last executing test programs:

7.6093772s ago: executing program 0 (id=1640):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r4 = getpgid(0xffffffffffffffff)
sched_setaffinity(r4, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDRT(r3, 0x890b, &(0x7f0000000040)={0x0, @ethernet={0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}}, @hci={0x1f, 0x0, 0x4}, @llc={0x1a, 0xffff, 0x9, 0x2, 0x9, 0xe2, @broadcast}, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x6, 0x1})
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000040)={@link_local, @broadcast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1, "e4a28276"}}}}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0xc}})
io_submit(0x0, 0x0, 0x0)
madvise(&(0x7f0000012000/0x4000)=nil, 0x4000, 0x9)
r8 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r8, 0x0, &(0x7f0000000780)={0x44, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r9, 0x5b15, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)

4.579662495s ago: executing program 1 (id=1653):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c00000000010104000000000000000002000000200001801400018048000100e0000001080003000000535149793e46d7e7000006000340000000000800074000000000"], 0x3c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000000201090400000000000000000294"], 0x38}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f00000011c0)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e20, 0x2, 'wrr\x00', 0x1, 0x9, 0x56}, 0x2c)
sendmsg$nl_route_sched(r2, &(0x7f000000de00)={0x0, 0x0, &(0x7f000000ddc0)={&(0x7f00000004c0)=@newtaction={0x48, 0x11, 0x323, 0x0, 0x0, {}, [{0x34, 0x1, [@m_mirred={0x30, 0x0, 0x0, 0x0, {{0xb, 0x36}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pipe(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
signalfd4(r4, &(0x7f0000000140), 0x8, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000002c440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623028271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x80, 0x7f, 0x6, 0x2001, 0x1, 0xffffffc0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1}, 0x48)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @desc3}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0x40086602, &(0x7f0000000080)={@desc={0x80000, 0x0, @desc1}})
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$IEEE802154_ADD_IFACE(r6, 0x0, 0x0)

4.433908207s ago: executing program 0 (id=1654):
r0 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$CDROMSEEK(r0, 0x5316, &(0x7f0000000200)={0xfc, 0xd1, 0x0, 0x1, 0x0, 0x2})
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2}}}, 0xd)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002100)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000200000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb301a913bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4318123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd5441110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762011052eac2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e4b9ec7a410ec42315255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e997ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5e080eaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffda707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c7fdffffffffffffff0000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9060000006a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe030000008e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba0790ee0d112f99e59ba82e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305977eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f87204311327c18380fedf3d3dad8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000f1e2be1b2290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be479998cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1951393352bc756f3fcaad2c1c399a3e43eaaeca70db90f2fa39596443447671971868345e92e4b33079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166fa3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416f80ba17d21d53961471b2d2d459e4bb23230d676ca49633b25e26a322024beb7c3427da59f7daa70a5d44a0eb895f29245df6401295d3da939954e126a3be932f47fe61ef1bfe83086651af7e23c2a8fa702b9cdfd008c898d73bb97168ca390ef5398000000000000000000000000a454f930ada97e4d7460bf0d3312c03639870f8b33fa044a805867e88bf164474513ec0cd466baf22573597c7bf340d67a6854e39371fb671a46be4942b49cc28ac921188461979e530c8a90dcfacdad19469540b9deb65290e786e53a715e6b712642087c9a0640b6910f4c07cde1ba22c2224cd9c8c39dd73a9b0a15c743b6c29c7635d96dee702dce815913a7ad9b661da02d7decc1649d06d55c9a8f24dc63f02c3bc2d6ad0425cf71147d0efa8a255819a1c3b54fffe7f2cb3629990f034cae989dd1dfebc50a2a7ed4fbaa267e7c4cd6f11511a12a7116ca9a78e83a59d90a4abe6b0aafc9c9e408c324f67910b938765e0bf7e80d6e306b6827ae12ecae85472d88ad4646256329b6ae3b3974b420504c6df932eb45506db7d0d5d838aeb7ad7b90a38a24ba58e67e8c6845cd16e294fb25681c3c752d02862feb48bb7c67fde3ab4035c7"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xcc0, 0x0, &(0x7f0000000040)="2b1c52ac82e71ea05b0c5e43ede4", 0x0, 0xb20c, 0x0, 0x0, 0xe8, 0x0, &(0x7f0000000280)="dd"}, 0x48)

4.394173095s ago: executing program 1 (id=1655):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$9p_fd(0x8c, &(0x7f0000000680)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYRESOCT])

4.227268489s ago: executing program 1 (id=1657):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000faffffffb703000008400000b70600000000feff850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r2 = open(0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x12, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x10a, &(0x7f0000000540)={@multicast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e23, 0xe8, 0x0, @opaque="e1c2de3b435597bd12ee10566c54294b976e1e05617c06de6c96b5c7435a1cc887d9bd1456d795f1d05fa4dc9401ace35a068c40dcb7014db06d742c3c9c944004aa44df949e6905bee501c3968bc84fd9b08824c7077e4a1c915f809db7dc1ea69fb3e853a208d1e1b1e30fa3ff0f000059d3733db463a8105fc7f1e36c051a46a63b54167c8d78631c1491da3555dc53713c1e13dc33dd21fccdead45781e66d811092d62bf865d39a9a1eb4e4f01525f75cfe2051d4907b2b9739b92aa8a8f81a4cdbd12a95bcd2d5e9391b0c983225c961a3e233a489123170c1b658d216"}}}}}, 0x0)
copy_file_range(0xffffffffffffffff, &(0x7f0000000000), r2, 0x0, 0x0, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r4, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x0, 0x11}}, 0x120)
clock_gettime(0x0, &(0x7f00000002c0))
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xa)
ppoll(&(0x7f0000000280)=[{r1, 0x100}, {r5}, {}, {r4, 0x20}, {0xffffffffffffffff, 0x4110}, {r6, 0x4048}, {r6, 0xa}], 0x7, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
futex(&(0x7f0000001300)=0x80000001, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r8 = signalfd(0xffffffffffffffff, &(0x7f00000002c0), 0x8)
read$FUSE(r8, &(0x7f0000002900)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='block_split\x00', r9}, 0x10)

3.959554338s ago: executing program 3 (id=1661):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@setneightbl={0x24, 0x43, 0x701, 0x0, 0x0, {0x2}, [@NDTA_THRESH3={0x8, 0x4, 0x7}, @NDTA_THRESH2={0x8, 0x3, 0x6}]}, 0x24}}, 0x0)
iopl(0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x1, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000e40), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x4})
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000000)=0x2)
ioctl$VIDIOC_S_STD(r6, 0x40085618, &(0x7f0000000080)=0x3200e0)
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc0585609, &(0x7f00000001c0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b34d6fde"}, 0x0, 0x2, {0x0}})
openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r7 = open(0x0, 0x0, 0x0)
mkdirat(r7, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
ioctl$NBD_SET_FLAGS(r7, 0xab0a, 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC])
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)

3.889731718s ago: executing program 2 (id=1662):
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
write$ppp(r0, &(0x7f0000000140)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xf, &(0x7f0000000900)=@ringbuf={{0x18, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x31}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet(0x2, 0x0, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r2}, 0x38)
read$dsp(0xffffffffffffffff, &(0x7f00000004c0)=""/216, 0xd8)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="e501330080800000080211000000ffffffffffff90e488f9971a00000000000000000000000000000000000003010004060000000000002a010072060303030303037606000000000000dd352d5014b2109a59339408ad50548584c01cda5f3ced6f13b590b9aaf1bca488130effc03c7c2adf4757f254203300027902dd1fa777dd73eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602fb2299c382c07898a4d7dddbc046ef6a9b938b13f76ccceb4d339a7d92a6a7f45bd90df8b5bd53f1eec1a24dde44f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24103d4337027917c48d29a1860dad1f99fe412ea5a5eff0a43812f63ec34a05279e6dc25839f828e60b01f9b6a65bf411101d89dc154716566458aa4111340a6d895801f8d51908b9bdd47762550f4ee51c8a3f64cfe2f8b701e79d393a957fa4e3e620099b226f683280ec0f5d85f9c59d29d9159126c9f114d0e08f17f96e4757dd81825d8f432246cdb8ab571fcfdd075dad8ac12f9666"], 0x204}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r8, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r10, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r11 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400018076657468305f746f5f687372000000000800074000000001140000001000010000000000000000000000000a"], 0xf0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x2c, &(0x7f0000000240)=ANY=[@ANYRESHEX=r11, @ANYRES32=r2, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x90)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)

3.738044333s ago: executing program 0 (id=1663):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r4 = getpgid(0xffffffffffffffff)
sched_setaffinity(r4, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDRT(r3, 0x890b, &(0x7f0000000040)={0x0, @ethernet={0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}}, @hci={0x1f, 0x0, 0x4}, @llc={0x1a, 0xffff, 0x9, 0x2, 0x9, 0xe2, @broadcast}, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x6, 0x1})
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000040)={@link_local, @broadcast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1, "e4a28276"}}}}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0xc}})
io_submit(0x0, 0x0, 0x0)
madvise(&(0x7f0000012000/0x4000)=nil, 0x4000, 0x9)
r8 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r8, 0x0, &(0x7f0000000780)={0x44, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r9, 0x5b15, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)

3.51873655s ago: executing program 2 (id=1664):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x44}, {0x6}]})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_int(r0, 0x0, 0x21, &(0x7f0000000080)=0x200, 0x4)
syz_emit_ethernet(0x66, &(0x7f0000000200)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x30, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @time_exceed={0xa1, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '%kT', 0x0, 0x0, 0x0, @mcast1, @dev={0xfe, 0x80, '\x00', 0x3b}}}}}}}}, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000400)={0x0, 0x0, 0x10, 0xfffffffe}, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
pwritev2(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000100)="7270aa3f0c63ef31716980d71af481e691d156e5c690c37493c965008b713ed133a85027d43b49d05b8ec0e538f674752205f76fb42632a5233a7d64e1cea692029b6a", 0x43}], 0x1, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000ac0)={0x1, 0x0, [{0x0, 0xd3, &(0x7f0000000780)=""/211}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=""/253, 0x0, &(0x7f0000000600)=""/91})
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f00000001c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000b00)={0x0, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r5, 0xc0383e04, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000480)=[{}]})
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='gre0\x00', 0x10)
sendto$inet(r1, &(0x7f00000000c0)="929c", 0xfdef, 0x4, &(0x7f0000000140)={0x2, 0x0, @multicast1}, 0x10)
accept4(r2, &(0x7f0000000500)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f00000002c0)=0x80, 0x100000)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="58000000020601040000000000000000000000000500040000000000050005000200000005000100070000000c00078005001500020000000900020073797a300000000013000300686173683a6e65742c69666163650000c98c0996b60072783d1652cf77e5f0cc440a6b4e0af22477a0820322e91f41fe"], 0x58}}, 0x0)

3.369733055s ago: executing program 1 (id=1665):
syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05044000000905830391"], 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x500)

2.988022595s ago: executing program 3 (id=1666):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@setneightbl={0x1c, 0x43, 0x701, 0x0, 0x0, {0x2}, [@NDTA_THRESH2={0x8, 0x3, 0x6}]}, 0x1c}}, 0x0)
iopl(0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x1, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x4})
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f0000000000)=0x2)
ioctl$VIDIOC_S_STD(0xffffffffffffffff, 0x40085618, &(0x7f0000000080)=0x3200e0)
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc0585609, &(0x7f00000001c0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b34d6fde"}, 0x0, 0x2, {0x0}})
openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = open(0x0, 0x0, 0x0)
mkdirat(r5, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
ioctl$NBD_SET_FLAGS(r5, 0xab0a, 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC])
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)

2.53832968s ago: executing program 2 (id=1667):
syz_io_uring_setup(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x2}, &(0x7f00000000c0), &(0x7f0000000100))
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffff0f, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x5b2b4293}], 0x1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mknod$loop(0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b48b0000000054161016bbfeca9b01b0fc0da3450000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x9, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x6}, {}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x10]}}, &(0x7f0000000180)=""/129, 0x3d, 0x81, 0x1}, 0x20)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
unshare(0x400)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
splice(r5, 0x0, r6, 0x0, 0x100000004, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x2e0, 0x0, 0x111, 0x4b4, 0x118, 0xd4feffff, 0x218, 0x20a, 0x278, 0x218, 0x278, 0x3, 0x0, {[{{@ipv6={@private0, @empty, [], [], 'pimreg0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xf4, 0x118, 0x0, {}, [@common=@inet=@tcp={{0x2c}, {[], [], 0x0, 0x0, 0x2, 0x4}}, @inet=@rpfilter={{0x24}}]}, @common=@inet=@TCPMSS={0x24}}, {{@uncond, 0x0, 0xdc, 0x100, 0x0, {}, [@common=@unspec=@quota={{0x38}}]}, @common=@inet=@TCPMSS={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x33c)
socket$netlink(0x10, 0x3, 0xf)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0xf400)
socket$netlink(0x10, 0x3, 0x0)

