fadb2bf46f6bb595a453017324d206e88fa1b6a219b56de5ee346c180457ee7746771422360b90fed647411f801124d09add6a866dc23d2095824e4e00077cea3be048c2a9516c3d0f0951aa4476dcfc6e312525f5e58659fa20f293dc3babb05105d941b402c8d9f4d1fb3cb2442eaedf372e2facace2d1df398723c24753242eb6ad48b4b0aacd5820bc433bc7f71f57739eb44d0a409acc8bfdd6e98c8ada3983d12852c881c24f2d771b60d7a9a3daee988d64c033e6464f95c2f4a6c5103799279a658c0720f4171cae6ab604c318da3fcc63859116158c3275c3d6582e89bff7e5220964c40d7f2b2032c348d6ce4a2fd54edb5d76e7a652dd0918977e1c9bfcf436841cd2bd2601a1de2b8a2e42ce244610cc256ee0d26c65cc9cc92d20e5e963be37f2a5b3217eca79fdfb821f690a6d429bf8096f6f47a2bb3ac981753cee02fdab8b16aa09fec17c5dcd527f1bb135d1c8c88dff1696b4a6fd29ee59bb6de3c4c8fd6079dc74728f013a5ce894777170f16b325c39d1e52211b8b4b22d2aeece8b782c3ec23453b3f0ef40ec0d846cad9b81c080d9528f792e77a62591357606c09f6d3404b82c5a8624e6f34ad31c7c1c9ecbd799b185fa98b1843b460a3026ace41f6809b435a45093c4370d3b0ff696af24dc20f6e700f39cb8a1c9004c9eb11dff61936c41e08b0055c54b12a55e5a65d4f6bdc632d74ab9a670884cfc566ac8d00ddb698f6fdcb2be3d7fc905c98a4eab5e0a0da8474202086a3011913a6c8746a7ff1c44d88c54126d78c7a14096a15f269914edee77eeac6ebb2efb86080557c77ed6dfef0143013f38ab3c0e1f6622a82e3c9b0afb36c82eab0f21a1875d6ce00189ba87ade6b8900f5d869831aeec94e5f479c97d7880d3fcb6ae7d01f041799e5951f646e253921db397b10cab0eae8c10345a30da2b2135cf2dbe19d891cad1839705552be5d74ab72a5b8d199a8d27979467053775ebcd8b871f44f5939cd3d663ca284691bb6a76b6dc097ec459ef2d767df874c27ae555efbfa1640844986331aff712f42b3f7e4d56de4cea8a5f6a56ce6a6639d99673646ddf1cb4026ed8260980ee93950816b1bd89510f20a29d5d3635edea57651a2f92d1aa43c37ab8785f4b051ae3aafd7417cb839cd3da75e01a30baded1655deaaba55baede52b946b1374dbcf79e917dd6e47eedfe1a5bdff78780609c3b2ce2c02af12349a9d01bc69529799752f220eec7f53d3f4d67565651da069e79731bbe8bd6610d13b06e77c5ff98eadd69f949750a5fb1c140148bbfc8578f8020b1423c225617ad4e8d9128825a47d36aa1f686a6d8a760862a942e4485a1452d7bf359ed937602992696a2621f09633efc798b7751cc6eb8f87582ddf9bee65944415535bc868d42e0666d3861cfff52038a4162e4e19627dc60269e378660b6840df64c81ee428bc5ddf2505a84acb3ef800caaf44eb3f3d2bebb0429da9f393c5ea1a9b918d4d842aec9f925f7927411c641f58764b962b96bfc03a7e4e3f69b2634cbe530401b556c1b868029e40abb45107a516ba58490916addbe45449be7e79fb58cc867aacbbbaa45bddf6641f66c0fd64f2d5752185ec99e93aaa8e42d8c750e9d3d5b913fe2ab63477e661bb4b15febfdfb22019ee565726e5419d9f0014fcdd1dd88a13016cec007903bbc2ed1a95fca8554485888c8f1b10657f40c2953f386d9311a0dd77be7d494fecbc6aca14582796a7c63a40f22351bc011bcfd69cdf0ef26bfae3e57d66f16727e0a50ed63e44997c19d1041985a969f2d101c62d22cb5652d2d328c0c"}}, 0xfe3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x13, 0x5, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000000000000000000800000000000000a8000000850000001530e5be95"], &(0x7f0000000b00)='GPL\x00', 0x4000, 0x0, 0x0, 0x41000, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2a)
r7 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000000)='iocharset', &(0x7f00000001c0)='ioGharset\xf4X\xc3`~\xcc\x91X,e\x1a\xce\xd2\x1d\xae\xf0\x9e\x13\xb8I\xe7$\xe9\xcb\xb9d\x9cAu\xa1\xb2\xa3>\xce\x8a\xc5\xc5\xf4\x8eR\x89\xe7\x9d\xda\xcb\xf8W<\xc6}\xdd\x88\x06%\x17T\x02ox\xb1\x9e\x85\x85x\xeb\xeb\xdb\x13\xcd\b\xa0\xca\xf7[M\ft$\xe9\xf7G\xc2R\x963s\x92\xcd\xd1z\x89l\x95q6\xf8T\'\xcf\xd6\xea\xec\x84\x1f\xc6\xe8\xf5\x8d\xff\xf0\x9a\r\xd7\xb7_\x87\xa1\x81O\xa4D\xb9b\xc1\xa5\x1c@\x8e\x0f\xc7\xf2\'z\xb1\xf5\xfb\x02L\xa2g\x1bE\xc3\x92\x9aZ\xa2>u\xb0\xf39;Y{', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$EVIOCGNAME(r5, 0x80404506, &(0x7f0000019380)=""/97)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000140)={0x8000, 0x1, 0x4})
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r9 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r9, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)

1.651382729s ago: executing program 0 (id=910):
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x20000, @local, 0x2b7}, 0x1c)
openat$dsp1(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0105b08, &(0x7f0000000040))
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18030000080000000000000000000000850000000700000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdir(0x0, 0x0)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r4, &(0x7f00000004c0)=ANY=[], 0xfe3c)
dup3(r5, r4, 0x0)
ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='locks_get_lock_context\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
inotify_init1(0x0)

1.156444921s ago: executing program 3 (id=911):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r3, @ANYBLOB="0c005a800891"], 0x28}}, 0x0)

1.101852989s ago: executing program 3 (id=912):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000500)={@local, @broadcast, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @dev, @multicast1, @random="e374636d35dc", @multicast1}}}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
setreuid(0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$null(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="100029d07000ffdbdf255d00000008000300", @ANYRES32=r3, @ANYBLOB="0c009900040000004e0000000400a6800800a500000000000800a500010000001c00a6800a00060008021100000100000a00060008021100000000000800a50001000000"], 0x60}, 0x1, 0x0, 0x0, 0x24004080}, 0x20000081)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xe, 0x7, 0x8, 0x10000, 0x1000, r0, 0x80000001, '\x00', 0x0, r1, 0x4, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)

1.031520307s ago: executing program 3 (id=913):
socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
read(r0, &(0x7f0000000200)=""/202, 0xca)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000096bdbe9a08000000005f00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000040)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x8, 0x0, 0x0, 0x0)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000100)='acl\x00', 0x0, r2)
ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0x2203, &(0x7f0000000100))
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x3, 0x0, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @local}, 0x4, 0x3, 0x1, 0x1}}, 0x2e)
r4 = fsmount(r1, 0x0, 0x0)
mknodat(r4, &(0x7f0000000200)='./file2\x00', 0x0, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000001380))
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0xffd8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x1)

631.192013ms ago: executing program 2 (id=914):
socket$nl_netfilter(0x10, 0x3, 0xc)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002b0001000000000000000000040100800c0000000000000000000000140001000100000000000000000000000000ff0000002d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e888448c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7"], 0x114}], 0x1, 0x0, 0x0, 0x8040}, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000010c0)=ANY=[], 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000440)=ANY=[], 0x34)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x4, "00fa00"})
pwritev(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000180)}], 0x1, 0x800000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f00000041c0)={0x4}, 0x2)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$inet6(0xa, 0x5, 0x0)

630.827796ms ago: executing program 1 (id=915):
ioperm(0x0, 0x5, 0x5e3b)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000)
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f0000000140), 0x1100000002, 0x40080)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000440)=ANY=[@ANYRESHEX], 0x34)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x4, "00fa00"})
pwritev(r1, &(0x7f0000000600), 0x0, 0x800000, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000680)=ANY=[@ANYBLOB="043e320d021b"], 0x35)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f00000041c0)={0x4}, 0x2)
shutdown(r4, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

531.958079ms ago: executing program 1 (id=916):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_retopts={{0x10, 0x110, 0xd}}], 0x10}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2f, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000f80)={'wlan1\x00', &(0x7f0000000f40)=@ethtool_stats={0x4b}})
socket$nl_generic(0x10, 0x3, 0x10)

471.733173ms ago: executing program 1 (id=917):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7d20}]})
getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f0000000440)=""/171, &(0x7f00000003c0)=0xab)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000340))

60.554738ms ago: executing program 2 (id=918):
syz_emit_ethernet(0x5ee, &(0x7f0000000dc0)={@link_local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "0961d3", 0x44, 0x2f, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0xfc00, 0x3}, {0x1}, {0x0, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x1, {{0x6, 0x1, 0x8, 0x3, 0x0, 0x0, 0x3, 0x2}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x4, {{0x1, 0x2, 0x1, 0x3, 0x1, 0x3, 0x7, 0x6}, 0x2, {0x9, 0xe, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1}}}}}}}}}, 0x0)

60.282702ms ago: executing program 2 (id=919):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9506, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x301, 0x2c}, 0x44004)

1.28902ms ago: executing program 2 (id=920):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003900000008000300", @ANYBLOB="0c005a800891"], 0x28}}, 0x0)

0s ago: executing program 2 (id=921):
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000140)={0x3, 0xffffffffffffffff, 0x80000}) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff000, 0x66, 0x7f, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000b00), &(0x7f0000000580), 0x7, r1}, 0x38) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={r1}, 0x4)
r2 = socket$kcm(0x10, 0x3, 0x10) (async)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mountinfo\x00')
ppoll(&(0x7f0000000280)=[{r3}], 0x1, 0x0, 0x0, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x24}}, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x54, r5, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x3}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DSTLEN={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x48d4}, 0x40800)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030033000b63d25a80648c2594f91624fc60100c214002000003050582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

42.693904][ T7306] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  142.697565][ T7306] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  142.701778][ T7306] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  142.714786][ T7306] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  142.844066][ T7325] netlink: 'syz.0.457': attribute type 1 has an invalid length.
[  142.846140][ T7325] netlink: 224 bytes leftover after parsing attributes in process `syz.0.457'.
[  143.023885][ T5502] usbhid 7-1:0.0: can't add hid device: -71
[  143.026763][ T5502] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  143.062119][ T5502] usb 7-1: USB disconnect, device number 5
[  143.860059][ T5355] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.660051][ T5355] Bluetooth: hci1: command 0x0c1a tx timeout
[  144.740064][ T5355] Bluetooth: hci2: command 0x0c1a tx timeout
[  144.741786][ T5355] Bluetooth: hci3: command 0x0c1a tx timeout
[  145.562022][   T39] audit: type=1326 audit(1726574599.574:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.1.460" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x0
[  145.785772][ T7390] overlayfs: failed to resolve './file1': -2
[  145.940083][ T5348] Bluetooth: hci0: command 0x0c1a tx timeout
[  146.106487][ T7395] netlink: 'syz.2.462': attribute type 1 has an invalid length.
[  146.108693][ T7395] netlink: 224 bytes leftover after parsing attributes in process `syz.2.462'.
[  146.152245][ T7397] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  146.402207][ T7406] netlink: 'syz.1.465': attribute type 1 has an invalid length.
[  146.404307][ T7406] netlink: 224 bytes leftover after parsing attributes in process `syz.1.465'.
[  146.750123][ T5348] Bluetooth: hci1: command 0x0c1a tx timeout
[  146.820041][ T5348] Bluetooth: hci3: command 0x0c1a tx timeout
[  146.821789][ T5348] Bluetooth: hci2: command 0x0c1a tx timeout
[  148.020026][ T5355] Bluetooth: hci0: command 0x0c1a tx timeout
[  148.074119][   T39] audit: type=1326 audit(1726574602.074:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7438 comm="syz.1.473" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x0
[  148.820016][ T5355] Bluetooth: hci1: command 0x0c1a tx timeout
[  148.900100][ T5348] Bluetooth: hci3: command 0x0c1a tx timeout
[  148.901775][ T5355] Bluetooth: hci2: command 0x0c1a tx timeout
[  148.931988][ T7466] netlink: 'syz.1.476': attribute type 1 has an invalid length.
[  148.934043][ T7466] netlink: 224 bytes leftover after parsing attributes in process `syz.1.476'.
[  150.100008][ T5355] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.140056][ T5407] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  150.551489][ T5407] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.554731][ T5407] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.557342][ T5407] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  150.582658][ T5407] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.661645][ T5407] usb 6-1: config 0 descriptor??
[  150.915412][ T7494] netlink: 'syz.2.482': attribute type 1 has an invalid length.
[  150.918101][ T7494] netlink: 224 bytes leftover after parsing attributes in process `syz.2.482'.
[  151.482427][   T13] tipc: Subscription rejected, illegal request
[  151.491159][ T7519] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.502911][ T7519] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.938286][ T5407] usbhid 6-1:0.0: can't add hid device: -71
[  151.940062][ T5407] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  151.944796][ T5407] usb 6-1: USB disconnect, device number 5
[  153.001879][ T7552] netlink: 'syz.3.489': attribute type 1 has an invalid length.
[  153.003910][ T7552] netlink: 224 bytes leftover after parsing attributes in process `syz.3.489'.
[  153.451021][ T7559] netlink: 'syz.2.491': attribute type 1 has an invalid length.
[  153.453045][ T7559] netlink: 224 bytes leftover after parsing attributes in process `syz.2.491'.
[  155.312671][ T7594] sp0: Synchronizing with TNC
[  155.483178][ T7603] netlink: 'syz.2.497': attribute type 4 has an invalid length.
[  155.503095][ T7603] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.497'.
[  155.634021][ T7604] syz.1.498: attempt to access beyond end of device
[  155.634021][ T7604] nbd1: rw=2048, sector=2, nr_sectors = 1 limit=0
[  155.656150][ T7604] hfsplus: unable to find HFS+ superblock
[  156.000149][ T6712] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  156.180063][ T6712] usb 8-1: Using ep0 maxpacket: 8
[  156.189640][ T6712] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  156.197489][ T6712] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  156.202740][ T6712] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  156.205890][ T6712] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  156.209332][ T6712] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  156.233429][ T6712] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.616528][ T6712] usb 8-1: GET_CAPABILITIES returned 0
[  156.620048][ T6712] usbtmc 8-1:16.0: can't read capabilities
[  156.847347][ T7615] netlink: 'syz.2.502': attribute type 1 has an invalid length.
[  156.849497][ T7615] netlink: 224 bytes leftover after parsing attributes in process `syz.2.502'.
[  159.097937][   T62] usb 8-1: USB disconnect, device number 6
[  159.152966][ T7627] netlink: 'syz.3.506': attribute type 1 has an invalid length.
[  159.155051][ T7627] netlink: 224 bytes leftover after parsing attributes in process `syz.3.506'.
[  162.966200][ T7663] mkiss: ax0: crc mode is auto.
[  164.655806][ T7676] netlink: 'syz.1.515': attribute type 1 has an invalid length.
[  164.658737][ T7676] netlink: 224 bytes leftover after parsing attributes in process `syz.1.515'.
[  164.772000][ T7682] QAT: Stopping all acceleration devices.
[  165.272212][ T7687] netlink: 'syz.2.519': attribute type 1 has an invalid length.
[  165.274362][ T7687] netlink: 224 bytes leftover after parsing attributes in process `syz.2.519'.
[  165.281068][ T5355] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  165.371436][ T7691] netlink: 'syz.3.520': attribute type 1 has an invalid length.
[  165.373687][ T7691] netlink: 224 bytes leftover after parsing attributes in process `syz.3.520'.
[  170.879852][ T7736] mkiss: ax0: crc mode is auto.
