last executing test programs:

9.444068747s ago: executing program 1 (id=18009):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
syz_io_uring_setup(0x6291, &(0x7f0000000340)={0x0, 0x722f, 0x400, 0x2}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x11c, 0x0, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_emit_ethernet(0x11e, &(0x7f00000003c0)=ANY=[], 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bind$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000000c0), 0x4)
socket(0x10, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
epoll_create1(0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1a, 0x4, 0x3ff, 0x80000001, 0x4, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x48)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x2c)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
landlock_restrict_self(0xffffffffffffffff, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5)
ioctl$TIOCL_PASTESEL(r5, 0x541c, &(0x7f00000010c0))

8.286370296s ago: executing program 1 (id=18015):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
socketpair(0x2b, 0x1, 0x0, &(0x7f0000000340))
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000f, 0x40a2012, r1, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(r1, 0x8004500b, &(0x7f0000000080))
r2 = io_uring_setup(0x4d63, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x20)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000000300)=""/131, &(0x7f0000000100)=0x83)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fc00100}, {0x100, 0x3, 0xe, 0xfffffeff}, {0x5, 0x5, 0x9, 0xffff}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000500)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000180)={r6})

6.795223208s ago: executing program 1 (id=18021):
r0 = syz_open_dev$dri(0x0, 0x20, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000400)={0x8})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x2000000000000144, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000100)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x3)
r2 = syz_open_dev$radio(&(0x7f0000000640), 0x0, 0x2)
read(r2, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet(0x2, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0xa, &(0x7f0000000640)=[0x0, 0x0, 0x0], &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0x6b, &(0x7f00000003c0), 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000880), 0x8, 0xd0, 0x8, 0x8, &(0x7f00000008c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000e40aaa1ba2a7f2bab7d791e1933fc37f2fe63da3f93a41ab609ce1655fa197358a132819330f1504ea214e047c40e104", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000200)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r3, @ANYRES32, @ANYRES16], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r7}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000580)=0x2040)
writev(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000b40)="a4738085ef1bef4dc6eff75cae65e769d7703af9f52d20a06ff3768fb6f6ab401114bb53f49afdbb0e59ab8a10164ef628479ad0f2cd89472e9a866eefe2aadcf1076aacf3343350f627e2d339265a43f4811014eb9c2b547281827e11c49817cf401d2ac3cb36e684fc4b1f7b200269f765da71095b7e92f06da87f3674635a1057ecc92eb0fe2fd85382d88cef8bc689a05a036f691f8fa897db23fc0de86bc86bbdf3a232cd9987eeec9ea41119ce0a2e503b1a339c4c2e67ccebf80b823da3fab3a3fc530c11f1c18d26cfe90f319bca4f25935121b36c07c6b390551db2dd9d7be7b2ead6abf6992ebedaa0421097497e9f8ac83481e3c66666c7e3082b5952997d20f03e3cb4e817c67b1323ca823cf395228fc2bff0ad98fac98a40", 0x11f}, {&(0x7f0000000080)="e13b071424635b5bb59f5aa8a608e173e53e6284b1f27983de3eeafa0418173ad1f683d89742f9b4cebe1f9ae21955ed30fee09d41d53d6b393e825e0641621655f9ece3288110bcf6b405ce98b753de0b086ccc8c7c36c8871aa3e06994c11c7523dbdba0d9dd6344b3fae9dd22c74bf69770ad41f3b45649b1dc", 0x7b}, {&(0x7f00000002c0)="77f79cb5631deed85df8afa6b2b93adff0e966b7f9d3dfe538b599a5f6558b6d55fefea56cb6c888f133d70a204c4a6cf5fd43f32c10885c5b95b98643186b0f6bd9ed3cceebb9c39b838be140f9530361a8d32ba69acbf84054c1a7b6e4c0cf6ca40374695e69aab375f0704944a46fe35df1e679839be4d4a62137fe8e07acd75c80f1db2d5a0852210c34e18a4816a1bb847e9101ee71805b0726b335d63e80185a18f622add8b35e9df84a70485bb620baa8ababcd989fd784c34895f92314c4717d17bb6f2ec18d815e", 0xcc}, {&(0x7f0000000780)}, {&(0x7f0000000500)="a6309676e976e6a2cea14d4e70d3e03ee80610db92ddf32fc563ca03773f3e838fdfc18582ff856bf7337b", 0x2b}, {&(0x7f0000000400)="35018f46a8744ac47b0985038e7bbab195f1fe632d0c0ad41fa1ff292ca962b9e4dba306ca9140923a6b410e8802b49d2ebd35b916373c7762f45df5a878e04ff9b9d719dcc894894adc6f2cddd2735d371b087afc30471af3590481908d04a2697b4eb6d5d7842fc3e335ba6a159f7abf6fc8e40a", 0x75}], 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000", 0x36}], 0x1)
r8 = socket$inet_icmp(0x2, 0x2, 0x1)
sendto$inet(r8, &(0x7f0000000800)="3cc8d3d187c48966817399c8ab5283061b49b1627a758cd5ac62a432059eaac7efd60405cfec55af4259607ed57e5bd8b98d613ff4c73304c65804b17a78008ca4d5860c93114773dcfcefbe5a1c5bd866afc2f893f5d31244a487e6af0abc4b37a47e62f43e313d2af79c5a43fe2f07db79e5a1c155c00f47e52507", 0x7c, 0x24000800, &(0x7f0000000280)={0x2, 0x4e23, @multicast2}, 0x10)
r9 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00", @ANYRES32], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r10, &(0x7f0000000180)=""/97, 0x61)
write$char_usb(r10, &(0x7f00000004c0)="04", 0x1)
syz_usb_disconnect(r9)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @loopback, @empty}, 0xc)

5.814350796s ago: executing program 3 (id=18025):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
socketpair(0x2b, 0x1, 0x0, &(0x7f0000000340))
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000f, 0x40a2012, r1, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(r1, 0x8004500b, &(0x7f0000000080))
r2 = io_uring_setup(0x4d63, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x20)
getsockopt$IP_VS_SO_GET_SERVICES(r4, 0x0, 0x482, &(0x7f0000000300)=""/131, &(0x7f0000000100)=0x83)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fc00100}, {0x100, 0x3, 0xe, 0xfffffeff}, {0x5, 0x5, 0x9, 0xffff}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000500)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r7})

3.953822676s ago: executing program 3 (id=18031):
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
syz_usbip_server_init(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0)
ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000500))
pipe2(&(0x7f0000000180)={<r1=>0xffffffffffffffff}, 0x0)
timerfd_settime(r1, 0x0, &(0x7f0000000380)={{0x77359400}}, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x400100, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0))
preadv(0xffffffffffffffff, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
mbind(&(0x7f0000596000/0x3000)=nil, 0x303f, 0x0, 0x0, 0x0, 0x3)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3400000010001ff700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000140012800b000100626174616476"], 0x34}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f0000000240)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0006001000130400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006e657464657673696d3000000000000008000a00", @ANYRES32=r6, @ANYBLOB], 0x3c}}, 0x0)

3.509227774s ago: executing program 1 (id=18033):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'raw\x00', 0x0, [0x9, 0x200, 0x9, 0xc0000000, 0x40]}, &(0x7f0000000080)=0x54)
setsockopt$MRT6_DONE(0xffffffffffffffff, 0x29, 0xc9, 0x0, 0x0)
close(r0)
getsockopt$IP_SET_OP_GET_FNAME(r0, 0x1, 0x53, &(0x7f00000000c0)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f0000000100)=0x2c)
splice(r0, &(0x7f0000000140)=0x9, r0, &(0x7f0000000180)=0xdf1, 0x8, 0x4)
ioctl$SG_GET_KEEP_ORPHAN(0xffffffffffffffff, 0x2288, &(0x7f00000001c0))
r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000240), 0x6, 0x400)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000280), 0x802, 0x0)
ioctl$UI_DEV_CREATE(r3, 0x5501)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f00000002c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r4 = syz_open_dev$vcsu(&(0x7f0000000500), 0x9, 0x101000)
sendmsg$IPSET_CMD_RENAME(r4, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0x88, 0x5, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x88}, 0x1, 0x0, 0x0, 0x480}, 0x40000)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP(r5, 0xd0009412, &(0x7f0000000700)={0x0, 0x8})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001700))
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000001740)={@local, 0x4, 0x0, 0x3, 0x0, 0xd1, 0x1}, &(0x7f0000001780)=0x20)
getsockopt$inet_buf(r0, 0x0, 0x2b, &(0x7f00000017c0)=""/228, &(0x7f00000018c0)=0xe4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r7, &(0x7f0000001a40)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001a00)={&(0x7f0000001940)={0x8c, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0xf751}, {0x8, 0x15, 0x7}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0xa345}, {0x8, 0x15, 0x1436}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8080}, 0x4000)
ioctl$CDROMREADTOCENTRY(r4, 0x5306, &(0x7f0000001a80)={0xf3, 0x5, 0xb, 0x2, @lba=0x3, 0x9})
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000001b00), 0xffffffffffffffff)
sendmsg$NBD_CMD_STATUS(r8, &(0x7f0000001bc0)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b40)={0x1c, r9, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x48804)
syz_genetlink_get_family_id$ipvs(&(0x7f0000001c00), 0xffffffffffffffff)

3.350455689s ago: executing program 1 (id=18034):
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
syz_usbip_server_init(0x3)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x2, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0xe9, &(0x7f0000000240)=""/233}, 0x90)
sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
creat(&(0x7f0000000000)='./bus\x00', 0x0)
pselect6(0x40, &(0x7f0000000500), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x6, 0xff8d, 0x0, 0x0)
ioctl$EVIOCRMFF(r1, 0x40085503, &(0x7f0000000500)=0x8)
pipe2(&(0x7f0000000180)={<r2=>0xffffffffffffffff}, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000380)={{0x77359400}}, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x402303, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0))
preadv(0xffffffffffffffff, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000010000100120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000134000000140a03000000f00000000000020000000900010073797a300000000008000340000000010c0006400000000000000002140000001100010000000000000000000000000a"], 0x98}}, 0x0)

3.111948316s ago: executing program 3 (id=18035):
r0 = creat(0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x49, &(0x7f0000000000), 0x4)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = accept4$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f00000000c0)=0x10, 0x0)
close(r3)
ptrace(0x10, r2)
ptrace$peeksig(0x4209, r2, &(0x7f0000000180)={0x0, 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=<r8=>0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, 0x0, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}]}, 0x1c}}, 0x0)
read$nci(r7, &(0x7f0000000200)=""/100, 0x64)
write$nci(r7, &(0x7f0000000280)=ANY=[@ANYBLOB="408000000000"], 0x6)
read$nci(r7, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r7, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r7, &(0x7f0000000380)=""/100, 0x64)
write$nci(r7, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r10, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
io_setup(0x3, &(0x7f0000000000)=<r11=>0x0)
timerfd_create(0x0, 0x0)
io_submit(r11, 0x8, &(0x7f000001abc0)=[&(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x5, r1, 0x0}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x6, 0x401, 0xffffffffffffffff, &(0x7f0000000ac0)="8eeb936550a6f21be460d9bcdee134773e0f02eb2f27606db65d9dcf117ca7da8e3ee854a75a852bb98b8718ff5799b243cea694e98b9805d0bc0c0f30bd66220698302add8639d3a2fdf1900757242f54b521f64caf24767ed1ff96c8f6d71ccf2ff67ed9076520518a65cbe6424190e5001e7c8180462e98963ff8162e8be7a58174d270a79ddc3af1e2013068a0b85c06a6a4728c747299bd69de0d381f51926094fd9915f8da80ad389ed3854f204738b4487a06b0f8c4c96aa217707aadf45c86ed7a3d510141703eefc5e219f255a9083b5253062bbfb7e79edd478c280c7f477b4069d6f56652c98bb5457da0adfd06c24c2639d8e03df33aff662a251cd32236f94e50984f1973eb6d10b8ab416b3ccaf4caefe7054746da7e173493ffa873740415564f85cabe64175bf8b72265e10aa26366ae362da78c425257286c591abac897238bc99e8178ac9c7712757a16d022509ba3acd895d61a6d9e0e2bf5533f270171edde62f098518cebb124c6350742599c527c9b92ec1fa6fd3296ec3155fa2eafd4034abf481122c5ca7c83bc0f9cef6c22c8435846ac071d41aa7c6394562c0f21766bd0d7191de643ffa65266c2e9300cec6a66dd1be51f34bcd8c4678639dacf271d2ace64d4df165bf9d2c53600042ee01acae41e2f558a469b0354ee705733be8b3d262f34de96a5fa71000ea5c3636810af0d30821a60580edd2bb9c8ac652526ee5add5a3b5c4b8fa723e62fb80792a6e115563580836fc9234911792f193d484d406983083ea5d271b1b1e1e99bcb47f8974978bb47cc1eb57e82545fb456187f63048c6be522405805fecfd549d625f0f9fc583a05fe09df6776146c7f03869473b84fe4dc1e2de18367876f274a7c320115f8677af00c1adc61c78455dd04b39143b95841003c801ae0933480910f59f0057744cb63acad9a96d6c30f1fb9d45f9ed03772f6cb73af437aa38df3760199cdf03ab673f6252c6d2709829651364c1f5c760435db5546e7cc677266661540fdf0bb8498cfcb426cd4dd3f20c31cfa4dbee8b290ed4076e062e2f0f1286a4b5e4f8670f739f80a1506804411a1af839380a261990d57583169c0702e8fc805cb58082fb8d27d22613830fa77d095a7f87027d62c7705769c18a4eed125e72b87f6ab15beec4eb21a88d64fed95d3addcc7196945d3e101a5bc2c40f249537eca2fb188b9447751544e6824624a105d09b4037c713ad3d43166fb71c64960128bece3e48591a1e698bdd6f4f209e0495c0eb089dfd117bd40c776ba838591f6e39be1c49b1bf748b2031efd1e1287068d7d8aba467a7dcfea31796fe8b590eecd3cdf62674a0a9ab1b56781f0e30e5225b9a25e7ca8fd67850a79861e283d56f21c8e0cf066304f7597a06abc26ae2662c2ba380854df6832d9f6a5827809c9026bff922ff38196a3ef84595cc20083694492861749a0baf346126caf777eca68b2b55f395d74dd910b39e88d595e2dd9ab6e63288b98b3226666101541b5b3d64efa6e7130cbf4e6f34c637a0f4b165f668d510f2fed5c58deec3f609da20430f627727722fe9aca51225267e0a430d8068bfd1760675e810d55facb446066938a3873469584e54e608039ba148aca96942b89b6f74353c78158a23ceaa029c118557da894509a119f7ccdd202e995824f810405f321f518874df5230e0b845ec78388c326e1f4e356b07df57c29483eb119fd8f49cd712120ddb2fe22e5244b8d34926b97845f2f0960578ad2ba810f4a5e8f49718110e3aa1731791616b49ea78e1ee5b6ee753ef6e9165f56d8a79939ddf65ea2a2c510467d78cf5d5bce74a3fa057c3d750de2fdc9a9bee6c39d26dfb7ea3a8ea45ca9f87ea04ea2995b1d95300732f3ce058800a587d3323c0372be008a5bb1a7ab57c8e43e8ce45aa966e6d6848a083a0263d823fee00f213584d358c07fce7a30048bc251e22fe66f88e13544d09483c996b107cccb61eb58d7ba6064eb4c0b20fdf24f515ea13f12c142a9ea7605a95ddc9dd1463710987cf1db829a508996f6573ee06e162681b4c434d83a487c45754480acb040336b15396244f5c397fa135bdfc877c7568fb53521959f8e312f662ff815cfbbde6c4232fb1613648354c427a5c4e3dd1bc89e1df10ef9aa41b9341402a83544011da3322861d4986286d8a6b865d1cbf045a5e4789c4540693c537b78c86d5cdeaf8187160277ad7aa4fb175c83e7d2fc3cb6bab4eca8516ade1af349633bc6fdc9fc1dd8cd385b125c01de7ea628ffddfb3f6e72512f7edd474a9bdb2141018c68c3eef86ceece2ac32e497644d3755ed989e83932911ef4ab0b3c3e7350aa405dc01bf7445ecf6848a62ffcc21c0e8115c2a6d129d195b640f1144a56c960aab89f784e93b91a6361013cc8dc31e4da14c973184df9bc4f2461477990474fbb565aba4f32ef9bb0dac682997b77f4a09afe9f71d58b8a477c4973db19828b5121254a61aa4c96d185f6e8879b51ba5b082e5b8878bfa8b51e6664a37297e6c6b04bed9ef513edcb36d2bb61f7cb4350857b6bb5b125fb7a576a2f57355b4df5388457fe762c8e0edb5e73592ac6904102fb0ebca96e0e32d9d40578b40db98c7d4b0018433519d27ac1c40b7bdc52dcb268a3acf6b2ef49879af7c794067fd88495794c68b0d121a357901854f19e5d5adc67e9fde92b4438a52b121f02b939fbff699f246c20c3505404bbdfc1f3439b7b554bfe76529e6dd0a6d584964e4b858781a75c84823c6297baf988e2adba531e854fd31dc15566c5d960c6bc400510999cccd9ccc8378028ec0aca7377352bdf3bf09302841e7971788a6647d9e0f971b9ffd6c0d795687a3bc22d7823cb64e267f34b2051402f6194b9cdd36153d8f909dd22c9483fab75a4441289bd677b7580c5d93d9032417b53681137feaf66beddb0aa75bcf58db249f7cffcb1dcab6ea6ed9d045ebe740a578929e6a4fc8435f625cf0df162f6007ac95b9129822a9b3d0f12ee77d3068fc46c40bfde6f80e49005818f1575222e535d9860f6c57d680e1591a9190e751ecf5886b0cf4edee2f26960ab64d03f5002affaf1fff6efb6b4554775d6ffdd449e68f7a5bfbc40b95323845a89aea04c4e4dfe83734a8af3fad3d6db62c986fd73dc3a896f157e4216f23ea1488583af3b1e343c1b198ff8d2cf5ef8c17343bc675f5b74b3d4f546d77f4e636bccc4a96e3ba675c9eea29f43e2d16b7718877dc4928b8d22db6add31fbac6684b3426c2a70eab1ad761d4c1256d6df196ca0f3ef358b614514c135c5b2b575ee6bf9c314cee006d799ae052fb33b35bd393e008e637a5b4ed202f5cf503934d6e3b45c92f3dae342ac2adfbd6fe478c20fc85ba4ec604158dacd18393223ffb9aea5c2f0bb37840f63ebeb9a422a7c096cdf528688b8e6562f49d466844120b7f56de978fa1e16f2d149ed9e9bd76fdd3ea444c8b6bdb47e7c41f0cff88b604851c1a24f1a4549827125e3664ad573a410499713e3537e5cf8df043f6283a8fc05211616c8cdd9e6c9f2e52b14dc69e5802aafc25b21ed761719f897f73b7ebc11c8487746204eb84f4f4b92d5f6a002d89d6b7ff2d1f5c04e7524469f6753a7dab042764c75394875faf02c04186ebbea781ccdf12d2ab6bd0fb918ec239f1799958cfdb9a8039770f3fd2559b5399467dc724d7b16b9e6d10a6705057313ca25b37ac3bbdb9d26b2b56ae81b718b75064548155fc63c371ba633bcdf392db76d856da0b6761da9d34f4ede1370b432fb29f82a02f236337522c99b45b8e771961f294956856ac3019defc104899fde2bffc472a1e1c313760640136da9c9d2d43e1e0d2447e636a8187e00e1e602334fe0850e8fd923b90355b5e8e7d9eae8c63f9cf5ac434a43d960ed19d10c9db77124f16f9c789c27c5abe44e8cbf403a24d12d5ebc4d20e366cdcd4ddf6c127d9a5567b06eecdf0bf809a36e16307f4fa224ecb97d7645404b426ff71d7bc91d2ed8241eb1d6e44fc6b810e36ba561f33e9ab43a012d494445b6e28977e4e4125a56fdeb582e5cd78db7ca7c74bc210659114aadf4f0dfa789714e4ad771eb2b52a3780d4f49fd799190e6659581f63eb77370b9001174b35468b88a93bf5299586074a22c18bc316b08150193885e1f2cbe3ec70a08cacfe17b527cd77a7520b097ae8cc3b1d33dc5f66d40fb385f83938891b74c8423703d55c3b0f8e66cd99a30e30b6e65a0c004c151b123e1a0b0d911d1404613e986a5eeeff81363e357c818c625ad9299798daec7715bf2c392245a9cec8db26a6e71b3498026fc9d7ede6999e31b70cb9d25569cc6d93fb5633e3ca581f5b86f5130dc6fee4389d490983a38cf0cfbd23e1f4f82d27ac677cf3e45eeecec8abcad41abe424bfd48be21eee5c0f5ceea3605d3e4dd9c4f5a1f6dba2cd440ca7e7ab27d849a07214bef9a3c5903c7feab12e1dadb8eeb12a19c5db9419c5828992737381bceb7e043ce0b7d34061e72ac832c20e81a4ae32d6ec2fe45e2e4b2fb02c25682e6eb6cc1dc6fb9e0cb9ddc4ef9cda498158f0ea459bd32b5a696761d886f230df88b286ad66c9dc9df17e89bc3f167112a3e9259dd95f08d09a828c0f7310529f6521d7139bd9d13cd3337d475fa96e8a34b0fad57976f1621caa18559b177d70cbfbfad1ef92e9cc3ecd51c5e175b1c6b72af0ce72bdfd77bd2b02a774b5a4567eaddb730444c44b355b187272a6e6c556c72e729bcf342fe413563fab9e0c6953df187de9f430b48a6589b2825926fa71e4000eb0b34b4d195c7dd20a2d2b8b2c46d6733b4c43523c30ecb2dfb5cb475fd0f263601e907e0eb2c42afd708da4d5697b48479dffb3cb9b67d8582b84652891dff77b7a6b0e418f306e0ee8a497f889934530422cd0b75da7073de3f0e4a22bd7d376d7464b01aabd6b780d289358c9dc16973e4c39aab365db6916d995750aa8c564d939969d03f23c11a7cefca6623cbff63ad3abfcb23ebe7a7c265332ee7ff6405a189946dcfe4c28dbfbeb61ae261a8510247d26ce7e551b9184be6b045a7e647724a019c3f1c103373962bf9d96c969a2a109e623cbc3ab3507557a5f4d8c4d1515049249459f176196dfd8baab863ab49659dd77add0cd5a667ec446a2aaa143911c423dcff72335a3a7216d827fed194d2f688a281bf860caf1646cfb3ab277f1c448f5a03de2bc24b98be8a582fc9a57608a0a85024a4df2601f9be04b878c8cec9f555815190410a924fc1cc1166ad77b6b303390cc4c357d5ced2a8921d31070dd5e44522e162c9057b7ead1773c6883caec5cec8925c5174583e2a1f12c5811bb3345d84eebd3c5137946897c38199a7dc8cb24fe1f2873aad93929eeda9901f62b636be3e2aa940aff0b46f2de67d2770acb9a27715c53dc4cf4c1eeb16b8ee588a605484b710d71f2b2c1474115151fa37f30d77549dc4ce53b702871733b8c72333ed4fdd46d775173e9651f51e8380f90a54886ebcb8fd28f24fd2b16b204f5cd48e74bca3279bf17913d8b10cfea9303b16dd5fc5ad1113bf43deb910a5b6b319cd09cb7489e40e0ff7e76c32620606713e4c9817b81b95b405231ca3c73e14a31a157b6463f3719ca3fb74016512808da6e40ff818e250bcc7562b7f0d7e8023dbef7d862c4326165d564264ca1c9112408fa5d8c614a1b4bf007ba77368f175a5c16c99a80c1cb2a3ff1df23ac230c9e04d350fb56f371c203e8465a2aae37d90da3b720fc3d1e69", 0x1000, 0x8, 0x0, 0x1, r0}, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x5, 0x8, r4, &(0x7f0000000600)="e6171ab7179a80d7b31811df90d7a672f03f88a432aafc1c6feeca30adbbfa51065bf648b3447eb898c4365cb98044724c7ab6ed153522a93d80824be9da6c093636d43d7b09612c2992dc5406e8a637bbf867dba497def5772e262eddd1d8f231a8eccc2d15937b557066007f747aa859352c4095f4e88ba7b320b1178b08d57a8ce1e1bb0dd1d4825321202b1011e720ee10a5f9e6c2921f7a0003fa9d89e93ccebf6d14ddc7296e424107f4e02cb3e87506cc17e648674482bb9261a74f76e936610c52b6cbdd7f79043826a3147c75f872b5872cdb63b18b5d3f0325432113", 0xe1, 0x3, 0x0, 0x1, r0}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x1ff, 0xffffffffffffffff, &(0x7f0000000740)="77f5ab632cb788609d3b0c295fdd7779acbf90f3a74053a2cf66a7a211358db05895bbe5c01eaa5db49cd5717e187c081536f04d98a8e86401adece630b8874b929e66f8a96c460d987d1b02c4537ea99758f693634db8e0e5922bfb591a62161c5146944fe75e7f6bbef276ef0eb592a1a2b15faa8037d7db9e34", 0x7b, 0x100000001, 0x0, 0x3}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x7, 0xb, 0xffffffffffffffff, &(0x7f0000000800)="366b3dfea49c03ae696ace9aaf1ad0ee7aa66ce960a70a9e961930f617b4666487a0a265cd77e1b3790740b9cc0003ea68ce6512c23b26102fd4e903592f15c1fb0b63ed281799e92fbede6dfb62676d1861dd7a1e", 0x55, 0xa, 0x0, 0x2}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x8, 0x4, 0xffffffffffffffff, &(0x7f00000008c0)="5727feee19b82ad1dffe824400796d0845087d24b34309b061be735ff120579b418162235d284b0c4b09d18f687bc28cec187a37edf73bc356bcb3ce9818536af9abad514528dea3a67a76897359058a0facfff0521cb8c321290e72e9b9cd06079e0357d209e094d0af21f9b574611a6fb6f94929115a65672a82a59c30e4a1ca7a8f2e632fdd", 0x87, 0x8, 0x0, 0x2}, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x6, 0x3, r6, &(0x7f000001aa80)="af09d56521c02486fead6768d4942439eb5396394f537f22bfef26d193c6298bccd9987aa7a30e0ab2422cfaa83964922ce981d21ad04ee2695e858c884135b4b1ab6f9b9aa9679d80acdec12b9dd36832b8414d0cd23074e85a40c56aaef11a16ceb41c60a2e357632f3579f3d2bec4b268b9317ef55574c6ad36a4f4c94355465f647763bfce76ad880adf706ef019cf02988a3348edb59a2b4744d8e35ea0eb01f3158f8546b8b0043accefc170cfcaaa4e06b88d34a0428b7afeefbe53a046ebbbd4b7cd7b0168a9444812c81318223f57c2", 0xd4, 0xa, 0x0, 0x2}, &(0x7f000001ab80)={0x0, 0x0, 0x0, 0x8, 0x6, r6, &(0x7f0000000a40)="bdb0574d3a68522edc7ad6b9cd7d26d5453150f88a55c4fb552f21d7d22c37d8c76593dd6c49bad19d", 0x29, 0x200, 0x0, 0x6}])
read$nci(r7, &(0x7f0000000500)=""/100, 0x64)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000a80)={'wpan1\x00'})