1.969592819s ago: executing program 3 (id=1668):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r3, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x34, 0x0, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {}, {0x18, 0x17, {0xc, 0x0, @l2={'eth', 0x3a, 'syz_tun\x00'}}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4000080}, 0x40010)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0500000000", @ANYRES32=r8, @ANYBLOB="08000500020000000500530001000000"], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x2c, 0x0, 0x4c81ab4041549209, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x6e}, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x20040000)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x2c, 0x7, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x2c}}, 0x0)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0x4}, 0x6)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r10 = openat$dlm_control(0xffffff9c, &(0x7f0000000240), 0x60000, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f00000013c0)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000740)=ANY=[@ANYRESHEX=r2, @ANYRESOCT=r11, @ANYBLOB="81005a3f572d3e37137d4997b5a71e29cd02a5b6bb7ef506efd89086579051068f067cd2b7e3ddfee927d58fd735aadfe28a7795fee83217e9c8bbb27ef425e695ac49378827ece13a13424aa23874a3d70a2fd10a27b8bb26d55989ea0a14e282e83cdcdd8fba19bf054d9c3c9968111e8b88308fd411638dcd4f08feedc234fd2a3c52b55e97baaa152b8e279b45f6d06ed7d124df8a8b3da1c5a05f919d9162f8eecd3fea880f7c546c58df9dfc039c689ff69536bc02245ddb98be29e36f8970760545ce611659fc07e0680827b6585560566e2e5499b667b8b2c055d9d012dc312451d6f9b92cb8b1a337e1dc79fd18f5b0567efdcebbd9", @ANYRES32=r13, @ANYRES16=r13], 0x6f4}}, 0x811)
sendmsg$NL80211_CMD_GET_WOWLAN(r10, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000500)={&(0x7f0000000340)={0x28, r12, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x4}, @void, @val={0xc, 0x99, {0x8, 0x2c}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4004000)
r14 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000480)={0x20009, 0x0, 0x3})
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r14, 0x40045612, &(0x7f0000000000)=0x1)

1.969144349s ago: executing program 1 (id=1669):
io_uring_setup(0x177f, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0xffff, 0x101, 0x512c, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x2, 0x200000000000000}, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="8e412e02bc36cb7637d7002bdcaa8dd125c123da1d"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000180)={r4, 0x8000000000002, 0x4000})
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
write$binfmt_misc(r6, &(0x7f0000000080)=ANY=[], 0x5)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}, 0x10)
connect$inet(r7, &(0x7f0000001280)={0x2, 0x0, @multicast1}, 0x10)
splice(r5, 0x0, r7, 0x0, 0x5, 0xd)
writev(r7, &(0x7f0000000040)=[{&(0x7f0000000080)='\x00', 0x7}], 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000002780)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r8, 0x3, r3, 0x5})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000014010100000000000006000000000000e954f96997088e4c0f9125d056421838673b9d6bc83fbc69f393e3dba87c80d1d8a614a00c8e5bafbb7825774aa0c54c7d6f34d05825763aabc29be10e5469bdf52de81d"], 0x14}}, 0x0)

1.851928564s ago: executing program 3 (id=1670):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@setneightbl={0x24, 0x43, 0x701, 0x0, 0x0, {0x2}, [@NDTA_THRESH3={0x8, 0x4, 0x7}, @NDTA_THRESH2={0x8, 0x3, 0x6}]}, 0x24}}, 0x0)
iopl(0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x1, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000e40), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x4})
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000000)=0x2)
ioctl$VIDIOC_S_STD(r6, 0x40085618, &(0x7f0000000080)=0x3200e0)
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc0585609, &(0x7f00000001c0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b34d6fde"}, 0x0, 0x2, {0x0}})
openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r7 = open(0x0, 0x0, 0x0)
mkdirat(r7, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
ioctl$NBD_SET_FLAGS(r7, 0xab0a, 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC])
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)

1.570065522s ago: executing program 2 (id=1671):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000300), 0x2, 0x101002)
syz_open_dev$dmmidi(&(0x7f0000000040), 0x200, 0xc8b81)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0x0, 0x200000, 0x0, 0x0, 0xfffffffd, 0x20}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x7fffffff, 0x0, 0xfffffffd}}]}]}}}]}, 0x68}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r3, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)

1.468304142s ago: executing program 2 (id=1672):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
listen(r1, 0x5)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r4, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1)
r5 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x4000000000000a1, 0x2, 0x0)
recvmsg(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd090328000300300000006000000001002f0081e949b93897bc3b0000000000007d01ff0200"/53], 0xfdef)
r7 = syz_usbip_server_init(0x3)
write$usbip_server(r7, &(0x7f0000000080)=@ret_unlink, 0x30)
r8 = eventfd(0x5)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x0, r8})
getgid()

1.242489988s ago: executing program 0 (id=1673):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x1008, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

1.158759071s ago: executing program 0 (id=1674):
syz_io_uring_setup(0x37e5, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
openat$dma_heap(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x541c, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000000c0)=ANY=[], 0x118)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x180a00, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r3 = openat$qat_adf_ctl(0xffffff9c, &(0x7f0000000000), 0xc200, 0x0)
ioctl$IOCTL_STATUS_ACCEL_DEV(r3, 0x40046103, &(0x7f0000000040)={0x6, 0x4, 0x3, 0x3, 0x6, 0x9, 0xa0, 0x7, 0x5, 0x1, 0xc, "543336fe51463a714fbda86732cb93bbc34f9bb78000"})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"])
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x1}, 0x48)
syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0cc5605, &(0x7f00000000c0)={0x5, @pix={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff}})
ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0x4144, 0x4)
r5 = gettid()
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYRESDEC=r2, @ANYRES64=0x0, @ANYBLOB="b370e60001"], 0x48}}, 0x0)
recvmmsg(r6, &(0x7f0000003480)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
read(r7, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f0000000080)={0x335})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r7, 0xc08c5335, &(0x7f0000000480)={0x0, 0x0, 0x0, 'queue0\x00'})
tkill(r5, 0x7)

1.060032041s ago: executing program 1 (id=1675):
pipe2(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004c00)={0x2020}, 0x2020)
socket$nl_netfilter(0x10, 0x3, 0xc)
keyctl$unlink(0x9, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
syz_pidfd_open(0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fanotify_init(0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={0xffffffffffffffff, 0x7, 0x0, 0x0, &(0x7f0000000040), 0x0, 0xffb0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x3b7, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729a81e4ef2fed2f18732f0038e079e561eea96eb665219070f42139c627dd5f185d23fdc316d38eb99826bcb63938d6cd1af3b5274f57009f87854ad98bef03025c32e7aa4a721d28e94ec5feff3a279c2e1c18002e39eaaefec3dfd1eae45a61e4283e8a7ef1eaf70d93a0333a9ff9ef048332f3fcc797076f8c0285854"})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0x84, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, ';'}, {0x5, 0x24, 0x0, 0xfffe}, {0xd, 0x24, 0xf, 0x1, 0x3, 0x0, 0x0, 0x2f}, {0x6}, [@obex={0x5, 0x24, 0x15, 0x8}, @network_terminal={0x7, 0x24, 0xa, 0x7, 0x0, 0x7}, @obex={0x5, 0x24, 0x15, 0x9}, @acm={0x4, 0x24, 0x2, 0xb}]}}}}}]}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="020000000000000018001280001000000000ffffffff1425d7f020e400000000"], 0x38}}, 0x0)
read$FUSE(r1, &(0x7f0000001400)={0x2020}, 0x2020)
syz_usb_connect(0x0, 0x24, &(0x7f0000000b00)={{0x12, 0x1, 0x0, 0xa5, 0xaf, 0x5f, 0x20, 0xe8d, 0x23, 0x3aab, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x56, 0x0, 0x0, 0xa}}]}}]}}, 0x0)
io_cancel(0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0xc, 0x2, 0xffffffffffffffff, &(0x7f0000000500)="66e0891ae99fbf803fb4310534b43b434147e52bcecef8bcf8b0a504442a604e2a758f6745e4ffb0623ab7121a379405e0fa8ef5403955855bee6790196dfc750de94ebdf5c6", 0x46, 0x6, 0x0, 0x0, r1}, &(0x7f00000005c0))
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=ANY=[@ANYBLOB="00000000000080000000148a3045e2d59b2f835be5ea0e158eca154cbab5354fbf743f5fc122403262404ab03d579ff00ae8803b1d4b880ed1f02b5aa5b0c2883f9126da4a26a5f382ff54dd48e667192affe59dc40ee4fc3ec1030a0850e9281e119ab2de5ada1393ab9069", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001100028005000100030000000500150000000000"], 0x44}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000040), &(0x7f0000000080))
socket$inet6_sctp(0xa, 0x801, 0x84)
syz_io_uring_setup(0x1fbf, &(0x7f0000000040)={0x0, 0x0, 0x140}, &(0x7f00000000c0), &(0x7f0000000100))

866.908868ms ago: executing program 3 (id=1676):
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
write$ppp(r0, &(0x7f0000000140)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xf, &(0x7f0000000900)=@ringbuf={{0x18, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x31}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet(0x2, 0x0, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
read$dsp(0xffffffffffffffff, &(0x7f00000004c0)=""/216, 0xd8)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="e501330080800000080211000000ffffffffffff90e488f9971a00000000000000000000000000000000000003010004060000000000002a010072060303030303037606000000000000dd352d5014b2109a59339408ad50548584c01cda5f3ced6f13b590b9aaf1bca488130effc03c7c2adf4757f254203300027902dd1fa777dd73eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602fb2299c382c07898a4d7dddbc046ef6a9b938b13f76ccceb4d339a7d92a6a7f45bd90df8b5bd53f1eec1a24dde44f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24103d4337027917c48d29a1860dad1f99fe412ea5a5eff0a43812f63ec34a05279e6dc25839f828e60b01f9b6a65bf411101d89dc154716566458aa4111340a6d895801f8d51908b9bdd47762550f4ee51c8a3f64cfe2f8b701e79d393a957fa4e3e620099b226f683280ec0f5d85f9c59d29d9159126c9f114d0e08f17f96e4757dd81825d8f432246cdb8ab571fcfdd075dad8ac12f9666"], 0x204}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r8, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r10, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r11 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r13, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400018076657468305f746f5f687372000000000800074000000001140000001000010000000000000000000000000a"], 0xf0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x2c, &(0x7f0000000240)=ANY=[@ANYRESHEX=r11, @ANYRES32=r2, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYBLOB="0000000000000000b7020000000000008500000086000000b7080000000000007b8af8ff0000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x90)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)

640.071336ms ago: executing program 3 (id=1677):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@setneightbl={0x1c, 0x43, 0x701, 0x0, 0x0, {0x2}, [@NDTA_THRESH2={0x8, 0x3, 0x6}]}, 0x1c}}, 0x0)
iopl(0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x1, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x4})
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f0000000000)=0x2)
ioctl$VIDIOC_S_STD(0xffffffffffffffff, 0x40085618, &(0x7f0000000080)=0x3200e0)
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc0585609, &(0x7f00000001c0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b34d6fde"}, 0x0, 0x2, {0x0}})
openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = open(0x0, 0x0, 0x0)
mkdirat(r5, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
ioctl$NBD_SET_FLAGS(r5, 0xab0a, 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC])
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)

190.178757ms ago: executing program 0 (id=1678):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3e, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000019300)=@base={0x7, 0x7, 0x200, 0x9, 0x1, 0xffffffffffffffff, 0x2, '\x00', r1}, 0x48)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000100000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYRES64=r3], &(0x7f0000000040)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r4}, 0xc)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000040)={0x18, 0x1, 0x0, "9611e6d6ffc888a0163200000000000000000300000000000000000083df00"})
r7 = socket(0x840000000002, 0x3, 0xfa)
r8 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
write$sequencer(r8, &(0x7f0000000140)=ANY=[@ANYBLOB="8105"], 0x27)
ioctl$SNDCTL_TMR_CONTINUE(r8, 0x5404)
connect$inet(r7, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
fcntl$getownex(r8, 0x10, &(0x7f00000000c0)={0x0, <r9=>0x0})
sched_setparam(r9, &(0x7f0000000200)=0x10)
sendmmsg$inet(r7, &(0x7f0000005240), 0x4000095, 0x810)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @remote}}}})
unshare(0x2c020400)
msgget$private(0x0, 0x0)
msgsnd(0x0, &(0x7f00000000c0)=ANY=[], 0x2000, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/19}, 0x2000, 0x0, 0x0)