[  171.281024][ T7740] xt_CHECKSUM: unsupported CHECKSUM operation f4
[  171.321140][ T7740] fuse: Bad value for 'fd'
[  171.674559][ T7741] binder: 7734:7741 ioctl 541b 0 returned -22
[  172.712890][ T7755] netlink: 'syz.3.533': attribute type 1 has an invalid length.
[  172.715186][ T7755] netlink: 224 bytes leftover after parsing attributes in process `syz.3.533'.
[  175.194043][ T7784] netlink: 68 bytes leftover after parsing attributes in process `syz.3.541'.
[  175.197604][ T7784] netlink: 68 bytes leftover after parsing attributes in process `syz.3.541'.
[  175.281815][ T7784] netlink: 'syz.3.541': attribute type 1 has an invalid length.
[  175.284607][ T7784] netlink: 512 bytes leftover after parsing attributes in process `syz.3.541'.
[  175.355184][ T7784] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  175.357606][ T7784] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  175.361982][ T7784] vhci_hcd vhci_hcd.0: Device attached
[  175.394472][ T7786] vhci_hcd: connection closed
[  175.397393][   T11] vhci_hcd: stop threads
[  175.399763][   T11] vhci_hcd: release socket
[  175.402390][   T11] vhci_hcd: disconnect device
[  177.065652][ T7811] netlink: 105120 bytes leftover after parsing attributes in process `syz.2.546'.
[  179.641916][ T7849] netlink: 'syz.3.552': attribute type 1 has an invalid length.
[  179.644137][ T7849] netlink: 224 bytes leftover after parsing attributes in process `syz.3.552'.
[  179.929707][ T7855] netlink: 'syz.0.553': attribute type 1 has an invalid length.
[  179.932311][ T7855] netlink: 224 bytes leftover after parsing attributes in process `syz.0.553'.
[  183.085050][ T7898] netlink: 40 bytes leftover after parsing attributes in process `syz.0.560'.
[  183.096397][ T7903] netlink: 5 bytes leftover after parsing attributes in process `syz.3.562'.
[  183.098800][ T7903] 0ªX¹¦D: renamed from gretap0 (while UP)
[  183.112343][ T7903] 0ªX¹¦D: entered allmulticast mode
[  183.114157][ T7903] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  183.308245][ T7905] netlink: 8 bytes leftover after parsing attributes in process `syz.3.562'.
[  183.879486][ T7901] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  183.881388][ T7901] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  183.884805][ T7901] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  183.886978][ T7901] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  184.750022][ T5502] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  184.957329][ T5502] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.961419][ T5502] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.963954][ T5502] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  184.966360][ T5502] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.990530][ T5502] usb 6-1: config 0 descriptor??
[  185.152612][ T5355] Bluetooth: hci0: command 0x0c1a tx timeout
[  185.355804][ T7937] netlink: 'syz.2.570': attribute type 1 has an invalid length.
[  185.357921][ T7937] netlink: 224 bytes leftover after parsing attributes in process `syz.2.570'.
[  185.940047][ T5355] Bluetooth: hci2: command 0x0c1a tx timeout
[  185.941838][ T5355] Bluetooth: hci3: command 0x0c1a tx timeout
[  185.943524][ T5355] Bluetooth: hci1: command 0x0c1a tx timeout
[  186.211452][ T7948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.233000][ T7948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.624078][ T5502] usbhid 6-1:0.0: can't add hid device: -71
[  186.625771][ T5502] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  186.631671][ T5502] usb 6-1: USB disconnect, device number 6
[  187.187632][ T7979] netlink: 'syz.1.581': attribute type 1 has an invalid length.
[  187.189690][ T7979] netlink: 224 bytes leftover after parsing attributes in process `syz.1.581'.
[  187.289553][ T5355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  187.296553][ T5355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  187.299555][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  187.304243][ T5355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  187.307314][ T5355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  187.309533][ T5355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  187.427909][ T7981] chnl_net:caif_netlink_parms(): no params data found
[  187.685330][ T7981] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.688177][ T7981] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.692703][ T7981] bridge_slave_0: entered allmulticast mode
[  187.696034][ T7981] bridge_slave_0: entered promiscuous mode
[  187.703613][ T7981] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.706325][ T7981] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.709144][ T7981] bridge_slave_1: entered allmulticast mode
[  187.714474][ T7981] bridge_slave_1: entered promiscuous mode
[  187.792135][ T7981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.796683][ T7981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.854673][ T7981] team0: Port device team_slave_0 added
[  187.862186][ T7981] team0: Port device team_slave_1 added
[  187.910472][ T7981] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.912305][ T7981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.919225][ T7981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.925462][ T7981] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.927280][ T7981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.936220][ T7981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.038581][ T7981] hsr_slave_0: entered promiscuous mode
[  188.045412][ T7981] hsr_slave_1: entered promiscuous mode
[  188.047889][ T7981] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.055493][ T7981] Cannot create hsr debugfs directory
[  188.150795][ T7994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  188.259620][ T7981] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.329942][ T7981] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.428459][ T7981] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.506003][ T7981] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.640028][ T7981] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  188.645149][ T7981] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  188.649633][ T7981] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  188.657707][ T7981] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  188.726739][ T7981] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.758566][ T7981] 8021q: adding VLAN 0 to HW filter on device team0
[  188.774932][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.776902][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.790769][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.792739][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.007667][ T7981] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.046961][ T7981] veth0_vlan: entered promiscuous mode
[  189.053431][ T7981] veth1_vlan: entered promiscuous mode
[  189.073566][ T7981] veth0_macvtap: entered promiscuous mode
[  189.078949][ T7981] veth1_macvtap: entered promiscuous mode
[  189.090693][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.094065][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.096579][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.099865][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.103622][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.107232][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.113766][ T7981] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.123298][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.127297][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.134393][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.138105][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.141640][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.144962][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.146649][ T8012] FAULT_INJECTION: forcing a failure.
[  189.146649][ T8012] name failslab, interval 1, probability 0, space 0, times 0
[  189.149338][ T7981] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.152478][ T8012] CPU: 3 UID: 0 PID: 8012 Comm: syz.1.586 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  189.157505][ T8012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  189.158394][ T7981] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.160309][ T8012] Call Trace:
[  189.160322][ T8012]  <TASK>
[  189.160327][ T8012]  dump_stack_lvl+0x16c/0x1f0
[  189.160346][ T8012]  should_fail_ex+0x497/0x5b0
[  189.160360][ T8012]  ? fs_reclaim_acquire+0xae/0x160
[  189.160372][ T8012]  should_failslab+0xc2/0x120
[  189.160386][ T8012]  __kmalloc_cache_noprof+0x6b/0x310
[  189.163609][ T7981] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.164247][ T8012]  ? __vb2_init_fileio+0x253/0x1110
[  189.165383][ T7981] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.166651][ T8012]  __vb2_init_fileio+0x253/0x1110
[  189.168415][ T7981] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.169871][ T8012]  ? lockdep_hardirqs_on+0x7c/0x110
[  189.169894][ T8012]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  189.169911][ T8012]  ? __pollwait+0x26d/0x4c0
[  189.169927][ T8012]  vb2_core_poll+0x491/0x700
[  189.169943][ T8012]  vb2_poll+0x35/0x160
[  189.169957][ T8012]  vb2_fop_poll+0x10f/0x2c0
[  189.169971][ T8012]  ? __pfx_vb2_fop_poll+0x10/0x10
[  189.193018][ T8012]  v4l2_poll+0x160/0x320
[  189.194142][ T8012]  ? __pfx_v4l2_poll+0x10/0x10
[  189.195396][ T8012]  do_sys_poll+0x533/0xde0
[  189.196935][ T8012]  ? __pfx_do_sys_poll+0x10/0x10
[  189.198829][ T8012]  ? __pfx___lock_acquire+0x10/0x10
[  189.200404][ T8012]  ? __pfx___lock_acquire+0x10/0x10
[  189.201805][ T8012]  ? __pfx___pollwait+0x10/0x10
[  189.203216][ T8012]  ? __pfx_pollwake+0x10/0x10
[  189.204586][ T8012]  ? __mutex_unlock_slowpath+0x164/0x650
[  189.206263][ T8012]  ? set_compat_user_sigmask+0x20f/0x2a0
[  189.208191][ T8012]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  189.210119][ T8012]  __ia32_compat_sys_ppoll_time32+0x24a/0x2c0
[  189.211734][ T8012]  ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10
[  189.213543][ T8012]  ? ksys_write+0x1ab/0x260
[  189.214765][ T8012]  ? __pfx_ksys_write+0x10/0x10
[  189.216049][ T8012]  __do_fast_syscall_32+0x73/0x120
[  189.217379][ T8012]  do_fast_syscall_32+0x32/0x80
[  189.218635][ T8012]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  189.220559][ T8012] RIP: 0023:0xf7f87579
[  189.222128][ T8012] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.227779][ T8012] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000135
[  189.229922][ T8012] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000001
[  189.232463][ T8012] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  189.235253][ T8012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  189.237435][ T8012] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  189.239502][ T8012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.241654][ T8012]  </TASK>
[  189.293148][ T8014] netlink: 'syz.1.588': attribute type 1 has an invalid length.
[  189.293446][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.295430][ T8014] netlink: 224 bytes leftover after parsing attributes in process `syz.1.588'.
[  189.297388][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.338764][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.343007][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.380081][ T5348] Bluetooth: hci1: command tx timeout
[  189.497555][ T8018] vcan0: Master is either lo or non-ether device
[  189.617714][   T39] audit: type=1326 audit(1726574643.624:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8019 comm="syz.3.589" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x0
[  190.560931][  T104] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  190.744118][  T104] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.753561][  T104] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.758324][  T104] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  190.765107][  T104] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.772086][  T104] usb 5-1: config 0 descriptor??
[  191.460162][ T5348] Bluetooth: hci1: command tx timeout
[  191.916134][ T8053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.596'.
[  191.921128][ T8061] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.945379][ T8061] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.216555][ T8067] netlink: 'syz.1.598': attribute type 1 has an invalid length.
[  192.218674][ T8067] netlink: 224 bytes leftover after parsing attributes in process `syz.1.598'.
[  192.319066][  T104] usbhid 5-1:0.0: can't add hid device: -71
[  192.323882][  T104] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  192.334255][  T104] usb 5-1: USB disconnect, device number 5
[  193.550182][ T5348] Bluetooth: hci1: command tx timeout
[  193.785684][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  195.620100][ T5348] Bluetooth: hci1: command tx timeout
[  196.553017][ T6712] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  196.745162][ T6712] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.748725][ T6712] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.754968][ T6712] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  196.765298][ T6712] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.770951][ T6712] usb 5-1: config 0 descriptor??
[  197.867506][ T8172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.652409][ T8172] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.936372][ T8188] netlink: 'syz.1.622': attribute type 3 has an invalid length.
[  198.944692][ T8188] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.622'.
[  199.253425][ T6712] usbhid 5-1:0.0: can't add hid device: -71
[  199.256457][ T6712] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  199.266825][ T6712] usb 5-1: USB disconnect, device number 6
[  199.443823][   T39] audit: type=1326 audit(1726574653.454:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8198 comm="syz.1.626" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x0
[  201.061185][ T6712] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  201.252217][ T6712] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.258530][ T8246] netlink: 'syz.1.636': attribute type 10 has an invalid length.
[  201.259988][ T6712] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.266139][ T6712] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  201.269579][ T6712] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.275500][ T6712] usb 7-1: config 0 descriptor??
[  201.287672][ T8246] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  202.082227][ T8258] loop7: detected capacity change from 0 to 16384
[  202.191782][ T8260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.216660][ T8260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.270967][ T8259] Invalid logical block size (1)
[  202.519843][ T6712] usbhid 7-1:0.0: can't add hid device: -71
[  202.521684][ T6712] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  202.532564][ T6712] usb 7-1: USB disconnect, device number 6
[  203.380183][ T5386] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  203.561555][ T5386] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.564463][ T5386] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.566958][ T5386] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  203.569260][ T5386] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.584085][ T5386] usb 8-1: config 0 descriptor??
[  203.606237][ T8275] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.630445][ T8281] EXT4-fs (sda1): shut down requested (0)
[  203.893107][ T8290] FAULT_INJECTION: forcing a failure.
[  203.893107][ T8290] name failslab, interval 1, probability 0, space 0, times 0
[  203.896867][ T8290] CPU: 2 UID: 0 PID: 8290 Comm: syz.1.650 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  203.899497][ T8290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.902285][ T8290] Call Trace:
[  203.903162][ T8290]  <TASK>
[  203.903949][ T8290]  dump_stack_lvl+0x16c/0x1f0
[  203.905199][ T8290]  should_fail_ex+0x497/0x5b0
[  203.906450][ T8290]  ? fs_reclaim_acquire+0xae/0x160
[  203.907800][ T8290]  should_failslab+0xc2/0x120
[  203.909039][ T8290]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  203.910447][ T8290]  ? security_file_alloc+0x34/0x2b0
[  203.911802][ T8290]  ? rcu_is_watching+0x12/0xc0
[  203.913069][ T8290]  security_file_alloc+0x34/0x2b0
[  203.914391][ T8290]  init_file+0x93/0x230
[  203.915489][ T8290]  alloc_empty_file+0x91/0x1e0
[  203.916746][ T8290]  alloc_file_pseudo+0x13d/0x200
[  203.918052][ T8290]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  203.919459][ T8290]  ? shmem_get_inode+0x6e1/0xe90
[  203.920765][ T8290]  __shmem_file_setup+0x210/0x300
[  203.922107][ T8290]  shmem_zero_setup+0x93/0x1b0
[  203.923362][ T8290]  mmap_region+0x1971/0x2730
[  203.924588][ T8290]  ? mm_get_unmapped_area+0x92/0xe0
[  203.925958][ T8290]  ? __pfx_mmap_region+0x10/0x10
[  203.927256][ T8290]  ? bpf_lsm_mmap_addr+0x9/0x10
[  203.928481][ T8290]  ? security_mmap_addr+0x6c/0x1e0
[  203.929796][ T8290]  ? __get_unmapped_area+0x26b/0x3a0
[  203.931305][ T8290]  do_mmap+0xc00/0xfc0
[  203.932415][ T8290]  vm_mmap_pgoff+0x1ba/0x360
[  203.933668][ T8290]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  203.935044][ T8290]  ? ksys_write+0x1ab/0x260
[  203.936257][ T8290]  ksys_mmap_pgoff+0x7d/0x5c0
[  203.937523][ T8290]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  203.938954][ T8290]  __do_fast_syscall_32+0x73/0x120
[  203.940320][ T8290]  do_fast_syscall_32+0x32/0x80
[  203.941713][ T8290]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.943403][ T8290] RIP: 0023:0xf7f87579
[  203.944499][ T8290] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  203.949690][ T8290] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  203.952150][ T8290] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000
[  203.952644][ T8291] netlink: 16 bytes leftover after parsing attributes in process `syz.0.648'.
[  203.954340][ T8290] RDX: 0000000002000005 RSI: 0000000004008031 RDI: 00000000ffffffff
[  203.954419][ T8290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.954426][ T8290] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  203.954433][ T8290] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  203.954449][ T8290]  </TASK>
[  203.965715][    C2] vkms_vblank_simulate: vblank timer overrun
[  204.258857][ T8298] FAULT_INJECTION: forcing a failure.
[  204.258857][ T8298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.278926][ T8298] CPU: 3 UID: 0 PID: 8298 Comm: syz.0.653 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  204.281838][ T8298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.285064][ T8298] Call Trace:
[  204.286095][ T8298]  <TASK>
[  204.286908][ T8298]  dump_stack_lvl+0x16c/0x1f0
[  204.288512][ T8298]  should_fail_ex+0x497/0x5b0
[  204.289847][ T8298]  strncpy_from_user+0x38/0x320
[  204.291175][ T8298]  getname_flags.part.0+0x8f/0x550
[  204.292487][ T8298]  getname_flags+0x93/0xf0
[  204.293661][ T8298]  __ia32_sys_symlinkat+0x79/0xc0
[  204.295443][ T8298]  __do_fast_syscall_32+0x73/0x120
[  204.297070][ T8298]  do_fast_syscall_32+0x32/0x80
[  204.298793][ T8298]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.300651][ T8298] RIP: 0023:0xf7f44579
[  204.301791][ T8298] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.306823][ T8298] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000130
[  204.309038][ T8298] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000003
[  204.311123][ T8298] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  204.313229][ T8298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.315313][ T8298] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.317394][ T8298] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.319466][ T8298]  </TASK>
[  204.623553][ T8307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  204.630289][ T8307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.082909][ T5386] usbhid 8-1:0.0: can't add hid device: -71
[  205.097639][ T5386] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  205.109772][ T5386] usb 8-1: USB disconnect, device number 7
[  205.220208][ T8310] netlink: 12 bytes leftover after parsing attributes in process `syz.0.663'.