2.631453283s ago: executing program 0 (id=18038):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000380)=0x8, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080), 0x4)
sendmmsg$inet6(r0, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000000340)="bb1cdca1950d1b232ce0244d93aa106f2a499c9b5405eeda6af2450ff2b0bcd97c89fd5bb5f76ac8a9c573237275a8c10c6cf731f00d3229a3", 0x39}, {&(0x7f0000000540)="99e7441dd5d7c19d29ea7abd7a3268189f03e5e8d291177ed03e3c86d27a944ebcffc5ddba0a01709a80ebd34d37a7074699a1c102839733d3f85e22bf81d23594ee4c1b584446d04987892cb071156f3d7e41cfc05f941f6877cd7c6dcfa5b7a863afe4e9e8f634f5c4ef25ece96b62b15005b6dde2667acbae270613b6559c1bb0e2d4017a3d1deafa7817b69aaa685a9876bea763946ece87e97007d1ef34cf52eefdaa05ee1de14a60897f", 0xad}, {&(0x7f0000000600)="ec2c6c1da17b6fd606fcf427333ba17df57a32f11e8c0aca79b6e8c2f6669b3848875bec013c81bfca6764485047c453f5d2ab74e1096017c216a6387cf637e5cfa23b2a66df17d1694194d44327b78d713ac4fcaea04cc551731260469ecee67bcd3df3dbd25d0723e491e875383596643f31d2be0ad9b5839217089f1323e76e34bbb8efd4b9563ab3611a9df4c268025b0ff7273cc6c6b53e54eeffa0cfcded3e487d3707b90d13900f3d7846f87d29cdc9c97e735160c313fae2fb961f7417050f5515bce2214c507530155606994191c89423777f594dd820780ca434c514aaedd5", 0xe4}, {&(0x7f0000000d80)="ae43fca408b50cc7d9a1725c2ef2932090a25a7d70e0313df3d0e2e7820008e231e83c86465164e403cf4e24c3fc2db9f6fb89efefed5c1b47d9ac01381c7bbb6ab8a6b6f36bc0b68742ae9e8229b5b72aa83e3b9deb8762f45dfbf9b109a0fa6206166305673d0c05cfd2fbd994d050b67e6d9fb9a9527770d71734eb29583e6e9b7518c95d805aeac31d634b0efffe3d2b7178c8f7acf92405c591925b182ec688fbe8feac807d5dc6f3136e04d16493494144e518022b1a581811edef0c196c63b9cb3ec5226bb369d2100c29cd0213902253cbfbbe396a4cda30c54626123d7cb6eb67193a0f9ded8cfead1df5d585", 0xf1}, {&(0x7f0000000940)="627f33009436c19975ccfa9385c8c4798fade4caeab322b77e7ec95e25d7c25e002e60344b1c2a51dff99867d73c331c75a68f8a6733f8f581eb762b2f132260198995a89d08060545ccf412d0faa7d850297588a08f40e90919c954970fd2d7598a317464c1f34637002b836c0ec527fc790be4f4755f90bb05c3b33a224a84cd276dc1dad4fb6e01f0355903e11fc51b25ea05d7ab7125f4cb9c4aedd64b0741c712491ad3ea0241704c98a49fd1c15e9585f797fcb03432561420014e692967191bb17c256b99bd891adc0d8d8ce93167e37adc4411931f859c262f4f20eb21f8323bf0", 0xe5}, {&(0x7f0000000400)="a756b3", 0x3}, {&(0x7f0000000a40)="f54bcf6dea0a0953773322b72583370e30f8b9a2711f0965888fbec9a590bac982bd385851df74753f21b138e3a0cb01befb5e5f501ff451923a89e7bf5d3368fe7aec72692530fabc7717316caac71eda0103f074cd7e430555fca5d00714a54c58f77dc9c67b5c13e0bac95e0c1a6f0ecabfbf5e31408f64f93f44cc2b6e3403943f5be6406c8bfdb90dec3f7f716caf94f4eab754612c7d189dcf96d3f0b2694202f7f4378a59474ccec503303bfe773f39322bf95aed675347401b117b022c52a18358dade3e4a6a5b8e486c10b14406", 0xd2}, {&(0x7f0000000480)="73cdfa0744e27653b929b65b3103098b78df6eb98c295fe3974cedbec9dc024acafcdc4cf4c408c1226d81b40597f14657ffedc90ffaa3dfa262822f1093a91a", 0x40}, {&(0x7f00000007c0)="80fb5010a1331b3fba6607e02da650e5b295534b907e163a83b74e46a6333eca012e324bf98922e2f008555e17ddba76eac48a9d105952fae6b2a68474259e34ebc60ed8188c420493281748430e8aaed72a7d5dfc3cf588adb55ce4d4dfe89d78a48949e46347e37809a3f102319304c3a08f315d96dddcb3a55417bca588243b83741f875a21fe0414fac5e7131382cc989f9240915e8d19c3d7d42be3d7c769aebbcb899bd7716c1194b3214dd986ddd3f7bc9bd184816b8711b57bd5d84180925634e82c8a", 0xc7}], 0x9}}], 0x1, 0x0)

2.546061259s ago: executing program 0 (id=18039):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8880, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000002240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000002200)={&(0x7f0000000240)={0x1f88, r2, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CSA_IES={0x1f44, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0xe, 0xba, [0x41, 0x7, 0x3, 0xfffb, 0x2]}, @beacon_params, @NL80211_ATTR_CSA_C_OFF_PRESP={0xc, 0xbb, [0xbc, 0x9, 0x1ff, 0x66]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0x12, 0xba, [0x0, 0x2, 0x0, 0x7f, 0x7, 0x8, 0x1]}, @beacon_params=[@NL80211_ATTR_FTM_RESPONDER={0xc, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_BEACON_HEAD={0x5bc, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x3}, @device_b, @device_b, @from_mac=@broadcast, {0x6, 0x1}, @value=@ver_80211n={0x0, 0x0, 0x3, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1}}, 0x9, @random=0x9, 0x100, @void, @void, @void, @void, @val={0x6, 0x2, 0x6}, @val={0x5, 0xc8, {0x8f, 0xfc, 0x7f, "9e4d9cce8fab8b173282be01e4126160e2a35d0280459b580374b0def7fceb8f7b1821bf856c7a6c83a61a06d56e00eaf574d48669817f16521326725b3d538a14676c6c7762fdf349eaa070d967c62984c5a80091c49d77e71b072138aaa166e0572b84ec51e93f5cf57695759cf1c9ec8bfd5292667798eb9042b28dc1f0f60a09f37c0f92ac30e7f2c7074058789554f91c13dd71f710fd81698f8c2029e86d4255e67101a9685a308ee248765153d6955330d4653fff2206926ddb183f3cb0d23575f2"}}, @void, @void, @val={0x3c, 0x4, {0x1, 0x2, 0x74, 0x96}}, @val={0x2d, 0x1a, {0x1, 0x3, 0x2, 0x0, {0x7, 0x648, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x800, 0x7fb}}, @val={0x72, 0x6}, @void, @void, [{0xdd, 0x31, "34817ec3356a090dc90968ddb3549d0145ec6b19f566c12902ec03af02335daac6710fe8b5624a9b353ab24d8a5b70e106"}, {0xdd, 0x1f, "5e98d2e47eff0b326d6f613e1e628c7abe1e0f8c0ebb34a1e0957cc26ca24f"}, {0xdd, 0xc3, "2d613191443c77bf80e5b29b58c1ae35f235085db008825f94bf89b7149b1bf11b6a31b99fda47439317f5e57753864259ec0abb926d93b2d96688fbe9caeae81034f52d7bd240efc478195b6c61180d432d2d73a23bb4e02c6d7bf9354cf8c4adddeb2b8568563c2840987fec4fbe783c101b0b11bc75da2eb3916ffcbca2117613e2969b679d582a185b82a2b9f274ea6396078fefc16274ca96a203b9315c928caab15a49af0e182a670e402696c05376dc566516c7d36857c22dca94d0421f0cb6"}, {0xdd, 0x86, "a97679f6c506f10a66913450d58e043632c13442bd28d1f18b1365cae0d193b6c13b3968ddf1eecde87f585750f96c8fd9887536ac1e4c82ef93a5790e8dd286b40708d700bf2d64e23ff9a5c42f848e261730594d78c4dd87563584faa5d498248980cc692b1df4f2477508bc1bf8fbd0bdd909b4e7ae64df8395eb5282537efed664662878"}, {0xdd, 0xf8, "de6520c7a25e63c407f705d092f0c15b3520219e2484a0bd1e70b98da4e1a38f4daa1edf9493e098e51e71b6e9d3c3e512a811755a0b34c207480accd0acad8ed8876891e6ffe51c0d24182093530cbfafc105549bd406b4cd16fb5bbedb00c008f969e02411abca4133b7e81a60724f7904122861ef85e619e6934d3847a0a09f5ba83ceed819277893854163e00c6444f90f3300a89b019eaae9098a3b56f0dc17fa60c45d32777415194d0ce09dbf04b35f5c849b4604cf75a9b72ae282edf9a16e82766a85db51084dc46cd922cba369fc91c7df87c184c2f6cb5c617a3fd1f16bbfacf25ff3956b872abbfa7c8dc52bf407c84e666a"}, {0xdd, 0x19, "6b41626d82ee10a3a6862333147a99d00978f3c580023f96b1"}, {0xdd, 0xd, "2245eda9a029549ef64d6a297f"}, {0xdd, 0xd8, "0051ddf970a23ffc94aab8dcd87f6fda232cfd14562e3c59053efeb3cc08c89ee69c6ed005b59b97959e0d7c960db93fd4e1853e748cf56b1a03dcee79f7d789e6e13a91f4900ad4c56ee6e494668c68e8f381cb37d56a1fea8b891f1e3a1e655f14cd770349f4eab117b33e3fd85576715290ef08e41cd2804ea79016c2ef6afe7568418b0d436cb38268c2acba0d0d408f9f7c288d32765e127a8fb6c19a631a6d2738d682bfb2c40c0557a223bd14fc5448cd54b67640b400f33f8b96fd1148f5c7801f9c4eec8da59cd23c5262b49a2cfd48791889e3"}, {0xdd, 0xf7, "7bed735727efe068a815b8c3520128671e31780dd83a1d52999037dcd5057aa703c6369a05ed529e3a226506dbf52cd264ce54e75290811d47258d97314409b274f8d17b4098fd35b1fb05921bdd9a2a50351f86c6754a039649f8a96f75fabed41ef4707d47cce656d0644d50a13a257b13fe9895a8579ac835d63399216f8dc5792846254e066438b50a985031929dff7a296ee06ca71e9948b0f783c2387f44253ebd7183956bb0825bf0db824154fc2cebc9a4371471c3ff660e0475acec49e6be66d84e7347889688ff81f06225a2f1a547817c000074711e22605120b542467b3ce58c90d98a3034c2da84ad0f263f3432feaff2"}]}}, @NL80211_ATTR_BEACON_TAIL={0x16, 0xf, [@mesh_config={0x71, 0x7, {0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xe4, 0x20}}, @mesh_config={0x71, 0x7, {0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xd, 0x9}}]}, @NL80211_ATTR_BEACON_HEAD={0x459, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x9}, @device_a, @device_a, @from_mac, {0x0, 0x7}}, 0x9, @default, 0x0, @void, @void, @void, @val={0x4, 0x6, {0x9, 0xe, 0x4, 0x1}}, @val={0x6, 0x2, 0x7ff}, @void, @void, @val={0x2a, 0x1, {0x0, 0x1, 0x1}}, @void, @val={0x2d, 0x1a, {0x10, 0x1, 0x7, 0x0, {0xd9, 0xac, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1}, 0x800, 0xfff, 0xf8}}, @void, @void, @val={0x76, 0x6, {0xff, 0x1d, 0x25, 0xffff}}, [{0xdd, 0xa4, "e374764e06e54581618c02060b13eaec2e936e26c6db3c0a59b6af743d710b6f49e5318db892a8ab44ea11c3a518b857a77c03b7e5616f98ec8500f86f707032f9b194961904cd769902a617d1f64e4436bf289a6886fc15c0f90d4138b9807b898e083d9f7f71c11cf753bc87e0a4d30ac15bc65f395fa4448ac8674504da44cc8c991e07203adb3c88a25c4300210aa9f69874553008f489f551d97cab7afc6d4bf077"}, {0xdd, 0xff, "c0b3b6e9ca0cf6498333d90c7543a2cd023c5f2889857c286a11b2d3d645e6db33d1ed523c53ae7b4d0a1e7df638b150c3f6d809c176800431a1831b69d6c9930e7fc6f3fb1f739340b44a373c8b16fc41f38f572ebcb793ed3702c866f8302239c2f92539118c464f6f674e9ffe4c309adb17d5eab5518dea75e9f0658b50fc10029367fb16d45ba00a48cd5cd023a9ae159e928a321c5284fc65d78e662fcb061ccccbaddf070181f4ad8b7c92214cd095a3279d86cfb08a8a6ea59b2f5c27ee73340f182e768a58d5dd29494cba8c7ffdda21c470185186d1d4551efbd5c0dec947cd6673aaa9a486d1247fa4582ba6501050e6368f6665f3ac60eabf6f"}, {0xdd, 0x1c, "ed93e009c215823e369f6d52c6d931a4fa420b9ac10c9b61b26b5f7e"}, {0xdd, 0x42, "7a036a08e8b64a1d6e87625848eb4c303c0cc1c597e5302ac1316d49c67730aec49dc1173cf8c4e141ac29b1b24ecd5275879a6a017d68afdba5f86f590bf86b8efa"}, {0xdd, 0x72, "fadd7c1cd6323c7e2c9a018789a0e76b78d9fef4162cb8682aba0922ac2c304bf44dca8462beba8429b19fa3ac92254c110d69f3ba430acee1e1762bbead3af6e020214db36b29df9698d1ed8c39b7f797dbe5f66afb9262d8a2ad5d98a932b170bcdf1ef8956c766c6780a523a84d893ae5"}, {0xdd, 0xbd, "6be2dcf466d06a0e9ec6dd2970f902d58c3b7f6a6dad64c9403dd6e4dca2551a683e8372cec4a8f72722dd85d49d251c47c871bc85ac69f32ecb998a3e9e1047743eedc487f629f7b6caec3f95165dbd79ca99debbc694436bb00dc3fa16a907a56a7983c689b8df6905c6b9efd9215aa5c279cf6bb9a315763ec2b6f4322c32247866960f80085e52a6604b019c88e81a3c12260e35cab78458fc8364ef2fefac7723595f6beed9c5f495e7c6e41c710d646ab9edb0e12c6da2b15025"}, {0xdd, 0x64, "cb94831838306596a8b198e051c1b32bf6cf21cb23d50582ed69f189ce57231519645902cf5acb12c64a433de74a4c440afadf92727ec532825e833f5b31c80e5e21bc737c6a140c1ebf21e5daf01c0b633c0585a27b6efd98d0e32fad6d5eda63f36a4b"}, {0xdd, 0x5a, "30771f45d866d14fe096fa5fd0436467d095adf28e0f5e0ccbb7762598abf8e1780b5c4224e2137b3a90c0f9794485d14bbc27e23ec567ebb2dc749f59bd850e62a9df5ab66781e8ce8649c2a429179909c6a0942d1fe3868144"}]}}, @NL80211_ATTR_IE_PROBE_RESP={0x21, 0x7f, [@link_id={0x65, 0x12, {@random="d7383369cc9f", @broadcast, @broadcast}}, @chsw_timing={0x68, 0x4, {0xff}}, @erp={0x2a, 0x1, {0x1, 0x0, 0x1}}]}, @NL80211_ATTR_PROBE_RESP={0x297, 0x91, "af9f5dd9c511881589bad4db9a67b14ea343a99b7631679c76527ee2516badb8ff01a92f018f2c67ac9a4fda1936b1d0d8024764ce05eb2e56529790f30356e46cf931c31d3bdb6179fd7225999b952af163ce53d109e09386c8e34a6e132016a6316ad02f4ecdaa5f16311de6fbce3a1c378fb10451fb20ca034389021d5e16b3e76eb720bd5c3b4b73f8d3027ea0fd1003461eae6d2d57a1372ee28d19501c89c5959628f8201ae71c6db55f4aae936f129a515337c73c77ed5cdf0d07214f4ea080c33759bd9b500c0abc9069d20fc12ba32569cb44ffce4ab521b712a845d4028f0a3f76487add0b8c3bc636f1ab3215562bfe844421c8bfe0770f5ac5cca4e6cc30095e4ad91bfcc17829f9427ce1b46616c89f32e2bb4c34a347540ac7c5e1066090a85e99c0efb914f2d2740c0aa662f4319e181482e8ac76e94f01685431ffcac9bd35dbdacd75f1f05ff230a9608f188901584d6fde672b124a7dc19894151f79c056805f1b4cfc839f78b7be58ca4a22f101f9a12f37fd40bc015027862818805b75103a2e5c45585de871dcfd2bac9e6b0aa14646528b458043d37f6f878579e0363cb6c3f4a25ff72e5c3a49e77b7118142c7e2321f357dab9ac2c40f6c9fec096a19f6a58a750978151c66ee5582908a99d324b6cdafff4d0a2a46e1e3134c7d710b745704eccb0f321513144b3ed53f2830b9e04067f4b073d6859f895f0666ff6fd3c5f3a3494682875844083988a46186065be66a241934c4281499436ab26b427207e9ae298fb41bc45e2de98c4122a38382df9dca64dbf76f70fcfda94ed0c5c1c3c40a772883728c13f466b9c34c723cf30e57b8cd7a2d00739552a1117e10843ba0293c499200542308b50e05ccdd3defe9e67305778b86787cbda4e58ae93f10a5133f28cda536eea"}, @NL80211_ATTR_IE={0x101, 0x2a, [@fast_bss_trans={0x37, 0xfb, {0x9, 0x6, "6b0ec049e77acd839eb86bec27dbab35", "588f5a73bd059a0e63b5800dd48ea41a17c93fc37442b04008ef2614d5e3bbf2", "e161a4e2f45ac4afad3439352506168644f5102a1e6e589ff1e1a5ea8dcc9f62", [{0x3, 0x14, "e7e6c86cab0d6dd99f795363502edf765002aa4c"}, {0x1, 0xe, "b7c8f64878dc552697246a214fcf"}, {0x1, 0x1e, "ffdd4135ac8bddd0444b502254e13fef35c573f42fce517fd5cc220e531f"}, {0x1, 0x25, "2d1df4f249a4b5764fc4e54859dfbe08b957361e02f55df4d22d3ce701579e8c5f020ca2c1"}, {0x3, 0x17, "db3c621f1a5cb869f263db964068f3a1355be10b5239b4"}, {0x3, 0x21, "fa274a4a3fc83d6206e47e36a49c43c94c6d3b19e6dad3d8519691022e37cc2d58"}]}}]}, @NL80211_ATTR_IE={0x110a, 0x2a, [@mic={0x8c, 0x10, {0x74a, "7256900a1b8f", @short="ad20893265e1c472"}}, @ssid={0x0, 0x6, @default_ap_ssid}, @cf={0x4, 0x6, {0x7, 0x6, 0x1ff, 0x9}}, @random_vendor={0xdd, 0xdd, "ce613985c03aebfcc16cab3e0adb0cb746cca90c635942523c016c03c3a8aa25ad4f728086f258e390452043a017f4c39517db7a368b6239702c0ee6a0ac2e0189fe3d7547654b8e3accf340370bbad9ce611374c315b3f32b78c8e10395b4b15e778ad4ebcdd7b5824ceb9b720a4b3aa1ca54ad1b121bf2acd6c99952df48a5e5ea3b8546dab355ea86cf96bd9bb3592fe9374d57fec0f7d3810f65296c83a24a99a551e81b6a34c9bd3f3c87deaff2ef50515c6121d0801c097843d0c4a285f9d7be1c75b3aeb1d6effec25aa6ef34b424c98b6179cc56adcce07451"}, @measure_req={0x26, 0x1003, {0x5, 0x9, 0x2c, "c83f3fa4c643a64fdd3f9bd1aac0138500612092a3704aa03d07036b07ace1e62b7848347c9b3dc95bd152dfbec8a941e7a3eec4fe254697c51bb1f8e2df4bb365f8c57c038201ff9ec03582bddf5162b73d99afd348616d942ab21e9315caf5aa4be32105c4e19d1d221fae5bbc841a2ecb16aafa0d0f97ba1fc4ba5daaf9d654dffa83f242d7d11b5febc68231e15329cf591011f834e1835477222394f5073f1cc4361078c9deb69de83d70807c3d3c56030dcafe8b1f1b7ca356897795943d5ac738df507d239dfd454035e611f145af50344f0c671d6016cf2fc7ae27ba0c6d9693703ba4c760d9febcc609906d8ebbef3c100cbfa06d16cf32d51ce3fbb6452545f546b1fe00aedbe4b886be3df908077d06cc27248581dcde9bf72d4f9ee63cf36bf506dba26b3fcf995f9b1eeef6b1add8f749bf8e4c488e3bc99c1c9778ae0a54fe4d934f733c3a2a47c11026861f4fb7663866ef3b34a7d3ea50580e8cdc6feb10d0e9632ba3b9e56277037b6a85ce1dc6318cdb27fd2c65a1882e26922559fd370e7b9b7dc76fdf0bfa6b57dbd252668387f815bc77e08a1849bcce5f5bbb4a812442c72401a624ac93327d868110c44a45bc1eeda8a2173ee28fb1006cb600f57654001f115808e7ef1f6829289fed629c68bf0f08907bd6b0659f61c26b27fbe331b7b2f517d4ac986340524849e85ac2735d1e75b216f5f3c7bae5bab033e38dce06968252d520b5894c9e60907abf04f03a878c8ad7a7d6109a5b29d7fd22d59f6756467e6395ceec6b1499eba542e5059dfd122e034d8465aa4f707d0485c32a34e017123881cb8efb78d41cf8a34fbf8e4876c8d21df68a4f652ae6925eb616a68a0cdf67e66f50ba2f1f80e035b00df16697ab66c748a27cc39e026a5b908c5d2e06bbf40fe36fd11556237e44ced4974c76aa4f2bbf60641c57d6d5688226b84b3e35c0db7b00fa680f2e03abefb96d7a4294bceea23d7e60a786d4a5e862df3e9c045e9b58105bc8aa66c30f8d3073c5d96f0202bd43fe63ac1be1c434b7c8aad58bc15c2ada35f871d4645bdd67862ed519abc9b3d77f058958c2b1397910465ce5329232301dbdf384aebf03a94ba9ed0bca6ab5f3e314d740e0f7e3a1ee7fc7c271e8981cc0ea8f79e4654035b636850d2c8b50db5a02a70a27490945df9cbad83894bb1221998b818ac42630400313ed2f1c7d82d420beca62a9a14f6e6a2d2e4e915bef9257e331b3ba833b978268a8d695350e37f7238a76e71153783036300b01e636992e7176f9b31b1fd8a6bc4285912c7be8801fab22ccd71d47d387a0f1103be5e6846b0e3c0ece7161edf2111f1133898dd6d8fa3fd49553e4113428f733f21ea7032fc54d0532c389dd6b01a5e7c97fa38121a89dd18b28ae3b34b97afd6e151ed0b6129e69bc49733f8b5fa40b19f93a90b3bb56899ea48c87d5f9c63ffc305e01154da2076e5867b9e873241422e3308974f479241304c95d01f6f3b9891d1c0cb3c5a27c5fa2b0f70f4399224d387d8256b674c897f7e8ac4e59bac5ee902da24b9064e9bd6764544ed0cd2b5b76f8db4abf6418932cc7c256e80de4a5c92135b13889669adbd7faf404d625a2f54abc2fe054895aea92de00cc3da581a122d1e2c8cc5cecaf518a5e3a7e8f6790860aab76fcbcdd4fffefb8f5c4512027f3bc9c174e718c6566bd9c59bee89b8b4b116afe6cf32574fc6ecc59f78f61eeb9ac57b830f0e186b97cbc9aef3fd66fe246059921dd928ff29099601189579b94faa4a0ec6ca5227524e584e4395dd33176a78c7a208f7594b2744b3b1f0b146149bfb76746420c1fce1c91e8697c7a910688eaf38a694e9703bd460f7d247eacdaf03703065586c9a2cc04f9b1fd8880c9279489d634274d8682d1a0c4fc8230ef56bb1251301d26bdc5fa236e9d6e95b7fa0d429e63ceadc03a8063005b7934eb5ff87e68c2ded6b5ce2153c3d889ddf875912f6d08895b9fbd66ec6f4162e0da35144694bf102117ec2d588d80dca3cadb0912d6a2cb4b0b6396ce39a2882a118b363b22ec1d5212dce71141d3f548b286ffc0efc1fad093eceaea1ad82de32e421db8ef2ebdf76416a3ef2d9d99e5dc37cd9f42445ab7f0acc79cd676709d53bdfe4d3cfd6b36aed21ef13d043f1cb4a5c76cc389edf6fcc5d7951f1e44579d84e39b4992f16387c3945c6ea999ea3944fe8bfd99271d53f714c4db87237ec0cbd5f0254ef32b0205632dd8fdc8ffcd838e098f2f04c1fe5b460268c61c5937dbc5fd4620a867d8e627dcb9bd3713e4abac44b1f6bca5fbb78c39209efb70ab049d15b1f6ca8795335e9486e38b03a8dfd91d916c8b3cd8abc1dadde0f59591bd170e8f0fb8806be256883aa7bfe53690aadddd8ca7bc7071a6f2471dae7eee5a3ff3d03d061f9adc30c22aaf9a6374d1f04ece4fb4e0a9fbeaccb70af42af9ea10655bcb98f5c498c20f8c1023ea120f96a612dac19bf731544871cfc06ac8a504298cf195e5162a2a570366fc7b49cab9ba2b8bfc5beea3976f1264f8fbb8cbf338f829f0aa925584bf30ab6955c19bf1d7c0be8e602fe1bb23be5d624642f275ef6d8453a4daeee7539b4a696a835aecb382b54083c46216ec857492c2a46d6ffaafb2a429a7823f805f3bf79200c356e68dbcb55adc242146e8cd1e81d29b13f287bd168bc28da0f6b59a3002f896f7277eff8dcd44dc42dcb9049066f3e0e3e07218362d08dda473d86561bebd2647ee42b75d3f033c821b84bdd7af3cf1a2fb0dfbb365826b95148fb5b36579fc9dde569eeac65a1a3f301da3e485c36c4f5910ac2669afca4eada540e8ed9f8b1a7d6ee42737b32b853251eff0fd1f27552b6522fcd8882589e1c84d728a45d2b8dbcb573da149acf864f98b900e067f05dca749de0f38d6b5d84307acaa82b78ce3faf3f984977d409e975d8e9798df53e1057db5f377d3d0e9c158433e7d0f91b733c83b4350a28abdca0be8bd2782a729b0eeebef56e35454f0c49046676bda32849ca9a1ee7e175f9ea4929417e45ea0787f1f3c1e708190ef81b858c5d027108cafdb6982d6527b7dd918f0cece861d75712b90d3a80a1bd981045de981e9721077da34894fdf0d39f4bf989a83248e0eeb1e35252a193cd8bbd0bc5ae83654f2caa0af1d0ea4b5b38b255f6916114ed4212680f9b8afc514a8a68c659c8ae1c59ce9fe1470a52c8e9ad679aab799aa8d2664921909b3bfd911d4278dc90433b70ddf6d4a2e18d0ff76cc61e585c58818d177d77d796e221493ee04dff7ced42c5b29880b22a26ce23731a694931de7af92e9be1c5a8dccaebb48a0a62f8566bcc618ad24cb1b41b882c20be382391da8c9ae516d7bf98d23c6863288e03dd3b4ad49da92ed5366b9e9bf49125ba4d35c74463cf7733d470a07fa532f08bb1e5e06df4f1dd99440ed51c7fb4a3bbf9594df53b558692aedc6e7439c4abb8109d2b5f5f0f2ea948f906b44a8cb587b9825b5a081b7c8cf3f483087c05bf169b14ac345fb5a4671010af73da2586ddbbd110855623cbd055a4fe38d1ef5613e904e62ee6a5c3c9569caa40e9a6c487dfcfafcc9f1dcb9e47e92f059939ff1a5dc61ea6568cf9c25377db1c0101830c5122e6a7261d8df43a886b2db465e82631c260398d1f2bdaa8cc6f819b2712f50df8152c4d8525ad048adcb24d131af108bcbd7ca9ce9a18cdebc9fb867c8fc5beb89b99fa0d2aeace38f2a0d08dd9c5d0575e66bf7fe66e0f219b4d58db28ebde51c93bc81b048c5966d669342019e3f9ec655f8ddb93711d5a5989f923383eac19b14fa5622eec256983090450bdcf2f35dd022a358e227f4f9afa56b1ef2e431f7bea44bd4463e855320b2ab13a58bff34ce568fffcf286de3dac59ea4ba91e1306aff646bdcd76083c34f02737f7e676ced72d8398e39833468d45bec7b7fb30179f3c21367586eebce02f71c56bb8d74d4305241bbc61d735188f317c37fb4c780208b92e9d8fdf34d6d1af94f84b8dccf198f707d94f733ac12455d6fd1383d4c84928aa183bf346d857e4ffb11167b6a51d949f8865fe28345cf89ca599eb2306ae4a69c6166f090c64631cd2f12f86826e9cfeb7fab5a5c8cf38da32476d6ecbde8706d89f58607b9b4848062e940461bc7a453b4a8cd9f0c28d51e86ef31af1314374704c091ed3945c2b9eaa788b4c21e213e307bd85b3c74c744fa9bbd0b22901f51704bbb80e12d4b5cc599de4198373827adf76e136ac407b879e7747b0a4d023d173275dd2ef5a760d8f0e810ba1d3d001dc5b24abe9a3d33141347bfa2ca42637c006a78041e166d855269f66ae5aca7f6e8da2f77cd5097eee0421455e81b10fb0e4efa11e4e58075ca770d7b7bd204ebe2f431f0c588d50c96c13232564d75d8e4dac1ca07a79b001f9b2cb7e1ce1f0b4d644307f2c7ccf80b12455b2d932d76184f3c17e5c02fa6bb8918993980cbd4de17b0a1df77f7df5e7d6bcaffc91393055e36a2ea75f0bf4b7a6fbeafa61bf94feda0ba2be4d55fe33c051f6e22759b6174f2713ed7e6aa52c6fb4bfdb6c425c05f495501421da47460285595cccd22c0a5e563191025496f81280220f7004489ff900e93bc0941e22c9bc24980febd1a5d02566b6246563f3c6d59c4841413bcca1470617991217305e366dd0c0056b6f6428fc976302772e46a63fbad695775af0fe32310fb9f7c100e423e2ceb2d4a098cdb8b73db9723af99a455b8437edfe91399b69e7762a6357771e757a9646ea544336445073d7983330b6be487f80c4dae1db783264e01998eefca48268ef61c663b2348835a6cdf43989de95a4be96ad8302ea940e36e3ba9a32c2358c8c82c85cb9a2efcb0bc2d97fb3a7c5d0ac6b2707cff5a4729fd98ff0149512adb2ebd731f0926f5ebdb4e8ddf6967a8d47ee5b9c1fa0831845d8230dff19a172a1550269087ce71309ddc871124804b797c1c32d8f0bc349c205c3e11738e80f5cb91b94592141ef382284863679c35a78bba6a2a2b89e83688ef5082910b89d5a4aa045a321a6338aa27c701871b3d7b2e1132b7570d70cbe47e06fb834c1db412f5913d2f7fd6947ebda9467b66d9e29c5e7351e243ecc20c9eb9e6a692cf76f3bc1709401777674bb6ef95afe7756f17b863de71975a1a843826fe4dce6087638552cd34250878b8f804739b723f0e692694348bbb36649c81352bb3ade46999e47cbd15af1e0b5b7bb72576300e3bbdf91d4b54703a9271ef5fed49af5542e5887d77249a5a66c42a50e0cf685c783f71c565e6d51f00fd20aaba7397ddc024bafc9e8229afec0d751b6a60bd6ef641c6f205077faed0ad09a786da371351d7b3be1d4ee17c80178f1aeeb78f88cfe36b4be4296873022f8748b785dd37971b7d2ba80212343afd833b4e3855314935ed00059c50bfd899d27d5cce553dfd2114744bc77d57e04d0c8027f28391a6b4a30425f938c1b8c11a80f2c67923f4409eb4deb3299a2cff79f77d6bbba58c40082d7882d238ea6d2e1ccca1af3d2b6559482d55a1beccffef9c21acb725d637736875de2fc48589c73b42a086a08a18f5011fa86653591336258ae3f72bc352ad7d325c8c11c540d2ec9e7d20947ce1012d81915badb316a5facad2d0a8628f94a634fa4be95c0052191b29f6f75394a6ade8ad6a2f8be041b847a3cee2c72bfdea2b47c30d1d28b719488db8853723c7918d33032f6afd4504e1033842da044730bd77950a79181690633fe16ab78d568a54"}}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x4]}]}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xcc}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2d}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}]]}, 0x1f88}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000004)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x50, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}]}, 0x50}}, 0x0)