0s ago: executing program 2 (id=1679):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80281, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffca1}, 0x90)
keyctl$restrict_keyring(0x3, 0xfffffffffffffffb, 0x0, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x0)
request_key(&(0x7f0000000380)='encrypted\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000040)='\x00\xb2\xd1)\xda\xff|\xd1\x85b\xad77\x00\fJ\xfc\xb4\x1e\xae\xe8:`\xe9\x9ew\xf5l\xee\x8dg\xc2\'\x88\xe9\xf3\x05\xe02\xe6\v_\xe9\x89\x86s\x8dh#$\xe4\xb1\xd0\x93\xceh\xfcsP)\xd9\xce\x19+?\xc6\xf7\xc0[G\x15\xde-x\xa9\xe5,\xec\xf6\xfb\xc9~2\xa1\xeb\xb3Pp\x93\x90\x17\xb2\x95\xe7\r\xae^\x92n\xbd\xf3\xb1\xac\xe3sf\xc9X\x05j:\xb6~\xa6#\xbf\x06t\xf2\xb5gd\xd7\xcc\"A_\xecu\xe8<dR}\x8e\b\x16\x8c\xa6\x01\x11\x97S\x99k\x1e\x03\x8e\xea\v}+\".\xda,\xfe\xb7\xbf\x01T\x99\xbdF\xd4\x925[\xd1\xeb\xdf\x98\xfa\xb0\x93\xc3>\x84\xe3\x92J\xaa!\xae\xa2\xd7\xf3\xc6J\xb9i\x9d\xb4{\xee\xf0|\xd9\x05\xaa\xbb\xfe\x12\xa0\xbb\xecY\x0f \xa3\xba?#\x90\x8c,nNQ<pCoa\xf2\xd1\x96\x8f\xf3>\xa1\xed', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000000340)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0xe8}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x189802)
write(r3, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r4=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x8, &(0x7f0000000080)=0xf3e, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), 0xffffffffffffffff)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xa0c4, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r5 = creat(&(0x7f0000000400)='./file0\x00', 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x300)
dup2(r5, r6)
setsockopt$inet6_int(r5, 0x29, 0xcf, &(0x7f00000002c0)=0x1, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="39000080", @ANYRES16=r8, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32, @ANYBLOB="0a001800030303030303000010005a801cff03800500070000000000"], 0x38}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