[  205.248643][ T8310] bond1: entered promiscuous mode
[  205.281383][ T8310] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  205.288345][ T8310] ip6gretap1: entered promiscuous mode
[  205.293363][ T8310] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  205.324697][ T8310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.663'.
[  205.332428][ T8310] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  205.336367][ T8310] ip6gretap1: left promiscuous mode
[  205.340967][ T8310] bond1 (unregistering): Released all slaves
[  205.470714][ T5502] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  205.653226][ T5502] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.653383][ T5502] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.653418][ T5502] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  205.653439][ T5502] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.658482][ T5502] usb 7-1: config 0 descriptor??
[  206.286522][   T39] audit: type=1326 audit(1726574660.294:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.660" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x0
[  206.565530][ T8340] No control pipe specified
[  206.584442][ T8340] o2cb: This node has not been configured.
[  206.586836][ T8340] o2cb: Cluster check failed. Fix errors before retrying.
[  206.588850][ T8340] (syz.0.662,8340,3):user_dlm_register:674 ERROR: status = -22
[  206.601953][ T8340] (syz.0.662,8340,3):dlmfs_mkdir:436 ERROR: Error -22 could not register domain "file0"
[  207.113255][ T8331] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  207.120402][ T8331] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  207.130790][ T8331] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  207.140739][ T8331] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  207.142535][ T8331] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  207.146813][ T8331] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  207.161557][ T8341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.180482][ T8341] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.291435][   T39] audit: type=1326 audit(1726574661.304:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.3.665" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x0
[  207.305949][ T5502] usbhid 7-1:0.0: can't add hid device: -71
[  207.307696][ T5502] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  207.319806][ T5502] usb 7-1: USB disconnect, device number 7
[  208.500073][ T5348] Bluetooth: hci0: command 0x0c1a tx timeout
[  208.869684][ T8374] Invalid option length (1031570) for dns_resolver key
[  208.892451][ T8374] dlm: no local IP address has been set
[  208.894097][ T8374] dlm: cannot start dlm midcomms -107
[  208.934374][ T8376] FAULT_INJECTION: forcing a failure.
[  208.934374][ T8376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.937740][ T8376] CPU: 0 UID: 0 PID: 8376 Comm: syz.2.673 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  208.940374][ T8376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.943222][ T8376] Call Trace:
[  208.944101][ T8376]  <TASK>
[  208.944882][ T8376]  dump_stack_lvl+0x16c/0x1f0
[  208.946089][ T8376]  should_fail_ex+0x497/0x5b0
[  208.947319][ T8376]  _copy_to_iter+0x48b/0x13f0
[  208.948714][ T8376]  ? __pfx__copy_to_iter+0x10/0x10
[  208.950080][ T8376]  ? __pfx_lock_acquire+0x10/0x10
[  208.951559][ T8376]  ? do_raw_spin_unlock+0x172/0x230
[  208.953047][ T8376]  signalfd_copyinfo+0x1aa/0x760
[  208.954349][ T8376]  ? __pfx_signalfd_copyinfo+0x10/0x10
[  208.955783][ T8376]  ? irqentry_exit+0x3b/0x90
[  208.957027][ T8376]  ? _raw_spin_unlock_irq+0x29/0x50
[  208.958401][ T8376]  signalfd_read_iter+0x36a/0x760
[  208.959730][ T8376]  ? __pfx_signalfd_read_iter+0x10/0x10
[  208.961230][ T8376]  ? __pfx_default_wake_function+0x10/0x10
[  208.962771][ T8376]  ? __pfx___lock_acquire+0x10/0x10
[  208.964132][ T8376]  ? copy_compat_iovec_from_user+0x138/0x180
[  208.965656][ T8376]  do_iter_readv_writev+0x61a/0x800
[  208.967033][ T8376]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  208.968575][ T8376]  ? bpf_lsm_file_permission+0x9/0x10
[  208.969983][ T8376]  ? security_file_permission+0x71/0x210
[  208.971531][ T8376]  vfs_readv+0x4cf/0x890
[  208.972648][ T8376]  ? __pfx_vfs_readv+0x10/0x10
[  208.973907][ T8376]  ? __fget_files+0x23a/0x3f0
[  208.975132][ T8376]  ? do_readv+0x137/0x370
[  208.976282][ T8376]  do_readv+0x137/0x370
[  208.977437][ T8376]  ? __pfx_do_readv+0x10/0x10
[  208.978683][ T8376]  __do_fast_syscall_32+0x73/0x120
[  208.980035][ T8376]  do_fast_syscall_32+0x32/0x80
[  208.981351][ T8376]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.983070][ T8376] RIP: 0023:0xf746e579
[  208.984154][ T8376] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.989378][ T8376] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  208.992076][ T8376] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  208.994064][ T8376] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  208.996014][ T8376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  208.997959][ T8376] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  208.999967][ T8376] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.001954][ T8376]  </TASK>
[  209.063679][ T8382] netlink: 'syz.3.675': attribute type 1 has an invalid length.
[  209.065723][ T8382] netlink: 224 bytes leftover after parsing attributes in process `syz.3.675'.
[  209.150062][ T5348] Bluetooth: hci2: command 0x0c1a tx timeout
[  209.151812][ T5355] Bluetooth: hci3: command 0x0c1a tx timeout
[  209.230234][ T5355] Bluetooth: hci1: command 0x0c1a tx timeout
[  210.380265][ T5386] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  210.565642][ T5386] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.569241][ T5386] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.573486][ T5386] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  210.576514][ T5386] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.580636][ T5406] usb 7-1: new low-speed USB device number 8 using dummy_hcd
[  210.587777][ T5386] usb 6-1: config 0 descriptor??
[  210.740190][ T5406] usb 7-1: device descriptor read/64, error -71
[  210.884562][ T8411] nfs: Unknown parameter 'nofsce0'
[  210.925440][ T8413] FAULT_INJECTION: forcing a failure.
[  210.925440][ T8413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.929467][ T8413] CPU: 2 UID: 0 PID: 8413 Comm: syz.3.686 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  210.932311][ T8413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.935187][ T8413] Call Trace:
[  210.936124][ T8413]  <TASK>
[  210.936898][ T8413]  dump_stack_lvl+0x16c/0x1f0
[  210.938179][ T8413]  should_fail_ex+0x497/0x5b0
[  210.939805][ T8413]  _copy_to_user+0x30/0xc0
[  210.941211][ T8413]  simple_read_from_buffer+0xd0/0x160
[  210.942665][ T8413]  proc_fail_nth_read+0x198/0x270
[  210.944015][ T8413]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.945475][ T8413]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.946891][ T8413]  vfs_read+0x1ce/0xbd0
[  210.947975][ T8413]  ? __fdget_pos+0xe8/0x170
[  210.949201][ T8413]  ? __pfx_vfs_read+0x10/0x10
[  210.950439][ T8413]  ? __pfx___mutex_lock+0x10/0x10
[  210.951925][ T8413]  ? __fget_files+0x244/0x3f0
[  210.953211][ T8413]  ksys_read+0x12f/0x260
[  210.954353][ T8413]  ? __pfx_ksys_read+0x10/0x10
[  210.955605][ T8413]  __do_fast_syscall_32+0x73/0x120
[  210.956941][ T8413]  do_fast_syscall_32+0x32/0x80
[  210.958208][ T8413]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.960375][ T8413] RIP: 0023:0xf7fd0579
[  210.961496][ T8413] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.966644][ T8413] RSP: 002b:00000000f57565a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  210.968918][ T8413] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5756620
[  210.971040][ T8413] RDX: 000000000000000f RSI: 00000000f745bff4 RDI: 0000000000000000
[  210.973333][ T8413] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  210.975465][ T8413] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  210.977619][ T8413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.980173][ T8413]  </TASK>
[  210.981099][    C2] vkms_vblank_simulate: vblank timer overrun
[  211.011832][ T5406] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  211.070275][ T1292] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  211.160191][ T5406] usb 7-1: device descriptor read/64, error -71
[  211.257252][ T1292] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.262216][ T1292] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.265714][ T1292] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  211.268844][ T1292] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.280608][ T1292] usb 5-1: config 0 descriptor??
[  211.293759][ T5406] usb usb7-port1: attempt power cycle
[  211.299994][ T5355] Bluetooth: hci1: command 0x0c1a tx timeout
[  211.364265][ T8420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.377004][ T8420] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.609416][ T5386] usbhid 6-1:0.0: can't add hid device: -71
[  211.612511][ T5386] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  211.620674][ T5386] usb 6-1: USB disconnect, device number 7
[  211.730043][ T5406] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  211.772637][ T5406] usb 7-1: device descriptor read/8, error -71
[  211.912903][ T8424] overlay: Unknown parameter 'fsuuid'
[  212.040232][ T5406] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  212.080856][ T5406] usb 7-1: device descriptor read/8, error -71
[  212.110211][ T8427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.112455][ T8428] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  212.140772][ T8427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.200571][ T5406] usb usb7-port1: unable to enumerate USB device
[  212.452970][ T1292] usbhid 5-1:0.0: can't add hid device: -71
[  212.454670][ T1292] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  212.457913][ T1292] usb 5-1: USB disconnect, device number 7
[  213.377628][ T8445] mkiss: ax0: crc mode is auto.
[  213.380142][ T5355] Bluetooth: hci1: command 0x0c1a tx timeout
[  214.098778][ T8460] netlink: 'syz.0.698': attribute type 1 has an invalid length.
[  214.101693][ T8460] netlink: 224 bytes leftover after parsing attributes in process `syz.0.698'.
[  215.255774][ T8472] netlink: 'syz.0.700': attribute type 10 has an invalid length.
[  217.205697][ T8472] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.208704][ T8472] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.247395][ T8472] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.249540][ T8472] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.251762][ T8472] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.253881][ T8472] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.275544][ T8472] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  217.285033][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.288177][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.502449][ T8487] syz.1.703 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  217.526696][ T8491] netlink: 'syz.0.705': attribute type 1 has an invalid length.
[  217.528831][ T8491] netlink: 224 bytes leftover after parsing attributes in process `syz.0.705'.
[  217.540225][ T6712] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  217.723486][ T6712] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.726498][ T6712] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.729069][ T6712] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  217.731522][ T6712] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.735341][ T6712] usb 7-1: config 0 descriptor??
[  217.770264][ T5386] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  217.962283][ T5386] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.965550][ T5386] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.969503][ T5386] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  217.973204][ T5386] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.976752][ T5386] usb 8-1: config 0 descriptor??
[  218.175969][ T8503] FAULT_INJECTION: forcing a failure.
[  218.175969][ T8503] name failslab, interval 1, probability 0, space 0, times 0
[  218.179372][ T8503] CPU: 3 UID: 0 PID: 8503 Comm: syz.1.708 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  218.182081][ T8503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  218.185064][ T8503] Call Trace:
[  218.186011][ T8503]  <TASK>
[  218.186922][ T8503]  dump_stack_lvl+0x16c/0x1f0
[  218.188216][ T8503]  should_fail_ex+0x497/0x5b0
[  218.189482][ T8503]  ? fs_reclaim_acquire+0xae/0x160
[  218.190846][ T8503]  should_failslab+0xc2/0x120
[  218.192107][ T8503]  kmem_cache_alloc_node_noprof+0x71/0x310
[  218.193665][ T8503]  ? alloc_vmap_area+0x636/0x2a70
[  218.195006][ T8503]  alloc_vmap_area+0x636/0x2a70
[  218.196309][ T8503]  ? __pfx_alloc_vmap_area+0x10/0x10
[  218.197721][ T8503]  __get_vm_area_node+0x17e/0x2d0
[  218.199061][ T8503]  __vmalloc_node_range_noprof+0x270/0x14e0
[  218.200622][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.201876][ T8503]  ? rcu_read_unlock+0x17/0x60
[  218.203133][ T8503]  ? __pfx_lock_release+0x10/0x10
[  218.204420][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.205640][ T8503]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  218.207319][ T8503]  ? ___kmalloc_large_node+0x127/0x1a0
[  218.208764][ T8503]  ? lockdep_hardirqs_on+0x7c/0x110
[  218.210141][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.211349][ T8503]  vzalloc_noprof+0x6b/0x90
[  218.212562][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.213781][ T8503]  bpf_check+0x1fa/0xb3b0
[  218.214939][ T8503]  ? __pfx___lock_acquire+0x10/0x10
[  218.216315][ T8503]  ? __pfx_bpf_check+0x10/0x10
[  218.217645][ T8503]  ? ktime_get_with_offset+0x13a/0x240
[  218.219081][ T8503]  ? __pfx_lock_release+0x10/0x10
[  218.220422][ T8503]  ? find_held_lock+0x2d/0x110
[  218.221692][ T8503]  ? timekeeping_debug_get_ns+0x3e0/0x5b0
[  218.223189][ T8503]  ? lockdep_hardirqs_on+0x7c/0x110
[  218.224567][ T8503]  ? read_tsc+0x9/0x20
[  218.225661][ T8503]  ? timekeeping_debug_get_ns+0x334/0x5b0
[  218.227165][ T8503]  ? bpf_obj_name_cpy+0x156/0x1b0
[  218.228505][ T8503]  bpf_prog_load+0xe3f/0x2670
[  218.229620][ T8503]  ? __pfx_bpf_prog_load+0x10/0x10
[  218.230957][ T8503]  ? find_held_lock+0x2d/0x110
[  218.232231][ T8503]  __sys_bpf+0x9d4/0x5590
[  218.233455][ T8503]  ? __pfx___sys_bpf+0x10/0x10
[  218.234724][ T8503]  ? ksys_write+0x12f/0x260
[  218.235946][ T8503]  ? find_held_lock+0x2d/0x110
[  218.237230][ T8503]  ? ksys_write+0x21c/0x260
[  218.238438][ T8503]  ? __pfx_lock_release+0x10/0x10
[  218.239765][ T8503]  ? vfs_write+0x14d/0x1140
[  218.240987][ T8503]  ? __mutex_unlock_slowpath+0x164/0x650
[  218.242493][ T8503]  ? fput+0x30/0x390
[  218.243536][ T8503]  ? ksys_write+0x1ab/0x260
[  218.244757][ T8503]  ? __pfx_ksys_write+0x10/0x10
[  218.246057][ T8503]  __ia32_sys_bpf+0x76/0xe0
[  218.247268][ T8503]  __do_fast_syscall_32+0x73/0x120
[  218.248596][ T8503]  do_fast_syscall_32+0x32/0x80
[  218.249955][ T8503]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  218.251598][ T8503] RIP: 0023:0xf7f87579
[  218.252681][ T8503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  218.257683][ T8503] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  218.259852][ T8503] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000300
[  218.261924][ T8503] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  218.263747][ T8503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  218.265793][ T8503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  218.267869][ T8503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  218.269868][ T8503]  </TASK>
[  218.272675][ T8503] syz.1.708: vmalloc error: size 216, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  218.278070][ T8503] CPU: 2 UID: 0 PID: 8503 Comm: syz.1.708 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  218.281036][ T8503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  218.284246][ T8503] Call Trace:
[  218.285202][ T8503]  <TASK>
[  218.286031][ T8503]  dump_stack_lvl+0x16c/0x1f0
[  218.287306][ T8503]  warn_alloc+0x24d/0x3a0
[  218.288459][ T8503]  ? __pfx_warn_alloc+0x10/0x10
[  218.289773][ T8503]  ? lockdep_hardirqs_on+0x7c/0x110
[  218.291165][ T8503]  ? __get_vm_area_node+0x27d/0x2d0
[  218.292546][ T8503]  ? __get_vm_area_node+0x1bc/0x2d0
[  218.293958][ T8503]  __vmalloc_node_range_noprof+0xc0d/0x14e0