2.541624491s ago: executing program 0 (id=18040):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000})

2.470379205s ago: executing program 0 (id=18041):
r0 = syz_open_dev$dri(0x0, 0x20, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000400)={0x8})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x2000000000000144, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000100)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x3)
r2 = syz_open_dev$radio(&(0x7f0000000640), 0x0, 0x2)
read(r2, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet(0x2, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0xa, &(0x7f0000000640)=[0x0, 0x0, 0x0], &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0x6b, &(0x7f00000003c0), 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000880), 0x8, 0xd0, 0x8, 0x8, &(0x7f00000008c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000e40aaa1ba2a7f2bab7d791e1933fc37f2fe63da3f93a41ab609ce1655fa197358a132819330f1504ea214e047c40e104", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000200)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r3, @ANYRES32, @ANYRES16], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r7}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000580)=0x2040)
writev(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000b40)="a4738085ef1bef4dc6eff75cae65e769d7703af9f52d20a06ff3768fb6f6ab401114bb53f49afdbb0e59ab8a10164ef628479ad0f2cd89472e9a866eefe2aadcf1076aacf3343350f627e2d339265a43f4811014eb9c2b547281827e11c49817cf401d2ac3cb36e684fc4b1f7b200269f765da71095b7e92f06da87f3674635a1057ecc92eb0fe2fd85382d88cef8bc689a05a036f691f8fa897db23fc0de86bc86bbdf3a232cd9987eeec9ea41119ce0a2e503b1a339c4c2e67ccebf80b823da3fab3a3fc530c11f1c18d26cfe90f319bca4f25935121b36c07c6b390551db2dd9d7be7b2ead6abf6992ebedaa0421097497e9f8ac83481e3c66666c7e3082b5952997d20f03e3cb4e817c67b1323ca823cf395228fc2bff0ad98fac98a40", 0x11f}, {&(0x7f0000000080)="e13b071424635b5bb59f5aa8a608e173e53e6284b1f27983de3eeafa0418173ad1f683d89742f9b4cebe1f9ae21955ed30fee09d41d53d6b393e825e0641621655f9ece3288110bcf6b405ce98b753de0b086ccc8c7c36c8871aa3e06994c11c7523dbdba0d9dd6344b3fae9dd22c74bf69770ad41f3b45649b1dc", 0x7b}, {&(0x7f00000002c0)="77f79cb5631deed85df8afa6b2b93adff0e966b7f9d3dfe538b599a5f6558b6d55fefea56cb6c888f133d70a204c4a6cf5fd43f32c10885c5b95b98643186b0f6bd9ed3cceebb9c39b838be140f9530361a8d32ba69acbf84054c1a7b6e4c0cf6ca40374695e69aab375f0704944a46fe35df1e679839be4d4a62137fe8e07acd75c80f1db2d5a0852210c34e18a4816a1bb847e9101ee71805b0726b335d63e80185a18f622add8b35e9df84a70485bb620baa8ababcd989fd784c34895f92314c4717d17bb6f2ec18d815e", 0xcc}, {&(0x7f0000000780)}, {&(0x7f0000000500)="a6309676e976e6a2cea14d4e70d3e03ee80610db92ddf32fc563ca03773f3e838fdfc18582ff856bf7337b", 0x2b}, {&(0x7f0000000400)="35018f46a8744ac47b0985038e7bbab195f1fe632d0c0ad41fa1ff292ca962b9e4dba306ca9140923a6b410e8802b49d2ebd35b916373c7762f45df5a878e04ff9b9d719dcc894894adc6f2cddd2735d371b087afc30471af3590481908d04a2697b4eb6d5d7842fc3e335ba6a159f7abf6fc8e40a", 0x75}], 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000", 0x36}], 0x1)
r8 = socket$inet_icmp(0x2, 0x2, 0x1)
sendto$inet(r8, &(0x7f0000000800)="3cc8d3d187c48966817399c8ab5283061b49b1627a758cd5ac62a432059eaac7efd60405cfec55af4259607ed57e5bd8b98d613ff4c73304c65804b17a78008ca4d5860c93114773dcfcefbe5a1c5bd866afc2f893f5d31244a487e6af0abc4b37a47e62f43e313d2af79c5a43fe2f07db79e5a1c155c00f47e52507", 0x7c, 0x24000800, &(0x7f0000000280)={0x2, 0x4e23, @multicast2}, 0x10)
r9 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00", @ANYRES32], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r10, &(0x7f0000000180)=""/97, 0x61)
write$char_usb(r10, &(0x7f00000004c0)="04", 0x1)
syz_usb_disconnect(r9)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @loopback, @empty}, 0xc)

2.231615867s ago: executing program 2 (id=18043):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

2.148297869s ago: executing program 2 (id=18044):
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
syz_usbip_server_init(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0)
ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000500))
pipe2(&(0x7f0000000180)={<r1=>0xffffffffffffffff}, 0x0)
timerfd_settime(r1, 0x0, &(0x7f0000000380)={{0x77359400}}, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x400100, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0))
preadv(0xffffffffffffffff, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
mbind(&(0x7f0000596000/0x3000)=nil, 0x303f, 0x0, 0x0, 0x0, 0x3)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3400000010001ff700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000140012800b000100626174616476"], 0x34}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f0000000240)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0006001000130400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006e657464657673696d3000000000000008000a00", @ANYRES32=r6, @ANYBLOB], 0x3c}}, 0x0)

1.947090459s ago: executing program 3 (id=18045):
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r2, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r2], 0x28}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400210100000000000000000200"], 0x28}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="2000000015000100000000000000000002000000", @ANYRES32=r5, @ANYBLOB="467f711d46839fdbd1c8fc8a0667b7fddfb7dc209e8747f6350cb1c2dd04ae927f633b0db89e1d36bbb7fbabb36619b81e89db5b5b53c996738b5483c74a464830dd83af7eefa464ac01b95664b79fa802185be23a7b52eb0e3f3cc7bd6f2a6e52b3c277f831bf4cb9f873477b66cfad1cc60b25e98f3494113e6533bbde3f89e44063cfd61b5d4abf5d252a38eb7ce9e4ff55346e"], 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x0)

1.819467718s ago: executing program 3 (id=18046):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
socketpair(0x2b, 0x1, 0x0, &(0x7f0000000340))
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000f, 0x40a2012, r1, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(r1, 0x8004500b, &(0x7f0000000080))
r2 = io_uring_setup(0x4d63, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x20)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000000300)=""/131, &(0x7f0000000100)=0x83)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fc00100}, {0x100, 0x3, 0xe, 0xfffffeff}, {0x5, 0x5, 0x9, 0xffff}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000500)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000180)={r6})

1.284599871s ago: executing program 2 (id=18047):
syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff) (async, rerun: 32)
userfaultfd(0x1) (rerun: 32)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)) (async)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc020aa00, 0x0) (async, rerun: 32)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) (async, rerun: 32)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) (async)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid() (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000500)='tlb_flush\x00', r2}, 0x10) (async)
syz_usb_ep_read(0xffffffffffffffff, 0x91, 0x97, &(0x7f00000007c0)=""/151) (async)
process_vm_readv(r1, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000000540)=""/152, 0x98}, {&(0x7f0000000440)=""/54, 0x36}], 0x3, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x8, &(0x7f0000000280)=ANY=[@ANYRESOCT=r1, @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000640)='GPL\x00', 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x6, &(0x7f0000000380)) (async, rerun: 32)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)=<r3=>0x0) (rerun: 32)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00') (async, rerun: 32)
timer_settime(r3, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) (rerun: 32)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x11) (async)
syz_open_dev$hidraw(&(0x7f0000000140), 0x0, 0x0) (async)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5) (async)
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000000)='proc\x00', 0x80842b, 0x0) (async)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, 0xffffffffffffffff) (async)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r8, 0x4004662b, &(0x7f0000000180)={@id={0x2, 0x0, @auto="ffee8e7268b4fecd2fce2d54fbd909e4"}})

1.129342934s ago: executing program 2 (id=18048):
ioperm(0x0, 0xc4e, 0x44e9ae5c)
timer_create(0x3, 0x0, &(0x7f0000000000))
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
setxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@random={'os2.', '/proc/capi/capi20\x00'}, &(0x7f0000000180)='-\x00', 0x2, 0x1)
symlinkat(&(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000200)='./file0\x00')
connect$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e)

1.128942204s ago: executing program 2 (id=18049):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x0, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xa, 0x9}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000010c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {}, {0xffff}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_MASK={0x8}]}}]}, 0x38}}, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, 0x0, 0x0, 0x4)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x0, &(0x7f0000000180)={{}, {0x0, 0x989680}}, &(0x7f00000001c0))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed500041000e1"], 0x11)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r4)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x401, 0x30315559, 0x0, [], [], [0x0, 0x0, 0x8000, 0x8]})
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r5, 0x129, 0x0, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000001080))
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x24, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7}]}, 0x24}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.017421463s ago: executing program 2 (id=18050):
syz_open_dev$video4linux(&(0x7f0000000000), 0x8ef, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/stat\x00', 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000880}, 0x40000)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @dev}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x30)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
waitid(0x1, r2, &(0x7f0000000180), 0x8, &(0x7f0000000200))
r4 = socket$kcm(0x10, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000c40)="5c00000016006bab9a3fe3d86e17aa0a046b876c060048007ea60864160af36504811a0038001d001931a0e69ee517d34460be06000000a705251e6182949a9a7b9bcb84c9f4d4938037e70e4509c5bb4de385aa2adb88", 0x57}, {&(0x7f0000000940)="a91e020086", 0x5}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x20001400)
recvmsg$kcm(r4, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$kcm(0x10, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

836.946373ms ago: executing program 0 (id=18051):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(0xffffffffffffffff)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f080fae04a200400f01c426660f3a15e6160fc76bdbf08666350f2170260fed9c000066b9230b00000f32", 0x2b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

617.512405ms ago: executing program 0 (id=18052):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x20)
socketpair(0x2b, 0x1, 0x0, &(0x7f0000000340))
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000f, 0x40a2012, r1, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(r1, 0x8004500b, &(0x7f0000000080))
r2 = io_uring_setup(0x4d63, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x20)
getsockopt$IP_VS_SO_GET_SERVICES(r4, 0x0, 0x482, &(0x7f0000000300)=""/131, &(0x7f0000000100)=0x83)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000500)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000180)={r6})

338.389562ms ago: executing program 3 (id=18053):
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000080))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x2000026a, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/cpuinfo\x00', 0x0, 0x0)
rseq(&(0x7f0000000480)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
acct(0x0)

0s ago: executing program 1 (id=18054):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x84)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
ioctl$EXT4_IOC_MIGRATE(r2, 0xff08)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00'}, 0x90)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, r5}, 0x40)
syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}}, 0x0)
sendmsg$inet(r0, &(0x7f0000000a00)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