trongly recommended to keep mac addresses unique to avoid problems!
[  296.182402][ T9996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.202633][ T9996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.221257][ T9996] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.226966][ T9996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  296.231058][ T9996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.236981][ T9996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  296.241297][ T9996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.247960][ T9996] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  296.251782][ T9996] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.251860][T10139] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  296.257172][ T9996] batman_adv: batadv0: Interface activated: batadv_slave_1
[  296.258388][T10139] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  296.265247][T10139] vhci_hcd vhci_hcd.0: Device attached
[  296.271660][ T9996] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.276036][ T9996] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.279710][ T9996] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.282783][ T9996] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.354329][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.388622][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.412773][T10151] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1199'.
[  296.436013][ T3104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.438864][ T3104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.545233][   T65] Bluetooth: hci4: command tx timeout
[  296.697939][T10165] netlink: 'syz.3.1202': attribute type 11 has an invalid length.
[  296.720921][T10165] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'.
[  296.855970][T10168] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1203'.
[  297.063362][T10141] vhci_hcd: connection closed
[  297.063852][ T3104] vhci_hcd: stop threads
[  297.089036][ T3104] vhci_hcd: release socket
[  297.091035][ T3104] vhci_hcd: disconnect device
[  297.218205][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.221369][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.224494][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.229860][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.245245][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.248975][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.252062][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.257543][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.260674][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.263778][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.267314][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.270404][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.274292][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.277528][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.280637][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.283727][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.287005][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.290123][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.293192][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.296403][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.301077][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.304209][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.307396][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.310479][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.313641][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.316966][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.320038][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.323097][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.326011][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.328807][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.331844][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.336723][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.339889][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.342935][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.346315][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.349374][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.352553][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.355650][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.358683][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.362095][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.365069][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.367750][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.370240][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.372683][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.375560][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.378794][ T5246] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  297.382814][ T5246] hid-generic 0000:0000:0000.001C: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  297.455952][T10190] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  297.458169][T10190] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  297.469166][T10190] vhci_hcd vhci_hcd.0: Device attached
[  297.532775][T10195] __nla_validate_parse: 1 callbacks suppressed
[  297.532787][T10195] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1213'.
[  297.724983][ T5572] usb 13-1: new low-speed USB device number 11 using vhci_hcd
[  298.015020][ T5265] vhci_hcd: vhci_device speed not set
[  298.288076][T10191] vhci_hcd: connection reset by peer
[  298.290201][ T1086] vhci_hcd: stop threads
[  298.292176][ T1086] vhci_hcd: release socket
[  298.294230][ T1086] vhci_hcd: disconnect device
[  298.634946][   T65] Bluetooth: hci4: command tx timeout
[  299.172311][T10226] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  299.175334][T10226] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  299.195070][T10226] vhci_hcd vhci_hcd.0: Device attached
[  299.364570][T10235] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  299.367392][T10235] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  299.376480][T10235] vhci_hcd vhci_hcd.0: Device attached
[  299.485100][ T5265] usb 17-1: new low-speed USB device number 15 using vhci_hcd
[  299.645018][   T10] usb 15-1: new low-speed USB device number 16 using vhci_hcd
[  299.984955][T10229] vhci_hcd: connection reset by peer
[  299.991085][   T75] vhci_hcd: stop threads
[  299.992927][   T75] vhci_hcd: release socket
[  299.994793][   T75] vhci_hcd: disconnect device
[  300.047826][T10253] befs: (nbd0): No write support. Marking filesystem read-only
[  300.053076][T10253] syz.0.1229: attempt to access beyond end of device
[  300.053076][T10253] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0
[  300.174275][T10255] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1229'.
[  300.195189][T10236] vhci_hcd: connection reset by peer
[  300.197259][   T13] vhci_hcd: stop threads
[  300.198884][   T13] vhci_hcd: release socket
[  300.201611][   T13] vhci_hcd: disconnect device
[  300.787937][T10273] netlink: 'syz.2.1234': attribute type 11 has an invalid length.
[  300.797425][T10273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1234'.
[  300.893849][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1233'.
[  300.918499][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1233'.
[  301.440343][T10292] fuse: Bad value for 'fd'
[  301.593596][T10300] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  301.596734][T10300] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  301.601749][T10300] vhci_hcd vhci_hcd.0: Device attached
[  301.717184][T10306] fuse: Bad value for 'fd'
[  301.828176][T10310] netlink: 'syz.3.1243': attribute type 11 has an invalid length.
[  301.833957][T10310] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1243'.
[  302.301097][T10315] af_packet: tpacket_rcv: packet too big, clamped from 212960 to 3952. macoff=96
[  302.308124][T10315] netlink: 209840 bytes leftover after parsing attributes in process `syz.1.1245'.
[  302.321732][T10315] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1245'.
[  302.325442][T10315] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  302.424519][T10301] vhci_hcd: connection closed
[  302.425597][ T1086] vhci_hcd: stop threads
[  302.431843][ T1086] vhci_hcd: release socket
[  302.435311][ T1086] vhci_hcd: disconnect device
[  302.439891][T10317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1246'.
[  302.449942][T10317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1246'.
[  302.727511][T10330] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  302.843860][T10333] netlink: 'syz.2.1252': attribute type 11 has an invalid length.
[  302.856467][T10333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1252'.
[  302.870466][ T5572] vhci_hcd: vhci_device speed not set
[  302.992914][T10341] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1254'.
[  303.028093][T10343] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  303.030543][T10343] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  303.036297][T10343] vhci_hcd vhci_hcd.0: Device attached
[  303.485030][ T5572] usb 13-1: device descriptor read/64, error -110
[  303.774999][ T5572] usb 13-1: new low-speed USB device number 12 using vhci_hcd
[  303.778365][ T5242] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  303.863748][T10344] vhci_hcd: connection reset by peer
[  303.872457][   T13] vhci_hcd: stop threads
[  303.874229][   T13] vhci_hcd: release socket
[  303.878776][   T13] vhci_hcd: disconnect device
[  303.891652][T10357] fuse: Bad value for 'fd'
[  303.966809][ T5242] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  303.973828][ T5242] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  303.984980][T10360] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1259'.
[  303.987033][ T5242] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  304.011274][ T5242] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  304.019834][ T5242] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.033451][ T5242] usb 6-1: config 0 descriptor??
[  304.038968][T10351] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  304.463424][ T5242] usbhid 6-1:0.0: can't add hid device: -71
[  304.467169][ T5242] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  304.471504][T10365] netlink: 'syz.0.1261': attribute type 11 has an invalid length.
[  304.478977][ T5242] usb 6-1: USB disconnect, device number 16
[  304.501029][T10365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1261'.
[  304.571752][T10367] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  304.574447][T10367] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  304.579163][T10367] vhci_hcd vhci_hcd.0: Device attached
[  304.634968][ T5265] vhci_hcd: vhci_device speed not set
[  304.794933][   T10] vhci_hcd: vhci_device speed not set
[  305.088587][T10380] input: syz0 as /devices/virtual/input/input18
[  305.401630][T10368] vhci_hcd: connection closed
[  305.401889][   T13] vhci_hcd: stop threads
[  305.405565][   T13] vhci_hcd: release socket
[  305.427896][   T13] vhci_hcd: disconnect device
[  305.805127][ T5314] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  305.940880][T10394] netlink: 'syz.3.1270': attribute type 11 has an invalid length.
[  305.954139][T10394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1270'.
[  306.006367][ T5314] usb 7-1: Using ep0 maxpacket: 8
[  306.012971][ T5314] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  306.017197][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  306.022903][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  306.033059][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  306.041192][ T5314] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  306.043272][T10396] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  306.048137][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  306.062262][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  306.068299][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  306.079127][ T5314] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  306.082158][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  306.087749][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  306.096723][ T5314] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  306.105456][ T5314] usb 7-1: string descriptor 0 read error: -22
[  306.108832][ T5314] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  306.113347][ T5314] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.127776][ T5314] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  306.404915][ T5265] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  306.434020][ T5246] usb 7-1: USB disconnect, device number 10
[  306.598255][ T5265] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  306.602812][ T5265] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  306.607902][ T5265] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  306.609797][T10409] overlayfs: missing 'lowerdir'
[  306.612379][ T5265] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  306.617952][ T5265] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.622445][ T5265] usb 6-1: config 0 descriptor??
[  306.626815][T10401] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  306.760860][T10416] overlayfs: missing 'lowerdir'
[  306.813399][T10418] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  306.816284][T10418] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  306.819670][T10418] vhci_hcd vhci_hcd.0: Device attached
[  307.047659][ T5265] usbhid 6-1:0.0: can't add hid device: -71
[  307.050395][ T5265] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  307.066926][ T5265] usb 6-1: USB disconnect, device number 17
[  307.445101][T10432] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  307.451030][T10432] bridge1: entered promiscuous mode
[  307.476557][T10432] netlink: 'syz.3.1283': attribute type 2 has an invalid length.
[  307.480388][T10432] netlink: 'syz.3.1283': attribute type 8 has an invalid length.
[  307.483810][T10432] netlink: 'syz.3.1283': attribute type 1 has an invalid length.
[  307.499453][T10432] netlink: 'syz.3.1283': attribute type 1 has an invalid length.
[  307.504435][T10432] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.507714][T10432] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.568746][T10436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1285'.
[  307.645519][T10419] vhci_hcd: connection closed
[  307.647023][   T13] vhci_hcd: stop threads
[  307.651088][   T13] vhci_hcd: release socket
[  307.653218][   T13] vhci_hcd: disconnect device
[  307.735795][T10434] wlan0 speed is unknown, defaulting to 1000
[  307.746628][T10448] netlink: 'syz.1.1290': attribute type 3 has an invalid length.
[  308.005394][ T5265] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  308.034984][ T5242] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  308.184955][ T5265] usb 8-1: Using ep0 maxpacket: 8
[  308.197147][ T5265] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  308.200570][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  308.210886][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  308.217871][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  308.232351][T10460] fuse: Bad value for 'fd'
[  308.236154][ T5265] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  308.239440][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  308.244312][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  308.245054][ T5242] usb 7-1: Using ep0 maxpacket: 8
[  308.254483][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  308.256934][ T5242] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  308.261097][ T5265] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  308.263075][ T5242] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  308.263099][ T5242] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  308.269703][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  308.275522][ T5242] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  308.283603][ T5242] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  308.286196][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  308.290332][ T5242] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  308.298291][ T5242] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.307938][ T5265] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  308.320074][ T5265] usb 8-1: string descriptor 0 read error: -22
[  308.322855][ T5265] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  308.328826][ T5265] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.344732][ T5265] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  308.538723][ T5242] usb 7-1: GET_CAPABILITIES returned 0
[  308.541263][ T5242] usbtmc 7-1:16.0: can't read capabilities
[  308.657348][ T5246] usb 8-1: USB disconnect, device number 14
[  308.748744][ T5835] usb 7-1: USB disconnect, device number 11
[  308.865170][ T5572] vhci_hcd: vhci_device speed not set
[  308.949925][T10469] netlink: 'syz.0.1295': attribute type 1 has an invalid length.
[  308.952621][T10469] netlink: 9344 bytes leftover after parsing attributes in process `syz.0.1295'.
[  308.956852][T10469] netlink: 'syz.0.1295': attribute type 1 has an invalid length.
[  308.965416][   T65] Bluetooth: hci4: unexpected Set CIG Parameters response data
[  309.112711][T10471] FAULT_INJECTION: forcing a failure.
[  309.112711][T10471] name failslab, interval 1, probability 0, space 0, times 0
[  309.116990][T10471] CPU: 0 PID: 10471 Comm: syz.1.1296 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  309.120442][T10471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  309.124274][T10471] Call Trace:
[  309.125442][T10471]  <TASK>
[  309.126456][T10471]  dump_stack_lvl+0x16c/0x1f0
[  309.128065][T10471]  should_fail_ex+0x497/0x5b0
[  309.129649][T10471]  should_failslab+0x9/0x20
[  309.131161][T10471]  kmem_cache_alloc_node_noprof+0x71/0x310
[  309.133225][T10471]  ? __alloc_skb+0x2b3/0x380
[  309.134828][T10471]  __alloc_skb+0x2b3/0x380
[  309.136471][T10471]  ? __pfx___alloc_skb+0x10/0x10
[  309.138287][T10471]  ? __kmalloc_noprof+0x20b/0x420
[  309.140148][T10471]  ? __pfx___mutex_lock+0x10/0x10
[  309.141972][T10471]  ethnl_reply_init+0x45/0x210
[  309.143638][T10471]  ethnl_default_doit+0x411/0xbd0
[  309.145450][T10471]  ? __nla_parse+0x40/0x60
[  309.147011][T10471]  ? __pfx_ethnl_default_doit+0x10/0x10
[  309.148881][T10471]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  309.151475][T10471]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  309.154038][T10471]  genl_family_rcv_msg_doit+0x202/0x2f0
[  309.155922][T10471]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  309.157994][T10471]  ? __radix_tree_lookup+0x21f/0x2c0
[  309.159799][T10471]  genl_rcv_msg+0x565/0x800
[  309.161523][T10471]  ? __pfx_genl_rcv_msg+0x10/0x10
[  309.163268][T10471]  ? __dev_queue_xmit+0x85d/0x4130
[  309.165050][T10471]  ? __pfx_ethnl_default_doit+0x10/0x10
[  309.167132][T10471]  netlink_rcv_skb+0x165/0x410
[  309.168808][T10471]  ? __pfx_genl_rcv_msg+0x10/0x10