[  218.295549][ T8503]  ? rcu_read_unlock+0x17/0x60
[  218.297177][ T8503]  ? __pfx_lock_release+0x10/0x10
[  218.298503][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.299708][ T8503]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  218.301410][ T8503]  ? ___kmalloc_large_node+0x127/0x1a0
[  218.302861][ T8503]  ? lockdep_hardirqs_on+0x7c/0x110
[  218.304244][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.305477][ T8503]  vzalloc_noprof+0x6b/0x90
[  218.306694][ T8503]  ? bpf_check+0x1fa/0xb3b0
[  218.307915][ T8503]  bpf_check+0x1fa/0xb3b0
[  218.309098][ T8503]  ? __pfx___lock_acquire+0x10/0x10
[  218.310555][ T8503]  ? __pfx_bpf_check+0x10/0x10
[  218.311820][ T8503]  ? ktime_get_with_offset+0x13a/0x240
[  218.313273][ T8503]  ? __pfx_lock_release+0x10/0x10
[  218.314603][ T8503]  ? find_held_lock+0x2d/0x110
[  218.315875][ T8503]  ? timekeeping_debug_get_ns+0x3e0/0x5b0
[  218.317404][ T8503]  ? lockdep_hardirqs_on+0x7c/0x110
[  218.318785][ T8503]  ? read_tsc+0x9/0x20
[  218.319884][ T8503]  ? timekeeping_debug_get_ns+0x334/0x5b0
[  218.321421][ T8503]  ? bpf_obj_name_cpy+0x156/0x1b0
[  218.322770][ T8503]  bpf_prog_load+0xe3f/0x2670
[  218.324029][ T8503]  ? __pfx_bpf_prog_load+0x10/0x10
[  218.325399][ T8503]  ? find_held_lock+0x2d/0x110
[  218.326672][ T8503]  __sys_bpf+0x9d4/0x5590
[  218.327825][ T8503]  ? __pfx___sys_bpf+0x10/0x10
[  218.329101][ T8503]  ? ksys_write+0x12f/0x260
[  218.330275][ T8503]  ? find_held_lock+0x2d/0x110
[  218.331515][ T8503]  ? ksys_write+0x21c/0x260
[  218.332726][ T8503]  ? __pfx_lock_release+0x10/0x10
[  218.333978][ T8503]  ? vfs_write+0x14d/0x1140
[  218.335101][ T8503]  ? __mutex_unlock_slowpath+0x164/0x650
[  218.336584][ T8503]  ? fput+0x30/0x390
[  218.337636][ T8503]  ? ksys_write+0x1ab/0x260
[  218.338841][ T8503]  ? __pfx_ksys_write+0x10/0x10
[  218.340127][ T8503]  __ia32_sys_bpf+0x76/0xe0
[  218.341374][ T8503]  __do_fast_syscall_32+0x73/0x120
[  218.342718][ T8503]  do_fast_syscall_32+0x32/0x80
[  218.344001][ T8503]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  218.345660][ T8503] RIP: 0023:0xf7f87579
[  218.346736][ T8503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  218.351726][ T8503] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  218.353901][ T8503] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000300
[  218.355986][ T8503] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  218.358079][ T8503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  218.360123][ T8503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  218.362213][ T8503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  218.364289][ T8503]  </TASK>
[  218.365235][    C2] vkms_vblank_simulate: vblank timer overrun
[  218.367255][    C2] hpet: Lost 5 RTC interrupts
[  218.370572][ T8503] Mem-Info:
[  218.371497][ T8503] active_anon:5682 inactive_anon:10 isolated_anon:0
[  218.371497][ T8503]  active_file:13542 inactive_file:33350 isolated_file:0
[  218.371497][ T8503]  unevictable:768 dirty:424 writeback:0
[  218.371497][ T8503]  slab_reclaimable:5632 slab_unreclaimable:55223
[  218.371497][ T8503]  mapped:18031 shmem:3061 pagetables:682
[  218.371497][ T8503]  sec_pagetables:318 bounce:0
[  218.371497][ T8503]  kernel_misc_reclaimable:0
[  218.371497][ T8503]  free:82738 free_pcp:1693 free_cma:0
[  218.384843][ T8503] Node 0 active_anon:0kB inactive_anon:24kB active_file:8kB inactive_file:12kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:1568kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9220kB pagetables:1500kB sec_pagetables:1176kB all_unreclaimable? no
[  218.395225][ T8503] Node 1 active_anon:22928kB inactive_anon:20kB active_file:54160kB inactive_file:133388kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:70564kB dirty:1688kB writeback:0kB shmem:10768kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2172kB pagetables:1288kB sec_pagetables:96kB all_unreclaimable? no
[  218.403745][ T8503] Node 0 DMA free:900kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:116kB local_pcp:88kB free_cma:0kB
[  218.411316][ T8503] lowmem_reserve[]: 0 275 0 0 0
[  218.412779][ T8503] Node 0 DMA32 free:22520kB boost:0kB min:14004kB low:17504kB high:21004kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:1536kB writepending:8kB present:1032192kB managed:308312kB mlocked:0kB bounce:0kB free_pcp:1856kB local_pcp:220kB free_cma:0kB
[  218.421347][ T8503] lowmem_reserve[]: 0 0 0 0 0
[  218.427881][ T8503] Node 1 DMA32 free:314852kB boost:0kB min:47044kB low:58804kB high:70564kB reserved_highatomic:0KB active_anon:22940kB inactive_anon:20kB active_file:54160kB inactive_file:133388kB unevictable:1536kB writepending:1688kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:3748kB local_pcp:1132kB free_cma:0kB
[  218.436678][ T8503] lowmem_reserve[]: 0 0 0 0 0
[  218.438008][ T8503] Node 0 DMA: 67*4kB (UE) 38*8kB (UE) 24*16kB (UE) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 956kB
[  218.441596][ T8503] Node 0 DMA32: 724*4kB (UMH) 46*8kB (UE) 46*16kB (UMEH) 68*32kB (UMEH) 34*64kB (UMEH) 19*128kB (UMEH) 9*256kB (UMEH) 11*512kB (MH) 2*1024kB (MH) 1*2048kB (U) 0*4096kB = 22816kB
[  218.446356][ T8503] Node 1 DMA32: 707*4kB (UME) 456*8kB (UME) 446*16kB (UME) 310*32kB (UME) 320*64kB (UME) 50*128kB (UME) 33*256kB (UME) 14*512kB (UME) 11*1024kB (UME) 12*2048kB (UME) 52*4096kB (UM) = 314860kB
[  218.451324][ T8503] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  218.453865][ T8503] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  218.456284][ T8503] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  218.459123][ T8503] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  218.461695][ T8503] 50512 total pagecache pages
[  218.462988][ T8503] 545 pages in swap cache
[  218.464171][ T8503] Free swap  = 114084kB
[  218.466009][ T8503] Total swap = 124996kB
[  218.467162][ T8503] 524155 pages RAM
[  218.468275][ T8503] 0 pages HighMem/MovableOnly
[  218.469728][ T8503] 206685 pages reserved
[  218.470941][ T8503] 0 pages cma reserved
[  218.657856][ T8508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.698950][ T8508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.013338][ T8511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.020431][ T8511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.526629][ T6712] usbhid 7-1:0.0: can't add hid device: -71
[  219.528281][ T6712] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  219.544026][ T6712] usb 7-1: USB disconnect, device number 12
[  219.703070][ T5386] usbhid 8-1:0.0: can't add hid device: -71
[  219.707123][ T5386] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  219.715044][ T5386] usb 8-1: USB disconnect, device number 8
[  220.719790][ T8529] overlay: Unknown parameter 'fsuuid'
[  220.917623][ T8533] netlink: 'syz.2.714': attribute type 1 has an invalid length.
[  220.920192][ T8533] netlink: 224 bytes leftover after parsing attributes in process `syz.2.714'.
[  220.920766][ T8532] syz.3.715: attempt to access beyond end of device
[  220.920766][ T8532] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  220.928504][ T8532] FAT-fs (nbd3): unable to read boot sector
[  221.119116][ T8538] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  223.812166][ T5386] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  224.053409][ T5386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.056657][ T5386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.075428][ T5386] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  224.077970][ T5386] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.084039][ T5386] usb 5-1: config 0 descriptor??
[  224.557523][ T8584] netlink: 'syz.1.727': attribute type 1 has an invalid length.
[  224.566095][ T8584] netlink: 224 bytes leftover after parsing attributes in process `syz.1.727'.
[  224.667250][ T5355] Bluetooth: hci0: unexpected event for opcode 0x042c
[  225.127683][ T8593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.161257][ T8593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.700773][ T8602] FAULT_INJECTION: forcing a failure.
[  225.700773][ T8602] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  225.705520][ T8602] CPU: 1 UID: 0 PID: 8602 Comm: syz.1.730 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  225.708236][ T8602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.711054][ T8602] Call Trace:
[  225.711938][ T8602]  <TASK>
[  225.712735][ T8602]  dump_stack_lvl+0x16c/0x1f0
[  225.713978][ T8602]  should_fail_ex+0x497/0x5b0
[  225.715595][ T8602]  ? fs_reclaim_acquire+0xae/0x160
[  225.717481][ T8602]  should_fail_alloc_page+0xe7/0x130
[  225.719048][ T8602]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  225.720710][ T8602]  ? mark_lock+0xb5/0xc60
[  225.721862][ T8602]  __alloc_pages_noprof+0x194/0x2460
[  225.723262][ T8602]  ? hlock_class+0x4e/0x130
[  225.724600][ T8602]  ? __lock_acquire+0xbdd/0x3cb0
[  225.725902][ T8602]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  225.727393][ T8602]  ? __pfx___lock_acquire+0x10/0x10
[  225.728770][ T8602]  ? __pfx_mark_lock+0x10/0x10
[  225.730031][ T8602]  ? __might_fault+0x13b/0x190
[  225.731296][ T8602]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  225.732864][ T8602]  ? policy_nodemask+0xea/0x4e0
[  225.734301][ T8602]  alloc_pages_mpol_noprof+0x275/0x610
[  225.735741][ T8602]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  225.737334][ T8602]  ? find_held_lock+0x2d/0x110
[  225.738866][ T8602]  folio_alloc_mpol_noprof+0x36/0xd0
[  225.740804][ T8602]  vma_alloc_folio_noprof+0xee/0x1b0
[  225.742399][ T8602]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  225.743958][ T8602]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  225.745371][ T8602]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  225.746746][ T8602]  __handle_mm_fault+0x2d27/0x5470
[  225.748099][ T8602]  ? down_read_trylock+0x1ed/0x3f0
[  225.749498][ T8602]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  225.750837][ T8602]  ? __pfx___handle_mm_fault+0x10/0x10
[  225.752280][ T8602]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  225.753746][ T8602]  handle_mm_fault+0x498/0xa60
[  225.754990][ T8602]  ? spurious_kernel_fault+0x361/0x3c0
[  225.756351][ T8602]  do_user_addr_fault+0x60d/0x13f0
[  225.757642][ T8602]  exc_page_fault+0x5c/0xc0
[  225.758859][ T8602]  asm_exc_page_fault+0x26/0x30
[  225.760158][ T8602] RIP: 0023:0xf713879e
[  225.761510][ T8602] Code: 00 00 00 00 8d b4 26 00 00 00 00 90 55 e8 1a ac 01 00 81 c5 6e 38 2d 00 57 56 89 c6 53 81 ec 84 20 00 00 8b 84 24 98 20 00 00 <89> 44 24 0c 8d 85 a6 65 ed ff ff b4 24 a0 20 00 00 50 e8 9b 12 ff
[  225.767403][ T8602] RSP: 002b:00000000f56c24b8 EFLAGS: 00010286
[  225.769176][ T8602] RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000024
[  225.771508][ T8602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7129d10
[  225.773605][ T8602] RBP: 00000000f740bff4 R08: 0000000000000000 R09: 0000000000000000
[  225.776031][ T8602] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  225.778163][ T8602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.780289][ T8602]  </TASK>
[  225.781828][ T8602] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  225.805401][ T5386] usbhid 5-1:0.0: can't add hid device: -71
[  225.807311][ T5386] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  225.818823][ T5386] usb 5-1: USB disconnect, device number 8
[  226.126565][ T5407] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  226.191485][ T8604] FAULT_INJECTION: forcing a failure.
[  226.191485][ T8604] name failslab, interval 1, probability 0, space 0, times 0
[  226.194750][ T8604] CPU: 2 UID: 0 PID: 8604 Comm: syz.3.732 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  226.197424][ T8604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.200341][ T8604] Call Trace:
[  226.201262][ T8604]  <TASK>
[  226.202094][ T8604]  dump_stack_lvl+0x16c/0x1f0
[  226.203356][ T8604]  should_fail_ex+0x497/0x5b0
[  226.204134][ T8606] overlay: Unknown parameter 'fsuuid'
[  226.204617][ T8604]  ? fs_reclaim_acquire+0xae/0x160
[  226.207453][ T8604]  should_failslab+0xc2/0x120
[  226.208719][ T8604]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  226.210200][ T8604]  ? getname_flags.part.0+0x4c/0x550
[  226.211678][ T8604]  getname_flags.part.0+0x4c/0x550
[  226.213051][ T8604]  getname+0x8d/0xe0
[  226.214100][ T8604]  __ia32_compat_sys_execve+0x70/0xc0
[  226.215519][ T8604]  __do_fast_syscall_32+0x73/0x120
[  226.216878][ T8604]  do_fast_syscall_32+0x32/0x80
[  226.218169][ T8604]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.219826][ T8604] RIP: 0023:0xf7fd0579
[  226.220926][ T8604] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.226196][ T8604] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 000000000000000b
[  226.228366][ T8604] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 0000000000000000
[  226.230500][ T8604] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  226.232564][ T8604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.234777][ T8604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.236857][ T8604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.238930][ T8604]  </TASK>
[  226.239817][    C2] vkms_vblank_simulate: vblank timer overrun
[  226.241684][    C2] hpet: Lost 2 RTC interrupts
[  226.279262][ T8609] netlink: 12 bytes leftover after parsing attributes in process `syz.3.733'.
[  226.282197][ T8609] netlink: 12 bytes leftover after parsing attributes in process `syz.3.733'.
[  226.329973][ T5407] usb 6-1: Using ep0 maxpacket: 8
[  226.332712][ T5407] usb 6-1: config 167 has too many interfaces: 202, using maximum allowed: 32
[  226.335188][ T5407] usb 6-1: config 167 has 1 interface, different from the descriptor's value: 202
[  226.351837][ T5407] usb 6-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29
[  226.360078][ T5407] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.362214][ T5407] usb 6-1: Product: syz
[  226.378138][ T8613] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  226.378415][ T5407] usb 6-1: Manufacturer: syz
[  226.385239][ T5407] usb 6-1: SerialNumber: syz
[  226.431264][ T5407] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[  226.443126][ T5407] dvb-usb: bulk message failed: -22 (3/0)
[  226.524354][ T5407] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  226.527617][ T5407] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[  226.536103][ T5407] usb 6-1: media controller created
[  226.578367][ T5407] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  226.616595][ T5407] dvb-usb: bulk message failed: -22 (6/0)
[  226.618475][ T5407] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[  226.631682][ T5407] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input8
[  226.663084][ T5407] dvb-usb: schedule remote query interval to 150 msecs.
[  226.665185][ T5407] dvb-usb: bulk message failed: -22 (3/0)
[  226.690263][ T5407] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[  226.831162][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  226.832883][ T5407] dvb-usb: error while querying for an remote control event.
[  227.313705][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  227.317989][ T5407] dvb-usb: error while querying for an remote control event.
[  227.490054][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  227.491807][ T5407] dvb-usb: error while querying for an remote control event.
[  227.650102][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  227.651664][ T5407] dvb-usb: error while querying for an remote control event.
[  227.821887][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  227.823451][ T5407] dvb-usb: error while querying for an remote control event.
[  227.980018][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  227.981591][ T5407] dvb-usb: error while querying for an remote control event.
[  228.140013][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  228.141681][ T5407] dvb-usb: error while querying for an remote control event.
[  228.300007][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  228.301654][ T5407] dvb-usb: error while querying for an remote control event.
[  228.460007][ T5407] dvb-usb: bulk message failed: -22 (1/0)
[  228.461675][ T5407] dvb-usb: error while querying for an remote control event.
[  228.504296][ T6712] usb 6-1: USB disconnect, device number 8
[  228.629845][ T6712] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[  228.744655][ T8654] FAULT_INJECTION: forcing a failure.