)
[ 2966.671556][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff88803d783400: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250)
[ 2967.060724][T32582] IPVS: length: 131 != 8
[ 2967.557738][T32594] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17433'.
[ 2968.703807][T32625] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17441'.
[ 2968.868080][T32637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17443'.
[ 2968.937078][ T5754] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[ 2969.131377][ T5754] usb 5-1: Using ep0 maxpacket: 32
[ 2969.143517][ T5754] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[ 2969.146764][ T5754] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 2969.150354][ T5754] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 2969.161682][ T5754] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2969.165958][ T5754] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 2969.170525][ T5754] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 2969.175027][ T5754] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 2969.178673][ T5754] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2969.187023][ T5754] usb 5-1: config 0 descriptor??
[ 2969.417148][ T5754] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 48 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 2969.428533][ T5754] usb 5-1: USB disconnect, device number 48
[ 2969.437246][ T5754] usblp0: removed
[ 2970.062907][ T5754] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[ 2970.271011][ T5754] usb 5-1: Using ep0 maxpacket: 32
[ 2970.276535][ T5754] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[ 2970.276559][ T5754] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 2970.276578][ T5754] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 2970.276632][ T5754] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2970.276652][ T5754] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 2970.276679][ T5754] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 2970.276717][ T5754] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 2970.276738][ T5754] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2970.283024][ T5754] usb 5-1: config 0 descriptor??
[ 2970.515857][ T5754] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 49 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 2970.537567][ T5754] usb 5-1: USB disconnect, device number 49
[ 2970.542058][ T5754] usblp0: removed
[ 2970.578922][T32670] IPVS: length: 131 != 8
[ 2971.145719][ T5754] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 2971.340907][ T5754] usb 5-1: Using ep0 maxpacket: 32
[ 2971.344474][ T5754] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[ 2971.348259][ T5754] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 2971.348279][ T5754] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 2971.348319][ T5754] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2971.348340][ T5754] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 2971.348360][ T5754] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 2971.348396][ T5754] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 2971.348416][ T5754] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2971.353203][ T5754] usb 5-1: config 0 descriptor??
[ 2971.934029][T32694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2971.941026][T32694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2972.139354][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 2973.295906][ T5754] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 50 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 2973.311567][ T5754] usb 5-1: USB disconnect, device number 50
[ 2973.323329][ T5754] usblp0: removed
[ 2973.753677][T32716] IPVS: length: 131 != 8
[ 2974.292410][T18464] Bluetooth: hci8: unexpected event 0x09 length: 50 > 3
[ 2974.514572][ T5472] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 2974.709036][ T5472] usb 7-1: Using ep0 maxpacket: 8
[ 2974.714695][ T5472] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2974.717766][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2974.722409][ T5472] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2974.727116][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2974.732996][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2974.740287][ T5472] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2974.743665][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2974.748851][ T5472] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2974.753790][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2974.758510][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2974.766928][ T5472] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2974.770228][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2974.779439][ T5472] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2974.784036][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2974.788876][ T5472] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2974.797999][ T5472] usb 7-1: string descriptor 0 read error: -22
[ 2974.800897][ T5472] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2974.804917][ T5472] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2974.815371][ T5472] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 2974.950496][T32758] IPVS: length: 104 != 12312
[ 2975.042140][T29747] usb 7-1: USB disconnect, device number 11
[ 2975.149600][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 2975.217721][ T1379] ieee802154 phy0 wpan0: encryption failed: -22
[ 2976.867253][  T332] cdrom: dropping to single frame dma
[ 2977.313096][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 2977.460765][ T5480] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 2977.655340][ T5480] usb 7-1: Using ep0 maxpacket: 8
[ 2977.659181][ T5480] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2977.659211][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2977.659226][ T5480] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2977.659238][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2977.659251][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2977.660494][ T5480] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2977.660519][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2977.660532][ T5480] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2977.660545][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2977.660558][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2977.661350][ T5480] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2977.661373][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2977.661387][ T5480] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2977.661399][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2977.661412][ T5480] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2977.664887][ T5480] usb 7-1: string descriptor 0 read error: -22
[ 2977.664998][ T5480] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2977.665019][ T5480] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2977.680312][ T5480] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 2977.913295][ T5480] usb 7-1: USB disconnect, device number 12
[ 2978.720898][  T385] FAULT_INJECTION: forcing a failure.
[ 2978.720898][  T385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2978.728797][  T385] CPU: 2 UID: 0 PID: 385 Comm: syz.2.17479 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 2978.733275][  T385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2978.737931][  T385] Call Trace:
[ 2978.739419][  T385]  <TASK>
[ 2978.740724][  T385]  dump_stack_lvl+0x16c/0x1f0
[ 2978.742792][  T385]  should_fail_ex+0x497/0x5b0
[ 2978.744884][  T385]  _copy_to_user+0x30/0xc0
[ 2978.746869][  T385]  simple_read_from_buffer+0xd0/0x160
[ 2978.749228][  T385]  proc_fail_nth_read+0x1b0/0x290
[ 2978.751459][  T385]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2978.753890][  T385]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2978.756310][  T385]  vfs_read+0x1d4/0xbd0
[ 2978.758154][  T385]  ? __fdget_pos+0xeb/0x180
[ 2978.760159][  T385]  ? __pfx_vfs_read+0x10/0x10
[ 2978.762230][  T385]  ? __pfx___mutex_lock+0x10/0x10
[ 2978.764470][  T385]  ? __fget_files+0x256/0x400
[ 2978.766574][  T385]  ksys_read+0x12f/0x260
[ 2978.768470][  T385]  ? __pfx_ksys_read+0x10/0x10
[ 2978.770595][  T385]  do_syscall_64+0xcd/0x250
[ 2978.772614][  T385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2978.775292][  T385] RIP: 0033:0x7fc667f75d7c
[ 2978.777277][  T385] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 2978.785611][  T385] RSP: 002b:00007fc668d1d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2978.789265][  T385] RAX: ffffffffffffffda RBX: 00007fc668105f80 RCX: 00007fc667f75d7c
[ 2978.792734][  T385] RDX: 000000000000000f RSI: 00007fc668d1d0b0 RDI: 0000000000000005
[ 2978.796334][  T385] RBP: 00007fc668d1d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2978.799777][  T385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2978.803262][  T385] R13: 000000000000000b R14: 00007fc668105f80 R15: 00007ffc6b721c78
[ 2978.806734][  T385]  </TASK>
[ 2979.327531][T18464] Bluetooth: hci8: link tx timeout
[ 2979.331269][T18464] Bluetooth: hci8: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2981.522638][T17882] Bluetooth: hci8: command 0x0405 tx timeout
[ 2982.275584][  T435] syzkaller1: entered promiscuous mode
[ 2982.297057][  T435] netlink: 'syz.0.17492': attribute type 12 has an invalid length.
[ 2984.399038][  T470] fuse: Unknown parameter 'fÖ�l‘0x00000000000000040x000000000000000400000000000000000000'
[ 2984.678994][  T474] syzkaller1: entered promiscuous mode
[ 2984.710012][  T474] netlink: 'syz.2.17501': attribute type 12 has an invalid length.
[ 2985.137305][T18464] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 2986.678696][  T521] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17513'.
[ 2987.093084][  T531] syzkaller1: entered promiscuous mode
[ 2987.143010][  T531] netlink: 'syz.1.17516': attribute type 12 has an invalid length.
[ 2987.306366][   T35] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 2987.500873][   T35] usb 5-1: Using ep0 maxpacket: 8
[ 2987.505690][   T35] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 2987.508805][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2987.516726][   T35] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2987.522019][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2987.527232][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2987.533145][   T35] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 2987.536453][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2987.541253][   T35] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2987.547492][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2987.552262][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2987.558167][   T35] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 2987.561019][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2987.566085][   T35] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2987.571046][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2987.575791][   T35] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2987.583500][   T35] usb 5-1: string descriptor 0 read error: -22
[ 2987.586092][   T35] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2987.597600][   T35] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2987.613491][   T35] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 2987.789775][  T552] atomic_op ffff888037661198 conn xmit_atomic 0000000000000000
[ 2987.802518][  T552] netlink: 44 bytes leftover after parsing attributes in process `syz.1.17520'.
[ 2987.834765][   T35] usb 5-1: USB disconnect, device number 51
[ 2988.246100][T18464] Bluetooth: hci8: unexpected event 0x09 length: 50 > 3
[ 2988.959376][  T586] syzkaller1: entered promiscuous mode
[ 2988.993912][  T586] netlink: 'syz.1.17527': attribute type 12 has an invalid length.
[ 2989.304293][  T595] x_tables: ip_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT/POSTROUTING
[ 2989.425922][  T600] netlink: 24 bytes leftover after parsing attributes in process `syz.3.17531'.
[ 2989.487650][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 2989.861330][ T5754] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 2990.067090][ T5754] usb 7-1: Using ep0 maxpacket: 8
[ 2990.076012][T18464] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 2990.078336][ T5754] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2990.088853][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2990.096477][ T5754] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2990.107942][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2990.121360][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2990.133159][ T5754] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2990.136299][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2990.140906][ T5754] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2990.153620][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2990.167646][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2990.173191][ T5754] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 2990.176407][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 2990.180780][ T5754] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2990.186141][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 173, changing to 11
[ 2990.191068][ T5754] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2990.200050][ T5754] usb 7-1: string descriptor 0 read error: -22
[ 2990.202791][ T5754] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2990.206036][ T5754] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2990.215274][ T5754] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 2990.435854][ T5472] usb 7-1: USB disconnect, device number 13
[ 2991.297652][   T39] audit: type=1400 audit(1722214966.588:20538): avc:  denied  { unlink } for  pid=1650 comm="syz-executor" name="file0" dev="tmpfs" ino=6020 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:printer_device_t:s0"
[ 2991.966509][  T667] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=667 comm=syz.0.17542
[ 2992.050769][  T672] FAULT_INJECTION: forcing a failure.
[ 2992.050769][  T672] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2992.056611][  T672] CPU: 1 UID: 0 PID: 672 Comm: syz.3.17546 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 2992.061163][  T672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2992.065902][  T672] Call Trace:
[ 2992.067420][  T672]  <TASK>
[ 2992.068748][  T672]  dump_stack_lvl+0x16c/0x1f0
[ 2992.070873][  T672]  should_fail_ex+0x497/0x5b0
[ 2992.072989][  T672]  ? fs_reclaim_acquire+0xae/0x160
[ 2992.076037][  T672]  should_fail_alloc_page+0xe7/0x130
[ 2992.077955][  T672]  prepare_alloc_pages.constprop.0+0x16f/0x560
[ 2992.080700][  T672]  ? unwind_get_return_address+0x45/0xe0
[ 2992.083199][  T672]  __alloc_pages_noprof+0x194/0x2460
[ 2992.085562][  T672]  ? hlock_class+0x4e/0x130
[ 2992.087612][  T672]  ? mark_lock+0xb5/0xc60
[ 2992.089540][  T672]  ? stack_trace_save+0x95/0xd0
[ 2992.091542][  T672]  ? __pfx_stack_trace_save+0x10/0x10
[ 2992.093369][  T672]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 2992.095337][  T672]  ? __pfx_mark_lock+0x10/0x10
[ 2992.097190][  T672]  ? hlock_class+0x4e/0x130
[ 2992.099241][  T672]  ? __lock_acquire+0x1620/0x3cb0
[ 2992.101503][  T672]  ? hlock_class+0x4e/0x130
[ 2992.103563][  T672]  ? hlock_class+0x4e/0x130
[ 2992.105608][  T672]  ? __lock_acquire+0x1620/0x3cb0
[ 2992.107898][  T672]  ___kmalloc_large_node+0x7f/0x1a0
[ 2992.110333][  T672]  __kmalloc_large_node_noprof+0x1c/0x70
[ 2992.112864][  T672]  __kmalloc_node_track_caller_noprof.cold+0x5/0x5f
[ 2992.115800][  T672]  ? __pfx_lock_release+0x10/0x10
[ 2992.118053][  T672]  ? security_context_to_sid_core+0xc3/0x870
[ 2992.120731][  T672]  kmemdup_nul+0x49/0xf0
[ 2992.122656][  T672]  security_context_to_sid_core+0xc3/0x870
[ 2992.125230][  T672]  ? __pfx_security_context_to_sid_core+0x10/0x10
[ 2992.128086][  T672]  ? __pfx_lock_release+0x10/0x10
[ 2992.130372][  T672]  ? do_raw_spin_unlock+0x172/0x230
[ 2992.132705][  T672]  selinux_inode_post_setxattr+0x125/0x380
[ 2992.135319][  T672]  ? __pfx_selinux_inode_post_setxattr+0x10/0x10
[ 2992.138156][  T672]  ? __vfs_setxattr+0x17f/0x1e0
[ 2992.140430][  T672]  ? __pfx___vfs_setxattr+0x10/0x10
[ 2992.142743][  T672]  ? __pfx_make_vfsgid+0x10/0x10
[ 2992.144930][  T672]  security_inode_post_setxattr+0xd8/0x130
[ 2992.147532][  T672]  __vfs_setxattr_noperm+0x352/0x660
[ 2992.149879][  T672]  __vfs_setxattr_locked+0x182/0x260
[ 2992.152215][  T672]  vfs_setxattr+0x146/0x350
[ 2992.154250][  T672]  ? __pfx_lock_release+0x10/0x10
[ 2992.156482][  T672]  ? __pfx_vfs_setxattr+0x10/0x10
[ 2992.158710][  T672]  ? kmem_cache_free+0x12f/0x3a0
[ 2992.160893][  T672]  ? mnt_get_write_access+0x6a/0x300
[ 2992.163238][  T672]  do_setxattr+0x146/0x170
[ 2992.165215][  T672]  path_setxattr+0x221/0x280
[ 2992.167277][  T672]  ? __pfx_path_setxattr+0x10/0x10
[ 2992.169526][  T672]  ? __pfx_lock_release+0x10/0x10
[ 2992.171759][  T672]  ? fput+0x32/0x390
[ 2992.173505][  T672]  ? ksys_write+0x1ab/0x260
[ 2992.175367][  T672]  ? __pfx_ksys_write+0x10/0x10
[ 2992.177391][  T672]  __x64_sys_lsetxattr+0xc1/0x160
[ 2992.179613][  T672]  ? do_syscall_64+0x91/0x250
[ 2992.181692][  T672]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2992.183973][  T672]  do_syscall_64+0xcd/0x250
[ 2992.185989][  T672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2992.188596][  T672] RIP: 0033:0x7f5904d77299
[ 2992.190568][  T672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2992.199027][  T672] RSP: 002b:00007f5905a74048 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[ 2992.202666][  T672] RAX: ffffffffffffffda RBX: 00007f5904f05f80 RCX: 00007f5904d77299
[ 2992.206109][  T672] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000020000040
[ 2992.209560][  T672] RBP: 00007f5905a740a0 R08: 0000000000000000 R09: 0000000000000000
[ 2992.212987][  T672] R10: 000000000000ffd7 R11: 0000000000000246 R12: 0000000000000002
[ 2992.216430][  T672] R13: 000000000000000b R14: 00007f5904f05f80 R15: 00007ffea42401e8
[ 2992.219871][  T672]  </TASK>
[ 2992.222072][   T39] audit: type=1400 audit(1722214967.299:20539): avc:  denied  { map } for  pid=673 comm="syz.0.17545" path="/dev/hpet" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 2992.249065][  T672] SELinux:  unable to map context to SIDfor (tmpfs, 573), rc=12
[ 2992.445479][T18464] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 2994.327879][  T726] netlink: 40 bytes leftover after parsing attributes in process `syz.3.17555'.
[ 2994.337987][  T726] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17555'.
[ 2996.365345][T18464] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 2996.891381][  T766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17565'.
[ 2997.261853][  T775] program syz.0.17568 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2997.320575][  T777] sp0: Synchronizing with TNC
[ 2997.537408][   T39] audit: type=1400 audit(1722214972.350:20540): avc:  denied  { ioctl } for  pid=776 comm="syz.0.17569" path="/dev/sg0" dev="devtmpfs" ino=707 ioctlcmd=0x2284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 2997.628556][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 2998.225100][  T776] block nbd0: shutting down sockets
[ 2998.299736][  T794] input: syz0 as /devices/virtual/input/input152
[ 2998.679316][T18464] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 2999.160466][  T812] program syz.3.17577 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 3000.061243][  T838] sp0: Synchronizing with TNC
[ 3000.346866][  T847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17586'.
[ 3000.833314][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3000.872451][  T854] program syz.1.17589 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 3000.954909][  T837] block nbd0: shutting down sockets
[ 3001.336553][T18464] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 3002.128384][  T877] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17595'.
[ 3002.139308][  T877] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17595'.
[ 3002.642678][  T893] sp0: Synchronizing with TNC
[ 3002.745311][  T899] program syz.0.17600 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 3003.537172][  T892] block nbd2: shutting down sockets
[ 3003.732446][  T912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17603'.
[ 3003.900363][  T922] netlink: 24 bytes leftover after parsing attributes in process `syz.1.17604'.
[ 3003.914250][  T922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17604'.
[ 3004.029391][T18464] Bluetooth: hci7: ACL packet for unknown connection handle 200
[ 3004.101395][T18464] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 3005.066475][  T961] 9pnet_fd: Insufficient options for proto=fd
[ 3005.107090][  T961] 9pnet_fd: Insufficient options for proto=fd
[ 3005.260255][  T963] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17614'.
[ 3005.271935][  T963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17614'.
[ 3005.406591][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3005.632962][T18464] Bluetooth: hci8: unexpected event 0x09 length: 50 > 3
[ 3006.593923][  T992] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17624'.
[ 3006.618098][  T992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17624'.
[ 3006.855085][  T996] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17625'.
[ 3006.865833][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3006.902168][T18464] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3007.183510][ T1019] netlink: 24 bytes leftover after parsing attributes in process `syz.3.17633'.
[ 3007.219974][ T1019] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17633'.
[ 3008.038596][ T1042] xt_TCPMSS: Only works on TCP SYN packets
[ 3008.143949][ T1051] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17642'.
[ 3008.181387][ T1051] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17642'.
[ 3008.400636][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3008.620538][ T1090] FAULT_INJECTION: forcing a failure.
[ 3008.620538][ T1090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3008.624928][ T1090] CPU: 1 UID: 0 PID: 1090 Comm: syz.3.17652 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3008.628998][ T1090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3008.633173][ T1090] Call Trace:
[ 3008.634624][ T1090]  <TASK>
[ 3008.635802][ T1090]  dump_stack_lvl+0x16c/0x1f0
[ 3008.637906][ T1090]  should_fail_ex+0x497/0x5b0
[ 3008.640036][ T1090]  _copy_to_user+0x30/0xc0
[ 3008.641814][ T1090]  simple_read_from_buffer+0xd0/0x160
[ 3008.643911][ T1090]  proc_fail_nth_read+0x1b0/0x290
[ 3008.645593][ T1090]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3008.647258][ T1090]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3008.649238][ T1090]  vfs_read+0x1d4/0xbd0
[ 3008.650485][ T1090]  ? __fdget_pos+0xeb/0x180
[ 3008.651835][ T1090]  ? __pfx_vfs_read+0x10/0x10
[ 3008.653360][ T1090]  ? __pfx___mutex_lock+0x10/0x10
[ 3008.655240][ T1090]  ? __fget_files+0x256/0x400
[ 3008.657094][ T1090]  ksys_read+0x12f/0x260
[ 3008.658692][ T1090]  ? __pfx_ksys_read+0x10/0x10
[ 3008.660441][ T1090]  do_syscall_64+0xcd/0x250
[ 3008.662136][ T1090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3008.663899][ T1090] RIP: 0033:0x7f5904d75d7c
[ 3008.665589][ T1090] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 3008.672824][ T1090] RSP: 002b:00007f5905a74040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3008.676028][ T1090] RAX: ffffffffffffffda RBX: 00007f5904f05f80 RCX: 00007f5904d75d7c
[ 3008.678892][ T1090] RDX: 000000000000000f RSI: 00007f5905a740b0 RDI: 0000000000000003
[ 3008.681115][ T1090] RBP: 00007f5905a740a0 R08: 0000000000000000 R09: 0000000000000000
[ 3008.683543][ T1090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3008.686432][ T1090] R13: 000000000000000b R14: 00007f5904f05f80 R15: 00007ffea42401e8
[ 3008.688777][ T1090]  </TASK>
[ 3008.806949][ T1107] netlink: 24 bytes leftover after parsing attributes in process `syz.1.17653'.
[ 3008.840078][ T1107] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17653'.
[ 3009.147881][ T1127] FAULT_INJECTION: forcing a failure.
[ 3009.147881][ T1127] name failslab, interval 1, probability 0, space 0, times 0
[ 3009.154275][ T1127] CPU: 0 UID: 0 PID: 1127 Comm: syz.1.17659 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3009.158862][ T1127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3009.163553][ T1127] Call Trace:
[ 3009.164752][ T1127]  <TASK>
[ 3009.165747][ T1127]  dump_stack_lvl+0x16c/0x1f0
[ 3009.167458][ T1127]  should_fail_ex+0x497/0x5b0
[ 3009.169268][ T1127]  ? fs_reclaim_acquire+0xae/0x160
[ 3009.171422][ T1127]  should_failslab+0xc2/0x120
[ 3009.173491][ T1127]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 3009.175856][ T1127]  ? posix_lock_inode+0x1dc/0x2350
[ 3009.178097][ T1127]  posix_lock_inode+0x1dc/0x2350
[ 3009.180198][ T1127]  ? file_has_perm+0x286/0x360
[ 3009.181809][ T1127]  ? __pfx_file_has_perm+0x10/0x10
[ 3009.183583][ T1127]  ? __pfx_posix_lock_inode+0x10/0x10
[ 3009.185615][ T1127]  ? lockdep_init_map_type+0x16d/0x7d0
[ 3009.187711][ T1127]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 3009.189937][ T1127]  vfs_lock_file+0x107/0x150
[ 3009.191614][ T1127]  fcntl_setlk+0x420/0xe20
[ 3009.193133][ T1127]  ? __pfx_fcntl_setlk+0x10/0x10
[ 3009.195003][ T1127]  ? __pfx_lock_release+0x10/0x10
[ 3009.197218][ T1127]  ? __pfx___might_resched+0x10/0x10
[ 3009.199515][ T1127]  ? __might_fault+0xe3/0x190
[ 3009.201600][ T1127]  do_fcntl+0x43b/0x1380
[ 3009.203433][ T1127]  ? __pfx_do_fcntl+0x10/0x10
[ 3009.205442][ T1127]  ? selinux_file_fcntl+0x97/0x180
[ 3009.207666][ T1127]  __x64_sys_fcntl+0x174/0x200
[ 3009.209739][ T1127]  do_syscall_64+0xcd/0x250
[ 3009.211698][ T1127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3009.214023][ T1127] RIP: 0033:0x7feefcf77299
[ 3009.215927][ T1127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3009.224440][ T1127] RSP: 002b:00007feefdc88048 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[ 3009.227940][ T1127] RAX: ffffffffffffffda RBX: 00007feefd105f80 RCX: 00007feefcf77299
[ 3009.231394][ T1127] RDX: 0000000020002000 RSI: 0000000000000006 RDI: 0000000000000004
[ 3009.234792][ T1127] RBP: 00007feefdc880a0 R08: 0000000000000000 R09: 0000000000000000
[ 3009.238210][ T1127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3009.241564][ T1127] R13: 000000000000000b R14: 00007feefd105f80 R15: 00007fffb92f8708
[ 3009.244931][ T1127]  </TASK>
[ 3009.506788][ T1141] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17663'.
[ 3009.597135][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3009.686094][ T1148] FAULT_INJECTION: forcing a failure.
[ 3009.686094][ T1148] name failslab, interval 1, probability 0, space 0, times 0
[ 3009.691740][ T1148] CPU: 3 UID: 0 PID: 1148 Comm: syz.0.17664 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3009.696283][ T1148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3009.700980][ T1148] Call Trace:
[ 3009.702489][ T1148]  <TASK>
[ 3009.703813][ T1148]  dump_stack_lvl+0x16c/0x1f0
[ 3009.705929][ T1148]  should_fail_ex+0x497/0x5b0
[ 3009.708023][ T1148]  should_failslab+0xc2/0x120
[ 3009.710102][ T1148]  kmem_cache_alloc_node_noprof+0x71/0x310
[ 3009.712686][ T1148]  ? __alloc_skb+0x2b1/0x380
[ 3009.714795][ T1148]  __alloc_skb+0x2b1/0x380
[ 3009.716810][ T1148]  ? __pfx___alloc_skb+0x10/0x10
[ 3009.719048][ T1148]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 3009.721705][ T1148]  ? pfkey_xfrm_policy2msg_size+0x20c/0x260
[ 3009.724334][ T1148]  pfkey_send_policy_notify+0x444/0x930
[ 3009.726786][ T1148]  ? __pfx_pfkey_send_policy_notify+0x10/0x10
[ 3009.729482][ T1148]  km_policy_notify+0xb0/0x240
[ 3009.731636][ T1148]  pfkey_spdadd+0x1133/0x1500
[ 3009.733760][ T1148]  ? __pfx_pfkey_spdadd+0x10/0x10
[ 3009.736009][ T1148]  ? kfree_skbmem+0x10e/0x200
[ 3009.738187][ T1148]  ? sk_skb_reason_drop+0x140/0x210
[ 3009.740511][ T1148]  ? pfkey_broadcast+0x2ab/0x460
[ 3009.742720][ T1148]  ? __pfx_pfkey_spdadd+0x10/0x10
[ 3009.744952][ T1148]  pfkey_process+0x6db/0x840
[ 3009.747066][ T1148]  ? __pfx_pfkey_process+0x10/0x10
[ 3009.749537][ T1148]  ? trace_contention_end+0xea/0x140
[ 3009.751920][ T1148]  ? __virt_addr_valid+0x5e/0x590
[ 3009.754169][ T1148]  ? __phys_addr_symbol+0x30/0x80
[ 3009.756420][ T1148]  pfkey_sendmsg+0x43b/0x840
[ 3009.758498][ T1148]  ____sys_sendmsg+0xab5/0xc90
[ 3009.760634][ T1148]  ? copy_msghdr_from_user+0x10b/0x160
[ 3009.763050][ T1148]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3009.765141][ T1148]  ? find_held_lock+0x2d/0x110
[ 3009.767308][ T1148]  ? __pfx___lock_acquire+0x10/0x10
[ 3009.769641][ T1148]  ___sys_sendmsg+0x135/0x1e0
[ 3009.771792][ T1148]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3009.774129][ T1148]  ? ksys_write+0x21c/0x260
[ 3009.776167][ T1148]  ? __fget_light+0x173/0x210
[ 3009.778299][ T1148]  __sys_sendmsg+0x117/0x1f0
[ 3009.780374][ T1148]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3009.782667][ T1148]  do_syscall_64+0xcd/0x250
[ 3009.784693][ T1148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3009.787349][ T1148] RIP: 0033:0x7fa24c977299
[ 3009.789331][ T1148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3009.797796][ T1148] RSP: 002b:00007fa24d6a4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3009.801461][ T1148] RAX: ffffffffffffffda RBX: 00007fa24cb05f80 RCX: 00007fa24c977299
[ 3009.804839][ T1148] RDX: 0000000000000000 RSI: 00000000200014c0 RDI: 0000000000000003
[ 3009.807976][ T1148] RBP: 00007fa24d6a40a0 R08: 0000000000000000 R09: 0000000000000000
[ 3009.810907][ T1148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3009.813566][ T1148] R13: 000000000000000b R14: 00007fa24cb05f80 R15: 00007ffe82f62aa8
[ 3009.816931][ T1148]  </TASK>
[ 3011.663084][ T1196] bridge0: port 3(gretap0) entered disabled state
[ 3011.666138][ T1196] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3011.669673][ T1196] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3011.741086][ T1196] bridge0: entered allmulticast mode
[ 3011.920028][ T1201] dlm: non-version read from control device 4
[ 3011.951922][ T1201] overlayfs: failed to get index nlink (file1/bus, err=-61)
[ 3012.090926][ T1206] __nla_validate_parse: 3 callbacks suppressed
[ 3012.090994][ T1206] netlink: 28 bytes leftover after parsing attributes in process `syz.1.17681'.
[ 3012.100675][ T1206] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17681'.
[ 3013.813285][ T1240] overlayfs: failed to resolve './bus': -2
[ 3013.831818][ T1240] Cannot find set identified by id 0 to match
[ 3013.891822][   T39] audit: type=1326 audit(1722214987.455:20541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1243 comm="syz.3.17690" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5904d77299 code=0x0
[ 3013.988011][ T1254] netlink: 28 bytes leftover after parsing attributes in process `syz.3.17692'.
[ 3014.004511][ T1254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17692'.
[ 3014.080686][T18464] Bluetooth: hci8: unexpected event 0x09 length: 50 > 3
[ 3014.365372][ T1271] FAULT_INJECTION: forcing a failure.
[ 3014.365372][ T1271] name failslab, interval 1, probability 0, space 0, times 0
[ 3014.373547][ T1271] CPU: 0 UID: 0 PID: 1271 Comm: syz.0.17696 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3014.377815][ T1271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3014.382029][ T1271] Call Trace:
[ 3014.383420][ T1271]  <TASK>
[ 3014.384475][ T1271]  dump_stack_lvl+0x16c/0x1f0
[ 3014.386488][ T1271]  should_fail_ex+0x497/0x5b0
[ 3014.388501][ T1271]  ? fs_reclaim_acquire+0xae/0x160
[ 3014.390680][ T1271]  should_failslab+0xc2/0x120
[ 3014.392646][ T1271]  __kmalloc_node_track_caller_noprof+0xcf/0x430
[ 3014.395027][ T1271]  ? kasprintf+0xc8/0x100