[  309.170520][T10471]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  309.172327][T10471]  ? down_read+0xc9/0x330
[  309.174280][T10471]  ? __pfx_down_read+0x10/0x10
[  309.176473][T10471]  ? netlink_deliver_tap+0x1ae/0xcf0
[  309.179664][T10471]  genl_rcv+0x28/0x40
[  309.182259][T10471]  netlink_unicast+0x542/0x820
[  309.184781][T10471]  ? __pfx_netlink_unicast+0x10/0x10
[  309.186797][T10471]  ? __phys_addr_symbol+0x30/0x80
[  309.188531][T10471]  ? __check_object_size+0x4a7/0x720
[  309.190317][T10471]  netlink_sendmsg+0x8b8/0xd70
[  309.191960][T10471]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.193839][T10471]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  309.195630][T10471]  ____sys_sendmsg+0x9b4/0xb50
[  309.197276][T10471]  ? __pfx_____sys_sendmsg+0x10/0x10
[  309.199087][T10471]  ? get_compat_msghdr+0x11b/0x170
[  309.200845][T10471]  ? __pfx___lock_acquire+0x10/0x10
[  309.202692][T10471]  ___sys_sendmsg+0x135/0x1e0
[  309.204848][T10471]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.206858][T10471]  ? ksys_write+0x21c/0x260
[  309.208426][T10471]  ? __fget_light+0x173/0x210
[  309.210026][T10471]  __sys_sendmsg+0x117/0x1f0
[  309.211635][T10471]  ? __pfx___sys_sendmsg+0x10/0x10
[  309.213396][T10471]  __do_fast_syscall_32+0x73/0x120
[  309.215123][T10471]  do_fast_syscall_32+0x32/0x80
[  309.216761][T10471]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  309.218850][T10471] RIP: 0023:0xf741f579
[  309.220254][T10471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  309.228163][T10471] RSP: 002b:00000000f5d3757c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  309.231658][T10471] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000000
[  309.234772][T10471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.237438][T10471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  309.240085][T10471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  309.243281][T10471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  309.246689][T10471]  </TASK>
[  309.458279][T10484] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  309.461176][T10484] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  309.466173][T10484] vhci_hcd vhci_hcd.0: Device attached
[  309.472377][T10487] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  309.474934][T10487] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  309.479784][T10487] vhci_hcd vhci_hcd.0: Device attached
[  309.755159][ T5242] usb 19-1: new low-speed USB device number 12 using vhci_hcd
[  309.755664][ T5835] usb 17-1: new high-speed USB device number 16 using vhci_hcd
[  310.214202][T10488] vhci_hcd: connection reset by peer
[  310.217256][   T75] vhci_hcd: stop threads
[  310.219511][   T75] vhci_hcd: release socket
[  310.221663][   T75] vhci_hcd: disconnect device
[  310.224753][T10497] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  310.230986][T10497] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  310.286954][T10485] vhci_hcd: connection reset by peer
[  310.291459][ T1086] vhci_hcd: stop threads
[  310.294053][ T1086] vhci_hcd: release socket
[  310.297821][ T1086] vhci_hcd: disconnect device
[  310.363756][T10501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1305'.
[  310.447349][T10505] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1307'.
[  310.536427][T10511] netlink: 'syz.1.1310': attribute type 11 has an invalid length.
[  310.546506][T10511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1310'.
[  310.591479][T10517] nbd: must specify an index to disconnect
[  310.606414][T10513] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1311'.
[  310.613003][T10513] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1311'.
[  310.623876][T10513] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1311'.
[  310.883894][   T65] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  310.888994][   T65] Bluetooth: hci4: Injecting HCI hardware error event
[  310.895259][   T65] Bluetooth: hci4: hardware error 0x00
[  311.017841][T10540] netlink: 'syz.2.1320': attribute type 11 has an invalid length.
[  311.032192][T10540] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1320'.
[  311.088347][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.091886][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.095765][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.099022][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.102367][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.108395][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.111674][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.115038][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.118252][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.121496][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.124713][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.128143][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.131567][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.134522][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.137533][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.140668][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.143937][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.148345][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.151720][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.155140][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.160734][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.163821][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.167403][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.170830][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.174154][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.178098][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.186813][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.190322][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.193519][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.204921][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.207926][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.210990][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.214391][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.218996][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.222420][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.234893][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.238503][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.242060][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.245829][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.249816][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.253560][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.263945][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.267835][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.271347][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.276924][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.280764][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  311.286616][   T10] hid-generic 0000:0000:0000.001D: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  311.450349][T10556] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  311.453985][T10556] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  311.459592][T10556] vhci_hcd vhci_hcd.0: Device attached
[  311.615254][T10560] kvm: pic: level sensitive irq not supported
[  311.616146][T10560] kvm: pic: non byte read
[  311.936877][T10584] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  311.941059][T10584] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  312.013388][T10582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1332'.
[  312.017927][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.021041][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.023723][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.028091][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.030835][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.033557][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.037531][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.040802][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.043527][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.044480][T10582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1332'.
[  312.047714][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.053886][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.057270][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.060545][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.063208][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.066907][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.069508][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.072823][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.076493][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.079979][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.083299][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.086573][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.089167][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.091711][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.094508][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.097926][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.100782][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.103373][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.107462][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.109996][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.112434][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.116025][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.119405][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.121949][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.125346][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.128185][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.131348][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.133923][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.137267][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.140545][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.143848][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.147173][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.150448][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.153743][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.159751][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.162971][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.166519][   T10] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  312.171662][   T10] hid-generic 0000:0000:0000.001E: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  312.188373][T10558] vhci_hcd: connection closed
[  312.188605][ T3104] vhci_hcd: stop threads
[  312.192206][ T3104] vhci_hcd: release socket
[  312.194178][ T3104] vhci_hcd: disconnect device
[  312.879876][T10604] FAULT_INJECTION: forcing a failure.
[  312.879876][T10604] name failslab, interval 1, probability 0, space 0, times 0
[  312.886648][T10604] CPU: 2 PID: 10604 Comm: syz.3.1340 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  312.891043][T10604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  312.895207][T10604] Call Trace:
[  312.896501][T10604]  <TASK>
[  312.897714][T10604]  dump_stack_lvl+0x16c/0x1f0
[  312.899679][T10604]  should_fail_ex+0x497/0x5b0
[  312.901674][T10604]  should_failslab+0x9/0x20
[  312.903342][T10604]  __kmalloc_node_noprof+0xd5/0x450
[  312.905270][T10604]  ? __vmalloc_node_range_noprof+0x401/0x1520
[  312.907820][T10604]  __vmalloc_node_range_noprof+0x401/0x1520
[  312.910394][T10604]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  312.912837][T10604]  ? hlock_class+0x4e/0x130
[  312.914840][T10604]  ? aa_get_newest_label+0x376/0x680
[  312.916944][T10604]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  312.919251][T10604]  ? __pfx_aa_get_newest_label+0x10/0x10
[  312.921588][T10604]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  312.923981][T10604]  __vmalloc_noprof+0x6d/0x90
[  312.926059][T10604]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  312.928491][T10604]  bpf_prog_alloc_no_stats+0x54/0x5e0
[  312.930787][T10604]  bpf_prog_alloc+0x3b/0x240
[  312.932830][T10604]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  312.935395][T10604]  bpf_prog_load+0x1b4e/0x2670
[  312.937544][T10604]  ? __pfx_bpf_prog_load+0x10/0x10
[  312.939854][T10604]  ? find_held_lock+0x2d/0x110
[  312.942020][T10604]  ? security_bpf+0x8c/0xc0
[  312.944014][T10604]  __sys_bpf+0x9d2/0x5830
[  312.945930][T10604]  ? __pfx___sys_bpf+0x10/0x10
[  312.946717][   T65] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  312.948051][T10604]  ? ksys_write+0x21c/0x260
[  312.948081][T10604]  ? __pfx_lock_release+0x10/0x10
[  312.956127][T10604]  ? __mutex_unlock_slowpath+0x164/0x650
[  312.958350][T10604]  ? fput+0x32/0x390
[  312.959684][T10604]  ? ksys_write+0x1ab/0x260
[  312.961155][T10604]  ? __pfx_ksys_write+0x10/0x10
[  312.962805][T10604]  __ia32_sys_bpf+0x76/0xe0
[  312.965004][T10604]  __do_fast_syscall_32+0x73/0x120
[  312.967600][T10604]  do_fast_syscall_32+0x32/0x80
[  312.969855][T10604]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  312.972629][T10604] RIP: 0023:0xf73dc579
[  312.974460][T10604] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  312.984008][T10604] RSP: 002b:00000000f5cf457c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  312.987471][T10604] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840
[  312.990918][T10604] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  312.994276][T10604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  312.997724][T10604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  313.000858][T10604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  313.004138][T10604]  </TASK>
[  313.009343][T10604] syz.3.1340: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  313.018709][T10604] CPU: 0 PID: 10604 Comm: syz.3.1340 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  313.022873][T10604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  313.026704][T10604] Call Trace:
[  313.027965][T10604]  <TASK>
[  313.028997][T10604]  dump_stack_lvl+0x16c/0x1f0
[  313.030661][T10604]  warn_alloc+0x24d/0x3a0
[  313.032568][T10604]  ? __pfx_warn_alloc+0x10/0x10
[  313.034730][T10604]  ? dump_stack_lvl+0x197/0x1f0
[  313.036715][T10604]  ? rcu_is_watching+0x12/0xc0
[  313.038939][T10604]  ? __kmalloc_node_noprof+0x233/0x450
[  313.041500][T10604]  __vmalloc_node_range_noprof+0xff7/0x1520
[  313.044153][T10604]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  313.046546][T10604]  ? aa_get_newest_label+0x376/0x680
[  313.048407][T10604]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  313.050652][T10604]  ? __pfx_aa_get_newest_label+0x10/0x10
[  313.052719][T10604]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  313.055148][T10604]  __vmalloc_noprof+0x6d/0x90
[  313.057255][T10604]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  313.059402][T10604]  bpf_prog_alloc_no_stats+0x54/0x5e0
[  313.061694][T10604]  bpf_prog_alloc+0x3b/0x240
[  313.063524][T10604]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  313.065820][T10604]  bpf_prog_load+0x1b4e/0x2670
[  313.067698][T10604]  ? __pfx_bpf_prog_load+0x10/0x10
[  313.069522][T10604]  ? find_held_lock+0x2d/0x110
[  313.071003][T10604]  ? security_bpf+0x8c/0xc0
[  313.072621][T10604]  __sys_bpf+0x9d2/0x5830
[  313.074417][T10604]  ? __pfx___sys_bpf+0x10/0x10
[  313.076485][T10604]  ? ksys_write+0x21c/0x260
[  313.078380][T10604]  ? __pfx_lock_release+0x10/0x10
[  313.080642][T10604]  ? __mutex_unlock_slowpath+0x164/0x650
[  313.083130][T10604]  ? fput+0x32/0x390
[  313.084827][T10604]  ? ksys_write+0x1ab/0x260
[  313.087247][T10604]  ? __pfx_ksys_write+0x10/0x10
[  313.089348][T10604]  __ia32_sys_bpf+0x76/0xe0
[  313.091290][T10604]  __do_fast_syscall_32+0x73/0x120
[  313.093496][T10604]  do_fast_syscall_32+0x32/0x80
[  313.095430][T10604]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  313.097735][T10604] RIP: 0023:0xf73dc579
[  313.099416][T10604] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  313.109608][T10604] RSP: 002b:00000000f5cf457c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  313.112866][T10604] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840
[  313.116040][T10604] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  313.118915][T10604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  313.119331][T10611] netlink: 'syz.1.1343': attribute type 11 has an invalid length.
[  313.121723][T10604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  313.121746][T10604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  313.121772][T10604]  </TASK>
[  313.127888][T10604] Mem-Info:
[  313.136829][T10604] active_anon:2859 inactive_anon:19 isolated_anon:0
[  313.136829][T10604]  active_file:7655 inactive_file:31547 isolated_file:0
[  313.136829][T10604]  unevictable:812 dirty:346 writeback:0
[  313.136829][T10604]  slab_reclaimable:4647 slab_unreclaimable:55090
[  313.136829][T10604]  mapped:11109 shmem:836 pagetables:671
[  313.136829][T10604]  sec_pagetables:325 bounce:0
[  313.136829][T10604]  kernel_misc_reclaimable:0
[  313.136829][T10604]  free:122328 free_pcp:4009 free_cma:0
[  313.155067][T10604] Node 0 active_anon:2820kB inactive_anon:28kB active_file:120kB inactive_file:0kB unevictable:1712kB isolated(anon):0kB isolated(file):0kB mapped:3084kB dirty:28kB writeback:0kB shmem:1644kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10344kB pagetables:2036kB sec_pagetables:1256kB all_unreclaimable? no
[  313.166834][T10604] Node 1 active_anon:8616kB inactive_anon:48kB active_file:30500kB inactive_file:126196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:41152kB dirty:1356kB writeback:0kB shmem:1700kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:904kB pagetables:648kB sec_pagetables:44kB all_unreclaimable? no
[  313.182705][T10604] Node 0 DMA free:896kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:408kB local_pcp:156kB free_cma:0kB
[  313.194497][T10604] lowmem_reserve[]: 0 374 0 0 0
[  313.196819][T10604] Node 0 DMA32 free:30188kB boost:0kB min:19048kB low:23808kB high:28568kB reserved_highatomic:6144KB active_anon:440kB inactive_anon:2332kB active_file:112kB inactive_file:0kB unevictable:1712kB writepending:28kB present:1032192kB managed:410812kB mlocked:176kB bounce:0kB free_pcp:5504kB local_pcp:2032kB free_cma:0kB
[  313.209284][T10604] lowmem_reserve[]: 0 0 0 0 0
[  313.211424][T10604] Node 1 DMA32 free:458884kB boost:0kB min:47048kB low:58808kB high:70568kB reserved_highatomic:0KB active_anon:8616kB inactive_anon:48kB active_file:30500kB inactive_file:126196kB unevictable:1536kB writepending:1356kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:10376kB local_pcp:108kB free_cma:0kB
[  313.223766][T10604] lowmem_reserve[]: 0 0 0 0 0
[  313.226083][T10604] Node 0 DMA: 37*4kB (U) 43*8kB (U) 24*16kB (U) 3*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 972kB
[  313.233258][T10604] Node 0 DMA32: 506*4kB (UMEH) 363*8kB (UMEH) 131*16kB (UMEH) 103*32kB (UMEH) 69*64kB (UEH) 25*128kB (UMEH) 8*256kB (UME) 4*512kB (UME) 4*1024kB (M) 2*2048kB (U) 0*4096kB = 30224kB