[  228.744655][ T8654] name failslab, interval 1, probability 0, space 0, times 0
[  228.747999][ T8654] CPU: 0 UID: 0 PID: 8654 Comm: syz.1.742 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  228.750829][ T8654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  228.753696][ T8654] Call Trace:
[  228.754605][ T8654]  <TASK>
[  228.755407][ T8654]  dump_stack_lvl+0x16c/0x1f0
[  228.756687][ T8654]  should_fail_ex+0x497/0x5b0
[  228.757952][ T8654]  ? fs_reclaim_acquire+0xae/0x160
[  228.759328][ T8654]  should_failslab+0xc2/0x120
[  228.760620][ T8654]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  228.762058][ T8654]  ? security_file_alloc+0x34/0x2b0
[  228.763453][ T8654]  ? rcu_is_watching+0x12/0xc0
[  228.764797][ T8654]  security_file_alloc+0x34/0x2b0
[  228.766140][ T8654]  init_file+0x93/0x230
[  228.767254][ T8654]  alloc_empty_file+0x91/0x1e0
[  228.768555][ T8654]  path_openat+0xe1/0x2d60
[  228.769758][ T8654]  ? hlock_class+0x4e/0x130
[  228.770982][ T8654]  ? __lock_acquire+0x1620/0x3cb0
[  228.772346][ T8654]  ? __pfx_path_openat+0x10/0x10
[  228.773725][ T8654]  ? __pfx___lock_acquire+0x10/0x10
[  228.775173][ T8654]  ? find_held_lock+0x2d/0x110
[  228.776476][ T8654]  do_filp_open+0x1dc/0x430
[  228.777725][ T8654]  ? __pfx_do_filp_open+0x10/0x10
[  228.779078][ T8654]  ? find_held_lock+0x2d/0x110
[  228.780428][ T8654]  ? _raw_spin_unlock+0x28/0x50
[  228.781744][ T8654]  ? alloc_fd+0x2d7/0x6c0
[  228.782907][ T8654]  do_sys_openat2+0x17a/0x1e0
[  228.784172][ T8654]  ? __pfx_do_sys_openat2+0x10/0x10
[  228.785565][ T8654]  __ia32_compat_sys_openat+0x16e/0x210
[  228.787016][ T8654]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  228.788626][ T8654]  ? ksys_write+0x1ab/0x260
[  228.789847][ T8654]  __do_fast_syscall_32+0x73/0x120
[  228.791194][ T8654]  do_fast_syscall_32+0x32/0x80
[  228.792484][ T8654]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.794166][ T8654] RIP: 0023:0xf7f87579
[  228.795247][ T8654] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  228.800381][ T8654] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  228.802601][ T8654] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000180
[  228.804706][ T8654] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  228.806806][ T8654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  228.808943][ T8654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  228.811055][ T8654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.813232][ T8654]  </TASK>
[  228.880051][ T5386] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  229.062131][ T5386] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  229.065640][ T5386] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.073954][ T5386] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  229.076825][ T5386] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.083484][ T5386] usb 7-1: config 0 descriptor??
[  229.360073][ T8658] FAULT_INJECTION: forcing a failure.
[  229.360073][ T8658] name failslab, interval 1, probability 0, space 0, times 0
[  229.363307][ T8658] CPU: 2 UID: 0 PID: 8658 Comm: syz.3.746 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  229.365929][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.368749][ T8658] Call Trace:
[  229.369488][ T8660] netlink: 'syz.0.745': attribute type 1 has an invalid length.
[  229.369949][ T8658]  <TASK>
[  229.369960][ T8658]  dump_stack_lvl+0x16c/0x1f0
[  229.369989][ T8658]  should_fail_ex+0x497/0x5b0
[  229.370011][ T8658]  ? fs_reclaim_acquire+0xae/0x160
[  229.372231][ T8660] netlink: 224 bytes leftover after parsing attributes in process `syz.0.745'.
[  229.372811][ T8658]  should_failslab+0xc2/0x120
[  229.380169][ T8658]  kmem_cache_alloc_node_noprof+0x71/0x310
[  229.381776][ T8658]  ? alloc_vmap_area+0x636/0x2a70
[  229.383119][ T8658]  alloc_vmap_area+0x636/0x2a70
[  229.384433][ T8658]  ? __pfx_alloc_vmap_area+0x10/0x10
[  229.385834][ T8658]  __get_vm_area_node+0x17e/0x2d0
[  229.387169][ T8658]  __vmalloc_node_range_noprof+0x270/0x14e0
[  229.388755][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.390442][ T8658]  ? rcu_read_unlock+0x17/0x60
[  229.392042][ T8658]  ? __pfx_lock_release+0x10/0x10
[  229.393413][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.394641][ T8658]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  229.396489][ T8658]  ? ___kmalloc_large_node+0x127/0x1a0
[  229.397946][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.399518][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.401089][ T8658]  vzalloc_noprof+0x6b/0x90
[  229.402258][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.403451][ T8658]  bpf_check+0x1fa/0xb3b0
[  229.404598][ T8658]  ? __pfx___lock_acquire+0x10/0x10
[  229.405981][ T8658]  ? __pfx_bpf_check+0x10/0x10
[  229.407253][ T8658]  ? ktime_get_with_offset+0x13a/0x240
[  229.408703][ T8658]  ? __pfx_lock_release+0x10/0x10
[  229.410531][ T8658]  ? find_held_lock+0x2d/0x110
[  229.412136][ T8658]  ? timekeeping_debug_get_ns+0x3e0/0x5b0
[  229.413690][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.415107][ T8658]  ? read_tsc+0x9/0x20
[  229.416201][ T8658]  ? timekeeping_debug_get_ns+0x334/0x5b0
[  229.417726][ T8658]  ? bpf_obj_name_cpy+0x156/0x1b0
[  229.419101][ T8658]  bpf_prog_load+0xe3f/0x2670
[  229.420377][ T8658]  ? __pfx_bpf_prog_load+0x10/0x10
[  229.421748][ T8658]  ? find_held_lock+0x2d/0x110
[  229.423024][ T8658]  __sys_bpf+0x9d4/0x5590
[  229.424181][ T8658]  ? __pfx___sys_bpf+0x10/0x10
[  229.425475][ T8658]  ? ksys_write+0x12f/0x260
[  229.426690][ T8658]  ? find_held_lock+0x2d/0x110
[  229.427959][ T8658]  ? ksys_write+0x21c/0x260
[  229.429362][ T8658]  ? __pfx_lock_release+0x10/0x10
[  229.431220][ T8658]  ? vfs_write+0x14d/0x1140
[  229.432560][ T8658]  ? __mutex_unlock_slowpath+0x164/0x650
[  229.434061][ T8658]  ? fput+0x30/0x390
[  229.435101][ T8658]  ? ksys_write+0x1ab/0x260
[  229.436306][ T8658]  ? __pfx_ksys_write+0x10/0x10
[  229.437618][ T8658]  __ia32_sys_bpf+0x76/0xe0
[  229.438865][ T8658]  __do_fast_syscall_32+0x73/0x120
[  229.440220][ T8658]  do_fast_syscall_32+0x32/0x80
[  229.441534][ T8658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.443198][ T8658] RIP: 0023:0xf7fd0579
[  229.444287][ T8658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.449581][ T8658] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  229.452348][ T8658] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000540
[  229.454427][ T8658] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  229.456500][ T8658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.458594][ T8658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.460728][ T8658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.462821][ T8658]  </TASK>
[  229.463717][    C2] vkms_vblank_simulate: vblank timer overrun
[  229.465726][    C2] hpet: Lost 5 RTC interrupts
[  229.473873][ T8658] syz.3.746: vmalloc error: size 1080, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  229.479793][ T8658] CPU: 2 UID: 0 PID: 8658 Comm: syz.3.746 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  229.482513][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.485371][ T8658] Call Trace:
[  229.486261][ T8658]  <TASK>
[  229.487052][ T8658]  dump_stack_lvl+0x16c/0x1f0
[  229.488308][ T8658]  warn_alloc+0x24d/0x3a0
[  229.489719][ T8658]  ? __pfx_warn_alloc+0x10/0x10
[  229.491520][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.493071][ T8658]  ? __get_vm_area_node+0x27d/0x2d0
[  229.494413][ T8658]  ? __get_vm_area_node+0x1bc/0x2d0
[  229.495768][ T8658]  __vmalloc_node_range_noprof+0xc0d/0x14e0
[  229.497368][ T8658]  ? rcu_read_unlock+0x17/0x60
[  229.498857][ T8658]  ? __pfx_lock_release+0x10/0x10
[  229.500174][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.501393][ T8658]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  229.503004][ T8658]  ? ___kmalloc_large_node+0x127/0x1a0
[  229.504412][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.505771][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.506951][ T8658]  vzalloc_noprof+0x6b/0x90
[  229.508139][ T8658]  ? bpf_check+0x1fa/0xb3b0
[  229.509336][ T8658]  bpf_check+0x1fa/0xb3b0
[  229.510470][ T8658]  ? __pfx___lock_acquire+0x10/0x10
[  229.511826][ T8658]  ? __pfx_bpf_check+0x10/0x10
[  229.513093][ T8658]  ? ktime_get_with_offset+0x13a/0x240
[  229.514482][ T8658]  ? __pfx_lock_release+0x10/0x10
[  229.515783][ T8658]  ? find_held_lock+0x2d/0x110
[  229.517035][ T8658]  ? timekeeping_debug_get_ns+0x3e0/0x5b0
[  229.518511][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.519857][ T8658]  ? read_tsc+0x9/0x20
[  229.520935][ T8658]  ? timekeeping_debug_get_ns+0x334/0x5b0
[  229.522406][ T8658]  ? bpf_obj_name_cpy+0x156/0x1b0
[  229.523709][ T8658]  bpf_prog_load+0xe3f/0x2670
[  229.524937][ T8658]  ? __pfx_bpf_prog_load+0x10/0x10
[  229.526258][ T8658]  ? find_held_lock+0x2d/0x110
[  229.527516][ T8658]  __sys_bpf+0x9d4/0x5590
[  229.528661][ T8658]  ? __pfx___sys_bpf+0x10/0x10
[  229.529903][ T8658]  ? ksys_write+0x12f/0x260
[  229.531091][ T8658]  ? find_held_lock+0x2d/0x110
[  229.532331][ T8658]  ? ksys_write+0x21c/0x260
[  229.533525][ T8658]  ? __pfx_lock_release+0x10/0x10
[  229.534832][ T8658]  ? vfs_write+0x14d/0x1140
[  229.536012][ T8658]  ? __mutex_unlock_slowpath+0x164/0x650
[  229.537477][ T8658]  ? fput+0x30/0x390
[  229.538483][ T8658]  ? ksys_write+0x1ab/0x260
[  229.539653][ T8658]  ? __pfx_ksys_write+0x10/0x10
[  229.540942][ T8658]  __ia32_sys_bpf+0x76/0xe0
[  229.542108][ T8658]  __do_fast_syscall_32+0x73/0x120
[  229.543435][ T8658]  do_fast_syscall_32+0x32/0x80
[  229.544698][ T8658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.546251][ T8658] RIP: 0023:0xf7fd0579
[  229.547273][ T8658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.552020][ T8658] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  229.554111][ T8658] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000540
[  229.556052][ T8658] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  229.557987][ T8658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.560035][ T8658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.562032][ T8658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.564015][ T8658]  </TASK>
[  229.564895][    C2] vkms_vblank_simulate: vblank timer overrun
[  229.566814][    C2] hpet: Lost 5 RTC interrupts
[  229.590241][ T8658] Mem-Info:
[  229.591137][ T8658] active_anon:6946 inactive_anon:21 isolated_anon:0
[  229.591137][ T8658]  active_file:13564 inactive_file:33350 isolated_file:0
[  229.591137][ T8658]  unevictable:768 dirty:459 writeback:0
[  229.591137][ T8658]  slab_reclaimable:5644 slab_unreclaimable:55024
[  229.591137][ T8658]  mapped:17871 shmem:2818 pagetables:689
[  229.591137][ T8658]  sec_pagetables:319 bounce:0
[  229.591137][ T8658]  kernel_misc_reclaimable:0
[  229.591137][ T8658]  free:72420 free_pcp:10745 free_cma:0
[  229.602985][ T8658] Node 0 active_anon:8kB inactive_anon:60kB active_file:0kB inactive_file:12kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:1568kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9232kB pagetables:1364kB sec_pagetables:1176kB all_unreclaimable? no
[  229.615293][ T8658] Node 1 active_anon:27792kB inactive_anon:24kB active_file:54256kB inactive_file:133388kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:69876kB dirty:1828kB writeback:0kB shmem:9740kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2196kB pagetables:1412kB sec_pagetables:100kB all_unreclaimable? no
[  229.628807][ T8658] Node 0 DMA free:1060kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:316kB local_pcp:80kB free_cma:0kB
[  229.636608][ T8658] lowmem_reserve[]: 0 275 0 0 0
[  229.638433][ T8658] Node 0 DMA32 free:20968kB boost:0kB min:14004kB low:17504kB high:21004kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:840kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:8kB present:1032192kB managed:308312kB mlocked:0kB bounce:0kB free_pcp:996kB local_pcp:112kB free_cma:0kB
[  229.645991][ T8658] lowmem_reserve[]: 0 0 0 0 0
[  229.647288][ T8658] Node 1 DMA32 free:312852kB boost:0kB min:47044kB low:58804kB high:70564kB reserved_highatomic:0KB active_anon:28820kB inactive_anon:24kB active_file:54256kB inactive_file:133388kB unevictable:1536kB writepending:1828kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:3092kB local_pcp:64kB free_cma:0kB
[  229.654978][ T8658] lowmem_reserve[]: 0 0 0 0 0
[  229.656334][ T8658] Node 0 DMA: 41*4kB (UE) 39*8kB (UE) 25*16kB (UE) 5*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1036kB
[  229.660005][ T8658] Node 0 DMA32: 757*4kB (UMH) 55*8kB (UME) 27*16kB (UMEH) 35*32kB (UMEH) 30*64kB (UMEH) 20*128kB (MEH) 8*256kB (UMEH) 11*512kB (MH) 2*1024kB (MH) 1*2048kB (U) 0*4096kB = 21276kB
[  229.664616][ T8658] Node 1 DMA32: 282*4kB (UME) 353*8kB (UME) 282*16kB (UME) 388*32kB (UME) 288*64kB (UME) 48*128kB (UME) 32*256kB (UME) 12*512kB (UME) 12*1024kB (UME) 12*2048kB (UME) 52*4096kB (UM) = 309648kB
[  229.670217][ T8658] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  229.672844][ T8658] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  229.675191][ T8658] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  229.677708][ T8658] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  229.680927][ T8658] 50812 total pagecache pages
[  229.682267][ T8658] 560 pages in swap cache
[  229.683509][ T8658] Free swap  = 111276kB
[  229.684698][ T8658] Total swap = 124996kB
[  229.685888][ T8658] 524155 pages RAM
[  229.687058][ T8658] 0 pages HighMem/MovableOnly
[  229.688375][ T8658] 206685 pages reserved
[  229.689565][ T8658] 0 pages cma reserved
[  230.065538][ T8670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.463211][ T8670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.817256][ T5386] usbhid 7-1:0.0: can't add hid device: -71
[  230.818856][ T5386] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  230.823144][ T5386] usb 7-1: USB disconnect, device number 13
[  231.528613][ T5355] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  231.771591][ T8695] netlink: 'syz.0.756': attribute type 1 has an invalid length.
[  231.773769][ T8695] netlink: 224 bytes leftover after parsing attributes in process `syz.0.756'.
[  232.222374][ T8702] netlink: 'syz.2.758': attribute type 1 has an invalid length.
[  232.235531][ T8702] netlink: 224 bytes leftover after parsing attributes in process `syz.2.758'.
[  232.439708][   T39] audit: type=1326 audit(1726574686.444:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8704 comm="syz.1.759" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x0
[  232.522567][ T8707] FAULT_INJECTION: forcing a failure.