[ 3014.396613][ T1271]  kvasprintf+0xbd/0x160
[ 3014.398402][ T1271]  ? __pfx_kvasprintf+0x10/0x10
[ 3014.400440][ T1271]  ? kasan_save_stack+0x42/0x60
[ 3014.402401][ T1271]  ? in6_pton+0x241/0x950
[ 3014.404092][ T1271]  kasprintf+0xc8/0x100
[ 3014.405696][ T1271]  ? __pfx_kasprintf+0x10/0x10
[ 3014.407313][ T1271]  logfc+0x115/0x650
[ 3014.408626][ T1271]  ? ceph_parse_ips+0x6b5/0xa10
[ 3014.410387][ T1271]  ? __pfx_logfc+0x10/0x10
[ 3014.412281][ T1271]  ? __pfx_ceph_parse_ips+0x10/0x10
[ 3014.414457][ T1271]  ? trace_kmalloc+0x2d/0xe0
[ 3014.416293][ T1271]  ceph_parse_mon_ips+0xaf/0xd0
[ 3014.417942][ T1271]  ceph_parse_mount_param+0x1d49/0x2620
[ 3014.419825][ T1271]  ? __pfx_ceph_parse_mount_param+0x10/0x10
[ 3014.422065][ T1271]  ? __pfx_ceph_parse_mount_param+0x10/0x10
[ 3014.424482][ T1271]  vfs_parse_fs_param+0x208/0x3c0
[ 3014.426603][ T1271]  __do_sys_fsconfig+0xac7/0xbe0
[ 3014.428680][ T1271]  ? __pfx___do_sys_fsconfig+0x10/0x10
[ 3014.430518][ T1271]  do_syscall_64+0xcd/0x250
[ 3014.432092][ T1271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3014.434326][ T1271] RIP: 0033:0x7fa24c977299
[ 3014.436124][ T1271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3014.443416][ T1271] RSP: 002b:00007fa24d6a4048 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 3014.446870][ T1271] RAX: ffffffffffffffda RBX: 00007fa24cb05f80 RCX: 00007fa24c977299
[ 3014.450087][ T1271] RDX: 0000000020000000 RSI: 0000000000000001 RDI: 0000000000000003
[ 3014.452691][ T1271] RBP: 00007fa24d6a40a0 R08: 0000000000000000 R09: 0000000000000000
[ 3014.456108][ T1271] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[ 3014.459431][ T1271] R13: 000000000000000b R14: 00007fa24cb05f80 R15: 00007ffe82f62aa8
[ 3014.462679][ T1271]  </TASK>
[ 3015.219759][ T1281] FAULT_INJECTION: forcing a failure.
[ 3015.219759][ T1281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3015.226125][ T1281] CPU: 0 UID: 0 PID: 1281 Comm: syz.2.17699 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3015.230948][ T1281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3015.236011][ T1281] Call Trace:
[ 3015.237565][ T1281]  <TASK>
[ 3015.238993][ T1281]  dump_stack_lvl+0x16c/0x1f0
[ 3015.241420][ T1281]  should_fail_ex+0x497/0x5b0
[ 3015.243283][ T1281]  strncpy_from_user+0x38/0x320
[ 3015.245189][ T1281]  getname_flags.part.0+0x8f/0x550
[ 3015.247304][ T1281]  getname_flags+0x93/0xf0
[ 3015.248875][ T1281]  user_path_at+0x24/0x60
[ 3015.250740][ T1281]  __x64_sys_mount+0x1fc/0x320
[ 3015.252940][ T1281]  ? __pfx___x64_sys_mount+0x10/0x10
[ 3015.254947][ T1281]  do_syscall_64+0xcd/0x250
[ 3015.257096][ T1281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3015.259594][ T1281] RIP: 0033:0x7fc667f77299
[ 3015.261241][ T1281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3015.269354][ T1281] RSP: 002b:00007fc668d1d048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3015.272817][ T1281] RAX: ffffffffffffffda RBX: 00007fc668105f80 RCX: 00007fc667f77299
[ 3015.275825][ T1281] RDX: 0000000020000180 RSI: 0000000020000140 RDI: 0000000000000000
[ 3015.279407][ T1281] RBP: 00007fc668d1d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 3015.282632][ T1281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3015.286221][ T1281] R13: 000000000000000b R14: 00007fc668105f80 R15: 00007ffc6b721c78
[ 3015.289320][ T1281]  </TASK>
[ 3015.426742][ T1294] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3015.431557][ T1294] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3015.441729][ T1294] bridge0: entered allmulticast mode
[ 3015.460650][ T1295] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17702'.
[ 3015.490246][ T1295] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17702'.
[ 3017.042501][T18464] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 3017.292699][ T1337] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17711'.
[ 3018.097075][ T1354] bridge0: port 4(team0) entered disabled state
[ 3018.100023][ T1354] bridge0: port 3(gretap0) entered disabled state
[ 3018.102817][ T1354] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3018.105840][ T1354] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3018.174851][ T1354] bridge0: entered allmulticast mode
[ 3018.800968][    T9] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 3019.006621][    T9] usb 7-1: Using ep0 maxpacket: 8
[ 3019.010957][    T9] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 3019.013805][    T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 3019.018788][    T9] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x4B, changing to 0xB
[ 3019.023917][    T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 28823, setting to 1024
[ 3019.028981][    T9] usb 7-1: config 168 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[ 3019.034631][    T9] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 3019.037717][    T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 3019.042559][    T9] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x4B, changing to 0xB
[ 3019.047238][    T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 28823, setting to 1024
[ 3019.051691][    T9] usb 7-1: config 168 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[ 3019.058972][    T9] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 3019.062400][    T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 3019.067354][    T9] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x4B, changing to 0xB
[ 3019.072074][    T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 28823, setting to 1024
[ 3019.076707][    T9] usb 7-1: config 168 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[ 3019.088623][    T9] usb 7-1: string descriptor 0 read error: -22
[ 3019.091947][    T9] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 3019.095677][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3019.102551][    T9] adutux 7-1:168.0: interrupt endpoints not found
[ 3019.322336][    T9] usb 7-1: USB disconnect, device number 14
[ 3020.176136][ T1393] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17721'.
[ 3020.393886][T18464] Bluetooth: hci8: unexpected event 0x09 length: 50 > 3
[ 3021.173149][ T1431] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17730'.
[ 3021.202637][ T4891] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 3021.220364][T18464] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3021.300762][ T1435] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 3021.367739][ T4891] usb 5-1: device descriptor read/64, error -71
[ 3021.681884][ T4891] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 3021.812366][T18464] Bluetooth: hci8: command 0x0405 tx timeout
[ 3021.855171][ T4891] usb 5-1: device descriptor read/64, error -71
[ 3021.985632][ T4891] usb usb5-port1: attempt power cycle
[ 3022.040816][ T1462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17739'.
[ 3022.100255][T17882] Bluetooth: hci8: ACL packet for unknown connection handle 200
[ 3022.483481][ T4891] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 3022.518013][ T4891] usb 5-1: device descriptor read/8, error -71
[ 3022.765751][T17882] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3022.819209][ T4891] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 3022.871358][ T4891] usb 5-1: device descriptor read/8, error -71
[ 3023.017170][ T4891] usb usb5-port1: unable to enumerate USB device
[ 3023.023271][ T1484] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17746'.
[ 3023.033730][ T1484] netlink: 'syz.3.17746': attribute type 1 has an invalid length.
[ 3023.037503][ T1484] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.17746'.
[ 3023.045698][ T1484] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17746'.
[ 3023.322795][ T1487] ieee802154 phy0 wpan0: encryption failed: -22
[ 3023.876275][ T1490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17748'.
[ 3023.941195][T17882] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3024.390026][ T1507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17753'.
[ 3024.393976][ T1507] netlink: 'syz.3.17753': attribute type 9 has an invalid length.
[ 3024.557351][ T1520] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 3025.228230][ T1530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17757'.
[ 3025.228290][ T1531] Cannot find add_set index 0 as target
[ 3025.264535][   T39] audit: type=1400 audit(1722214997.953:20542): avc:  denied  { setcheckreqprot } for  pid=1529 comm="syz.0.17758" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 3025.325655][T17882] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3025.547855][T17882] Bluetooth: hci8: unexpected event 0x09 length: 50 > 3
[ 3025.656907][T29652] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 3025.851691][T29652] usb 5-1: device descriptor read/64, error -71
[ 3026.155517][T29652] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 3026.317412][T29652] usb 5-1: device descriptor read/64, error -71
[ 3026.447803][T29652] usb usb5-port1: attempt power cycle
[ 3026.934833][T29652] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 3026.968193][T29652] usb 5-1: device descriptor read/8, error -71
[ 3027.270626][T29652] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 3027.303645][T29652] usb 5-1: device descriptor read/8, error -71
[ 3027.405277][ T1568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17767'.
[ 3027.444498][T29652] usb usb5-port1: unable to enumerate USB device
[ 3028.058102][T17882] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3028.527338][T29545] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[ 3028.662764][ T1602] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17776'.
[ 3028.701356][T29545] usb 7-1: device descriptor read/64, error -71
[ 3028.717689][   T39] audit: type=1326 audit(1722215001.138:20543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.732659][   T39] audit: type=1326 audit(1722215001.138:20544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.741947][   T39] audit: type=1326 audit(1722215001.138:20545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.753653][   T39] audit: type=1326 audit(1722215001.138:20546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.763747][   T39] audit: type=1326 audit(1722215001.138:20547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.773320][   T39] audit: type=1326 audit(1722215001.138:20548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.783039][   T39] audit: type=1326 audit(1722215001.138:20549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.791668][   T39] audit: type=1326 audit(1722215001.157:20550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3028.799414][   T39] audit: type=1326 audit(1722215001.157:20551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1603 comm="syz.0.17777" exe="/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3029.007592][T29545] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[ 3029.147635][T17882] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3029.177143][T29545] usb 7-1: device descriptor read/64, error -71
[ 3029.307577][T29545] usb usb7-port1: attempt power cycle
[ 3029.794431][T29545] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[ 3029.840475][T29545] usb 7-1: device descriptor read/8, error -71
[ 3030.145429][T29545] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[ 3030.196636][T29545] usb 7-1: device descriptor read/8, error -71
[ 3030.197722][T29652] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 3030.346036][T29545] usb usb7-port1: unable to enumerate USB device
[ 3030.357690][T29652] usb 5-1: device descriptor read/64, error -71
[ 3030.507121][ T1641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17785'.
[ 3030.593173][T17882] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3030.671405][T29652] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 3030.869744][T29652] usb 5-1: device descriptor read/64, error -71
[ 3030.996875][T29652] usb usb5-port1: attempt power cycle
[ 3031.119258][ T1642] block nbd3: shutting down sockets
[ 3031.254291][T17882] Bluetooth: hci8: ACL packet for unknown connection handle 200
[ 3031.294643][ T1654] FAULT_INJECTION: forcing a failure.
[ 3031.294643][ T1654] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3031.300630][ T1654] CPU: 0 UID: 0 PID: 1654 Comm: syz.3.17789 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3031.305229][ T1654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3031.309942][ T1654] Call Trace:
[ 3031.311502][ T1654]  <TASK>
[ 3031.312843][ T1654]  dump_stack_lvl+0x16c/0x1f0
[ 3031.315014][ T1654]  should_fail_ex+0x497/0x5b0
[ 3031.317077][ T1654]  ? fs_reclaim_acquire+0xae/0x160
[ 3031.319354][ T1654]  should_fail_alloc_page+0xe7/0x130
[ 3031.321726][ T1654]  prepare_alloc_pages.constprop.0+0x16f/0x560
[ 3031.324511][ T1654]  __alloc_pages_noprof+0x194/0x2460
[ 3031.326854][ T1654]  ? stack_depot_save_flags+0x31b/0x8f0
[ 3031.329359][ T1654]  ? hlock_class+0x4e/0x130
[ 3031.331369][ T1654]  ? __lock_acquire+0x1620/0x3cb0
[ 3031.333624][ T1654]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 3031.336127][ T1654]  ? __pfx___lock_acquire+0x10/0x10
[ 3031.338439][ T1654]  ? kasan_save_track+0x14/0x30
[ 3031.340652][ T1654]  ? kasan_save_free_info+0x3b/0x60
[ 3031.343003][ T1654]  ? poison_slab_object+0xf7/0x160
[ 3031.345262][ T1654]  ? __kasan_slab_free+0x32/0x50
[ 3031.347463][ T1654]  ? kmem_cache_free+0x12f/0x3a0
[ 3031.349689][ T1654]  ? alloc_vmap_area+0x1f99/0x2a70
[ 3031.351953][ T1654]  ? __get_vm_area_node+0x17e/0x2d0
[ 3031.354261][ T1654]  ? __vmalloc_node_range_noprof+0x276/0x1520
[ 3031.356673][ T1654]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 3031.359202][ T1654]  ? policy_nodemask+0xea/0x4e0
[ 3031.361391][ T1654]  alloc_pages_mpol_noprof+0x275/0x610
[ 3031.363828][ T1654]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 3031.366513][ T1654]  ? do_raw_spin_lock+0x12d/0x2c0
[ 3031.369362][ T1654]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[ 3031.372196][ T1654]  get_free_pages_noprof+0xc/0x40
[ 3031.374416][ T1654]  kasan_populate_vmalloc_pte+0x2d/0x160
[ 3031.376890][ T1654]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[ 3031.379710][ T1654]  __apply_to_page_range+0x795/0xdd0
[ 3031.382173][ T1654]  ? __pfx___apply_to_page_range+0x10/0x10
[ 3031.384441][ T1654]  ? insert_vmap_area+0x2ef/0x4d0
[ 3031.386422][ T1654]  alloc_vmap_area+0x93e/0x2a70
[ 3031.388347][ T1654]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 3031.390423][ T1654]  __get_vm_area_node+0x17e/0x2d0
[ 3031.392398][ T1654]  __vmalloc_node_range_noprof+0x276/0x1520
[ 3031.394967][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.397330][ T1654]  ? find_held_lock+0x2d/0x110
[ 3031.399476][ T1654]  ? do_alloc_pages+0xed/0x200
[ 3031.401635][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.403965][ T1654]  ? trace_contention_end+0xea/0x140
[ 3031.406457][ T1654]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 3031.409269][ T1654]  ? __mutex_unlock_slowpath+0x164/0x650
[ 3031.411785][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.414069][ T1654]  vmalloc_noprof+0x6b/0x90
[ 3031.415862][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.417996][ T1654]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[ 3031.420717][ T1654]  __snd_dma_alloc_pages+0x50/0x90
[ 3031.423011][ T1654]  snd_dma_alloc_dir_pages+0x151/0x240
[ 3031.425402][ T1654]  do_alloc_pages+0x126/0x200
[ 3031.427525][ T1654]  snd_pcm_lib_malloc_pages+0x3df/0x980
[ 3031.429980][ T1654]  snd_pcm_hw_params+0x152b/0x1a30
[ 3031.432239][ T1654]  ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0
[ 3031.435095][ T1654]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 3031.437497][ T1654]  ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0
[ 3031.440342][ T1654]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 3031.443320][ T1654]  snd_pcm_kernel_ioctl+0x147/0x2d0
[ 3031.445378][ T1654]  snd_pcm_oss_change_params_locked+0x1406/0x3a60
[ 3031.448197][ T1654]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 3031.451149][ T1654]  ? snd_pcm_oss_get_active_substream+0x146/0x1d0
[ 3031.453985][ T1654]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[ 3031.456717][ T1654]  snd_pcm_oss_ioctl+0x118d/0x3790
[ 3031.458930][ T1654]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 3031.461317][ T1654]  ? selinux_file_ioctl+0x180/0x270
[ 3031.463625][ T1654]  ? selinux_file_ioctl+0xb4/0x270
[ 3031.465791][ T1654]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 3031.467918][ T1654]  __x64_sys_ioctl+0x193/0x220
[ 3031.469893][ T1654]  do_syscall_64+0xcd/0x250
[ 3031.471901][ T1654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3031.474508][ T1654] RIP: 0033:0x7f5904d77299
[ 3031.476488][ T1654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3031.484850][ T1654] RSP: 002b:00007f5905a74048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3031.488658][ T1654] RAX: ffffffffffffffda RBX: 00007f5904f05f80 RCX: 00007f5904d77299
[ 3031.492100][ T1654] RDX: 00000000200004c0 RSI: 0000000080045005 RDI: 0000000000000003
[ 3031.495545][ T1654] RBP: 00007f5905a740a0 R08: 0000000000000000 R09: 0000000000000000
[ 3031.499009][ T1654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3031.502415][ T1654] R13: 000000000000000b R14: 00007f5904f05f80 R15: 00007ffea42401e8
[ 3031.505639][ T1654]  </TASK>
[ 3031.509932][ T1654] syz.3.17789: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 3031.516338][ T1654] CPU: 0 UID: 0 PID: 1654 Comm: syz.3.17789 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3031.520302][ T1654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3031.524905][ T1654] Call Trace:
[ 3031.526397][ T1654]  <TASK>
[ 3031.527714][ T1654]  dump_stack_lvl+0x16c/0x1f0
[ 3031.529824][ T1654]  warn_alloc+0x24d/0x3a0
[ 3031.531727][ T1654]  ? __pfx_warn_alloc+0x10/0x10
[ 3031.533898][ T1654]  ? lockdep_hardirqs_on+0x7c/0x110
[ 3031.536187][ T1654]  ? __get_vm_area_node+0x1bc/0x2d0
[ 3031.538473][ T1654]  __vmalloc_node_range_noprof+0xc1e/0x1520
[ 3031.541201][ T1654]  ? do_alloc_pages+0xed/0x200
[ 3031.543332][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.545648][ T1654]  ? trace_contention_end+0xea/0x140
[ 3031.547965][ T1654]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 3031.550798][ T1654]  ? __mutex_unlock_slowpath+0x164/0x650
[ 3031.553265][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.555552][ T1654]  vmalloc_noprof+0x6b/0x90
[ 3031.557825][ T1654]  ? __snd_dma_alloc_pages+0x50/0x90
[ 3031.560101][ T1654]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[ 3031.562476][ T1654]  __snd_dma_alloc_pages+0x50/0x90
[ 3031.564460][ T1654]  snd_dma_alloc_dir_pages+0x151/0x240
[ 3031.566569][ T1654]  do_alloc_pages+0x126/0x200
[ 3031.568412][ T1654]  snd_pcm_lib_malloc_pages+0x3df/0x980
[ 3031.570758][ T1654]  snd_pcm_hw_params+0x152b/0x1a30
[ 3031.572989][ T1654]  ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0
[ 3031.575929][ T1654]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 3031.578847][ T1654]  ? snd_pcm_hw_param_near.constprop.0+0x743/0x8f0
[ 3031.581817][ T1654]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 3031.584786][ T1654]  snd_pcm_kernel_ioctl+0x147/0x2d0
[ 3031.587113][ T1654]  snd_pcm_oss_change_params_locked+0x1406/0x3a60
[ 3031.589942][ T1654]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 3031.593011][ T1654]  ? snd_pcm_oss_get_active_substream+0x146/0x1d0
[ 3031.595842][ T1654]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[ 3031.598576][ T1654]  snd_pcm_oss_ioctl+0x118d/0x3790
[ 3031.600830][ T1654]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 3031.603367][ T1654]  ? selinux_file_ioctl+0x180/0x270
[ 3031.605738][ T1654]  ? selinux_file_ioctl+0xb4/0x270
[ 3031.608010][ T1654]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 3031.610443][ T1654]  __x64_sys_ioctl+0x193/0x220
[ 3031.612540][ T1654]  do_syscall_64+0xcd/0x250
[ 3031.614586][ T1654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3031.617175][ T1654] RIP: 0033:0x7f5904d77299
[ 3031.619161][ T1654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3031.627041][ T1654] RSP: 002b:00007f5905a74048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3031.630443][ T1654] RAX: ffffffffffffffda RBX: 00007f5904f05f80 RCX: 00007f5904d77299
[ 3031.633873][ T1654] RDX: 00000000200004c0 RSI: 0000000080045005 RDI: 0000000000000003
[ 3031.637343][ T1654] RBP: 00007f5905a740a0 R08: 0000000000000000 R09: 0000000000000000
[ 3031.641035][ T1654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3031.644697][ T1654] R13: 000000000000000b R14: 00007f5904f05f80 R15: 00007ffea42401e8
[ 3031.648144][ T1654]  </TASK>
[ 3031.652384][T29652] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 3031.664206][ T1654] Mem-Info:
[ 3031.677758][ T1654] active_anon:4910 inactive_anon:732 isolated_anon:0
[ 3031.677758][ T1654]  active_file:568 inactive_file:19980 isolated_file:0
[ 3031.677758][ T1654]  unevictable:1768 dirty:381 writeback:0
[ 3031.677758][ T1654]  slab_reclaimable:7265 slab_unreclaimable:107404
[ 3031.677758][ T1654]  mapped:41775 shmem:1901 pagetables:905
[ 3031.677758][ T1654]  sec_pagetables:348 bounce:0
[ 3031.677758][ T1654]  kernel_misc_reclaimable:0
[ 3031.677758][ T1654]  free:449058 free_pcp:10509 free_cma:0
[ 3031.702279][T29652] usb 5-1: device descriptor read/8, error -71
[ 3031.702452][ T1654] Node 0 active_anon:15672kB inactive_anon:2928kB active_file:2272kB inactive_file:79872kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:167060kB dirty:1516kB writeback:0kB shmem:4068kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13040kB pagetables:3620kB sec_pagetables:1392kB all_unreclaimable? no
[ 3031.719212][ T1654] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:48kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 3031.735628][ T1654] Node 0 DMA free:14636kB boost:2048kB min:2376kB low:2456kB high:2536kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:112kB local_pcp:0kB free_cma:0kB
[ 3031.752618][ T1654] lowmem_reserve[]: 0 1313 0 0 0
[ 3031.756763][ T1654] Node 0 DMA32 free:142028kB boost:0kB min:28924kB low:36152kB high:43380kB reserved_highatomic:0KB active_anon:8108kB inactive_anon:2928kB active_file:2272kB inactive_file:79872kB unevictable:3536kB writepending:1516kB present:2080628kB managed:1372136kB mlocked:0kB bounce:0kB free_pcp:53472kB local_pcp:22980kB free_cma:0kB
[ 3031.772026][ T1654] lowmem_reserve[]: 0 0 0 0 0
[ 3031.774335][ T1654] Node 1 Normal free:1639568kB boost:0kB min:38324kB low:47904kB high:57484kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:48kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:160kB local_pcp:0kB free_cma:0kB
[ 3031.787338][ T1654] lowmem_reserve[]: 0 0 0 0 0
[ 3031.797799][ T1654] Node 0 DMA: 33*4kB (UM) 39*8kB (UM) 43*16kB (UM) 40*32kB (UM) 31*64kB (UM) 20*128kB (UM) 18*256kB (M) 6*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 14636kB
[ 3031.813950][ T1654] Node 0 DMA32: 1484*4kB (UME) 507*8kB (UME) 187*16kB (UME) 49*32kB (UME) 37*64kB (UME) 137*128kB (UME) 74*256kB (UM) 46*512kB (UM) 17*1024kB (UM) 5*2048kB (UM) 9*4096kB (UM) = 141464kB
[ 3031.822427][ T1654] Node 1 Normal: 96*4kB (UM) 94*8kB (UM) 154*16kB (UME) 104*32kB (UME) 90*64kB (UME) 86*128kB (UME) 50*256kB (UME) 21*512kB (UM) 21*1024kB (UME) 11*2048kB (UME) 378*4096kB (UM) = 1639568kB
[ 3031.829892][ T1654] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 3031.841072][ T1654] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 3031.845081][ T1654] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 3031.849088][ T1654] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 3031.854625][ T1654] 22498 total pagecache pages
[ 3031.856641][ T1654] 47 pages in swap cache
[ 3031.858607][ T1654] Free swap  = 60628kB
[ 3031.860399][ T1654] Total swap = 124996kB
[ 3031.862291][ T1654] 1048443 pages RAM
[ 3031.864559][ T1654] 0 pages HighMem/MovableOnly
[ 3031.866725][ T1654] 256088 pages reserved
[ 3031.868582][ T1654] 0 pages cma reserved
[ 3031.992737][T29652] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 3032.044740][T29652] usb 5-1: device descriptor read/8, error -71
[ 3032.187995][T29652] usb usb5-port1: unable to enumerate USB device
[ 3032.236332][ T1675] netlink: 40 bytes leftover after parsing attributes in process `syz.3.17795'.
[ 3032.245947][ T1675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17795'.
[ 3032.744016][ T1683] sp0: Synchronizing with TNC
[ 3032.770906][ T1685] [U] è
[ 3033.403243][ T1716] netlink: 'syz.0.17803': attribute type 10 has an invalid length.
[ 3033.453535][ T1716] batman_adv: batadv0: Adding interface: team0
[ 3033.457607][ T1716] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3033.474529][ T1716] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 3033.486449][ T1717] netlink: 'syz.0.17803': attribute type 10 has an invalid length.
[ 3033.489872][ T1717] netlink: 2 bytes leftover after parsing attributes in process `syz.0.17803'.
[ 3033.495829][ T1717] team0: entered promiscuous mode
[ 3033.498317][ T1717] team_slave_0: entered promiscuous mode
[ 3033.506660][ T1717] team_slave_1: entered promiscuous mode
[ 3033.513763][ T1717] 8021q: adding VLAN 0 to HW filter on device team0
[ 3033.517593][ T1717] batman_adv: batadv0: Interface activated: team0
[ 3033.521149][ T1717] batman_adv: batadv0: Interface deactivated: team0
[ 3033.524909][ T1717] batman_adv: batadv0: Removing interface: team0
[ 3033.582914][T18464] Bluetooth: hci7: Received unexpected HCI Event 0x00
[ 3033.584259][ T1717] bridge0: port 3(team0) entered blocking state
[ 3033.589211][ T1717] bridge0: port 3(team0) entered disabled state
[ 3033.593853][ T1717] team0: entered allmulticast mode
[ 3033.596716][ T1717] team_slave_0: entered allmulticast mode
[ 3033.599590][ T1717] team_slave_1: entered allmulticast mode
[ 3033.620028][ T1721] netlink: 40 bytes leftover after parsing attributes in process `syz.3.17805'.
[ 3033.650245][ T1721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17805'.
[ 3034.300621][T18464] Bluetooth: hci8: command 0x0405 tx timeout
[ 3034.320247][T18464] Bluetooth: hci7: ACL packet for unknown connection handle 200
[ 3034.700451][T29652] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 3034.862888][T29652] usb 5-1: device descriptor read/64, error -71
[ 3035.188603][T29652] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 3035.361143][T29652] usb 5-1: device descriptor read/64, error -71
[ 3035.502475][T29652] usb usb5-port1: attempt power cycle
[ 3036.017201][ T1780] netlink: 40 bytes leftover after parsing attributes in process `syz.1.17814'.
[ 3036.024258][ T1780] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17814'.
[ 3036.033081][T29652] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 3036.106535][T29652] usb 5-1: device descriptor read/8, error -71
[ 3036.223869][ T1784] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=1784 comm=syz.1.17816
[ 3036.422518][T29652] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 3036.467088][T29652] usb 5-1: device descriptor read/8, error -71
[ 3036.596223][T29652] usb usb5-port1: unable to enumerate USB device
[ 3036.665684][ T1798] netlink: 'syz.3.17819': attribute type 10 has an invalid length.
[ 3036.721745][ T1798] batman_adv: batadv0: Adding interface: team0
[ 3036.724746][ T1798] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3036.737478][ T1798] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 3036.744762][ T1799] netlink: 'syz.3.17819': attribute type 10 has an invalid length.
[ 3036.748736][ T1799] netlink: 2 bytes leftover after parsing attributes in process `syz.3.17819'.
[ 3036.753970][ T1799] team0: entered promiscuous mode
[ 3036.756440][ T1799] team_slave_0: entered promiscuous mode
[ 3036.759557][ T1799] team_slave_1: entered promiscuous mode
[ 3036.770593][ T1799] 8021q: adding VLAN 0 to HW filter on device team0
[ 3036.777741][ T1799] batman_adv: batadv0: Interface activated: team0
[ 3036.781531][ T1799] batman_adv: batadv0: Interface deactivated: team0
[ 3036.796823][ T1799] batman_adv: batadv0: Removing interface: team0
[ 3036.825115][ T1799] bridge0: port 3(team0) entered blocking state
[ 3036.843493][ T1799] bridge0: port 3(team0) entered disabled state
[ 3036.850060][ T1799] team0: entered allmulticast mode
[ 3036.854405][ T1799] team_slave_0: entered allmulticast mode
[ 3036.858821][ T1799] team_slave_1: entered allmulticast mode
[ 3036.859674][T17882] Bluetooth: hci8: Received unexpected HCI Event 0x00
[ 3037.235414][T17882] Bluetooth: hci8: command 0x0405 tx timeout
[ 3037.557325][ T1809] netlink: 40 bytes leftover after parsing attributes in process `syz.2.17823'.
[ 3037.564961][ T1809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17823'.
[ 3037.710583][   T39] kauditd_printk_skb: 2 callbacks suppressed
[ 3037.710600][   T39] audit: type=1326 audit(1722215009.439:20554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3037.733160][   T39] audit: type=1326 audit(1722215009.439:20555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3037.754992][   T39] audit: type=1326 audit(1722215009.448:20556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3037.776437][   T39] audit: type=1326 audit(1722215009.448:20557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3037.784768][   T39] audit: type=1326 audit(1722215009.448:20558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3037.809618][   T39] audit: type=1326 audit(1722215009.448:20559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3037.813211][T17882] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 3037.830614][   T39] audit: type=1326 audit(1722215009.448:20560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1818 comm="syz.0.17825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa24c977299 code=0x7ffc0000
[ 3038.129793][T17882] Bluetooth: hci6: ACL packet for unknown connection handle 200
[ 3038.358981][T17882] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci6/hci6:201'
[ 3038.359247][T17882] CPU: 2 UID: 0 PID: 17882 Comm: kworker/u33:1 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3038.359272][T17882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3038.359286][T17882] Workqueue: hci6 hci_rx_work
[ 3038.359314][T17882] Call Trace:
[ 3038.359323][T17882]  <TASK>
[ 3038.359332][T17882]  dump_stack_lvl+0x16c/0x1f0
[ 3038.359359][T17882]  sysfs_warn_dup+0x7f/0xa0
[ 3038.359379][T17882]  sysfs_create_dir_ns+0x24d/0x2b0
[ 3038.359400][T17882]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 3038.359422][T17882]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 3038.359447][T17882]  ? do_raw_spin_unlock+0x172/0x230
[ 3038.359473][T17882]  kobject_add_internal+0x2c8/0x990
[ 3038.359498][T17882]  kobject_add+0x16f/0x240
[ 3038.359520][T17882]  ? __pfx_kobject_add+0x10/0x10
[ 3038.359541][T17882]  ? do_raw_spin_unlock+0x172/0x230
[ 3038.359564][T17882]  ? kobject_put+0xbe/0x5b0
[ 3038.359589][T17882]  device_add+0x289/0x1a70
[ 3038.359610][T17882]  ? __pfx_dev_set_name+0x10/0x10
[ 3038.359632][T17882]  ? __pfx_device_add+0x10/0x10
[ 3038.359652][T17882]  ? mgmt_send_event_skb+0x2f2/0x460
[ 3038.359673][T17882]  hci_conn_add_sysfs+0x17e/0x230
[ 3038.359698][T17882]  le_conn_complete_evt+0x1078/0x1d80
[ 3038.359719][T17882]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 3038.359737][T17882]  ? trace_contention_end+0xea/0x140
[ 3038.359761][T17882]  ? __mutex_lock+0x1a6/0x9c0
[ 3038.359781][T17882]  hci_le_enh_conn_complete_evt+0x23d/0x380
[ 3038.359801][T17882]  ? skb_pull_data+0x166/0x210
[ 3038.359824][T17882]  hci_le_meta_evt+0x2e2/0x5d0
[ 3038.359846][T17882]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 3038.359867][T17882]  hci_event_packet+0x666/0x1180
[ 3038.359887][T17882]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 3038.438310][T17882]  ? __pfx_hci_event_packet+0x10/0x10
[ 3038.438343][T17882]  ? mark_held_locks+0x9f/0xe0
[ 3038.438366][T17882]  ? kcov_remote_start+0x3d1/0x6e0
[ 3038.438392][T17882]  ? lockdep_hardirqs_on+0x7c/0x110