[  313.245479][T10604] Node 1 DMA32: 918*4kB (UM) 988*8kB (UM) 477*16kB (UME) 352*32kB (UME) 237*64kB (UME) 83*128kB (UME) 53*256kB (UM) 22*512kB (UME) 13*1024kB (UME) 4*2048kB (UM) 87*4096kB (UM) = 458952kB
[  313.255707][T10604] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  313.259958][T10604] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  313.264052][T10604] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  313.269780][T10604] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  313.275030][T10604] 41085 total pagecache pages
[  313.278172][T10604] 1003 pages in swap cache
[  313.280255][T10604] Free swap  = 107232kB
[  313.282134][T10604] Total swap = 124996kB
[  313.283923][T10604] 524155 pages RAM
[  313.287576][T10604] 0 pages HighMem/MovableOnly
[  313.290497][T10604] 181060 pages reserved
[  313.292853][T10604] 0 pages cma reserved
[  313.482618][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.486550][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.488926][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.491716][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.494531][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.498338][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.503630][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.506724][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.509252][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.511500][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.513896][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.515861][   T65] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  313.520858][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.522259][   T65] Bluetooth: hci1: Injecting HCI hardware error event
[  313.528398][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.529977][ T5211] Bluetooth: hci1: hardware error 0x00
[  313.530785][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.536554][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.539733][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.542109][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.544783][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.547766][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.550506][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.553466][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.556696][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.560745][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.563182][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.566043][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.568390][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.570698][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.573197][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.576890][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.577823][T10629] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  313.579250][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.581387][T10629] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  313.582339][T10629] vhci_hcd vhci_hcd.0: Device attached
[  313.583982][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.591579][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.594368][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.597028][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.599985][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.602957][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.605597][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.608728][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.611478][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.614339][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.617005][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.619969][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.622768][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.625534][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.628147][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.630378][ T5246] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  313.637363][ T5246] hid-generic 0000:0000:0000.001F: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  313.702643][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.705940][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.708775][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.711405][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.714195][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.717087][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.719888][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.722152][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.725639][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.728402][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.730610][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.732893][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.735268][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.737583][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.739802][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.741953][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.744495][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.747276][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.749506][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.751718][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.754114][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.756997][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.759789][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.762574][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.765116][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.767852][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.770592][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.773013][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.775902][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.778221][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.780458][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.783025][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.785492][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.787842][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.790319][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.792780][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.797007][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.799966][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.802573][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.805069][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.808039][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.810932][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.813507][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.816124][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.819572][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.823279][ T5246] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  313.831650][ T5246] hid-generic 0000:0000:0000.0020: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  313.865456][ T5265] usb 15-1: new high-speed USB device number 17 using vhci_hcd
[  314.202981][T10646] __nla_validate_parse: 4 callbacks suppressed
[  314.203047][T10646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1352'.
[  314.311775][T10631] vhci_hcd: connection reset by peer
[  314.315003][ T1086] vhci_hcd: stop threads
[  314.318612][ T1086] vhci_hcd: release socket
[  314.323066][ T1086] vhci_hcd: disconnect device
[  314.406451][T10649] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1353'.
[  314.422943][T10649] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1353'.
[  314.432281][T10653] netlink: 892 bytes leftover after parsing attributes in process `syz.2.1355'.
[  314.442192][T10653] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1355'.
[  314.458074][T10653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1355'.
[  314.572811][T10662] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1357'.
[  314.780464][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1362'.
[  314.834937][   T65] Bluetooth: hci1: unexpected event 0x06 length: 23 > 3
[  314.879826][ T5242] vhci_hcd: vhci_device speed not set
[  314.885224][ T5835] vhci_hcd: vhci_device speed not set
[  314.941394][T10681] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1363'.
[  314.956377][T10682] FAULT_INJECTION: forcing a failure.
[  314.956377][T10682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.961876][T10682] CPU: 0 PID: 10682 Comm: syz.2.1364 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  314.966097][T10682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  314.970543][T10682] Call Trace:
[  314.971975][T10682]  <TASK>
[  314.973267][T10682]  dump_stack_lvl+0x16c/0x1f0
[  314.975305][T10682]  should_fail_ex+0x497/0x5b0
[  314.977347][T10682]  _copy_to_user+0x30/0xc0
[  314.979241][T10682]  generic_map_lookup_batch+0x69a/0xb90
[  314.981610][T10682]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  314.984195][T10682]  bpf_map_do_batch+0x43e/0x6e0
[  314.986330][T10682]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  314.988991][T10682]  __sys_bpf+0x5301/0x5830
[  314.990932][T10682]  ? __pfx___sys_bpf+0x10/0x10
[  314.992970][T10682]  ? ksys_write+0x21c/0x260
[  314.994868][T10682]  ? __pfx_lock_release+0x10/0x10
[  314.997030][T10682]  ? __mutex_unlock_slowpath+0x164/0x650
[  314.999420][T10682]  ? fput+0x32/0x390
[  315.001132][T10682]  ? ksys_write+0x1ab/0x260
[  315.003161][T10682]  ? __pfx_ksys_write+0x10/0x10
[  315.005305][T10682]  __ia32_sys_bpf+0x76/0xe0
[  315.007494][T10682]  __do_fast_syscall_32+0x73/0x120
[  315.009802][T10682]  do_fast_syscall_32+0x32/0x80
[  315.011968][T10682]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  315.014753][T10682] RIP: 0023:0xf740b579
[  315.016579][T10682] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  315.024971][T10682] RSP: 002b:00000000f5ce157c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  315.028513][T10682] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000200003c0
[  315.031914][T10682] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  315.035347][T10682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  315.038786][T10682] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  315.042156][T10682] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  315.045549][T10682]  </TASK>
[  315.231913][T10687] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1365'.
[  315.567760][T10699] FAULT_INJECTION: forcing a failure.
[  315.567760][T10699] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.573655][T10699] CPU: 1 PID: 10699 Comm: syz.0.1369 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  315.577994][T10699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  315.581800][T10699] Call Trace:
[  315.582944][T10699]  <TASK>
[  315.584221][T10699]  dump_stack_lvl+0x16c/0x1f0
[  315.585065][ T5211] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  315.586314][T10699]  should_fail_ex+0x497/0x5b0
[  315.591515][T10699]  _copy_from_iter+0x27a/0xfb0
[  315.593559][T10699]  ? __pfx__copy_from_iter+0x10/0x10
[  315.595479][T10699]  ? __virt_addr_valid+0x5e/0x580
[  315.597234][T10699]  ? __phys_addr_symbol+0x30/0x80
[  315.598989][T10699]  ? __check_object_size+0x48e/0x720
[  315.600797][T10699]  qrtr_tun_write_iter+0xf1/0x1b0
[  315.602521][T10699]  aio_write+0x3bc/0x8d0
[  315.604320][T10699]  ? __pfx_aio_write+0x10/0x10
[  315.606485][T10699]  ? find_held_lock+0x2d/0x110
[  315.608715][T10699]  ? __pfx___might_resched+0x10/0x10
[  315.611044][T10699]  ? io_submit_one+0x11b6/0x1df0
[  315.613364][T10699]  io_submit_one+0x11b6/0x1df0
[  315.615261][T10699]  ? __pfx_io_submit_one+0x10/0x10
[  315.617114][T10699]  ? __might_fault+0x13b/0x190
[  315.618801][T10699]  ? __pfx___might_resched+0x10/0x10
[  315.620652][T10699]  ? __ia32_compat_sys_io_submit+0x1af/0x390
[  315.623119][T10699]  __ia32_compat_sys_io_submit+0x1af/0x390
[  315.625532][T10699]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  315.627903][T10699]  __do_fast_syscall_32+0x73/0x120
[  315.629716][T10699]  do_fast_syscall_32+0x32/0x80
[  315.631507][T10699]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  315.633972][T10699] RIP: 0023:0xf746d579
[  315.635504][T10699] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  315.641862][T10699] RSP: 002b:00000000f5d8557c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8
[  315.644781][T10699] RAX: ffffffffffffffda RBX: 00000000f7468000 RCX: 0000000000000001
[  315.647757][T10699] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  315.650520][T10699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  315.653312][T10699] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  315.656584][T10699] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  315.659501][T10699]  </TASK>
[  315.814987][ T5240] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  316.005692][ T5240] usb 6-1: Using ep0 maxpacket: 8
[  316.009103][ T5240] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  316.012177][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  316.017168][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  316.021783][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  316.029768][ T5240] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  316.034166][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  316.039847][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  316.044199][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  316.045585][T10712] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  316.051288][ T5240] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  316.055290][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  316.059127][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  316.063211][ T5240] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  316.072735][ T5240] usb 6-1: string descriptor 0 read error: -22
[  316.075963][ T5240] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  316.079677][ T5240] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.094757][ T5240] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  316.468500][ T5240] usb 6-1: USB disconnect, device number 18
[  316.963757][ T1351] ieee802154 phy0 wpan0: encryption failed: -22
[  316.967343][ T1351] ieee802154 phy1 wpan1: encryption failed: -22
[  317.212065][T10738] wlan0 speed is unknown, defaulting to 1000
[  318.262585][T10769] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  318.510659][T10782] FAULT_INJECTION: forcing a failure.
[  318.510659][T10782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.515102][T10782] CPU: 3 PID: 10782 Comm: syz.1.1392 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  318.518405][T10782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.521977][T10782] Call Trace:
[  318.523153][T10782]  <TASK>
[  318.524151][T10782]  dump_stack_lvl+0x16c/0x1f0
[  318.526186][T10782]  should_fail_ex+0x497/0x5b0
[  318.528011][T10782]  _copy_to_user+0x30/0xc0
[  318.529625][T10782]  bpf_test_finish.isra.0+0x551/0x6b0
[  318.531602][T10782]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  318.534454][T10782]  ? _copy_from_user+0x5d/0xf0
[  318.537619][T10782]  bpf_prog_test_run_xdp+0xa1f/0x1530
[  318.540536][T10782]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  318.543101][T10782]  ? fput+0x32/0x390
[  318.544483][T10782]  ? __bpf_prog_get+0xa0/0x2f0
[  318.546567][T10782]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  318.548994][T10782]  __sys_bpf+0x1787/0x5830
[  318.550853][T10782]  ? __pfx___sys_bpf+0x10/0x10
[  318.552828][T10782]  ? ksys_write+0x21c/0x260
[  318.554702][T10782]  ? __pfx_lock_release+0x10/0x10
[  318.556882][T10782]  ? __mutex_unlock_slowpath+0x164/0x650
[  318.559248][T10782]  ? fput+0x32/0x390
[  318.560928][T10782]  ? ksys_write+0x1ab/0x260
[  318.562838][T10782]  ? __pfx_ksys_write+0x10/0x10
[  318.564896][T10782]  __ia32_sys_bpf+0x76/0xe0
[  318.567011][T10782]  __do_fast_syscall_32+0x73/0x120
[  318.569361][T10782]  do_fast_syscall_32+0x32/0x80
[  318.571748][T10782]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  318.574819][T10782] RIP: 0023:0xf741f579
[  318.576662][T10782] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  318.583599][T10782] RSP: 002b:00000000f5d3757c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  318.586728][T10782] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000180
[  318.590039][T10782] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  318.593649][T10782] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  318.596958][T10782] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  318.600266][T10782] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  318.602850][T10782]  </TASK>
[  319.026005][ T5265] vhci_hcd: vhci_device speed not set
[  319.333463][T10780] FAULT_INJECTION: forcing a failure.
[  319.333463][T10780] name fail_futex, interval 1, probability 0, space 0, times 0
[  319.353203][T10780] CPU: 2 PID: 10780 Comm: syz.3.1391 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  319.357793][T10780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.362438][T10780] Call Trace:
[  319.363920][T10780]  <TASK>
[  319.365231][T10780]  dump_stack_lvl+0x16c/0x1f0
[  319.367455][T10780]  should_fail_ex+0x497/0x5b0
[  319.369560][T10780]  ? find_held_lock+0x2d/0x110
[  319.371736][T10780]  get_futex_key+0x1b1/0x1090
[  319.374112][T10780]  ? __pfx_get_futex_key+0x10/0x10
[  319.376894][T10780]  futex_wake+0xe8/0x4e0
[  319.378740][T10780]  ? __pfx_futex_wake+0x10/0x10
[  319.380832][T10780]  do_futex+0x1e5/0x350
[  319.382652][T10780]  ? __pfx_do_futex+0x10/0x10
[  319.384707][T10780]  ? mm_release+0x209/0x300
[  319.386770][T10780]  mm_release+0x24e/0x300
[  319.388728][T10780]  do_exit+0x883/0x2ba0
[  319.390623][T10780]  ? get_signal+0x8fb/0x2670
[  319.392788][T10780]  ? __pfx_do_exit+0x10/0x10
[  319.395485][T10780]  ? do_raw_spin_lock+0x12d/0x2c0
[  319.398711][T10780]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  319.401621][T10780]  do_group_exit+0xd3/0x2a0
[  319.403651][T10780]  get_signal+0x25c3/0x2670
[  319.405644][T10780]  ? __pfx_get_signal+0x10/0x10
[  319.407778][T10780]  ? kick_process+0xf6/0x1b0
[  319.409792][T10780]  ? task_work_add+0x178/0x2a0
[  319.411578][T10780]  arch_do_signal_or_restart+0x90/0x7e0
[  319.414067][T10780]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  319.416756][T10780]  ? ksys_read+0x1ab/0x260
[  319.418714][T10780]  ? __pfx_ksys_read+0x10/0x10
[  319.420833][T10780]  syscall_exit_to_user_mode+0x14a/0x2a0
[  319.423254][T10780]  __do_fast_syscall_32+0x80/0x120
[  319.425317][T10780]  do_fast_syscall_32+0x32/0x80
[  319.427107][T10780]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.429835][T10780] RIP: 0023:0xf73dc579
[  319.431591][T10780] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.438948][T10780] RSP: 002b:00000000f5cf457c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  319.442322][T10780] RAX: fffffffffffffe00 RBX: 0000000000000004 RCX: 0000000020002540