[  232.522567][ T8707] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  232.549482][ T8707] CPU: 1 UID: 0 PID: 8707 Comm: syz.3.760 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  232.552982][ T8707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.556007][ T8707] Call Trace:
[  232.557118][ T8707]  <TASK>
[  232.557910][ T8707]  dump_stack_lvl+0x16c/0x1f0
[  232.559156][ T8707]  should_fail_ex+0x497/0x5b0
[  232.560556][ T8707]  ? fs_reclaim_acquire+0xae/0x160
[  232.562044][ T8707]  should_fail_alloc_page+0xe7/0x130
[  232.563588][ T8707]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  232.565282][ T8707]  __alloc_pages_noprof+0x194/0x2460
[  232.566688][ T8707]  ? hlock_class+0x4e/0x130
[  232.567891][ T8707]  ? __pfx___lock_acquire+0x10/0x10
[  232.569280][ T8707]  ? stack_access_ok+0xf9/0x270
[  232.570583][ T8707]  ? __module_address+0x55/0x3c0
[  232.571897][ T8707]  ? __pfx_mark_lock+0x10/0x10
[  232.573205][ T8707]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  232.574702][ T8707]  ? stack_depot_save_flags+0x31b/0x900
[  232.576172][ T8707]  ? mark_held_locks+0x9f/0xe0
[  232.577503][ T8707]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  232.579177][ T8707]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  232.580894][ T8707]  ? policy_nodemask+0xea/0x4e0
[  232.582171][ T8707]  alloc_pages_mpol_noprof+0x275/0x610
[  232.583593][ T8707]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  232.585175][ T8707]  ? kasan_save_track+0x14/0x30
[  232.586538][ T8707]  ? __kasan_kmalloc+0xaa/0xb0
[  232.587894][ T8707]  ? drm_prime_pages_to_sg+0x4d/0x140
[  232.589884][ T8707]  ? drm_gem_map_dma_buf+0xd9/0x1f0
[  232.591524][ T8707]  ? __map_dma_buf+0x7f/0x240
[  232.592878][ T8707]  ? dma_buf_map_attachment_unlocked+0x9e/0x150
[  232.594540][ T8707]  ? drm_gem_prime_import_dev+0x134/0x440
[  232.596058][ T8707]  ? drm_gem_prime_fd_to_handle+0x443/0x590
[  232.597645][ T8707]  ? drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  232.599235][ T8707]  ? drm_ioctl_kernel+0x1e6/0x3d0
[  232.600627][ T8707]  ? drm_ioctl+0x57e/0xba0
[  232.601812][ T8707]  get_free_pages_noprof+0xc/0x40
[  232.603163][ T8707]  sg_alloc_append_table_from_pages+0x7f3/0xde0
[  232.604944][ T8707]  sg_alloc_table_from_pages_segment+0xfa/0x2a0
[  232.606765][ T8707]  ? __pfx_sg_alloc_table_from_pages_segment+0x10/0x10
[  232.608648][ T8707]  ? dma_direct_get_required_mask+0x9a/0x1f0
[  232.610222][ T8707]  ? dma_direct_all_ram_mapped+0x71/0x90
[  232.611706][ T8707]  ? drm_prime_pages_to_sg+0xcb/0x140
[  232.613278][ T8707]  drm_prime_pages_to_sg+0xcb/0x140
[  232.614671][ T8707]  ? __pfx_drm_gem_shmem_object_get_sg_table+0x10/0x10
[  232.616536][ T8707]  drm_gem_map_dma_buf+0xd9/0x1f0
[  232.617977][ T8707]  __map_dma_buf+0x7f/0x240
[  232.619188][ T8707]  dma_buf_map_attachment+0x1cb/0x350
[  232.620642][ T8707]  dma_buf_map_attachment_unlocked+0x9e/0x150
[  232.622467][ T8707]  drm_gem_prime_import_dev+0x134/0x440
[  232.624597][ T8707]  drm_gem_prime_fd_to_handle+0x443/0x590
[  232.626511][ T8707]  drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  232.628043][ T8707]  drm_ioctl_kernel+0x1e6/0x3d0
[  232.629356][ T8707]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  232.631158][ T8707]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  232.632609][ T8707]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  232.634309][ T8707]  drm_ioctl+0x57e/0xba0
[  232.635450][ T8707]  ? __pfx_drm_ioctl+0x10/0x10
[  232.636777][ T8707]  drm_compat_ioctl+0x327/0x460
[  232.638076][ T8707]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  232.639560][ T8707]  __do_compat_sys_ioctl+0x2bd/0x330
[  232.640980][ T8707]  __do_fast_syscall_32+0x73/0x120
[  232.642508][ T8707]  do_fast_syscall_32+0x32/0x80
[  232.644260][ T8707]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  232.646261][ T8707] RIP: 0023:0xf7fd0579
[  232.647298][ T8707] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  232.652203][ T8707] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  232.654289][ T8707] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c00c642e
[  232.656325][ T8707] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000
[  232.658434][ T8707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  232.660599][ T8707] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  232.663349][ T8707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  232.666090][ T8707]  </TASK>
[  232.850678][ T8716] FAULT_INJECTION: forcing a failure.
[  232.850678][ T8716] name failslab, interval 1, probability 0, space 0, times 0
[  232.855155][ T8716] CPU: 1 UID: 0 PID: 8716 Comm: syz.3.762 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  232.858663][ T8716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.862343][ T8716] Call Trace:
[  232.863501][ T8716]  <TASK>
[  232.864536][ T8716]  dump_stack_lvl+0x16c/0x1f0
[  232.866117][ T8716]  should_fail_ex+0x497/0x5b0
[  232.867712][ T8716]  ? fs_reclaim_acquire+0xae/0x160
[  232.869567][ T8716]  should_failslab+0xc2/0x120
[  232.871161][ T8716]  __kmalloc_noprof+0xcb/0x410
[  232.872828][ T8716]  ? __pfx_d_absolute_path+0x10/0x10
[  232.875057][ T8716]  tomoyo_encode2+0x100/0x3e0
[  232.876807][ T8716]  tomoyo_realpath_from_path+0x1a7/0x710
[  232.878877][ T8716]  tomoyo_path_number_perm+0x245/0x5b0
[  232.880828][ T8716]  ? tomoyo_path_number_perm+0x232/0x5b0
[  232.883089][ T8716]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  232.885444][ T8716]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  232.887679][ T8716]  ? __fget_files+0x244/0x3f0
[  232.889432][ T8716]  ? __fget_files+0x244/0x3f0
[  232.891037][ T8716]  security_file_ioctl_compat+0x9b/0x240
[  232.892900][ T8716]  __do_compat_sys_ioctl+0x5d/0x330
[  232.894676][ T8716]  __do_fast_syscall_32+0x73/0x120
[  232.896390][ T8716]  do_fast_syscall_32+0x32/0x80
[  232.898032][ T8716]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  232.900147][ T8716] RIP: 0023:0xf7fd0579
[  232.901609][ T8716] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  232.908160][ T8716] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  232.910442][ T8716] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[  232.912591][ T8716] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  232.914614][ T8716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  232.916671][ T8716] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  232.918680][ T8716] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  232.920910][ T8716]  </TASK>
[  232.922834][ T8716] ERROR: Out of memory at tomoyo_realpath_from_path.
[  233.230386][   T62] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  233.624359][   T62] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.629415][   T62] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.632043][   T62] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  233.635242][   T62] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.638484][   T62] usb 8-1: config 0 descriptor??
[  234.811739][ T8747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.238017][ T8747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.303736][   T62] usbhid 8-1:0.0: can't add hid device: -71
[  235.305524][   T62] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  235.329682][   T62] usb 8-1: USB disconnect, device number 9
[  235.422482][ T8749] netlink: 'syz.0.770': attribute type 1 has an invalid length.
[  235.424587][ T8749] netlink: 224 bytes leftover after parsing attributes in process `syz.0.770'.
[  235.457648][ T8751] vxfs: WRONG superblock magic 00000000 at 1
[  235.461207][ T8751] vxfs: WRONG superblock magic 00000000 at 8
[  235.472736][ T8751] vxfs: can't find superblock.
[  235.519184][ T8751] netlink: 12 bytes leftover after parsing attributes in process `syz.2.771'.
[  235.523669][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.771'.
[  235.665320][ T8755] syzkaller0: entered promiscuous mode
[  235.667270][ T8755] syzkaller0: entered allmulticast mode
[  235.700915][ T8753] FAULT_INJECTION: forcing a failure.
[  235.700915][ T8753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.704527][ T8753] CPU: 0 UID: 0 PID: 8753 Comm: syz.1.772 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  235.707870][ T8753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.711400][ T8753] Call Trace:
[  235.712256][ T8753]  <TASK>
[  235.713011][ T8753]  dump_stack_lvl+0x16c/0x1f0
[  235.714314][ T8753]  should_fail_ex+0x497/0x5b0
[  235.715887][ T8753]  strncpy_from_user+0x38/0x320
[  235.717602][ T8753]  getname_flags.part.0+0x8f/0x550
[  235.719308][ T8753]  getname+0x8d/0xe0
[  235.720690][ T8753]  do_sys_openat2+0x104/0x1e0
[  235.722121][ T8753]  ? __pfx_do_sys_openat2+0x10/0x10
[  235.723540][ T8753]  __ia32_compat_sys_open+0x147/0x1e0
[  235.724941][ T8753]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  235.726425][ T8753]  __do_fast_syscall_32+0x73/0x120
[  235.727763][ T8753]  do_fast_syscall_32+0x32/0x80
[  235.729066][ T8753]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.730713][ T8753] RIP: 0023:0xf7f87579
[  235.731801][ T8753] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.736739][ T8753] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  235.738915][ T8753] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000000400
[  235.741001][ T8753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  235.742978][ T8753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  235.745045][ T8753] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.747104][ T8753] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.749471][ T8753]  </TASK>
[  235.912940][ T8760] netlink: 32 bytes leftover after parsing attributes in process `syz.1.773'.
[  235.945012][   T39] audit: type=1326 audit(1726574689.954:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.0.774" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x0
[  235.948015][ T8760] overlayfs: missing 'lowerdir'
[  235.988599][ T8764] 9pnet_fd: Insufficient options for proto=fd
[  238.013797][ T8782] veth0_vlan: left promiscuous mode
[  238.017598][ T8782] veth0_vlan: entered promiscuous mode
[  238.137348][ T8792] netlink: 'syz.2.782': attribute type 1 has an invalid length.
[  238.139424][ T8792] netlink: 224 bytes leftover after parsing attributes in process `syz.2.782'.
[  238.163897][ T8795] netlink: del zone limit has 4 unknown bytes
[  238.222623][   T39] audit: type=1326 audit(1726574692.234:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8797 comm="syz.3.785" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x0
[  238.239106][   T39] audit: type=1326 audit(1726574692.244:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.786" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x0
[  238.630988][ T8811] ntfs3: loop0: try to read out of volume at offset 0x0
[  238.724673][ T8816] x_tables: duplicate underflow at hook 1
[  238.853630][ T8818] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  239.079095][ T8824] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.082020][ T8824] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.499293][ T8841] netlink: 'syz.0.795': attribute type 1 has an invalid length.
[  239.502434][ T8841] netlink: 224 bytes leftover after parsing attributes in process `syz.0.795'.
[  239.759768][   T39] audit: type=1326 audit(1726574693.764:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8820 comm="syz.2.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7fc00000
[  240.044693][ T8856] netlink: 156 bytes leftover after parsing attributes in process `syz.1.798'.
[  240.204775][ T8859] FAULT_INJECTION: forcing a failure.
[  240.204775][ T8859] name failslab, interval 1, probability 0, space 0, times 0
[  240.208202][ T8859] CPU: 3 UID: 0 PID: 8859 Comm: syz.0.799 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  240.210885][ T8859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  240.213902][ T8859] Call Trace:
[  240.214853][ T8859]  <TASK>
[  240.215670][ T8859]  dump_stack_lvl+0x16c/0x1f0
[  240.216954][ T8859]  should_fail_ex+0x497/0x5b0
[  240.218254][ T8859]  ? fs_reclaim_acquire+0xae/0x160
[  240.219641][ T8859]  should_failslab+0xc2/0x120
[  240.220946][ T8859]  __kmalloc_noprof+0xcb/0x410
[  240.222327][ T8859]  ? __pfx_lock_acquire+0x10/0x10
[  240.223620][ T8859]  tomoyo_realpath_from_path+0xbf/0x710
[  240.225132][ T8859]  ? tomoyo_profile+0x47/0x60
[  240.226362][ T8859]  tomoyo_path_number_perm+0x245/0x5b0
[  240.227800][ T8859]  ? tomoyo_path_number_perm+0x232/0x5b0
[  240.229261][ T8859]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  240.230854][ T8859]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  240.232509][ T8859]  ? __fget_files+0x244/0x3f0
[  240.233943][ T8859]  ? __fget_files+0x244/0x3f0
[  240.235292][ T8859]  security_file_ioctl_compat+0x9b/0x240
[  240.236850][ T8859]  __do_compat_sys_ioctl+0x5d/0x330
[  240.238312][ T8859]  __do_fast_syscall_32+0x73/0x120
[  240.239745][ T8859]  do_fast_syscall_32+0x32/0x80
[  240.241135][ T8859]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.242966][ T8859] RIP: 0023:0xf7f44579
[  240.244049][ T8859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.249217][ T8859] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  240.251489][ T8859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707
[  240.253826][ T8859] RDX: 0000000020001100 RSI: 0000000000000000 RDI: 0000000000000000
[  240.255938][ T8859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.258113][ T8859] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  240.260304][ T8859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.262382][ T8859]  </TASK>
[  240.263236][    C3] vkms_vblank_simulate: vblank timer overrun
[  240.268700][ T8859] ERROR: Out of memory at tomoyo_realpath_from_path.
[  240.320904][ T8861] batadv_slave_0: entered promiscuous mode
[  240.830105][ T5348] Bluetooth: hci0: command 0x0c1a tx timeout
[  240.840348][ T5355] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  241.199753][ T8883] netlink: 'syz.1.807': attribute type 1 has an invalid length.
[  241.202498][ T8883] netlink: 224 bytes leftover after parsing attributes in process `syz.1.807'.
[  241.209145][ T8881] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  241.524361][ T5355] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  241.773153][ T8893] netlink: 12 bytes leftover after parsing attributes in process `syz.1.810'.
[  241.790118][ T6712] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  242.002938][ T6712] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  242.005661][ T6712] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  242.008167][ T6712] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  242.017812][ T6712] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.069756][ T8889] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  242.123955][ T6712] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  242.860583][ T8903] FAULT_INJECTION: forcing a failure.
[  242.860583][ T8903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.864843][ T8903] CPU: 3 UID: 0 PID: 8903 Comm: syz.1.813 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  242.867987][ T8903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.871382][ T8903] Call Trace:
[  242.872449][ T8903]  <TASK>
[  242.873544][ T8903]  dump_stack_lvl+0x16c/0x1f0
[  242.875252][ T8903]  should_fail_ex+0x497/0x5b0
[  242.876811][ T8903]  _copy_from_iter+0x29b/0x13f0
[  242.878020][ T8903]  ? __pfx__copy_from_iter+0x10/0x10
[  242.879581][ T8903]  ? __virt_addr_valid+0x5e/0x590
[  242.881252][ T8903]  ? __phys_addr_symbol+0x30/0x80
[  242.882883][ T8903]  ? __check_object_size+0x497/0x720
[  242.884388][ T8903]  hci_sock_sendmsg+0x46d/0x25e0
[  242.886149][ T8903]  ? __pfx_aa_sk_perm+0x10/0x10
[  242.887620][ T8903]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  242.889157][ T8903]  sock_write_iter+0x4fe/0x5b0
[  242.890469][ T8903]  ? __pfx_sock_write_iter+0x10/0x10
[  242.891998][ T8903]  ? bpf_lsm_file_permission+0x9/0x10
[  242.893852][ T8903]  ? security_file_permission+0x71/0x210
[  242.895314][ T8903]  vfs_write+0x6b5/0x1140
[  242.896431][ T8903]  ? __pfx_sock_write_iter+0x10/0x10
[  242.897900][ T8903]  ? __pfx_vfs_write+0x10/0x10
[  242.899199][ T8903]  ? __fget_files+0x244/0x3f0
[  242.900444][ T8903]  ? __fget_light+0x173/0x210
[  242.901725][ T8903]  ksys_write+0x1f8/0x260
[  242.903218][ T8903]  ? __pfx_ksys_write+0x10/0x10
[  242.904575][ T8903]  __do_fast_syscall_32+0x73/0x120
[  242.906020][ T8903]  do_fast_syscall_32+0x32/0x80
[  242.907361][ T8903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.909056][ T8903] RIP: 0023:0xf7f87579
[  242.910207][ T8903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.915431][ T8903] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  242.917702][ T8903] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000100
[  242.919877][ T8903] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  242.922326][ T8903] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.924955][ T8903] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.927760][ T8903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.930513][ T8903]  </TASK>
[  242.931687][    C3] vkms_vblank_simulate: vblank timer overrun
[  242.939047][ T5355] Bluetooth: hci0: command 0x0c1a tx timeout
[  242.940782][ T8901] Bluetooth: hci0: Opcode 0x0c20 failed: -110
[  243.420112][   T62] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  243.622973][   T62] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  243.626537][   T62] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  243.628991][   T62] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  243.640118][   T62] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  243.642475][   T62] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.655888][   T62] usb 6-1: config 0 descriptor??