[ 3038.438419][T17882]  hci_rx_work+0x2c6/0x1610
[ 3038.438444][T17882]  process_one_work+0x9c5/0x1b40
[ 3038.438469][T17882]  ? __pfx_lock_acquire+0x10/0x10
[ 3038.438491][T17882]  ? __pfx_process_one_work+0x10/0x10
[ 3038.438515][T17882]  ? assign_work+0x1a0/0x250
[ 3038.438536][T17882]  worker_thread+0x6c8/0xf20
[ 3038.438560][T17882]  ? __kthread_parkme+0x148/0x220
[ 3038.438587][T17882]  ? __pfx_worker_thread+0x10/0x10
[ 3038.438610][T17882]  kthread+0x2c1/0x3a0
[ 3038.438628][T17882]  ? _raw_spin_unlock_irq+0x23/0x50
[ 3038.438653][T17882]  ? __pfx_kthread+0x10/0x10
[ 3038.438668][T17882]  ret_from_fork+0x45/0x80
[ 3038.438696][T17882]  ? __pfx_kthread+0x10/0x10
[ 3038.438712][T17882]  ret_from_fork_asm+0x1a/0x30
[ 3038.438740][T17882]  </TASK>
[ 3038.450379][T17882] kobject: kobject_add_internal failed for hci6:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 3038.450420][T17882] Bluetooth: hci6: failed to register connection device
[ 3038.859566][ T1847] netlink: 'syz.3.17830': attribute type 10 has an invalid length.
[ 3038.925310][ T1847] team0: left allmulticast mode
[ 3038.943147][ T1847] team_slave_0: left allmulticast mode
[ 3038.947546][ T1847] team_slave_1: left allmulticast mode
[ 3038.950411][ T1847] team0: left promiscuous mode
[ 3038.956231][ T1847] team_slave_0: left promiscuous mode
[ 3038.959517][ T1847] team_slave_1: left promiscuous mode
[ 3039.122660][ T1847] bridge0: port 3(team0) entered disabled state
[ 3039.147477][T18464] Bluetooth: hci8: Received unexpected HCI Event 0x00
[ 3039.207580][ T1847] batman_adv: batadv0: Adding interface: team0
[ 3039.210526][ T1847] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3039.221677][ T1847] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 3039.228337][ T1853] netlink: 'syz.3.17830': attribute type 10 has an invalid length.
[ 3039.231776][ T1853] netlink: 2 bytes leftover after parsing attributes in process `syz.3.17830'.
[ 3039.235800][ T1853] team0: entered promiscuous mode
[ 3039.250255][ T1853] team_slave_0: entered promiscuous mode
[ 3039.253088][ T1853] team_slave_1: entered promiscuous mode
[ 3039.258550][ T1853] 8021q: adding VLAN 0 to HW filter on device team0
[ 3039.263082][ T1853] batman_adv: batadv0: Interface activated: team0
[ 3039.265732][ T1853] batman_adv: batadv0: Interface deactivated: team0
[ 3039.268495][ T1853] batman_adv: batadv0: Removing interface: team0
[ 3039.273907][ T1853] bridge0: port 3(team0) entered blocking state
[ 3039.276900][ T1853] bridge0: port 3(team0) entered disabled state
[ 3039.280326][ T1853] team0: entered allmulticast mode
[ 3039.282482][ T1853] team_slave_0: entered allmulticast mode
[ 3039.285034][ T1853] team_slave_1: entered allmulticast mode
[ 3039.577371][ T1858] netlink: 40 bytes leftover after parsing attributes in process `syz.2.17832'.
[ 3039.589058][ T1858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17832'.
[ 3039.996719][ T5754] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 3040.169939][ T5754] usb 7-1: device descriptor read/64, error -71
[ 3040.473527][ T5754] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 3040.635802][ T5754] usb 7-1: device descriptor read/64, error -71
[ 3040.700659][T18464] Bluetooth: hci6: command 0x0406 tx timeout
[ 3040.766118][ T5754] usb usb7-port1: attempt power cycle
[ 3041.242220][ T5754] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 3041.275152][ T5754] usb 7-1: device descriptor read/8, error -71
[ 3041.278889][ T1892] veth0_vlan: left promiscuous mode
[ 3041.590060][ T5754] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 3041.631730][ T5754] usb 7-1: device descriptor read/8, error -71
[ 3041.745123][ T1379] ieee802154 phy0 wpan0: encryption failed: -22
[ 3041.762488][ T5754] usb usb7-port1: unable to enumerate USB device
[ 3042.566440][ T1916] netlink: 40 bytes leftover after parsing attributes in process `syz.1.17843'.
[ 3042.572669][ T1916] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17843'.
[ 3044.029152][T18464] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 3044.040159][T18464] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 3044.046602][T18464] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 3044.052710][T18464] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 3044.058228][T18464] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 3044.061041][T18464] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 3044.145472][ T1984] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 3044.154476][ T1984] input: syz0 as /devices/virtual/input/input156
[ 3044.280503][ T1958] chnl_net:caif_netlink_parms(): no params data found
[ 3044.531305][ T1958] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3044.535022][ T1958] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3044.538494][ T1958] bridge_slave_0: entered allmulticast mode
[ 3044.542861][ T1958] bridge_slave_0: entered promiscuous mode
[ 3044.551807][ T1958] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3044.555332][ T1958] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3044.563155][ T1958] bridge_slave_1: entered allmulticast mode
[ 3044.567862][ T1958] bridge_slave_1: entered promiscuous mode
[ 3044.674272][ T1958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3044.693647][ T1958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3044.781543][ T1958] team0: Port device team_slave_0 added
[ 3044.790183][ T1958] team0: Port device team_slave_1 added
[ 3044.851256][ T1958] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3044.854108][ T1958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3044.871176][ T1958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3044.878402][ T1958] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3044.881720][ T1958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3044.895596][ T1958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3044.946442][T17882] Bluetooth: hci7: command 0x0406 tx timeout
[ 3045.013525][ T1958] hsr_slave_0: entered promiscuous mode
[ 3045.016333][ T1958] hsr_slave_1: entered promiscuous mode
[ 3045.019191][ T1958] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 3045.022501][ T1958] Cannot create hsr debugfs directory
[ 3045.391859][ T1958] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3045.514972][ T1958] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3045.668805][ T1958] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3045.762089][ T1958] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3045.967641][ T1958] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 3045.975549][ T1958] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 3045.982467][ T1958] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 3045.994028][ T1958] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 3046.120427][ T1958] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3046.159772][ T1958] 8021q: adding VLAN 0 to HW filter on device team0
[ 3046.174012][ T5754] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3046.177158][ T5754] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3046.182996][ T5754] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3046.186217][ T5754] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3046.345646][T17882] Bluetooth: hci6: command tx timeout
[ 3046.390070][ T1958] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3046.423575][ T1958] veth0_vlan: entered promiscuous mode
[ 3046.433751][ T1958] veth1_vlan: entered promiscuous mode
[ 3046.458589][ T1958] veth0_macvtap: entered promiscuous mode
[ 3046.465196][ T1958] veth1_macvtap: entered promiscuous mode
[ 3046.481911][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.487805][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.492122][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.496681][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.500752][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.504769][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.508183][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.524448][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.526578][T29747] IPVS: starting estimator thread 0...
[ 3046.527797][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.527808][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.527830][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.527838][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.527870][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.527877][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.527896][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.527903][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.527924][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.527931][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.527948][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3046.527955][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.529124][ T1958] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3046.592300][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.598498][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.602546][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.607324][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.611320][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.617237][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.621287][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.625690][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.629683][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.633890][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.636581][ T3108] IPVS: using max 19 ests per chain, 45600 per kthread
[ 3046.638332][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.645167][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.649331][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.653546][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.660297][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.660313][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.660333][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.660346][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.660363][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.660375][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.660395][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.660407][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.660432][ T1958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3046.701096][ T1958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3046.704311][ T1958] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3046.718372][ T1958] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3046.718403][ T1958] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3046.718428][ T1958] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3046.718452][ T1958] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3046.768199][T17882] Bluetooth: hci7: Ignoring HCI_Connection_Complete for existing connection
[ 3046.875313][T20078] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3046.878733][T20078] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3046.928014][T24145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3046.931521][T24145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3047.457819][T17882] Bluetooth: hci8: unexpected event for opcode 0x0c46
[ 3047.515305][T17882] Bluetooth: hci8: Received unexpected HCI Event 0x00
[ 3047.619875][ T3137] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 3047.625438][T17882] Bluetooth: hci8: ACL packet for unknown connection handle 200
[ 3047.650874][ T3137] input: syz0 as /devices/virtual/input/input158
[ 3047.981290][ T3151] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 3048.585453][T18464] Bluetooth: hci6: command tx timeout
[ 3049.449781][ T3188] FAULT_INJECTION: forcing a failure.
[ 3049.449781][ T3188] name failslab, interval 1, probability 0, space 0, times 0
[ 3049.454436][ T3188] CPU: 2 UID: 0 PID: 3188 Comm: syz.0.17875 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3049.458650][ T3188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3049.463280][ T3188] Call Trace:
[ 3049.464638][ T3188]  <TASK>
[ 3049.465905][ T3188]  dump_stack_lvl+0x16c/0x1f0
[ 3049.467917][ T3188]  should_fail_ex+0x497/0x5b0
[ 3049.469927][ T3188]  should_failslab+0xc2/0x120
[ 3049.471694][ T3188]  kmem_cache_alloc_node_noprof+0x71/0x310
[ 3049.474004][ T3188]  ? __alloc_skb+0x2b1/0x380
[ 3049.476002][ T3188]  __alloc_skb+0x2b1/0x380
[ 3049.477914][ T3188]  ? __pfx___alloc_skb+0x10/0x10
[ 3049.480036][ T3188]  ? __pfx_mark_lock+0x10/0x10
[ 3049.482094][ T3188]  ? hlock_class+0x4e/0x130
[ 3049.484032][ T3188]  ? __lock_acquire+0xbdd/0x3cb0
[ 3049.486106][ T3188]  tcp_v6_send_response+0x287/0x22b0
[ 3049.488338][ T3188]  ? __pfx_tcp_v6_send_response+0x10/0x10
[ 3049.490489][ T3188]  ? __pfx_selinux_socket_sock_rcv_skb+0x10/0x10
[ 3049.492665][ T3188]  ? debug_object_deactivate+0x1f0/0x370
[ 3049.494751][ T3188]  tcp_v6_send_reset+0x636/0x1540
[ 3049.496719][ T3188]  ? __pfx_tcp_v6_send_reset+0x10/0x10
[ 3049.499093][ T3188]  ? __pfx_tcp_inbound_hash+0x10/0x10
[ 3049.501409][ T3188]  ? __pfx_sk_filter_trim_cap+0x10/0x10
[ 3049.503788][ T3188]  tcp_v6_do_rcv+0xd21/0x16e0
[ 3049.505891][ T3188]  tcp_v6_rcv+0x3a38/0x4120
[ 3049.507954][ T3188]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 3049.510079][ T3188]  ? __pfx_lock_release+0x10/0x10
[ 3049.512247][ T3188]  ? __pfx_raw6_local_deliver+0x10/0x10
[ 3049.514646][ T3188]  ? do_csum+0x280/0x2e0
[ 3049.516477][ T3188]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 3049.518609][ T3188]  ip6_protocol_deliver_rcu+0x188/0x1530
[ 3049.521016][ T3188]  ip6_input_finish+0x14f/0x2f0
[ 3049.523127][ T3188]  ip6_input+0xa1/0xd0
[ 3049.524876][ T3188]  ? __pfx_ip6_input+0x10/0x10
[ 3049.526994][ T3188]  ipv6_rcv+0x265/0x680
[ 3049.528814][ T3188]  ? __pfx_ipv6_rcv+0x10/0x10
[ 3049.530874][ T3188]  __netif_receive_skb_one_core+0x12e/0x1e0
[ 3049.533442][ T3188]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 3049.536198][ T3188]  ? timekeeping_debug_get_ns+0x334/0x5b0
[ 3049.538648][ T3188]  __netif_receive_skb+0x1d/0x160
[ 3049.540834][ T3188]  netif_receive_skb+0x13f/0x7b0
[ 3049.543212][ T3188]  ? __pfx_netif_receive_skb+0x10/0x10
[ 3049.545723][ T3188]  ? __pfx___lock_acquire+0x10/0x10
[ 3049.547956][ T3188]  tun_rx_batched+0x429/0x780
[ 3049.550007][ T3188]  ? __pfx_tun_rx_batched+0x10/0x10
[ 3049.552256][ T3188]  ? tun_get_user+0x1d81/0x3c30
[ 3049.554373][ T3188]  tun_get_user+0x2a5c/0x3c30
[ 3049.556426][ T3188]  ? __pfx_tun_get_user+0x10/0x10
[ 3049.558625][ T3188]  ? find_held_lock+0x2d/0x110
[ 3049.560721][ T3188]  ? __pfx_lock_release+0x10/0x10
[ 3049.562921][ T3188]  tun_chr_write_iter+0xe8/0x210
[ 3049.565084][ T3188]  vfs_write+0x6b6/0x1140
[ 3049.566803][ T3188]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 3049.568854][ T3188]  ? __pfx_vfs_write+0x10/0x10
[ 3049.570896][ T3188]  ? __fget_files+0x256/0x400
[ 3049.572505][ T3188]  ? __fget_light+0x173/0x210
[ 3049.574123][ T3188]  ksys_write+0x12f/0x260
[ 3049.575623][ T3188]  ? __pfx_ksys_write+0x10/0x10
[ 3049.577297][ T3188]  do_syscall_64+0xcd/0x250
[ 3049.578817][ T3188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3049.580845][ T3188] RIP: 0033:0x7fa24c975e1f
[ 3049.582373][ T3188] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[ 3049.589044][ T3188] RSP: 002b:00007fa24d6a4010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 3049.592009][ T3188] RAX: ffffffffffffffda RBX: 00007fa24cb05f80 RCX: 00007fa24c975e1f
[ 3049.594930][ T3188] RDX: 0000000000000056 RSI: 0000000020000840 RDI: 00000000000000c8
[ 3049.597953][ T3188] RBP: 00007fa24d6a40a0 R08: 0000000000000000 R09: 0000000000000000
[ 3049.600958][ T3188] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000001
[ 3049.603646][ T3188] R13: 000000000000000b R14: 00007fa24cb05f80 R15: 00007ffe82f62aa8
[ 3049.606820][ T3188]  </TASK>
[ 3049.611055][ T3189] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 3049.638542][ T3189] input: syz0 as /devices/virtual/input/input159
[ 3049.945300][ T3209] FAULT_INJECTION: forcing a failure.
[ 3049.945300][ T3209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3049.952358][ T3209] CPU: 0 UID: 0 PID: 3209 Comm: syz.3.17878 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3049.956852][ T3209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3049.961504][ T3209] Call Trace:
[ 3049.963002][ T3209]  <TASK>
[ 3049.964251][ T3209]  dump_stack_lvl+0x16c/0x1f0
[ 3049.966402][ T3209]  should_fail_ex+0x497/0x5b0
[ 3049.968198][ T3209]  _copy_from_user+0x30/0xf0
[ 3049.969805][ T3209]  map_update_elem+0x767/0x910
[ 3049.971423][ T3209]  ? __pfx_map_update_elem+0x10/0x10
[ 3049.973369][ T3209]  ? selinux_bpf+0xee/0x130
[ 3049.974992][ T3209]  __sys_bpf+0x90c/0x4a20
[ 3049.976992][ T3209]  ? ksys_write+0x21c/0x260
[ 3049.979099][ T3209]  ? reacquire_held_locks+0x410/0x4c0
[ 3049.981611][ T3209]  ? __pfx___sys_bpf+0x10/0x10
[ 3049.983840][ T3209]  ? vfs_write+0x14d/0x1140
[ 3049.985652][ T3209]  ? __mutex_unlock_slowpath+0x164/0x650
[ 3049.988282][ T3209]  ? fput+0x32/0x390
[ 3049.990135][ T3209]  ? ksys_write+0x1ab/0x260
[ 3049.992341][ T3209]  ? __pfx_ksys_write+0x10/0x10
[ 3049.994644][ T3209]  __x64_sys_bpf+0x78/0xc0
[ 3049.996749][ T3209]  ? lockdep_hardirqs_on+0x7c/0x110
[ 3049.999158][ T3209]  do_syscall_64+0xcd/0x250
[ 3050.001265][ T3209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3050.004007][ T3209] RIP: 0033:0x7f5904d77299
[ 3050.006094][ T3209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3050.013410][ T3209] RSP: 002b:00007f5905a74048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3050.016293][ T3209] RAX: ffffffffffffffda RBX: 00007f5904f05f80 RCX: 00007f5904d77299
[ 3050.019064][ T3209] RDX: 0000000000000020 RSI: 0000000020000180 RDI: 0000000000000002
[ 3050.021966][ T3209] RBP: 00007f5905a740a0 R08: 0000000000000000 R09: 0000000000000000
[ 3050.025405][ T3209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3050.029020][ T3209] R13: 000000000000000b R14: 00007f5904f05f80 R15: 00007ffea42401e8
[ 3050.031840][ T3209]  </TASK>
[ 3050.722385][ T3223] IPVS: length: 131 != 8
[ 3050.838309][T18464] Bluetooth: hci6: command 0x040f tx timeout
[ 3051.669427][T17882] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 3051.733583][ T3239] FAULT_INJECTION: forcing a failure.
[ 3051.733583][ T3239] name failslab, interval 1, probability 0, space 0, times 0
[ 3051.744705][ T3239] CPU: 2 UID: 0 PID: 3239 Comm: syz.2.17886 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3051.748804][ T3239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3051.752861][ T3239] Call Trace:
[ 3051.754186][ T3239]  <TASK>
[ 3051.755347][ T3239]  dump_stack_lvl+0x16c/0x1f0
[ 3051.757205][ T3239]  should_fail_ex+0x497/0x5b0
[ 3051.758990][ T3239]  ? fs_reclaim_acquire+0xae/0x160
[ 3051.760652][ T3239]  should_failslab+0xc2/0x120
[ 3051.762269][ T3239]  __kmalloc_node_track_caller_noprof+0xcf/0x430
[ 3051.764218][ T3239]  ? security_context_to_sid_core+0x73b/0x870
[ 3051.766357][ T3239]  kstrdup+0x3c/0x70
[ 3051.767850][ T3239]  security_context_to_sid_core+0x73b/0x870
[ 3051.770041][ T3239]  ? __pfx_security_context_to_sid_core+0x10/0x10
[ 3051.772260][ T3239]  ? avc_has_perm+0x11b/0x1c0
[ 3051.774068][ T3239]  ? cap_capable+0x1cf/0x240
[ 3051.775827][ T3239]  selinux_inode_setxattr+0x6c9/0x8b0
[ 3051.777845][ T3239]  ? __pfx_selinux_inode_setxattr+0x10/0x10
[ 3051.779645][ T3239]  ? __pfx_lock_acquire+0x10/0x10
[ 3051.781235][ T3239]  ? make_vfsgid+0xe0/0x130
[ 3051.782622][ T3239]  ? __pfx_make_vfsgid+0x10/0x10
[ 3051.784099][ T3239]  security_inode_setxattr+0x179/0x250
[ 3051.786157][ T3239]  __vfs_setxattr_locked+0xaa/0x260
[ 3051.788099][ T3239]  vfs_setxattr+0x146/0x350
[ 3051.789809][ T3239]  ? __pfx_lock_release+0x10/0x10
[ 3051.791660][ T3239]  ? __pfx_vfs_setxattr+0x10/0x10
[ 3051.793441][ T3239]  ? mnt_get_write_access+0x6a/0x300
[ 3051.795403][ T3239]  do_setxattr+0x146/0x170
[ 3051.797073][ T3239]  __do_sys_fsetxattr+0x2e5/0x350
[ 3051.798962][ T3239]  ? __pfx___do_sys_fsetxattr+0x10/0x10
[ 3051.800776][ T3239]  ? __mutex_unlock_slowpath+0x164/0x650
[ 3051.802881][ T3239]  ? __pfx_ksys_write+0x10/0x10
[ 3051.804694][ T3239]  do_syscall_64+0xcd/0x250
[ 3051.806312][ T3239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3051.808059][ T3239] RIP: 0033:0x7fc667f77299
[ 3051.809671][ T3239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3051.816466][ T3239] RSP: 002b:00007fc668d1d048 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[ 3051.819390][ T3239] RAX: ffffffffffffffda RBX: 00007fc668105f80 RCX: 00007fc667f77299
[ 3051.822421][ T3239] RDX: 0000000020000180 RSI: 0000000020000140 RDI: 0000000000000003
[ 3051.825053][ T3239] RBP: 00007fc668d1d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 3051.827663][ T3239] R10: 0000000000000029 R11: 0000000000000246 R12: 0000000000000001
[ 3051.830097][ T3239] R13: 000000000000000b R14: 00007fc668105f80 R15: 00007ffc6b721c78
[ 3051.832526][ T3239]  </TASK>
[ 3052.050800][ T3249] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=3249 comm=syz.1.17889
[ 3052.068039][ T3249] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=3249 comm=syz.1.17889
[ 3052.277232][    C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 3053.100895][T17882] Bluetooth: hci6: command 0x040f tx timeout
[ 3053.785109][ T3266] IPVS: length: 131 != 8
[ 3054.386829][T17882] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3055.354641][T17882] Bluetooth: hci6: command 0x040f tx timeout
[ 3055.714338][ T3305] IPVS: length: 131 != 8
[ 3056.988293][ T3326] FAULT_INJECTION: forcing a failure.
[ 3056.988293][ T3326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3056.996552][ T3326] CPU: 2 UID: 0 PID: 3326 Comm: syz.1.17912 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3057.001007][ T3326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3057.005672][ T3326] Call Trace:
[ 3057.007279][ T3326]  <TASK>
[ 3057.008630][ T3326]  dump_stack_lvl+0x16c/0x1f0
[ 3057.010676][ T3326]  should_fail_ex+0x497/0x5b0
[ 3057.012494][ T3326]  _copy_from_user+0x30/0xf0
[ 3057.014359][ T3326]  bpf_ctx_init+0x151/0x1d0
[ 3057.016261][ T3326]  bpf_prog_test_run_xdp+0x286/0x1530
[ 3057.018561][ T3326]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 3057.020797][ T3326]  ? fput+0x32/0x390
[ 3057.022497][ T3326]  ? __bpf_prog_get+0xa0/0x2f0
[ 3057.024200][ T3326]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 3057.026023][ T3326]  __sys_bpf+0x10d2/0x4a20
[ 3057.027490][ T3326]  ? __pfx___sys_bpf+0x10/0x10
[ 3057.028965][ T3326]  ? __mutex_unlock_slowpath+0xb0/0x650
[ 3057.030856][ T3326]  ? kasan_check_range+0x10e/0x1a0
[ 3057.032893][ T3326]  ? __mutex_unlock_slowpath+0x164/0x650
[ 3057.035124][ T3326]  ? fput+0x32/0x390
[ 3057.036704][ T3326]  ? ksys_write+0x1ab/0x260
[ 3057.038696][ T3326]  ? __pfx_ksys_write+0x10/0x10
[ 3057.040494][ T3326]  __x64_sys_bpf+0x78/0xc0
[ 3057.042253][ T3326]  ? lockdep_hardirqs_on+0x7c/0x110
[ 3057.044520][ T3326]  do_syscall_64+0xcd/0x250
[ 3057.046698][ T3326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3057.049361][ T3326] RIP: 0033:0x7fbb87f77299
[ 3057.051222][ T3326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3057.058738][ T3326] RSP: 002b:00007fbb88d70048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3057.062487][ T3326] RAX: ffffffffffffffda RBX: 00007fbb88105f80 RCX: 00007fbb87f77299
[ 3057.066037][ T3326] RDX: 0000000000000048 RSI: 0000000020000040 RDI: 000000000000000a
[ 3057.069249][ T3326] RBP: 00007fbb88d700a0 R08: 0000000000000000 R09: 0000000000000000
[ 3057.072429][ T3326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3057.075399][ T3326] R13: 000000000000000b R14: 00007fbb88105f80 R15: 00007ffe4160a6a8
[ 3057.078198][ T3326]  </TASK>
[ 3057.201580][ T3332] FAULT_INJECTION: forcing a failure.
[ 3057.201580][ T3332] name failslab, interval 1, probability 0, space 0, times 0
[ 3057.210034][ T3332] CPU: 2 UID: 0 PID: 3332 Comm: syz.1.17915 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3057.213802][ T3332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3057.218312][ T3332] Call Trace:
[ 3057.219761][ T3332]  <TASK>
[ 3057.220989][ T3332]  dump_stack_lvl+0x16c/0x1f0
[ 3057.222984][ T3332]  should_fail_ex+0x497/0x5b0
[ 3057.224968][ T3332]  ? fs_reclaim_acquire+0xae/0x160
[ 3057.226981][ T3332]  should_failslab+0xc2/0x120
[ 3057.228814][ T3332]  __kmalloc_noprof+0xcb/0x400
[ 3057.230577][ T3332]  ? _copy_from_user+0x5d/0xf0
[ 3057.232065][ T3332]  sel_write_validatetrans+0x247/0x4d0
[ 3057.234017][ T3332]  ? __pfx_sel_write_validatetrans+0x10/0x10
[ 3057.236384][ T3332]  ? __pfx_sel_write_validatetrans+0x10/0x10
[ 3057.238868][ T3332]  vfs_write+0x29a/0x1140
[ 3057.240353][ T3332]  ? __fdget_pos+0xeb/0x180
[ 3057.242332][ T3332]  ? __pfx_vfs_write+0x10/0x10
[ 3057.244463][ T3332]  ? __pfx___mutex_lock+0x10/0x10
[ 3057.246671][ T3332]  ? __fget_files+0x256/0x400
[ 3057.248450][ T3332]  ksys_write+0x12f/0x260
[ 3057.250014][ T3332]  ? __pfx_ksys_write+0x10/0x10
[ 3057.251890][ T3332]  do_syscall_64+0xcd/0x250
[ 3057.253923][ T3332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3057.256115][ T3332] RIP: 0033:0x7fbb87f77299
[ 3057.257692][ T3332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3057.264863][ T3332] RSP: 002b:00007fbb88d70048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 3057.267948][ T3332] RAX: ffffffffffffffda RBX: 00007fbb88105f80 RCX: 00007fbb87f77299
[ 3057.270842][ T3332] RDX: 0000000000000074 RSI: 0000000020000080 RDI: 0000000000000006
[ 3057.274316][ T3332] RBP: 00007fbb88d700a0 R08: 0000000000000000 R09: 0000000000000000
[ 3057.277786][ T3332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3057.281287][ T3332] R13: 000000000000000b R14: 00007fbb88105f80 R15: 00007ffe4160a6a8
[ 3057.284731][ T3332]  </TASK>
[ 3057.334227][T17882] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3058.843992][ T3356] team0: Port device team_slave_0 removed
[ 3058.955582][ T3365] FAULT_INJECTION: forcing a failure.
[ 3058.955582][ T3365] name failslab, interval 1, probability 0, space 0, times 0
[ 3058.960220][ T3365] CPU: 1 UID: 0 PID: 3365 Comm: syz.1.17922 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3058.964022][ T3365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3058.967993][ T3365] Call Trace:
[ 3058.969266][ T3365]  <TASK>
[ 3058.970379][ T3365]  dump_stack_lvl+0x16c/0x1f0
[ 3058.972128][ T3365]  should_fail_ex+0x497/0x5b0
[ 3058.973903][ T3365]  should_failslab+0xc2/0x120
[ 3058.975658][ T3365]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 3058.977651][ T3365]  ? skb_clone+0x190/0x3f0
[ 3058.979318][ T3365]  skb_clone+0x190/0x3f0
[ 3058.980906][ T3365]  netlink_deliver_tap+0xab3/0xd90
[ 3058.982821][ T3365]  netlink_unicast+0x6c2/0x830
[ 3058.984619][ T3365]  ? __pfx_netlink_unicast+0x10/0x10
[ 3058.986616][ T3365]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[ 3058.988538][ T3365]  netlink_ack+0x6a8/0xb90
[ 3058.990234][ T3365]  netlink_rcv_skb+0x348/0x440
[ 3058.992023][ T3365]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3058.994099][ T3365]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3058.996072][ T3365]  ? netlink_deliver_tap+0x1ae/0xd90
[ 3058.997805][ T3365]  netlink_unicast+0x544/0x830
[ 3058.999441][ T3365]  ? __pfx_netlink_unicast+0x10/0x10
[ 3059.001009][ T3365]  netlink_sendmsg+0x8b8/0xd70
[ 3059.002441][ T3365]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3059.004369][ T3365]  ? __import_iovec+0x1fd/0x6e0
[ 3059.006192][ T3365]  ____sys_sendmsg+0xab5/0xc90
[ 3059.008192][ T3365]  ? copy_msghdr_from_user+0x10b/0x160
[ 3059.010059][ T3365]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3059.011832][ T3365]  ? find_held_lock+0x2d/0x110
[ 3059.013457][ T3365]  ? __pfx___lock_acquire+0x10/0x10
[ 3059.015202][ T3365]  ___sys_sendmsg+0x135/0x1e0
[ 3059.016797][ T3365]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3059.018552][ T3365]  ? ksys_write+0x21c/0x260
[ 3059.020084][ T3365]  ? __fget_light+0x173/0x210
[ 3059.021689][ T3365]  __sys_sendmsg+0x117/0x1f0
[ 3059.023422][ T3365]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3059.025699][ T3365]  do_syscall_64+0xcd/0x250
[ 3059.027743][ T3365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3059.030369][ T3365] RIP: 0033:0x7fbb87f77299
[ 3059.032346][ T3365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3059.039822][ T3365] RSP: 002b:00007fbb88d70048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3059.042777][ T3365] RAX: ffffffffffffffda RBX: 00007fbb88105f80 RCX: 00007fbb87f77299
[ 3059.046245][ T3365] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[ 3059.049713][ T3365] RBP: 00007fbb88d700a0 R08: 0000000000000000 R09: 0000000000000000
[ 3059.053051][ T3365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3059.056666][ T3365] R13: 000000000000000b R14: 00007fbb88105f80 R15: 00007ffe4160a6a8
[ 3059.059510][ T3365]  </TASK>
[ 3059.071019][ T3373] loop7: detected capacity change from 0 to 16384
[ 3059.125950][ T3373] loop7: detected capacity change from 16384 to 16383
[ 3059.586506][T17882] Bluetooth: hci7: unexpected event 0x09 length: 50 > 3
[ 3060.097420][ T3398] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17929'.
[ 3060.104462][ T3398] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17929'.
[ 3060.107660][ T3398] netlink: 96 bytes leftover after parsing attributes in process `syz.2.17929'.
[ 3060.609657][ T3414] IPVS: length: 131 != 8
[ 3060.766773][   T39] audit: type=1326 audit(1722215030.730:20561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.785906][   T39] audit: type=1326 audit(1722215030.730:20562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.799401][   T39] audit: type=1326 audit(1722215030.748:20563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.813704][   T39] audit: type=1326 audit(1722215030.758:20564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.825853][   T39] audit: type=1326 audit(1722215030.758:20565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.838017][   T39] audit: type=1326 audit(1722215030.758:20566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.849685][   T39] audit: type=1326 audit(1722215030.758:20567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.864192][   T39] audit: type=1326 audit(1722215030.758:20568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.878695][   T39] audit: type=1326 audit(1722215030.785:20569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3060.891015][   T39] audit: type=1326 audit(1722215030.785:20570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3418 comm="syz.1.17938" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb87f77299 code=0x7ffc0000
[ 3062.133807][T17882] Bluetooth: hci6: unexpected event 0x09 length: 50 > 3
[ 3062.474438][ T3470] IPVS: length: 131 != 8
[ 3063.598625][ T3495] netlink: 24 bytes leftover after parsing attributes in process `syz.1.17955'.
[ 3063.604746][ T3495] netlink: 16 bytes leftover after parsing attributes in process `syz.1.17955'.
[ 3063.611425][ T3495] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17955'.
[ 3063.858341][ T3505] fuse: Unknown parameter 'fdpP'
[ 3064.911363][ T3521] binder: BC_ACQUIRE_RESULT not supported
[ 3064.915692][ T3521] binder: 3520:3521 ioctl c0306201 20000380 returned -22
[ 3065.255049][ T3528] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17964'.
[ 3065.314634][ T3528] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17964'.
[ 3065.317581][ T3528] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17964'.
[ 3065.753707][ T3601] IPVS: length: 131 != 8
[ 3066.157443][ T3605] IPVS: length: 131 != 8
[ 3067.867992][T17882] Bluetooth: hci6: unexpected event for opcode 0x1003
[ 3067.869077][ T3630] ata1.00: invalid cdb length 6
[ 3068.321812][ T3669] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17983'.
[ 3068.431463][ T3708] netlink: 16 bytes leftover after parsing attributes in process `syz.0.17983'.