[  319.445647][T10780] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  319.448958][T10780] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.452232][T10780] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  319.455507][T10780] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.458818][T10780]  </TASK>
[  319.716899][T10809] netlink: 'syz.0.1399': attribute type 2 has an invalid length.
[  319.720005][T10809] netlink: 'syz.0.1399': attribute type 1 has an invalid length.
[  319.741792][T10812] FAULT_INJECTION: forcing a failure.
[  319.741792][T10812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.752979][T10812] CPU: 2 PID: 10812 Comm: syz.1.1403 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  319.757598][T10812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.757633][T10812] Call Trace:
[  319.757640][T10812]  <TASK>
[  319.757648][T10812]  dump_stack_lvl+0x16c/0x1f0
[  319.757676][T10812]  should_fail_ex+0x497/0x5b0
[  319.769007][T10812]  _copy_from_user+0x30/0xf0
[  319.771070][T10812]  usbdev_ioctl+0x229e/0x3f10
[  319.773250][T10812]  ? tomoyo_path_number_perm+0x190/0x5b0
[  319.775456][T10812]  ? __pfx_usbdev_ioctl+0x10/0x10
[  319.777339][T10812]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  319.777359][T10812]  ? do_vfs_ioctl+0x515/0x1a90
[  319.777373][T10812]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  319.777383][T10812]  ? __pfx_lock_release+0x10/0x10
[  319.777402][T10812]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  319.777422][T10812]  ? __fget_files+0x256/0x400
[  319.777437][T10812]  ? __pfx_usbdev_ioctl+0x10/0x10
[  319.777447][T10812]  compat_ptr_ioctl+0x71/0xb0
[  319.777463][T10812]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  319.777479][T10812]  __do_compat_sys_ioctl+0x2c3/0x330
[  319.777500][T10812]  __do_fast_syscall_32+0x73/0x120
[  319.777527][T10812]  do_fast_syscall_32+0x32/0x80
[  319.777552][T10812]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.777574][T10812] RIP: 0023:0xf741f579
[  319.777590][T10812] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.777605][T10812] RSP: 002b:00000000f5d3757c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  319.824132][T10812] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500
[  319.827739][T10812] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.831435][T10812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.835537][T10812] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  319.839313][T10812] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.842929][T10812]  </TASK>
[  321.743919][T10860] bond0: entered promiscuous mode
[  321.746192][T10860] bond_slave_0: entered promiscuous mode
[  321.748889][T10860] bond_slave_1: entered promiscuous mode
[  321.765916][T10860] FAULT_INJECTION: forcing a failure.
[  321.765916][T10860] name failslab, interval 1, probability 0, space 0, times 0
[  321.770280][T10860] CPU: 2 PID: 10860 Comm: syz.3.1416 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  321.773923][T10860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  321.777824][T10860] Call Trace:
[  321.779331][T10860]  <TASK>
[  321.780460][T10860]  dump_stack_lvl+0x16c/0x1f0
[  321.782169][T10860]  should_fail_ex+0x497/0x5b0
[  321.784125][T10860]  should_failslab+0x9/0x20
[  321.786182][T10860]  kmalloc_trace_noprof+0x6b/0x310
[  321.787923][T10860]  ? vt_do_diacrit+0x42c/0x9d0
[  321.789573][T10860]  vt_do_diacrit+0x42c/0x9d0
[  321.791153][T10860]  vt_ioctl+0x53f/0x2fd0
[  321.792613][T10860]  ? __pfx_vt_ioctl+0x10/0x10
[  321.794384][T10860]  ? aa_get_newest_label+0x376/0x680
[  321.796246][T10860]  ? __pfx_aa_get_newest_label+0x10/0x10
[  321.798422][T10860]  ? do_vfs_ioctl+0x515/0x1a90
[  321.800273][T10860]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  321.802420][T10860]  ? __pfx_lock_release+0x10/0x10
[  321.804577][T10860]  ? apparmor_capable+0x126/0x1e0
[  321.806812][T10860]  ? bpf_lsm_capable+0x9/0x10
[  321.808941][T10860]  ? security_capable+0x98/0xd0
[  321.810993][T10860]  vt_compat_ioctl+0x1c3/0x4e0
[  321.812864][T10860]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  321.814849][T10860]  ? __fget_files+0x256/0x400
[  321.816863][T10860]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  321.818945][T10860]  tty_compat_ioctl+0x300/0x4f0
[  321.820781][T10860]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  321.823079][T10860]  __do_compat_sys_ioctl+0x2c3/0x330
[  321.825384][T10860]  __do_fast_syscall_32+0x73/0x120
[  321.827686][T10860]  do_fast_syscall_32+0x32/0x80
[  321.829585][T10860]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  321.831829][T10860] RIP: 0023:0xf73dc579
[  321.833655][T10860] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  321.841101][T10860] RSP: 002b:00000000f5cf457c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  321.844453][T10860] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000004b4a
[  321.847895][T10860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  321.850914][T10860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  321.854323][T10860] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  321.858007][T10860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  321.861655][T10860]  </TASK>
[  321.905696][T10859] bond0: left promiscuous mode
[  321.908051][T10859] bond_slave_0: left promiscuous mode
[  321.910548][T10859] bond_slave_1: left promiscuous mode
[  322.009382][T10862] bond0: entered promiscuous mode
[  322.011635][T10862] bond_slave_0: entered promiscuous mode
[  322.014474][T10862] bond_slave_1: entered promiscuous mode
[  322.026020][T10862] libceph: resolve '0' (ret=-3): failed
[  322.061078][T10861] bond0: left promiscuous mode
[  322.063362][T10861] bond_slave_0: left promiscuous mode
[  322.073354][T10861] bond_slave_1: left promiscuous mode
[  322.178899][T10872] FAULT_INJECTION: forcing a failure.
[  322.178899][T10872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.184741][T10872] CPU: 3 PID: 10872 Comm: syz.3.1420 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  322.189093][T10872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.193771][T10872] Call Trace:
[  322.195261][T10872]  <TASK>
[  322.196575][T10872]  dump_stack_lvl+0x16c/0x1f0
[  322.198653][T10872]  should_fail_ex+0x497/0x5b0
[  322.200738][T10872]  _copy_from_user+0x30/0xf0
[  322.202750][T10872]  bpf_test_init.isra.0+0xf1/0x150
[  322.204899][T10872]  bpf_prog_test_run_xdp+0x4f6/0x1530
[  322.207162][T10872]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  322.209652][T10872]  ? fput+0x32/0x390
[  322.211471][T10872]  ? __bpf_prog_get+0xa0/0x2f0
[  322.213515][T10872]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  322.215962][T10872]  __sys_bpf+0x1787/0x5830
[  322.217880][T10872]  ? __pfx___sys_bpf+0x10/0x10
[  322.219987][T10872]  ? ksys_write+0x21c/0x260
[  322.222035][T10872]  ? __pfx_lock_release+0x10/0x10
[  322.224304][T10872]  ? __mutex_unlock_slowpath+0x164/0x650
[  322.226810][T10872]  ? fput+0x32/0x390
[  322.228616][T10872]  ? ksys_write+0x1ab/0x260
[  322.230697][T10872]  ? __pfx_ksys_write+0x10/0x10
[  322.233159][T10872]  __ia32_sys_bpf+0x76/0xe0
[  322.235323][T10872]  __do_fast_syscall_32+0x73/0x120
[  322.237369][T10872]  do_fast_syscall_32+0x32/0x80
[  322.239442][T10872]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  322.242223][T10872] RIP: 0023:0xf73dc579
[  322.243985][T10872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  322.251681][T10872] RSP: 002b:00000000f5cf457c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  322.254863][T10872] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000340
[  322.258014][T10872] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  322.261473][T10872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  322.264460][T10872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  322.267545][T10872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  322.270752][T10872]  </TASK>
[  322.480198][T10882] fuse: Bad value for 'fd'
[  323.654954][T10906] bond0: entered promiscuous mode
[  323.658433][T10906] bond_slave_0: entered promiscuous mode
[  323.662564][T10906] bond_slave_1: entered promiscuous mode
[  323.698520][T10906] libceph: resolve '0' (ret=-3): failed
[  323.713890][T10908] __nla_validate_parse: 17 callbacks suppressed
[  323.713901][T10908] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1431'.
[  323.732833][T10908] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1431'.
[  323.739708][T10901] bond0: left promiscuous mode
[  323.743033][T10901] bond_slave_0: left promiscuous mode
[  323.747156][T10901] bond_slave_1: left promiscuous mode
[  323.821808][T10911] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1432'.
[  324.041506][T10913] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1433'.
[  324.062778][T10913] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1433'.
[  324.088765][T10913] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1433'.
[  324.370866][T10930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1438'.
[  324.572873][T10939] netlink: 'syz.0.1440': attribute type 2 has an invalid length.
[  324.578612][T10939] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1440'.
[  324.770792][T10942] bond0: entered promiscuous mode
[  324.773916][T10942] bond_slave_0: entered promiscuous mode
[  324.780055][T10942] bond_slave_1: entered promiscuous mode
[  324.809788][T10942] libceph: resolve '0' (ret=-3): failed
[  324.853592][T10941] bond0: left promiscuous mode
[  324.856370][T10941] bond_slave_0: left promiscuous mode
[  324.859001][T10941] bond_slave_1: left promiscuous mode
[  325.117231][T10947] netlink: 10 bytes leftover after parsing attributes in process `syz.3.1442'.
[  325.129576][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1442'.
[  325.595822][ T5246] usb 8-1: new low-speed USB device number 15 using dummy_hcd
[  325.786807][ T5246] usb 8-1: config index 0 descriptor too short (expected 1307, got 27)
[  325.789783][ T5246] usb 8-1: config 0 has an invalid interface number: 0 but max is -1
[  325.792545][ T5246] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0
[  325.798641][ T5246] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  325.810765][ T5246] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  325.814953][ T5246] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  325.819183][ T5246] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  325.843717][ T5246] usb 8-1: string descriptor 0 read error: -22
[  325.847300][ T5246] usb 8-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  325.850587][ T5246] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.858424][ T5246] usb 8-1: config 0 descriptor??
[  325.864270][ T5246] hub 8-1:0.0: bad descriptor, ignoring hub
[  325.868429][ T5246] hub 8-1:0.0: probe with driver hub failed with error -5
[  325.874195][ T5246] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input19
[  326.088309][T10951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.117757][T10951] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  326.141496][ T5244] usb 8-1: USB disconnect, device number 15
[  326.149633][T10960] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  326.153406][T10960] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  326.157954][T10960] vhci_hcd vhci_hcd.0: Device attached
[  326.161558][T10961] vhci_hcd: cannot find the pending unlink 0
[  326.269866][T10964] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  326.272254][T10964] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  326.276100][T10964] vhci_hcd vhci_hcd.0: Device attached
[  326.285431][T10965] vhci_hcd: cannot find the pending unlink 0
[  326.290598][T10965] vhci_hcd: connection closed
[  326.291344][ T3104] vhci_hcd: stop threads
[  326.295106][ T3104] vhci_hcd: release socket
[  326.297026][ T3104] vhci_hcd: disconnect device
[  326.435243][ T5242] usb 13-1: new high-speed USB device number 13 using vhci_hcd
[  326.807208][T10961] vhci_hcd: connection reset by peer
[  326.810510][ T1090] vhci_hcd: stop threads
[  326.812451][ T1090] vhci_hcd: release socket
[  326.814555][ T1090] vhci_hcd: disconnect device
[  327.257103][T10986] netlink: 'syz.3.1454': attribute type 1 has an invalid length.
[  327.890616][T11002] fuse: Bad value for 'fd'
[  328.043923][T11004] netlink: 'syz.1.1461': attribute type 1 has an invalid length.
[  328.188593][T11006] 8021q: adding VLAN 0 to HW filter on device batadv1
[  328.210386][T11006] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[  328.235560][T11004] 8021q: adding VLAN 0 to HW filter on device batadv2
[  328.261279][T11004] bond1: (slave batadv2): Enslaving as a backup interface with an up link
[  328.660766][T11025] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  328.663524][T11025] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  328.671145][T11025] vhci_hcd vhci_hcd.0: Device attached
[  328.677795][T11027] vhci_hcd: cannot find the pending unlink 0
[  328.785188][T11032] __nla_validate_parse: 5 callbacks suppressed
[  328.785209][T11032] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1468'.
[  328.851039][T11038] binder: 11036:11038 ioctl c00c620f 20000340 returned -22
[  328.862514][T11038] veth0_vlan: entered allmulticast mode
[  328.906405][T11038] veth0_vlan: left promiscuous mode
[  328.910523][T11038] veth0_vlan: entered promiscuous mode
[  329.378890][T11027] vhci_hcd: connection closed
[  329.379242][   T75] vhci_hcd: stop threads
[  329.384450][   T75] vhci_hcd: release socket
[  329.386934][   T75] vhci_hcd: disconnect device
[  329.596018][T11056] fuse: Bad value for 'fd'
[  329.777433][T11064] fuse: Bad value for 'fd'
[  329.779695][T11063] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1479'.
[  329.861173][T11066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1480'.
[  330.246144][T11070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1482'.
[  330.257337][T11070] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1482'.
[  330.306545][T11070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1482'.
[  330.381592][T11080] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  330.384901][T11080] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  330.391068][T11080] vhci_hcd vhci_hcd.0: Device attached
[  330.654978][  T815] usb 15-1: new high-speed USB device number 18 using vhci_hcd
[  330.729179][T11089] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1486'.
[  330.733701][T11089] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1486'.
[  331.212977][T11081] vhci_hcd: connection reset by peer
[  331.225849][   T11] vhci_hcd: stop threads
[  331.227688][   T11] vhci_hcd: release socket
[  331.235047][   T11] vhci_hcd: disconnect device
[  331.498798][T11105] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  331.501372][T11105] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  331.505697][T11105] vhci_hcd vhci_hcd.0: Device attached
[  331.512196][T11108] vhci_hcd: cannot find the pending unlink 0
[  331.605347][ T5242] vhci_hcd: vhci_device speed not set
[  331.785377][ T5244] usb 19-1: new high-speed USB device number 13 using vhci_hcd
[  332.247841][T11108] vhci_hcd: connection reset by peer
[  332.257807][   T11] vhci_hcd: stop threads
[  332.259600][   T11] vhci_hcd: release socket
[  332.276014][   T11] vhci_hcd: disconnect device
[  333.390070][T11167] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  333.394870][T11167] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  333.405900][T11167] vhci_hcd vhci_hcd.0: Device attached
[  333.607342][T11174] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1501'.
[  333.616035][T11174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1501'.
[  333.660584][T11179] netlink: 'syz.3.1502': attribute type 11 has an invalid length.
[  333.674982][ T5243] usb 17-1: new low-speed USB device number 17 using vhci_hcd
[  334.044307][T11194] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  334.046709][T11194] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  334.050552][T11194] vhci_hcd vhci_hcd.0: Device attached
[  334.054731][T11196] vhci_hcd: cannot find the pending unlink 0
[  334.215474][T11168] vhci_hcd: connection reset by peer
[  334.218276][ T1090] vhci_hcd: stop threads
[  334.220309][ T1090] vhci_hcd: release socket
[  334.222287][ T1090] vhci_hcd: disconnect device
[  334.803522][T11196] vhci_hcd: connection closed
[  334.806055][ T1090] vhci_hcd: stop threads
[  334.810271][ T1090] vhci_hcd: release socket
[  334.811949][ T1090] vhci_hcd: disconnect device
[  334.971726][T11212] __nla_validate_parse: 2 callbacks suppressed
[  334.971743][T11212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1512'.
[  334.980359][T11212] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1512'.
[  334.989483][T11212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1512'.
[  335.087223][T11221] FAULT_INJECTION: forcing a failure.
[  335.087223][T11221] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.093713][T11221] CPU: 0 PID: 11221 Comm: syz.0.1514 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  335.098205][T11221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.103042][T11221] Call Trace:
[  335.104799][T11221]  <TASK>
[  335.106452][T11221]  dump_stack_lvl+0x16c/0x1f0
[  335.109325][T11221]  should_fail_ex+0x497/0x5b0
[  335.112222][T11221]  _copy_from_iter+0x27a/0xfb0
[  335.115102][T11221]  ? _copy_from_iter+0x342/0xfb0
[  335.117372][T11221]  ? _copy_from_iter+0x149/0xfb0
[  335.119632][T11221]  ? __pfx__copy_from_iter+0x10/0x10
[  335.121875][T11221]  ? sock_alloc_send_pskb+0x750/0x980
[  335.124238][T11221]  ? __pfx__copy_from_iter+0x10/0x10
[  335.126622][T11221]  copy_page_from_iter+0xa5/0x120
[  335.128930][T11221]  skb_copy_datagram_from_iter+0x41d/0x6c0
[  335.131957][T11221]  tun_get_user+0x197c/0x3c20
[  335.134482][T11221]  ? __pfx_tun_get_user+0x10/0x10
[  335.137107][T11221]  ? find_held_lock+0x2d/0x110
[  335.139229][T11221]  ? __pfx_lock_release+0x10/0x10
[  335.141479][T11221]  tun_chr_write_iter+0xe8/0x210
[  335.143647][T11221]  vfs_write+0x6b6/0x1140
[  335.145594][T11221]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  335.148062][T11221]  ? __pfx_vfs_write+0x10/0x10
[  335.150520][T11221]  ? __fget_files+0x256/0x400
[  335.153224][T11221]  ? __fget_light+0x173/0x210
[  335.155912][T11221]  ksys_write+0x12f/0x260
[  335.157835][T11221]  ? __pfx_ksys_write+0x10/0x10
[  335.159975][T11221]  __do_fast_syscall_32+0x73/0x120
[  335.162231][T11221]  do_fast_syscall_32+0x32/0x80
[  335.164362][T11221]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  335.167106][T11221] RIP: 0023:0xf746d579
[  335.168942][T11221] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  335.176741][T11221] RSP: 002b:00000000f5d8557c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  335.180821][T11221] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  335.184496][T11221] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  335.187596][T11221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  335.190390][T11221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  335.193143][T11221] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  335.196422][T11221]  </TASK>