[  243.754440][ T8933] netlink: 12 bytes leftover after parsing attributes in process `syz.2.823'.
[  243.947331][ T8938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.824'.
[  243.949718][ T8938] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.954266][ T8938] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.962944][ T8938] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.965379][ T8938] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.083143][   T62] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  244.094725][   T62] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  244.598337][   T56] usb 5-1: USB disconnect, device number 9
[  244.608900][ T8948] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  244.981812][ T5355] Bluetooth: hci0: command 0x0c1a tx timeout
[  245.344130][ T8967] netlink: 'syz.2.834': attribute type 1 has an invalid length.
[  245.346601][ T8967] netlink: 224 bytes leftover after parsing attributes in process `syz.2.834'.
[  245.840102][ T5502] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  246.060002][ T5502] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.063597][ T5502] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.079738][ T5502] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  246.083983][ T5502] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.093870][ T5502] usb 8-1: config 0 descriptor??
[  246.158075][ T8989] fuse: Unknown parameter '0000'
[  246.254354][   T62] usb 6-1: USB disconnect, device number 9
[  246.523278][ T5355] Bluetooth: hci0: unexpected event 0x09 length: 17 > 3
[  246.571299][ T8998] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  246.955761][ T9006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.013147][ T9006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  247.555367][ T5502] usbhid 8-1:0.0: can't add hid device: -71
[  247.559108][ T5502] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  247.582723][ T5502] usb 8-1: USB disconnect, device number 10
[  247.730295][ T9013] netlink: 'syz.0.847': attribute type 1 has an invalid length.
[  247.732424][ T9013] netlink: 224 bytes leftover after parsing attributes in process `syz.0.847'.
[  247.774995][   T39] audit: type=1326 audit(1726574701.784:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.783518][   T39] audit: type=1326 audit(1726574701.794:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.793183][   T39] audit: type=1326 audit(1726574701.794:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.802153][ T9015] FAULT_INJECTION: forcing a failure.
[  247.802153][ T9015] name failslab, interval 1, probability 0, space 0, times 0
[  247.805877][ T9015] CPU: 3 UID: 0 PID: 9015 Comm: syz.2.848 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  247.808690][ T9015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.812624][ T9015] Call Trace:
[  247.813519][ T9015]  <TASK>
[  247.814308][ T9015]  dump_stack_lvl+0x16c/0x1f0
[  247.815556][ T9015]  should_fail_ex+0x497/0x5b0
[  247.816820][ T9015]  ? fs_reclaim_acquire+0xae/0x160
[  247.818168][ T9015]  should_failslab+0xc2/0x120
[  247.819684][ T9015]  __kmalloc_cache_noprof+0x6b/0x310
[  247.821630][ T9015]  ? audit_log_d_path+0xce/0x1e0
[  247.823393][ T9015]  audit_log_d_path+0xce/0x1e0
[  247.824962][ T9015]  audit_log_d_path_exe+0x46/0x70
[  247.826821][ T9015]  audit_log_task+0x279/0x300
[  247.828525][ T9015]  ? __pfx_audit_log_task+0x10/0x10
[  247.830365][ T9015]  ? migrate_enable+0x1a8/0x260
[  247.832127][ T9015]  ? __pfx_migrate_enable+0x10/0x10
[  247.834016][ T9015]  audit_seccomp+0x7a/0x280
[  247.835893][ T9015]  __seccomp_filter+0x816/0xf40
[  247.838001][ T9015]  ? __pfx___seccomp_filter+0x10/0x10
[  247.839976][ T9015]  __secure_computing+0x26c/0x3f0
[  247.841348][ T9015]  syscall_trace_enter+0x8b/0x240
[  247.842753][ T9015]  __do_fast_syscall_32+0xc2/0x120
[  247.844333][ T9015]  do_fast_syscall_32+0x32/0x80
[  247.845769][ T9015]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.847428][ T9015] RIP: 0023:0xf746e579
[  247.848521][ T9015] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.854848][ T9015] RSP: 002b:00000000f57565a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  247.857456][ T9015] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5756620
[  247.859884][ T9015] RDX: 000000000000000f RSI: 00000000f745bff4 RDI: 0000000000000000
[  247.862103][ T9015] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  247.864251][ T9015] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  247.866386][ T9015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.868471][ T9015]  </TASK>
[  247.869552][    C3] vkms_vblank_simulate: vblank timer overrun
[  247.871894][   T39] audit: type=1326 audit(1726574701.804:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.878073][   T39] audit: type=1326 audit(1726574701.804:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.884763][   T39] audit: type=1326 audit(1726574701.804:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.892010][   T39] audit: type=1326 audit(1726574701.804:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.898350][   T39] audit: type=1326 audit(1726574701.804:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.907825][   T39] audit: type=1326 audit(1726574701.814:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf746e579 code=0x7ffc0000
[  247.913880][   T39] audit: type=1326 audit(1726574701.814:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9014 comm="syz.2.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[  248.300429][ T9027] : entered promiscuous mode
[  248.492003][ T9038] netlink: 16 bytes leftover after parsing attributes in process `syz.0.855'.
[  248.898777][ T5355] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  249.231023][  T982] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  249.423154][  T982] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  249.426335][  T982] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  249.432276][  T982] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  249.434949][  T982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.455075][ T9044] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  249.464478][  T982] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  249.820494][ T5502] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  250.016783][ T5502] usb 7-1: Using ep0 maxpacket: 32
[  250.019479][ T5502] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.022613][ T5502] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.025244][ T5502] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  250.039566][ T5502] usb 7-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  250.042330][ T5502] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.050257][ T5502] usb 7-1: config 0 descriptor??
[  250.136244][   T56] usb 5-1: USB disconnect, device number 10
[  250.446343][ T9066] netlink: 'syz.1.863': attribute type 1 has an invalid length.
[  250.448610][ T9066] netlink: 224 bytes leftover after parsing attributes in process `syz.1.863'.
[  250.664511][ T5502] usbhid 7-1:0.0: can't add hid device: -71
[  250.672016][ T5502] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  250.691677][ T5502] usb 7-1: USB disconnect, device number 14
[  250.693120][ T9070] random: crng reseeded on system resumption
[  252.548907][ T9099] FAULT_INJECTION: forcing a failure.
[  252.548907][ T9099] name failslab, interval 1, probability 0, space 0, times 0
[  252.554071][ T9099] CPU: 0 UID: 0 PID: 9099 Comm: syz.1.872 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  252.556902][ T9099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.560241][ T9099] Call Trace:
[  252.561595][ T9099]  <TASK>
[  252.562654][ T9099]  dump_stack_lvl+0x16c/0x1f0
[  252.564338][ T9099]  should_fail_ex+0x497/0x5b0
[  252.565557][ T9099]  should_failslab+0xc2/0x120
[  252.566733][ T9099]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  252.568036][ T9099]  ? skb_clone+0x190/0x3f0
[  252.569190][ T9099]  skb_clone+0x190/0x3f0
[  252.570230][ T9099]  netlink_deliver_tap+0xb26/0xcf0
[  252.571495][ T9099]  netlink_dump+0xb2d/0xcc0
[  252.572752][ T9099]  ? __pfx_netlink_dump+0x10/0x10
[  252.574036][ T9099]  ? kasan_save_track+0x14/0x30
[  252.575241][ T9099]  ? __kasan_kmalloc+0xaa/0xb0
[  252.576421][ T9099]  ? genl_start+0x677/0x950
[  252.577727][ T9099]  __netlink_dump_start+0x6d9/0x980
[  252.579019][ T9099]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  252.580496][ T9099]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  252.582055][ T9099]  ? genl_op_from_small+0x25/0x440
[  252.583368][ T9099]  ? __pfx_genl_start+0x10/0x10
[  252.584613][ T9099]  ? __pfx_genl_dumpit+0x10/0x10
[  252.585913][ T9099]  ? __pfx_genl_done+0x10/0x10
[  252.587185][ T9099]  ? bpf_lsm_capable+0x9/0x10
[  252.588555][ T9099]  ? security_capable+0x7e/0x260
[  252.590026][ T9099]  ? ns_capable+0xd7/0x110
[  252.591428][ T9099]  genl_rcv_msg+0x470/0x800
[  252.592851][ T9099]  ? __pfx_genl_rcv_msg+0x10/0x10
[  252.594163][ T9099]  ? __pfx_batadv_gw_dump+0x10/0x10
[  252.595526][ T9099]  ? __pfx_genl_rcv_msg+0x10/0x10
[  252.596851][ T9099]  ? netlink_rcv_skb+0x143/0x410
[  252.598154][ T9099]  netlink_rcv_skb+0x165/0x410
[  252.599400][ T9099]  ? __pfx_genl_rcv_msg+0x10/0x10
[  252.600725][ T9099]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  252.602104][ T9099]  ? down_read+0xc9/0x330
[  252.603137][ T9099]  ? __pfx_down_read+0x10/0x10
[  252.604305][ T9099]  ? netlink_deliver_tap+0x1ae/0xcf0
[  252.605580][ T9099]  genl_rcv+0x28/0x40
[  252.606541][ T9099]  netlink_unicast+0x53c/0x7f0
[  252.607682][ T9099]  ? __pfx_netlink_unicast+0x10/0x10
[  252.608991][ T9099]  ? __phys_addr_symbol+0x30/0x80
[  252.610252][ T9099]  ? __check_object_size+0x497/0x720
[  252.611822][ T9099]  netlink_sendmsg+0x8b8/0xd70
[  252.613396][ T9099]  ? __pfx_netlink_sendmsg+0x10/0x10
[  252.615073][ T9099]  ____sys_sendmsg+0x9ae/0xb40
[  252.616525][ T9099]  ? __pfx_____sys_sendmsg+0x10/0x10
[  252.617905][ T9099]  ? get_compat_msghdr+0x11b/0x170
[  252.619249][ T9099]  ? __pfx___lock_acquire+0x10/0x10
[  252.620628][ T9099]  ___sys_sendmsg+0x135/0x1e0
[  252.621865][ T9099]  ? __pfx____sys_sendmsg+0x10/0x10
[  252.623234][ T9099]  ? find_held_lock+0x2d/0x110
[  252.624555][ T9099]  ? ksys_write+0x21c/0x260
[  252.625761][ T9099]  ? __fget_light+0x173/0x210
[  252.627039][ T9099]  __sys_sendmsg+0x117/0x1f0
[  252.628277][ T9099]  ? __pfx___sys_sendmsg+0x10/0x10
[  252.629652][ T9099]  __do_fast_syscall_32+0x73/0x120
[  252.630996][ T9099]  do_fast_syscall_32+0x32/0x80
[  252.632339][ T9099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.633993][ T9099] RIP: 0023:0xf7f87579
[  252.635095][ T9099] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  252.640242][ T9099] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  252.642425][ T9099] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000400
[  252.644585][ T9099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  252.646655][ T9099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  252.648525][ T9099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  252.650383][ T9099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  252.652473][ T9099]  </TASK>
[  253.181146][ T9102] MTD: Attempt to mount non-MTD device "/dev/nbd2"
[  253.189286][ T9102] cramfs: wrong magic
[  253.211118][ T9106] netlink: 'syz.1.874': attribute type 1 has an invalid length.
[  253.213665][ T9106] netlink: 224 bytes leftover after parsing attributes in process `syz.1.874'.
[  253.221566][ T9102] (unnamed net_device) (uninitialized): option arp_validate: invalid value (524288)
[  253.238340][ T9102] netlink: 16 bytes leftover after parsing attributes in process `syz.2.873'.
[  253.424228][ T9116] binder_alloc: 9107: binder_alloc_buf size -168 failed, no address space
[  253.427237][ T9116] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[  253.517376][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  253.517386][   T39] audit: type=1326 audit(1726574707.524:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9121 comm="syz.0.880" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x0
[  254.084791][ T9130] netlink: 16 bytes leftover after parsing attributes in process `syz.1.882'.
[  254.798642][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.885'.
[  254.985339][ T9158] netlink: 'syz.1.890': attribute type 1 has an invalid length.
[  254.987387][ T9158] netlink: 224 bytes leftover after parsing attributes in process `syz.1.890'.
[  255.128454][   T39] audit: type=1326 audit(1726574709.134:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.3.891" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x0
[  255.232660][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  255.532793][ T9170] netlink: 'syz.0.893': attribute type 10 has an invalid length.
[  255.538572][ T9170] netlink: 40 bytes leftover after parsing attributes in process `syz.0.893'.
[  255.542196][ T9170] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  255.548805][ T5355] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  255.830072][ T5406] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  256.061576][ T5406] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  256.067252][ T5406] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  256.070843][ T5406] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  256.073266][ T5406] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.090767][ T9168] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  256.106397][ T5406] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  257.063402][ T5406] usb 7-1: USB disconnect, device number 15
[  257.320262][ T6712] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  257.518397][ T6712] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.529182][ T6712] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.533629][ T6712] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  257.537030][ T6712] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.563497][ T6712] usb 8-1: config 0 descriptor??
[  257.752089][   T39] audit: type=1326 audit(1726574711.764:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.758744][   T39] audit: type=1326 audit(1726574711.764:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=75 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.770629][   T39] audit: type=1326 audit(1726574711.764:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.786772][   T39] audit: type=1326 audit(1726574711.764:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.799633][   T39] audit: type=1326 audit(1726574711.774:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.817364][   T39] audit: type=1326 audit(1726574711.774:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.830016][   T39] audit: type=1326 audit(1726574711.774:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.857623][   T39] audit: type=1326 audit(1726574711.774:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.0.902" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  257.875042][ T9203] netlink: 'syz.0.903': attribute type 1 has an invalid length.
[  257.877364][ T9203] netlink: 224 bytes leftover after parsing attributes in process `syz.0.903'.
[  258.487767][ T9230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  258.509784][ T9230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  258.541040][   T39] kauditd_printk_skb: 105 callbacks suppressed
[  258.541052][   T39] audit: type=1326 audit(1726574712.534:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  258.548343][   T39] audit: type=1326 audit(1726574712.534:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  258.554181][   T39] audit: type=1326 audit(1726574712.544:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  258.563420][   T39] audit: type=1326 audit(1726574712.544:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f445a7 code=0x7ffc0000
[  258.575404][   T39] audit: type=1326 audit(1726574712.544:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  258.581734][   T39] audit: type=1326 audit(1726574712.544:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f445a7 code=0x7ffc0000
[  258.587210][   T39] audit: type=1326 audit(1726574712.544:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  258.593298][   T39] audit: type=1326 audit(1726574712.544:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f445a7 code=0x7ffc0000
[  258.601288][   T39] audit: type=1326 audit(1726574712.544:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  258.609648][   T39] audit: type=1326 audit(1726574712.544:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9215 comm="syz.0.906" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f445a7 code=0x7ffc0000
[  258.901764][ T6712] usbhid 8-1:0.0: can't add hid device: -71
[  258.903389][ T6712] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  258.907210][ T6712] usb 8-1: USB disconnect, device number 11
[  259.330119][ T1413] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  259.528159][ T1413] usb 5-1: Using ep0 maxpacket: 8
[  259.556282][ T1413] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  259.559338][ T1413] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  259.565520][ T1413] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  259.568195][ T1413] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  259.573318][ T1413] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  259.575802][ T1413] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.784847][ T1413] usb 5-1: usb_control_msg returned -32
[  259.786387][ T1413] usbtmc 5-1:16.0: can't read capabilities
[  260.082677][ T9252] netlink: 'syz.2.914': attribute type 1 has an invalid length.
[  260.085053][ T9252] netlink: 224 bytes leftover after parsing attributes in process `syz.2.914'.
[  260.688300][ T9267] netlink: 12 bytes leftover after parsing attributes in process `syz.2.920'.
[  260.740940][ T9271] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.921'.