[ 3068.453018][ T3669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17983'.
[ 3068.897424][ T3742] IPVS: length: 131 != 8
[ 3070.036272][ T3750] FAULT_INJECTION: forcing a failure.
[ 3070.036272][ T3750] name failslab, interval 1, probability 0, space 0, times 0
[ 3070.042127][ T3750] CPU: 0 UID: 0 PID: 3750 Comm: syz.2.17988 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3070.046700][ T3750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3070.050349][ T3750] Call Trace:
[ 3070.051498][ T3750]  <TASK>
[ 3070.052526][ T3750]  dump_stack_lvl+0x16c/0x1f0
[ 3070.054150][ T3750]  should_fail_ex+0x497/0x5b0
[ 3070.055747][ T3750]  ? fs_reclaim_acquire+0xae/0x160
[ 3070.057510][ T3750]  should_failslab+0xc2/0x120
[ 3070.059103][ T3750]  kmem_cache_alloc_node_noprof+0x71/0x310
[ 3070.061100][ T3750]  ? alloc_workqueue+0xca6/0x1c50
[ 3070.062827][ T3750]  alloc_workqueue+0xca6/0x1c50
[ 3070.064610][ T3750]  ? __pfx_alloc_workqueue+0x10/0x10
[ 3070.066839][ T3750]  ? rcu_is_watching+0x12/0xc0
[ 3070.068616][ T3750]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[ 3070.070545][ T3750]  ? lockdep_init_map_type+0x16d/0x7d0
[ 3070.072452][ T3750]  ? __raw_spin_lock_init+0x3a/0x110
[ 3070.074254][ T3750]  wg_newlink+0x1cf/0x700
[ 3070.075721][ T3750]  ? rtnl_create_link+0xa51/0xfa0
[ 3070.077435][ T3750]  ? __pfx_wg_newlink+0x10/0x10
[ 3070.079556][ T3750]  __rtnl_newlink+0x1197/0x1960
[ 3070.081400][ T3750]  ? __pfx___rtnl_newlink+0x10/0x10
[ 3070.083200][ T3750]  rtnl_newlink+0x67/0xa0
[ 3070.084661][ T3750]  ? __pfx_rtnl_newlink+0x10/0x10
[ 3070.086729][ T3750]  rtnetlink_rcv_msg+0x3c7/0xea0
[ 3070.088456][ T3750]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3070.090309][ T3750]  netlink_rcv_skb+0x16b/0x440
[ 3070.091967][ T3750]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3070.093989][ T3750]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3070.095769][ T3750]  ? netlink_deliver_tap+0x1ae/0xd90
[ 3070.098086][ T3750]  netlink_unicast+0x544/0x830
[ 3070.100209][ T3750]  ? __pfx_netlink_unicast+0x10/0x10
[ 3070.102525][ T3750]  netlink_sendmsg+0x8b8/0xd70
[ 3070.104643][ T3750]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3070.106998][ T3750]  ? __import_iovec+0x1fd/0x6e0
[ 3070.109170][ T3750]  ____sys_sendmsg+0xab5/0xc90
[ 3070.111183][ T3750]  ? copy_msghdr_from_user+0x10b/0x160
[ 3070.113034][ T3750]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3070.114816][ T3750]  ? find_held_lock+0x2d/0x110
[ 3070.116452][ T3750]  ? __pfx___lock_acquire+0x10/0x10
[ 3070.118616][ T3750]  ___sys_sendmsg+0x135/0x1e0
[ 3070.120594][ T3750]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3070.122473][ T3750]  ? ksys_write+0x21c/0x260
[ 3070.124357][ T3750]  ? __fget_light+0x173/0x210
[ 3070.126355][ T3750]  __sys_sendmsg+0x117/0x1f0
[ 3070.128322][ T3750]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3070.130301][ T3750]  do_syscall_64+0xcd/0x250
[ 3070.132176][ T3750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3070.134656][ T3750] RIP: 0033:0x7fc667f77299
[ 3070.136540][ T3750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3070.143751][ T3750] RSP: 002b:00007fc668d1d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3070.146558][ T3750] RAX: ffffffffffffffda RBX: 00007fc668105f80 RCX: 00007fc667f77299
[ 3070.149215][ T3750] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[ 3070.152033][ T3750] RBP: 00007fc668d1d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 3070.155130][ T3750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3070.158130][ T3750] R13: 000000000000000b R14: 00007fc668105f80 R15: 00007ffc6b721c78
[ 3070.160808][ T3750]  </TASK>
[ 3070.423292][ T3753] IPVS: length: 131 != 8
[ 3070.626705][T17882] Bluetooth: hci6: unexpected event for opcode 0x1003
[ 3070.644096][ T3762] ata1.00: invalid cdb length 6
[ 3070.828038][ T3791] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17993'.
[ 3070.906581][ T3787] netlink: 16 bytes leftover after parsing attributes in process `syz.0.17993'.
[ 3070.932390][ T3787] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17993'.
[ 3071.059661][ T3857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17996'.
[ 3071.278630][ T3867] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.17997'.
[ 3071.282827][ T3867] openvswitch: netlink: Unknown VXLAN extension attribute 0
[ 3071.290357][ T3867] overlayfs: failed to resolve './file0': -2
[ 3071.763298][ T3870] IPVS: length: 131 != 8
[ 3072.251465][T17882] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[ 3072.256783][T17882] Bluetooth: hci6: Injecting HCI hardware error event
[ 3072.264106][T17882] Bluetooth: hci6: hardware error 0x00
[ 3072.971537][ T3895] netlink: 24 bytes leftover after parsing attributes in process `syz.2.18004'.
[ 3073.050952][ T3935] netlink: 16 bytes leftover after parsing attributes in process `syz.2.18004'.
[ 3073.431078][T22877] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 3073.529844][ T3967] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[ 3073.532583][ T3967] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 3073.535946][ T3967] vhci_hcd vhci_hcd.0: Device attached
[ 3073.658749][T22877] usb 7-1: Using ep0 maxpacket: 8
[ 3073.671478][T22877] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[ 3073.676668][T22877] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3073.714886][T22877] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[ 3073.719566][T22877] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3073.727273][T22877] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[ 3073.731986][T22877] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3073.742719][T22877] usb 7-1: string descriptor 0 read error: -22
[ 3073.746184][T22877] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 3073.750256][T22877] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3073.763577][T22877] adutux 7-1:168.0: interrupt endpoints not found
[ 3073.767919][ T3967] __nla_validate_parse: 1 callbacks suppressed
[ 3073.767928][ T3967] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18007'.
[ 3073.782564][ T3967] FAULT_INJECTION: forcing a failure.
[ 3073.782564][ T3967] name failslab, interval 1, probability 0, space 0, times 0
[ 3073.793744][ T3967] CPU: 2 UID: 0 PID: 3967 Comm: syz.3.18007 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3073.798265][ T3967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3073.802666][ T3967] Call Trace:
[ 3073.804133][ T3967]  <TASK>
[ 3073.805449][ T3967]  dump_stack_lvl+0x16c/0x1f0
[ 3073.807197][ T3967]  should_fail_ex+0x497/0x5b0
[ 3073.808952][ T3967]  ? fs_reclaim_acquire+0xae/0x160
[ 3073.811189][ T3967]  should_failslab+0xc2/0x120
[ 3073.813275][ T3967]  __kmalloc_cache_noprof+0x6b/0x300
[ 3073.815583][ T3967]  ? sysfs_do_create_link_sd+0xbb/0x140
[ 3073.817614][ T3967]  ? __netdev_adjacent_dev_insert+0x20f/0xbc0
[ 3073.820058][ T3967]  __netdev_adjacent_dev_insert+0x20f/0xbc0
[ 3073.822642][ T3967]  ? __pfx___netdev_adjacent_dev_insert+0x10/0x10
[ 3073.825205][ T3967]  __netdev_upper_dev_link+0x414/0x850
[ 3073.827196][ T3967]  ? __pfx___netdev_upper_dev_link+0x10/0x10
[ 3073.829624][ T3967]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 3073.831995][ T3967]  ? batadv_hardif_get_by_netdev+0x25d/0x430
[ 3073.834607][ T3967]  netdev_master_upper_dev_link+0xa0/0xd0
[ 3073.837023][ T3967]  ? __pfx_netdev_master_upper_dev_link+0x10/0x10
[ 3073.839715][ T3967]  ? batadv_hardif_get_by_netdev+0x267/0x430
[ 3073.842171][ T3967]  batadv_hardif_enable_interface+0x28e/0xd30
[ 3073.844459][ T3967]  batadv_softif_slave_add+0xf6/0x140
[ 3073.846871][ T3967]  ? __pfx_batadv_softif_slave_add+0x10/0x10
[ 3073.849557][ T3967]  do_set_master+0x1bc/0x230
[ 3073.851652][ T3967]  do_setlink+0xcaf/0x3ff0
[ 3073.853701][ T3967]  ? __pfx_do_setlink+0x10/0x10
[ 3073.855518][ T3967]  ? irqentry_exit+0x3b/0x90
[ 3073.857300][ T3967]  ? lockdep_hardirqs_on+0x7c/0x110
[ 3073.859114][ T3967]  ? __nla_validate_parse+0xe19/0x2880
[ 3073.860967][ T3967]  ? __nla_validate_parse+0xe23/0x2880
[ 3073.862839][ T3967]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 3073.865080][ T3967]  ? full_name_hash+0xbc/0x110
[ 3073.867164][ T3967]  ? netdev_name_node_lookup+0x127/0x180
[ 3073.869579][ T3967]  ? __dev_get_by_name+0x4d/0x60
[ 3073.871712][ T3967]  ? rtnl_dev_get+0xc7/0x170
[ 3073.873709][ T3967]  ? __pfx_rtnl_dev_get+0x10/0x10
[ 3073.875845][ T3967]  ? __pfx___nla_validate_parse+0x10/0x10
[ 3073.878019][ T3967]  ? __nla_parse+0x40/0x60
[ 3073.879542][ T3967]  __rtnl_newlink+0xc35/0x1960
[ 3073.881411][ T3967]  ? __pfx___rtnl_newlink+0x10/0x10
[ 3073.883596][ T3967]  rtnl_newlink+0x67/0xa0
[ 3073.885442][ T3967]  ? __pfx_rtnl_newlink+0x10/0x10
[ 3073.886490][    T9] usb 19-1: new high-speed USB device number 4 using vhci_hcd
[ 3073.887557][ T3967]  rtnetlink_rcv_msg+0x3c7/0xea0
[ 3073.892108][ T3967]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3073.893990][ T3967]  netlink_rcv_skb+0x16b/0x440
[ 3073.895731][ T3967]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3073.897601][ T3967]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3073.899397][ T3967]  ? netlink_deliver_tap+0x1ae/0xd90
[ 3073.901222][ T3967]  netlink_unicast+0x544/0x830
[ 3073.902856][ T3967]  ? __pfx_netlink_unicast+0x10/0x10
[ 3073.904561][ T3967]  netlink_sendmsg+0x8b8/0xd70
[ 3073.906178][ T3967]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3073.907939][ T3967]  ? __import_iovec+0x1fd/0x6e0
[ 3073.909530][ T3967]  ____sys_sendmsg+0xab5/0xc90
[ 3073.911190][ T3967]  ? copy_msghdr_from_user+0x10b/0x160
[ 3073.913053][ T3967]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3073.915130][ T3967]  ? find_held_lock+0x2d/0x110
[ 3073.917290][ T3967]  ? __pfx___lock_acquire+0x10/0x10
[ 3073.919518][ T3967]  ___sys_sendmsg+0x135/0x1e0
[ 3073.921507][ T3967]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3073.923584][ T3967]  ? ksys_write+0x21c/0x260
[ 3073.925166][ T3967]  ? __fget_light+0x173/0x210
[ 3073.926791][ T3967]  __sys_sendmsg+0x117/0x1f0
[ 3073.928375][ T3967]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3073.930148][ T3967]  do_syscall_64+0xcd/0x250
[ 3073.931709][ T3967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3073.933739][ T3967] RIP: 0033:0x7f5904d77299
[ 3073.935679][ T3967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3073.943725][ T3967] RSP: 002b:00007f5905a74048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3073.947210][ T3967] RAX: ffffffffffffffda RBX: 00007f5904f05f80 RCX: 00007f5904d77299
[ 3073.950563][ T3967] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 000000000000000b
[ 3073.953494][ T3967] RBP: 00007f5905a740a0 R08: 0000000000000000 R09: 0000000000000000
[ 3073.956464][ T3967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3073.959225][ T3967] R13: 000000000000000b R14: 00007f5904f05f80 R15: 00007ffea42401e8
[ 3073.962084][ T3967]  </TASK>
[ 3073.983222][ T4737] usb 7-1: USB disconnect, device number 23
[ 3073.985953][ T3978] IPVS: length: 131 != 8
[ 3073.989785][ T3968] vhci_hcd: connection reset by peer
[ 3073.992534][ T1102] vhci_hcd: stop threads
[ 3073.994473][ T1102] vhci_hcd: release socket
[ 3073.998625][ T1102] vhci_hcd: disconnect device
[ 3074.503700][T17882] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[ 3074.818206][   T39] kauditd_printk_skb: 24 callbacks suppressed
[ 3074.818218][   T39] audit: type=1400 audit(1722215043.712:20595): avc:  denied  { map } for  pid=3999 comm="syz.2.18012" path="socket:[381150]" dev="sockfs" ino=381150 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 3074.828942][   T39] audit: type=1400 audit(1722215043.712:20596): avc:  denied  { accept } for  pid=3999 comm="syz.2.18012" path="socket:[381150]" dev="sockfs" ino=381150 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 3074.836875][ T4000] input: syz1 as /devices/virtual/input/input160
[ 3075.103562][ T4012] IPVS: length: 131 != 8
[ 3075.821752][ T4019] IPVS: length: 131 != 8
[ 3076.911445][ T4036] netlink: 24 bytes leftover after parsing attributes in process `syz.2.18020'.
[ 3076.967490][ T4036] netlink: 16 bytes leftover after parsing attributes in process `syz.2.18020'.
[ 3076.987748][ T4036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18020'.
[ 3077.559839][ T4109] IPVS: length: 131 != 8
[ 3078.250612][ T4120] IPVS: length: 131 != 8
[ 3079.442782][    T9] vhci_hcd: vhci_device speed not set
[ 3079.846156][ T4136] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[ 3079.849084][ T4136] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 3079.852587][ T4136] vhci_hcd vhci_hcd.0: Device attached
[ 3080.000123][ T4139] IPVS: length: 131 != 8
[ 3080.087226][ T4136] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18031'.
[ 3080.130763][ T4137] vhci_hcd: connection closed
[ 3080.131168][T24145] vhci_hcd: stop threads
[ 3080.135379][T24145] vhci_hcd: release socket
[ 3080.137444][T24145] vhci_hcd: disconnect device
[ 3080.265269][    T9] vhci_hcd: vhci_device speed not set
[ 3080.447841][ T4154] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 3080.450633][ T4154] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 3080.459272][ T4154] vhci_hcd vhci_hcd.0: Device attached
[ 3080.469006][ T4154] netlink: 16 bytes leftover after parsing attributes in process `syz.1.18034'.
[ 3080.751853][ T5472] usb 15-1: new high-speed USB device number 4 using vhci_hcd
[ 3081.058597][ T4173] netlink: 24 bytes leftover after parsing attributes in process `syz.0.18036'.
[ 3081.100572][ T4173] netlink: 16 bytes leftover after parsing attributes in process `syz.0.18036'.
[ 3081.106009][ T4173] netlink: 16 bytes leftover after parsing attributes in process `syz.0.18036'.
[ 3081.111346][ T4173] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18036'.
[ 3081.628540][ T4257] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 3081.631034][ T4257] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 3081.633871][ T4257] vhci_hcd vhci_hcd.0: Device attached
[ 3081.640965][    T9] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 3081.832217][ T4263] netlink: 24 bytes leftover after parsing attributes in process `syz.3.18045'.
[ 3081.835802][    T9] usb 5-1: Using ep0 maxpacket: 8
[ 3081.837985][    T9] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[ 3081.842157][    T9] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3081.858767][    T9] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[ 3081.864031][    T9] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3081.873906][    T9] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[ 3081.877876][    T9] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3081.887663][    T9] usb 5-1: string descriptor 0 read error: -22
[ 3081.893401][    T9] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 3081.896503][ T4304] netlink: 16 bytes leftover after parsing attributes in process `syz.3.18045'.
[ 3081.897109][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3081.901816][    T9] adutux 5-1:168.0: interrupt endpoints not found
[ 3081.910995][ T4257] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18044'.
[ 3081.919554][ T4263] netlink: 16 bytes leftover after parsing attributes in process `syz.3.18045'.
[ 3081.933212][T16221] usb 17-1: new high-speed USB device number 5 using vhci_hcd
[ 3081.952321][ T4258] vhci_hcd: connection reset by peer
[ 3081.955143][   T45] vhci_hcd: stop threads
[ 3081.957091][   T45] vhci_hcd: release socket
[ 3081.959238][   T45] vhci_hcd: disconnect device
[ 3082.141966][ T4332] IPVS: length: 131 != 8
[ 3082.144012][T29747] usb 5-1: USB disconnect, device number 68
[ 3083.427109][ T4360] IPVS: length: 131 != 8
[ 3083.737521][ T4155] vhci_hcd: connection reset by peer
[ 3083.743834][   T45] vhci_hcd: stop threads
[ 3083.748376][   T45] vhci_hcd: release socket
[ 3083.752000][   T45] vhci_hcd: disconnect device
[ 3083.830813][    C3] ==================================================================
[ 3083.834198][    C3] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0
[ 3083.838766][    C3] Read of size 4 at addr ffffc9000686fa50 by task syz.1.18054/4367
[ 3083.843865][    C3] 
[ 3083.845349][    C3] CPU: 3 UID: 0 PID: 4367 Comm: syz.1.18054 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3083.849946][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3083.854679][    C3] Call Trace:
[ 3083.856183][    C3]  <IRQ>
[ 3083.857517][    C3]  dump_stack_lvl+0x116/0x1f0
[ 3083.859727][    C3]  print_report+0xc3/0x620
[ 3083.861811][    C3]  ? __virt_addr_valid+0x5e/0x590
[ 3083.864072][    C3]  kasan_report+0xd9/0x110
[ 3083.866232][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[ 3083.868690][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 3083.871096][    C3]  xdp_do_check_flushed+0x41c/0x4e0
[ 3083.873596][    C3]  __napi_poll.constprop.0+0xd1/0x550
[ 3083.876108][    C3]  net_rx_action+0xa92/0x1010
[ 3083.879057][    C3]  ? __pfx_net_rx_action+0x10/0x10
[ 3083.881653][    C3]  ? __pfx_mark_lock+0x10/0x10
[ 3083.883864][    C3]  ? rcu_is_watching+0x10/0xc0
[ 3083.886017][    C3]  ? trace_rcu_utilization+0x100/0x160
[ 3083.888459][    C3]  ? kvm_sched_clock_read+0x11/0x20
[ 3083.890596][    C3]  ? sched_clock+0x38/0x60
[ 3083.892392][    C3]  ? sched_clock_cpu+0x6d/0x4d0
[ 3083.894330][    C3]  ? mark_held_locks+0x9f/0xe0
[ 3083.896237][    C3]  handle_softirqs+0x216/0x8f0
[ 3083.898748][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[ 3083.901584][    C3]  ? irqtime_account_irq+0x18d/0x2e0
[ 3083.903912][    C3]  ? __dev_queue_xmit+0x86d/0x4300
[ 3083.905931][    C3]  do_softirq+0xb2/0xf0
[ 3083.907546][    C3]  </IRQ>
[ 3083.908848][    C3]  <TASK>
[ 3083.910101][    C3]  __local_bh_enable_ip+0x100/0x120
[ 3083.912366][    C3]  ? __dev_queue_xmit+0x86d/0x4300
[ 3083.914717][    C3]  __dev_queue_xmit+0x882/0x4300
[ 3083.916916][    C3]  ? __lock_acquire+0x1620/0x3cb0
[ 3083.919140][    C3]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 3083.921531][    C3]  ? call_rcu_zapped+0x10/0xb0
[ 3083.923655][    C3]  ? __pfx___lock_acquire+0x10/0x10
[ 3083.925988][    C3]  ? selinux_ip_postroute+0x6fb/0xda0
[ 3083.928381][    C3]  ? __pfx_mark_lock+0x10/0x10
[ 3083.930488][    C3]  ? find_held_lock+0x2d/0x110
[ 3083.932590][    C3]  ? __ip_finish_output+0x49e/0x950
[ 3083.934898][    C3]  ? __pfx_lock_release+0x10/0x10
[ 3083.937065][    C3]  ? mark_held_locks+0x9f/0xe0
[ 3083.938751][    C3]  ip_finish_output2+0x16fe/0x25e0
[ 3083.940622][    C3]  ? nf_hook+0x3bf/0x6d0
[ 3083.942343][    C3]  ? __pfx_ip_finish_output2+0x10/0x10
[ 3083.944735][    C3]  ? ip_skb_dst_mtu+0x3fc/0xc70
[ 3083.946861][    C3]  ? __pfx_ip_skb_dst_mtu+0x10/0x10
[ 3083.948701][    C3]  ? __pfx_nf_hook+0x10/0x10
[ 3083.950092][    C3]  __ip_finish_output+0x49e/0x950
[ 3083.951572][    C3]  ip_finish_output+0x31/0x310
[ 3083.953533][    C3]  ip_output+0x13b/0x2a0
[ 3083.955093][    C3]  ? __pfx_ip_output+0x10/0x10
[ 3083.957106][    C3]  ip_push_pending_frames+0x2fb/0x5b0
[ 3083.959378][    C3]  raw_sendmsg+0x15eb/0x3a90
[ 3083.961237][    C3]  ? __pfx_raw_sendmsg+0x10/0x10
[ 3083.963081][    C3]  ? avc_has_perm_noaudit+0x143/0x3a0
[ 3083.965081][    C3]  ? __pfx_avc_has_perm+0x10/0x10
[ 3083.966981][    C3]  ? sock_has_perm+0x25a/0x2f0
[ 3083.968776][    C3]  ? __import_iovec+0x1fd/0x6e0
[ 3083.970599][    C3]  ? __pfx_raw_sendmsg+0x10/0x10
[ 3083.972447][    C3]  ? inet_sendmsg+0x119/0x140
[ 3083.974838][    C3]  inet_sendmsg+0x119/0x140
[ 3083.976765][    C3]  ____sys_sendmsg+0x992/0xc90
[ 3083.978892][    C3]  ? copy_msghdr_from_user+0x10b/0x160
[ 3083.981188][    C3]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3083.983823][    C3]  ? __pfx___futex_wait+0x10/0x10
[ 3083.986022][    C3]  ? __pfx___lock_acquire+0x10/0x10
[ 3083.988354][    C3]  ? try_to_wake_up+0x14b/0x13e0
[ 3083.990454][    C3]  ___sys_sendmsg+0x135/0x1e0
[ 3083.992744][    C3]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3083.994999][    C3]  ? __fget_light+0x173/0x210
[ 3083.997041][    C3]  __sys_sendmsg+0x117/0x1f0
[ 3083.998968][    C3]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3084.001173][    C3]  ? __x64_sys_futex+0x1e1/0x4c0
[ 3084.003256][    C3]  do_syscall_64+0xcd/0x250
[ 3084.005156][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3084.007633][    C3] RIP: 0033:0x7fbb87f77299
[ 3084.009517][    C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3084.017521][    C3] RSP: 002b:00007fbb88d70048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3084.021050][    C3] RAX: ffffffffffffffda RBX: 00007fbb88105f80 RCX: 00007fbb87f77299
[ 3084.024316][    C3] RDX: 0000000000000000 RSI: 0000000020000a00 RDI: 0000000000000003
[ 3084.027807][    C3] RBP: 00007fbb87fe48e6 R08: 0000000000000000 R09: 0000000000000000
[ 3084.031207][    C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3084.034552][    C3] R13: 000000000000000b R14: 00007fbb88105f80 R15: 00007ffe4160a6a8
[ 3084.038076][    C3]  </TASK>
[ 3084.039475][    C3] 
[ 3084.040499][    C3] The buggy address belongs to stack of task syz.1.18054/4367
[ 3084.044897][    C3]  and is located at offset 496 in frame:
[ 3084.047275][    C3]  raw_sendmsg+0x0/0x3a90
[ 3084.049088][    C3] 
[ 3084.050096][    C3] This frame has 7 objects:
[ 3084.052041][    C3]  [32, 36) 'err'
[ 3084.052052][    C3]  [48, 56) 'rt'
[ 3084.053595][    C3]  [80, 120) 'ipc'
[ 3084.055106][    C3]  [160, 208) 'state'
[ 3084.056687][    C3]  [240, 296) 'fl4'
[ 3084.058379][    C3]  [336, 360) 'rfv'
[ 3084.059989][    C3]  [400, 472) 'opt_copy'
[ 3084.061605][    C3] 
[ 3084.064389][    C3] The buggy address belongs to the virtual mapping at
[ 3084.064389][    C3]  [ffffc90006868000, ffffc90006871000) created by:
[ 3084.064389][    C3]  kernel_clone+0xfd/0x980
[ 3084.071630][    C3] 
[ 3084.072653][    C3] The buggy address belongs to the physical page:
[ 3084.075252][    C3] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888023107000 pfn:0x49ef3
[ 3084.079265][    C3] memcg:ffff888045132082
[ 3084.081577][    C3] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 3084.084579][    C3] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 3084.088220][    C3] raw: ffff888023107000 0000000000000000 00000001ffffffff ffff888045132082
[ 3084.091739][    C3] page dumped because: kasan: bad access detected
[ 3084.094324][    C3] page_owner tracks the page as allocated
[ 3084.096712][    C3] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 4339, tgid 4339 (syz.2.18047), ts 3082545137818, free_ts 3081835630738
[ 3084.104472][    C3]  post_alloc_hook+0x2d1/0x350
[ 3084.106471][    C3]  get_page_from_freelist+0x1351/0x2e50
[ 3084.108728][    C3]  __alloc_pages_noprof+0x22b/0x2460
[ 3084.110768][    C3]  alloc_pages_mpol_noprof+0x275/0x610
[ 3084.112774][    C3]  __vmalloc_node_range_noprof+0xa6a/0x1520
[ 3084.115206][    C3]  copy_process+0x2f3b/0x8de0
[ 3084.117165][    C3]  kernel_clone+0xfd/0x980
[ 3084.118852][    C3]  __do_sys_clone3+0x1f5/0x270
[ 3084.120606][    C3]  do_syscall_64+0xcd/0x250
[ 3084.122452][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3084.124890][    C3] page last free pid 0 tgid 0 stack trace:
[ 3084.127265][    C3]  free_unref_page+0x64a/0xe40
[ 3084.129244][    C3]  __folio_put+0x31c/0x3e0
[ 3084.131019][    C3]  free_page_and_swap_cache+0x249/0x2c0
[ 3084.133041][    C3]  tlb_remove_table_rcu+0x89/0xe0
[ 3084.134913][    C3]  rcu_core+0x828/0x16b0
[ 3084.136491][    C3]  handle_softirqs+0x216/0x8f0
[ 3084.138262][    C3]  irq_exit_rcu+0xbb/0x120
[ 3084.139917][    C3]  sysvec_apic_timer_interrupt+0x95/0xb0
[ 3084.142204][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 3084.144756][    C3] 
[ 3084.145774][    C3] Memory state around the buggy address:
[ 3084.148093][    C3]  ffffc9000686f900: 00 00 00 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00
[ 3084.151163][    C3]  ffffc9000686f980: 00 f2 f2 f2 f2 f2 00 00 00 f2 f2 f2 f2 f2 00 00
[ 3084.154486][    C3] >ffffc9000686fa00: 00 00 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 00 00
[ 3084.157838][    C3]                                                  ^
[ 3084.160571][    C3]  ffffc9000686fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 3084.163665][    C3]  ffffc9000686fb00: 00 00 00 f1 f1 f1 f1 f1 f1 00 00 00 00 04 f3 f3
[ 3084.166664][    C3] ==================================================================
[ 3084.169781][    C3] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 3084.173345][    C3] CPU: 3 UID: 0 PID: 4367 Comm: syz.1.18054 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0
[ 3084.177162][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 3084.181379][    C3] Call Trace:
[ 3084.182671][    C3]  <IRQ>
[ 3084.183905][    C3]  dump_stack_lvl+0x3d/0x1f0
[ 3084.185882][    C3]  panic+0x6f5/0x7a0
[ 3084.187564][    C3]  ? __pfx_panic+0x10/0x10
[ 3084.189169][    C3]  ? check_panic_on_warn+0x1f/0xb0
[ 3084.190867][    C3]  check_panic_on_warn+0xab/0xb0
[ 3084.192993][    C3]  end_report+0x117/0x180
[ 3084.194821][    C3]  kasan_report+0xe9/0x110
[ 3084.196673][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[ 3084.198904][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[ 3084.201136][    C3]  xdp_do_check_flushed+0x41c/0x4e0
[ 3084.203351][    C3]  __napi_poll.constprop.0+0xd1/0x550
[ 3084.205615][    C3]  net_rx_action+0xa92/0x1010
[ 3084.207574][    C3]  ? __pfx_net_rx_action+0x10/0x10
[ 3084.209718][    C3]  ? __pfx_mark_lock+0x10/0x10
[ 3084.211714][    C3]  ? rcu_is_watching+0x10/0xc0
[ 3084.214287][    C3]  ? trace_rcu_utilization+0x100/0x160
[ 3084.216748][    C3]  ? kvm_sched_clock_read+0x11/0x20
[ 3084.219482][    C3]  ? sched_clock+0x38/0x60
[ 3084.221706][    C3]  ? sched_clock_cpu+0x6d/0x4d0
[ 3084.224316][    C3]  ? mark_held_locks+0x9f/0xe0
[ 3084.227289][    C3]  handle_softirqs+0x216/0x8f0
[ 3084.229367][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[ 3084.231649][    C3]  ? irqtime_account_irq+0x18d/0x2e0
[ 3084.233967][    C3]  ? __dev_queue_xmit+0x86d/0x4300
[ 3084.236145][    C3]  do_softirq+0xb2/0xf0
[ 3084.237965][    C3]  </IRQ>
[ 3084.239217][    C3]  <TASK>
[ 3084.240448][    C3]  __local_bh_enable_ip+0x100/0x120
[ 3084.242643][    C3]  ? __dev_queue_xmit+0x86d/0x4300
[ 3084.244828][    C3]  __dev_queue_xmit+0x882/0x4300
[ 3084.246954][    C3]  ? __lock_acquire+0x1620/0x3cb0
[ 3084.249127][    C3]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 3084.251395][    C3]  ? call_rcu_zapped+0x10/0xb0
[ 3084.253430][    C3]  ? __pfx___lock_acquire+0x10/0x10
[ 3084.255628][    C3]  ? selinux_ip_postroute+0x6fb/0xda0
[ 3084.257901][    C3]  ? __pfx_mark_lock+0x10/0x10
[ 3084.259924][    C3]  ? find_held_lock+0x2d/0x110
[ 3084.261609][    C3]  ? __ip_finish_output+0x49e/0x950
[ 3084.263459][    C3]  ? __pfx_lock_release+0x10/0x10
[ 3084.265572][    C3]  ? mark_held_locks+0x9f/0xe0
[ 3084.267202][    C3]  ip_finish_output2+0x16fe/0x25e0
[ 3084.269372][    C3]  ? nf_hook+0x3bf/0x6d0
[ 3084.271336][    C3]  ? __pfx_ip_finish_output2+0x10/0x10
[ 3084.273255][    C3]  ? ip_skb_dst_mtu+0x3fc/0xc70
[ 3084.275178][    C3]  ? __pfx_ip_skb_dst_mtu+0x10/0x10
[ 3084.277225][    C3]  ? __pfx_nf_hook+0x10/0x10
[ 3084.278728][    C3]  __ip_finish_output+0x49e/0x950
[ 3084.280412][    C3]  ip_finish_output+0x31/0x310
[ 3084.282352][    C3]  ip_output+0x13b/0x2a0
[ 3084.284081][    C3]  ? __pfx_ip_output+0x10/0x10
[ 3084.286105][    C3]  ip_push_pending_frames+0x2fb/0x5b0
[ 3084.288025][    C3]  raw_sendmsg+0x15eb/0x3a90
[ 3084.289759][    C3]  ? __pfx_raw_sendmsg+0x10/0x10
[ 3084.291567][    C3]  ? avc_has_perm_noaudit+0x143/0x3a0
[ 3084.293749][    C3]  ? __pfx_avc_has_perm+0x10/0x10
[ 3084.295550][    C3]  ? sock_has_perm+0x25a/0x2f0
[ 3084.297474][    C3]  ? __import_iovec+0x1fd/0x6e0
[ 3084.299106][    C3]  ? __pfx_raw_sendmsg+0x10/0x10
[ 3084.300915][    C3]  ? inet_sendmsg+0x119/0x140
[ 3084.302822][    C3]  inet_sendmsg+0x119/0x140
[ 3084.304468][    C3]  ____sys_sendmsg+0x992/0xc90
[ 3084.306479][    C3]  ? copy_msghdr_from_user+0x10b/0x160
[ 3084.308526][    C3]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3084.310638][    C3]  ? __pfx___futex_wait+0x10/0x10
[ 3084.312773][    C3]  ? __pfx___lock_acquire+0x10/0x10
[ 3084.314847][    C3]  ? try_to_wake_up+0x14b/0x13e0
[ 3084.316506][    C3]  ___sys_sendmsg+0x135/0x1e0
[ 3084.318101][    C3]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3084.319754][    C3]  ? __fget_light+0x173/0x210
[ 3084.321230][    C3]  __sys_sendmsg+0x117/0x1f0
[ 3084.322761][    C3]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3084.324715][    C3]  ? __x64_sys_futex+0x1e1/0x4c0
[ 3084.326522][    C3]  do_syscall_64+0xcd/0x250
[ 3084.328063][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3084.330151][    C3] RIP: 0033:0x7fbb87f77299
[ 3084.331850][    C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3084.339181][    C3] RSP: 002b:00007fbb88d70048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3084.342242][    C3] RAX: ffffffffffffffda RBX: 00007fbb88105f80 RCX: 00007fbb87f77299
[ 3084.345275][    C3] RDX: 0000000000000000 RSI: 0000000020000a00 RDI: 0000000000000003
[ 3084.348363][    C3] RBP: 00007fbb87fe48e6 R08: 0000000000000000 R09: 0000000000000000
[ 3084.351667][    C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3084.354548][    C3] R13: 000000000000000b R14: 00007fbb88105f80 R15: 00007ffe4160a6a8
[ 3084.357794][    C3]  </TASK>
[ 3084.359412][    C3] Kernel Offset: disabled
[ 3084.360925][    C3] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:50:02  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc9000633fba8 RCX=ffffffff8168dfad RDX=0000000000000001
RSI=0000000000000004 RDI=ffffc90000007ec8 RBP=1ffff92000000fd5 RSP=ffffc90000007ea0
R8 =0000000000000001 R9 =fffff52000000fd9 R10=0000000000000003 R11=0000000000000000
R12=ffffc9000633fbb0 R13=ffffc9000633fbb8 R14=ffffc9000597fb40 R15=ffffc9000633fb48
RIP=ffffffff8168dfbe RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055556904c5c8 CR3=000000004864c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904de56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904de56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904de56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904de56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904de5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904de5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904ed5488 00007f5904ed5480 00007f5904ed5478 00007f5904ed5450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5905a3d100 00007f5904ed5440 00007f5904ed0004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5904ed5498 00007f5904ed5490 00007f5904ed5488 00007f5904ed5480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000616b549 RBX=0000000000000001 RCX=ffffffff8b11a529 RDX=0000000000000000
RSI=ffffffff8b4cc500 RDI=ffffffff8bb08f40 RBP=ffffed10030d8910 RSP=ffffc90000187e08
R8 =0000000000000001 R9 =ffffed100d626fe1 R10=ffff88806b137f0b R11=0000000000000000
R12=0000000000000001 R13=ffff8880186c4880 R14=ffffffff9012b318 R15=0000000000000000
RIP=ffffffff8b11b91f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020037000 CR3=00000000202d2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=fcba972ace7d6eb1 7186a18073636203 fcba972ace7d6eb1 7186a18073636203 fcba972ace7d6eb1 7186a18073636203 fcba972ace7d6eb1 7186a18073636203
ZMM18=f4361b87c964eda7 340dc30ce0ad52f9 f4361b87c964eda7 340dc30ce0ad52f9 f4361b87c964eda7 340dc30ce0ad52f9 f4361b87c964eda7 340dc30ce0ad52f9
ZMM19=2b6d000000000000 0000000000000016 2b6d000000000000 0000000000000015 2b6d000000000000 0000000000000014 2b6d000000000000 0000000000000013
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180
ZMM22=ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1
ZMM23=fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a
ZMM24=e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9
ZMM25=340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c
ZMM26=c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7
ZMM27=f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000
info registers vcpu 2