[  260.812208][ T1102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x20f78 pfn:0x6cfd8
[  260.816575][ T1102] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  260.818672][ T1102] raw: 04fff00000000000 ffffea0001b3f648 ffffea0001af2708 0000000000000000
[  260.823752][ T1102] raw: 0000000000020f78 0000000000000000 00000000ffffffff 0000000000000000
[  260.826152][ T1102] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[  260.829291][ T1102] page_owner tracks the page as freed
[  260.833554][ T1102] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 9252, tgid 9251 (syz.2.914), ts 260496135827, free_ts 260590666574
[  260.839314][ T1102]  post_alloc_hook+0x2d1/0x350
[  260.841486][ T1102]  get_page_from_freelist+0x1351/0x2e50
[  260.843322][ T1102]  __alloc_pages_noprof+0x22b/0x2460
[  260.844826][ T1102]  alloc_pages_mpol_noprof+0x275/0x610
[  260.846809][ T1102]  folio_alloc_mpol_noprof+0x36/0xd0
[  260.848753][ T1102]  vma_alloc_folio_noprof+0xee/0x1b0
[  260.851459][ T1102]  do_wp_page+0xf59/0x3360
[  260.853222][ T1102]  __handle_mm_fault+0x23c4/0x5470
[  260.854989][ T1102]  handle_mm_fault+0x498/0xa60
[  260.856638][ T1102]  do_user_addr_fault+0x7a3/0x13f0
[  260.859467][ T1102]  exc_page_fault+0x5c/0xc0
[  260.862125][ T1102]  asm_exc_page_fault+0x26/0x30
[  260.863979][ T1102] page last free pid 9251 tgid 9251 stack trace:
[  260.865796][ T1102]  free_unref_folios+0x9e9/0x1390
[  260.867408][ T1102]  folios_put_refs+0x560/0x760
[  260.869205][ T1102]  free_pages_and_swap_cache+0x36d/0x510
[  260.872002][ T1102]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  260.873911][ T1102]  tlb_flush_mmu+0xe9/0x590
[  260.875199][ T1102]  unmap_page_range+0x1c74/0x3bf0
[  260.876618][ T1102]  unmap_single_vma+0x194/0x2b0
[  260.878364][ T1102]  unmap_vmas+0x22f/0x490
[  260.880660][ T1102]  exit_mmap+0x1b8/0xb20
[  260.882436][ T1102]  __mmput+0x12a/0x480
[  260.883924][ T1102]  mmput+0x62/0x70
[  260.885036][ T1102]  do_exit+0x9bf/0x2bb0
[  260.886225][ T1102]  do_group_exit+0xd3/0x2a0
[  260.887680][ T1102]  __ia32_sys_exit_group+0x3e/0x50
[  260.889608][ T1102]  ia32_sys_call+0x13f8/0x1bb0
[  260.891961][ T1102]  __do_fast_syscall_32+0x73/0x120
[  260.895236][ T1102] ------------[ cut here ]------------
[  260.897100][ T1102] kernel BUG at include/linux/mm.h:1460!
[  260.899089][ T1102] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  260.902202][ T1102] CPU: 1 UID: 0 PID: 1102 Comm: kworker/u32:7 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  260.906808][ T1102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.910462][ T1102] Workqueue: writeback wb_workfn (flush-9p-7)
[  260.912552][ T1102] RIP: 0010:__iov_iter_get_pages_alloc+0x1d1e/0x2240
[  260.914823][ T1102] Code: b0 8b 48 89 df e8 32 4b 4e fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 f2 db 09 fd 48 c7 c6 20 44 b0 8b 4c 89 e7 e8 13 4b 4e fd 90 <0f> 0b e8 db db 09 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
[  260.921398][ T1102] RSP: 0018:ffffc900063aeb48 EFLAGS: 00010293
[  260.923477][ T1102] RAX: 0000000000000000 RBX: 000000000000001b RCX: 0000000000000000
[  260.926168][ T1102] RDX: ffff888025a74880 RSI: ffffffff848148dd RDI: ffff888025a74cc4
[  260.928832][ T1102] RBP: ffffea0001b3f634 R08: 0000000000000001 R09: fffffbfff2d27916
[  260.931396][ T1102] R10: ffffffff9693c8b7 R11: ffff88802b828a40 R12: ffffea0001b3f600
[  260.933437][ T1102] R13: ffff88801200b400 R14: 0000000000001000 R15: 0000000000001000
[  260.935474][ T1102] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  260.937941][ T1102] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  260.940167][ T1102] CR2: 0000000056d7c448 CR3: 000000006295c000 CR4: 0000000000350ef0
[  260.942501][ T1102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  260.944536][ T1102] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  260.946559][ T1102] Call Trace:
[  260.947437][ T1102]  <TASK>
[  260.948234][ T1102]  ? show_regs+0x8c/0xa0
[  260.949697][ T1102]  ? die+0x36/0xa0
[  260.951015][ T1102]  ? do_trap+0x232/0x430
[  260.952502][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  260.954568][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  260.956343][ T1102]  ? do_error_trap+0xf4/0x230
[  260.957573][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  260.959404][ T1102]  ? handle_invalid_op+0x34/0x40
[  260.961133][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  260.963222][ T1102]  ? exc_invalid_op+0x2e/0x50
[  260.964706][ T1102]  ? asm_exc_invalid_op+0x1a/0x20
[  260.966017][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1d/0x2240
[  260.967780][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  260.969688][ T1102]  ? __iov_iter_get_pages_alloc+0x1d1d/0x2240
[  260.971654][ T1102]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  260.973272][ T1102]  ? delete_node+0x207/0x8e0
[  260.974465][ T1102]  iov_iter_get_pages_alloc2+0x53/0xf0
[  260.975874][ T1102]  p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0
[  260.977616][ T1102]  ? p9pdu_vwritef+0x368/0x21d0
[  260.978993][ T1102]  ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10
[  260.981480][ T1102]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  260.983253][ T1102]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  260.985002][ T1102]  ? p9_tag_alloc+0x4cc/0x870
[  260.986599][ T1102]  ? __pfx_lock_release+0x6/0x10
[  260.988293][ T1102]  p9_virtio_zc_request+0x1ac/0x1460
[  260.990114][ T1102]  ? p9pdu_writef+0xc4/0x100
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  260.991697][ T1102]  ? __pfx_p9pdu_writef+0x10/0x10
[  260.993679][ T1102]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  260.995033][ T1102]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  260.996499][ T1102]  ? rcu_is_watching+0x12/0xc0
[  260.997748][ T1102]  ? trace_9p_protocol_dump+0x192/0x220
[  260.999504][ T1102]  ? rcu_is_watching+0x12/0xc0
[  261.001070][ T1102]  ? p9_client_prepare_req+0x111/0x4d0
[  261.002819][ T1102]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  261.004962][ T1102]  p9_client_zc_rpc.constprop.0+0x29a/0x880
[  261.006780][ T1102]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  261.008764][ T1102]  ? lockdep_hardirqs_on+0x7c/0x110
[  261.010377][ T1102]  ? kmem_cache_free+0x12f/0x3a0
[  261.011887][ T1102]  ? p9_req_put+0x1c6/0x250
[  261.013298][ T1102]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  261.015153][ T1102]  p9_client_write+0x447/0x680
[  261.016642][ T1102]  ? __pfx_p9_client_write+0x10/0x10
[  261.018265][ T1102]  v9fs_issue_write+0xe2/0x180
[  261.019747][ T1102]  ? __pfx_v9fs_issue_write+0x10/0x10
[  261.021409][ T1102]  ? rcu_is_watching+0x12/0xc0
[  261.022880][ T1102]  ? trace_netfs_sreq+0x193/0x220
[  261.024425][ T1102]  netfs_do_issue_write+0x92/0x110
[  261.025990][ T1102]  netfs_advance_write+0x384/0xbd0
[  261.027561][ T1102]  ? netfs_buffer_append_folio+0x569/0x750
[  261.029359][ T1102]  netfs_write_folio+0xc44/0x18f0
[  261.030992][ T1102]  netfs_writepages+0x2ba/0xb90
[  261.032502][ T1102]  ? __pfx_netfs_writepages+0x10/0x10
[  261.034150][ T1102]  ? __pfx_netfs_writepages+0x10/0x10
[  261.035785][ T1102]  do_writepages+0x1a3/0x7f0
[  261.037219][ T1102]  ? __pfx_do_writepages+0x10/0x10
[  261.038785][ T1102]  ? reacquire_held_locks+0x20b/0x4c0
[  261.040434][ T1102]  ? writeback_sb_inodes+0x3b4/0xfb0
[  261.041903][ T1102]  ? find_held_lock+0x2d/0x110
[  261.043389][ T1102]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  261.045286][ T1102]  ? __pfx_lock_release+0x10/0x10
[  261.046848][ T1102]  __writeback_single_inode+0x166/0xfa0
[  261.048554][ T1102]  ? __pfx___writeback_single_inode+0x10/0x10
[  261.050437][ T1102]  ? _raw_spin_unlock+0x28/0x50
[  261.051950][ T1102]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  261.054029][ T1102]  writeback_sb_inodes+0x611/0xfb0
[  261.055474][ T1102]  ? __pfx___lock_acquire+0x10/0x10
[  261.056948][ T1102]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  261.058578][ T1102]  ? __pfx___lock_acquire+0x10/0x10
[  261.060511][ T1102]  ? _raw_spin_unlock+0x28/0x50
[  261.062199][ T1102]  ? move_expired_inodes+0x5a3/0x850
[  261.063584][ T1102]  __writeback_inodes_wb+0xff/0x2e0
[  261.065077][ T1102]  ? __pfx___writeback_inodes_wb+0x10/0x10
[  261.066840][ T1102]  ? queue_io+0x3f8/0x520
[  261.068130][ T1102]  wb_writeback+0x721/0xb50
[  261.069467][ T1102]  ? __pfx_wb_writeback+0x10/0x10
[  261.070819][ T1102]  wb_workfn+0x8c4/0xf40
[  261.071997][ T1102]  ? __pfx_wb_workfn+0x10/0x10
[  261.073261][ T1102]  ? __pfx_lock_acquire+0x10/0x10
[  261.074608][ T1102]  process_one_work+0x958/0x1ad0
[  261.075893][ T1102]  ? __pfx_lock_acquire+0x10/0x10
[  261.077273][ T1102]  ? __pfx_process_one_work+0x10/0x10
[  261.078672][ T1102]  ? assign_work+0x1a0/0x250
[  261.079914][ T1102]  worker_thread+0x6c8/0xf00
[  261.081145][ T1102]  ? __pfx_worker_thread+0x10/0x10
[  261.082487][ T1102]  kthread+0x2c1/0x3a0
[  261.083556][ T1102]  ? _raw_spin_unlock_irq+0x23/0x50
[  261.084919][ T1102]  ? __pfx_kthread+0x10/0x10
[  261.086132][ T1102]  ret_from_fork+0x45/0x80
[  261.087308][ T1102]  ? __pfx_kthread+0x10/0x10
[  261.088527][ T1102]  ret_from_fork_asm+0x1a/0x30
[  261.089791][ T1102]  </TASK>
[  261.090624][ T1102] Modules linked in:
[  261.105846][ T1102] ---[ end trace 0000000000000000 ]---
[  261.107313][ T1102] RIP: 0010:__iov_iter_get_pages_alloc+0x1d1e/0x2240
[  261.109206][ T1102] Code: b0 8b 48 89 df e8 32 4b 4e fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 f2 db 09 fd 48 c7 c6 20 44 b0 8b 4c 89 e7 e8 13 4b 4e fd 90 <0f> 0b e8 db db 09 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
[  261.114785][ T1102] RSP: 0018:ffffc900063aeb48 EFLAGS: 00010293
[  261.116395][ T1102] RAX: 0000000000000000 RBX: 000000000000001b RCX: 0000000000000000
[  261.118448][ T1102] RDX: ffff888025a74880 RSI: ffffffff848148dd RDI: ffff888025a74cc4
[  261.120763][ T1102] RBP: ffffea0001b3f634 R08: 0000000000000001 R09: fffffbfff2d27916
[  261.122870][ T1102] R10: ffffffff9693c8b7 R11: ffff88802b828a40 R12: ffffea0001b3f600
[  261.125050][ T1102] R13: ffff88801200b400 R14: 0000000000001000 R15: 0000000000001000
[  261.127065][ T1102] FS:  0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000
[  261.129395][ T1102] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  261.131220][ T1102] CR2: 0000000056d7c4ac CR3: 0000000059200000 CR4: 0000000000350ef0
[  261.133293][ T1102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  261.135356][ T1102] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  261.137422][ T1102] Kernel panic - not syncing: Fatal exception
[  261.139665][ T1102] Kernel Offset: disabled
[  261.140818][ T1102] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:05:15  Registers:
info registers vcpu 0

CPU#0
RAX=000000003da2c3fe RBX=000000003da2c3fe RCX=ffff88805501a180 RDX=00000000de41c322
RSI=00000000fbda70c4 RDI=0000000053bcbb63 RBP=0000000000000001 RSP=ffffc900030867d8
R8 =0000000000000001 R9 =ffff88807dcc3fe0 R10=0000000000000000 R11=dffffc0000000000
R12=0000000000141cca R13=ffffc90003086858 R14=0000000000000010 R15=0000000000000010
RIP=ffffffff84b1f995 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5713e8c CR3=000000005f5cc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fcd3b5 RDI=ffffffff9a5e9460 RBP=ffffffff9a5e9420 RSP=ffffc900063ae4d8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552031203a555043
R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fcd350 R15=0000000000000000
RIP=ffffffff84fcd3df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000056d7c448 CR3=000000006295c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000014 RCX=ffffffff84890b1b RDX=ffff888023f64880
RSI=0000000000000008 RDI=0000000000000001 RBP=ffffc9000359f508 RSP=ffffc9000359f3b0
R8 =0000000000000001 R9 =0000000000000008 R10=0000000000000004 R11=dffffc0000000000
R12=ffffffff8bb14891 R13=0000000000000001 R14=0000000000000003 R15=0000000000000004
RIP=ffffffff818b27bd RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f34a6ca1d00 ffffffff 00c00000
GS =0000 ffff88802b800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000563d411eb000 CR3=000000004806e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=8d14209e8d14209e 8d14209e8d14209e 8d14209e8d14209e 8d14209e8d14209e 8d14209e8d14209e 8d14209e8d14209e 8d14209e8d14209e 8d14209e8d14209e
ZMM22=a21ceab3a21ceab3 a21ceab3a21ceab3 a21ceab3a21ceab3 a21ceab3a21ceab3 a21ceab3a21ceab3 a21ceab3a21ceab3 a21ceab3a21ceab3 a21ceab3a21ceab3
ZMM23=b2b8892eb2b8892e b2b8892eb2b8892e b2b8892eb2b8892e b2b8892eb2b8892e b2b8892eb2b8892e b2b8892eb2b8892e b2b8892eb2b8892e b2b8892eb2b8892e
ZMM24=1b9036dc1b9036dc 1b9036dc1b9036dc 1b9036dc1b9036dc 1b9036dc1b9036dc 1b9036dc1b9036dc 1b9036dc1b9036dc 1b9036dc1b9036dc 1b9036dc1b9036dc
ZMM25=4774464f4774464f 4774464f4774464f 4774464f4774464f 4774464f4774464f 4774464f4774464f 4774464f4774464f 4774464f4774464f 4774464f4774464f
ZMM26=61c4caa361c4caa3 61c4caa361c4caa3 61c4caa361c4caa3 61c4caa361c4caa3 61c4caa361c4caa3 61c4caa361c4caa3 61c4caa361c4caa3 61c4caa361c4caa3
ZMM27=13ecfcee13ecfcee 13ecfcee13ecfcee 13ecfcee13ecfcee 13ecfcee13ecfcee 13ecfcee13ecfcee 13ecfcee13ecfcee 13ecfcee13ecfcee 13ecfcee13ecfcee
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=b9070000b9070000 b9070000b9070000 b9070000b9070000 b9070000b9070000 b9070000b9070000 b9070000b9070000 b9070000b9070000 b9070000b9070000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=1ffff920001cbec0 RCX=ffffffff81694e29 RDX=fffffbfff2036674
RSI=0000000000000008 RDI=ffffffff901b3398 RBP=0000000000000003 RSP=ffffc90000e5f5e8
R8 =0000000000000000 R9 =fffffbfff2036673 R10=ffffffff901b339f R11=0000000000000000
R12=ffffffff8ddb9b60 R13=ffff88801ced6000 R14=000000000003d8cc R15=ffffc90000e5f888
RIP=ffffffff8171abf0 RFL=00000247 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7445008 CR3=000000005fed8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000