CPU#2
RAX=0000000000000007 RBX=0000000000000000 RCX=1ffff11004dc9a7a RDX=0000000000000000
RSI=0000000000000027 RDI=ffff888026e4d3fc RBP=0000000000000001 RSP=ffffc900033c7170
R8 =0000000000000001 R9 =0000000000080000 R10=000000000000000f R11=0000000000000002
R12=0000000000000000 R13=ffff888026e4d3d8 R14=0000000000000027 R15=ffff888026e4c880
RIP=ffffffff8168282a RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f6edd7c4d00 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056249a233280 CR3=0000000023f1a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008220202 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe7ba63090 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 55510029646c253d 646970282064253a 29287338342e253a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 5551000c41490018 414c550d0541001f 0c0d561d110b001f
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180 7186a1807186a180
ZMM22=ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1 ce7d6eb1ce7d6eb1
ZMM23=fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a fcba972afcba972a
ZMM24=e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9 e0ad52f9e0ad52f9
ZMM25=340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c 340dc30c340dc30c
ZMM26=c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7 c964eda7c964eda7
ZMM27=f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87 f4361b87f4361b87
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000 2b6d00002b6d0000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffffc90000908940 RCX=ffffffff816b3e9c RDX=ffff88805d4b8000
RSI=ffffffff816b3ec3 RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc90000908728
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=3030303963666666
R12=ffffc900009087b8 R13=ffffffff94ec5e80 R14=0000000000000001 R15=ffffc90000908778
RIP=ffffffff818a8fd9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fbb88d706c0 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c398e9e CR3=00000000669b6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000000010100 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb87fe56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb87fe56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb87fe56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb87fe56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb87fe5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb87fe5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb880d5488 00007fbb880d5480 00007fbb880d5478 00007fbb880d5450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb88c3d100 00007fbb880d5440 00007fbb880d5458 00007fbb880d54a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb880d5498 00007fbb880d5490 00007fbb880d5488 00007fbb880d5480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038 0000000000000001 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000