[  335.744992][  T815] vhci_hcd: vhci_device speed not set
[  336.388765][T11252] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  336.779658][T11256] batadv0: entered promiscuous mode
[  336.944959][ T5244] vhci_hcd: vhci_device speed not set
[  337.190229][T11268] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1527'.
[  337.194180][T11268] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1527'.
[  337.200667][T11268] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1527'.
[  337.332780][T11275] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  337.422124][T11284] netlink: 'syz.0.1532': attribute type 11 has an invalid length.
[  337.430910][T11284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1532'.
[  337.646329][T11291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1535'.
[  337.652386][T11291] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1535'.
[  337.666731][T11291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1535'.
[  337.791091][T11308] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  337.794005][T11308] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  337.801545][T11308] vhci_hcd vhci_hcd.0: Device attached
[  337.869060][T11313] FAULT_INJECTION: forcing a failure.
[  337.869060][T11313] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.875197][T11313] CPU: 1 PID: 11313 Comm: syz.0.1541 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  337.879040][T11313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  337.882837][T11313] Call Trace:
[  337.883981][T11313]  <TASK>
[  337.884986][T11313]  dump_stack_lvl+0x16c/0x1f0
[  337.886751][T11313]  should_fail_ex+0x497/0x5b0
[  337.887890][T11315] evm: overlay not supported
[  337.888778][T11313]  _copy_from_user+0x30/0xf0
[  337.892730][T11313]  get_compat_msghdr+0xa8/0x170
[  337.894405][T11313]  ? __pfx_get_compat_msghdr+0x10/0x10
[  337.896324][T11313]  ? __pfx___lock_acquire+0x10/0x10
[  337.898281][T11313]  ___sys_sendmsg+0x1b0/0x1e0
[  337.899937][T11313]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.901817][T11313]  ? ksys_write+0x21c/0x260
[  337.903610][T11313]  ? __fget_light+0x173/0x210
[  337.905340][T11313]  __sys_sendmsg+0x117/0x1f0
[  337.907138][T11313]  ? __pfx___sys_sendmsg+0x10/0x10
[  337.909625][T11313]  __do_fast_syscall_32+0x73/0x120
[  337.912078][T11313]  do_fast_syscall_32+0x32/0x80
[  337.914491][T11313]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  337.917707][T11313] RIP: 0023:0xf746d579
[  337.919620][T11313] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  337.927854][T11313] RSP: 002b:00000000f5d8557c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  337.931147][T11313] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000580
[  337.934223][T11313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  337.937229][T11313] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  337.940232][T11313] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  337.943264][T11313] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  337.946298][T11313]  </TASK>
[  337.993527][T11321] trusted_key: encrypted_key: keyword 'wpdate' not recognized
[  338.003384][T11321] dns_resolver: Unsupported server list version (0)
[  338.075222][   T10] usb 15-1: new low-speed USB device number 19 using vhci_hcd
[  338.167445][T11333] fuse: Bad value for 'fd'
[  338.188661][T11329] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  338.623047][T11309] vhci_hcd: connection reset by peer
[  338.638344][   T11] vhci_hcd: stop threads
[  338.639894][   T11] vhci_hcd: release socket
[  338.641730][   T11] vhci_hcd: disconnect device
[  338.786191][ T5243] vhci_hcd: vhci_device speed not set
[  339.108301][T11339] syz_tun: entered promiscuous mode
[  339.115808][T11339] batadv_slave_0: entered promiscuous mode
[  339.270372][T11353] FAULT_INJECTION: forcing a failure.
[  339.270372][T11353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.276230][T11353] CPU: 1 PID: 11353 Comm: syz.1.1556 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  339.280686][T11353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  339.284714][T11353] Call Trace:
[  339.285872][T11353]  <TASK>
[  339.287065][T11353]  dump_stack_lvl+0x16c/0x1f0
[  339.289184][T11353]  should_fail_ex+0x497/0x5b0
[  339.291190][T11353]  _copy_from_user+0x30/0xf0
[  339.292943][T11353]  __sys_bpf+0x22b/0x5830
[  339.294738][T11353]  ? __pfx___sys_bpf+0x10/0x10
[  339.296769][T11353]  ? ksys_write+0x21c/0x260
[  339.298809][T11353]  ? __pfx_lock_release+0x10/0x10
[  339.300816][T11353]  ? __mutex_unlock_slowpath+0x164/0x650
[  339.303131][T11353]  ? fput+0x32/0x390
[  339.304602][T11353]  ? ksys_write+0x1ab/0x260
[  339.306209][T11353]  ? __pfx_ksys_write+0x10/0x10
[  339.308409][T11353]  __ia32_sys_bpf+0x76/0xe0
[  339.310145][T11353]  __do_fast_syscall_32+0x73/0x120
[  339.311866][T11353]  do_fast_syscall_32+0x32/0x80
[  339.313728][T11353]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  339.316236][T11353] RIP: 0023:0xf741f579
[  339.318050][T11353] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  339.324839][T11353] RSP: 002b:00000000f5d3757c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  339.327859][T11353] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000600
[  339.331032][T11353] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000
[  339.333918][T11353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  339.337337][T11353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  339.340764][T11353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  339.344238][T11353]  </TASK>
[  339.430299][T11364] fuse: Bad value for 'fd'
[  339.472668][T11365] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  339.475021][T11365] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  339.478526][T11365] vhci_hcd vhci_hcd.0: Device attached
[  339.541156][T11366] vhci_hcd: cannot find the pending unlink 0
[  340.141132][T11379] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  340.143757][T11379] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  340.154366][T11379] vhci_hcd vhci_hcd.0: Device attached
[  340.210127][T11366] vhci_hcd: connection closed
[  340.210529][   T11] vhci_hcd: stop threads
[  340.225293][   T11] vhci_hcd: release socket
[  340.227499][   T11] vhci_hcd: disconnect device
[  340.435135][ T5265] usb 13-1: new low-speed USB device number 14 using vhci_hcd
[  340.445093][T11380] vhci_hcd: connection reset by peer
[  340.447183][ T1090] vhci_hcd: stop threads
[  340.448711][ T1090] vhci_hcd: release socket
[  340.450308][ T1090] vhci_hcd: disconnect device
[  340.535064][T11391] FAULT_INJECTION: forcing a failure.
[  340.535064][T11391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.539622][T11391] CPU: 1 PID: 11391 Comm: syz.2.1566 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  340.543139][T11391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  340.547487][T11391] Call Trace:
[  340.548632][T11391]  <TASK>
[  340.549637][T11391]  dump_stack_lvl+0x16c/0x1f0
[  340.551270][T11391]  should_fail_ex+0x497/0x5b0
[  340.552886][T11391]  _copy_from_user+0x30/0xf0
[  340.554442][T11391]  __sys_bpf+0x22b/0x5830
[  340.555984][T11391]  ? __pfx___sys_bpf+0x10/0x10
[  340.557603][T11391]  ? ksys_write+0x21c/0x260
[  340.559123][T11391]  ? __pfx_lock_release+0x10/0x10
[  340.560837][T11391]  ? __mutex_unlock_slowpath+0x164/0x650
[  340.562729][T11391]  ? fput+0x32/0x390
[  340.564066][T11391]  ? ksys_write+0x1ab/0x260
[  340.565660][T11391]  ? __pfx_ksys_write+0x10/0x10
[  340.567333][T11391]  __ia32_sys_bpf+0x76/0xe0
[  340.568881][T11391]  __do_fast_syscall_32+0x73/0x120
[  340.570615][T11391]  do_fast_syscall_32+0x32/0x80
[  340.572305][T11391]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.574456][T11391] RIP: 0023:0xf740b579
[  340.576022][T11391] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  340.582593][T11391] RSP: 002b:00000000f5d0257c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  340.585498][T11391] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000080
[  340.588277][T11391] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  340.590941][T11391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  340.593637][T11391] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  340.596531][T11391] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.599574][T11391]  </TASK>
[  340.665566][  T815] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  340.857485][  T815] usb 8-1: Using ep0 maxpacket: 8
[  340.863569][  T815] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  340.866176][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  340.870751][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  340.875031][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  340.880444][  T815] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  340.883058][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  340.887055][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  340.891213][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  340.897233][  T815] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  340.899865][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  340.904332][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  340.908752][  T815] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  340.915925][  T815] usb 8-1: string descriptor 0 read error: -22
[  340.918151][  T815] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  340.921411][  T815] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.923771][T11393] __nla_validate_parse: 9 callbacks suppressed
[  340.923785][T11393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1567'.
[  340.929245][  T815] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  340.941190][T11393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1567'.
[  341.134240][T11410] FAULT_INJECTION: forcing a failure.
[  341.134240][T11410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.140029][T11410] CPU: 1 PID: 11410 Comm: syz.2.1572 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  341.144293][T11410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  341.148132][T11410] Call Trace:
[  341.149281][T11410]  <TASK>
[  341.150301][T11410]  dump_stack_lvl+0x16c/0x1f0
[  341.151931][T11410]  should_fail_ex+0x497/0x5b0
[  341.153555][T11410]  _copy_from_user+0x30/0xf0
[  341.155128][T11410]  get_compat_msghdr+0xa8/0x170
[  341.156804][T11410]  ? __pfx_get_compat_msghdr+0x10/0x10
[  341.158648][T11410]  ? __pfx___lock_acquire+0x10/0x10
[  341.160425][T11410]  ___sys_sendmsg+0x1b0/0x1e0
[  341.162027][T11410]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.163800][T11410]  ? ksys_write+0x21c/0x260
[  341.165411][T11410]  ? __fget_light+0x173/0x210
[  341.167022][T11410]  __sys_sendmsg+0x117/0x1f0
[  341.168619][T11410]  ? __pfx___sys_sendmsg+0x10/0x10
[  341.170547][T11410]  __do_fast_syscall_32+0x73/0x120
[  341.172395][T11410]  do_fast_syscall_32+0x32/0x80
[  341.174044][T11410]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  341.176193][T11410] RIP: 0023:0xf740b579
[  341.177567][T11410] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  341.183924][T11410] RSP: 002b:00000000f5d2357c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  341.186731][T11410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  341.189357][T11410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.191990][T11410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  341.194963][T11410] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  341.198082][T11410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  341.200851][T11410]  </TASK>
[  341.282351][ T5417] usb 8-1: USB disconnect, device number 16
[  341.559479][T11431] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  341.562522][T11431] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  341.578618][T11431] vhci_hcd vhci_hcd.0: Device attached
[  341.641855][T11432] vhci_hcd: cannot find the pending unlink 0
[  341.854970][ T5242] usb 17-1: new high-speed USB device number 18 using vhci_hcd
[  342.186266][T11448] binder: 11441:11448 ioctl 4018620d 0 returned -22
[  342.221339][T11448] syz.3.1579 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  342.264909][T11432] vhci_hcd: connection reset by peer
[  342.270311][ T1086] vhci_hcd: stop threads
[  342.272272][ T1086] vhci_hcd: release socket
[  342.274327][ T1086] vhci_hcd: disconnect device
[  343.159256][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1587'.
[  343.196363][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1587'.
[  343.199032][   T10] vhci_hcd: vhci_device speed not set
[  343.292778][T11468] syz_tun: entered promiscuous mode
[  343.347855][T11468] batadv_slave_0: entered promiscuous mode
[  343.368127][T11468] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  343.371438][T11468] Cannot create hsr debugfs directory
[  343.620193][T11483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1592'.
[  343.825251][  T815] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  344.014973][  T815] usb 5-1: Using ep0 maxpacket: 8
[  344.021694][  T815] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  344.026248][  T815] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  344.031133][  T815] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  344.040448][  T815] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  344.045391][  T815] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  344.051304][  T815] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  344.081222][  T815] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.326388][  T815] usb 5-1: usb_control_msg returned -32
[  344.329338][  T815] usbtmc 5-1:16.0: can't read capabilities
[  344.363861][T11501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1599'.
[  344.378224][T11501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1599'.
[  345.440559][T11522] overlayfs: failed to resolve './file2': -2
[  345.585007][ T5265] vhci_hcd: vhci_device speed not set
[  345.656681][T11525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1605'.
[  345.886704][T11531] FAULT_INJECTION: forcing a failure.
[  345.886704][T11531] name failslab, interval 1, probability 0, space 0, times 0
[  345.898423][T11531] CPU: 1 PID: 11531 Comm: syz.2.1606 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  345.902783][T11531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.907592][T11531] Call Trace:
[  345.909126][T11531]  <TASK>
[  345.910489][T11531]  dump_stack_lvl+0x16c/0x1f0
[  345.912631][T11531]  should_fail_ex+0x497/0x5b0
[  345.914680][T11531]  should_failslab+0x9/0x20
[  345.916815][T11531]  kmalloc_trace_noprof+0x6b/0x310
[  345.919233][T11531]  ? usb_control_msg+0xbd/0x4b0
[  345.921496][T11531]  ? hub_ext_port_status+0x5e/0x670
[  345.923794][T11531]  usb_control_msg+0xbd/0x4b0
[  345.925841][T11531]  ? __pfx_usb_control_msg+0x10/0x10
[  345.927825][T11531]  ? bpf_trace_run2+0x266/0x590
[  345.929728][T11531]  ? __pfx_lock_release+0x10/0x10
[  345.931731][T11531]  hub_ext_port_status+0x14e/0x670
[  345.934131][T11531]  hub_activate+0x6e6/0x1c00
[  345.936443][T11531]  ? __pfx_hub_activate+0x10/0x10
[  345.938877][T11531]  ? __mutex_lock+0x1a6/0x9c0
[  345.940937][T11531]  ? do_raw_spin_lock+0x12d/0x2c0
[  345.943100][T11531]  hub_resume+0xaa/0x3f0
[  345.944873][T11531]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  345.947440][T11531]  ? __pfx_hub_resume+0x10/0x10
[  345.949530][T11531]  ? __pfx_hcd_bus_resume+0x10/0x10
[  345.951711][T11531]  ? lock_acquire+0x1b1/0x560
[  345.953830][T11531]  usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0
[  345.956848][T11531]  usb_resume_both+0x274/0x800
[  345.958947][T11531]  ? __pfx_usb_resume_both+0x10/0x10
[  345.961033][T11531]  ? __pfx_usb_runtime_resume+0x10/0x10
[  345.962922][T11531]  __rpm_callback+0xc5/0x4c0
[  345.964585][T11531]  ? __pfx_usb_runtime_resume+0x10/0x10
[  345.966485][T11531]  rpm_callback+0x192/0x1d0
[  345.968105][T11531]  ? __pfx_usb_runtime_resume+0x10/0x10
[  345.970033][T11531]  rpm_resume+0xd2c/0x1330
[  345.971629][T11531]  ? __pfx_rpm_resume+0x10/0x10
[  345.973515][T11531]  ? do_raw_spin_lock+0x12d/0x2c0
[  345.975762][T11531]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  345.977920][T11531]  __pm_runtime_resume+0xb6/0x170
[  345.980106][T11531]  usb_autoresume_device+0x23/0xe0
[  345.982286][T11531]  usbdev_open+0x22a/0x8c0
[  345.984236][T11531]  ? kobject_get_unless_zero+0x157/0x1e0
[  345.986697][T11531]  ? __pfx_usbdev_open+0x10/0x10
[  345.988973][T11531]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  345.991416][T11531]  ? apparmor_file_open+0x1ad/0x960
[  345.993758][T11531]  ? __pfx_usbdev_open+0x10/0x10
[  345.996001][T11531]  chrdev_open+0x26d/0x6f0
[  345.998032][T11531]  ? __pfx_chrdev_open+0x10/0x10
[  346.000299][T11531]  ? security_file_open+0x9d/0x8b0
[  346.002622][T11531]  do_dentry_open+0x91f/0x15f0
[  346.004813][T11531]  ? __pfx_chrdev_open+0x10/0x10
[  346.007089][T11531]  ? inode_permission+0xdd/0x5f0
[  346.009356][T11531]  vfs_open+0x82/0x3f0
[  346.011250][T11531]  ? may_open+0x1f2/0x400
[  346.013218][T11531]  path_openat+0x21fc/0x2e50
[  346.015245][T11531]  ? __pfx_path_openat+0x10/0x10
[  346.017456][T11531]  ? __pfx___lock_acquire+0x10/0x10
[  346.019796][T11531]  ? find_held_lock+0x2d/0x110
[  346.021989][T11531]  do_filp_open+0x1dc/0x430
[  346.024070][T11531]  ? __pfx_do_filp_open+0x10/0x10
[  346.026328][T11531]  ? find_held_lock+0x2d/0x110
[  346.028108][T11531]  ? _raw_spin_unlock+0x28/0x50
[  346.029827][T11531]  ? alloc_fd+0x2d7/0x6c0
[  346.031372][T11531]  do_sys_openat2+0x17a/0x1e0
[  346.033074][T11531]  ? __pfx_do_sys_openat2+0x10/0x10
[  346.035013][T11531]  __ia32_compat_sys_openat+0x16e/0x210
[  346.037285][T11531]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  346.040194][T11531]  ? ksys_write+0x1ab/0x260
[  346.042361][T11531]  __do_fast_syscall_32+0x73/0x120
[  346.044256][T11531]  do_fast_syscall_32+0x32/0x80
[  346.046086][T11531]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.048793][T11531] RIP: 0023:0xf740b579
[  346.050570][T11531] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  346.058471][T11531] RSP: 002b:00000000f5d02120 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  346.062706][T11531] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5d02170
[  346.066574][T11531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73f5ff4
[  346.069675][T11531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.072819][T11531] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  346.076242][T11531] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.079845][T11531]  </TASK>
[  346.085278][T11531] hub 8-0:1.0: hub_ext_port_status failed (err = -12)
[  346.522507][   T56] usb 5-1: USB disconnect, device number 13
[  346.944994][ T5242] vhci_hcd: vhci_device speed not set
[  347.351449][T11568] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1618'.
[  347.358196][T11568] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1618'.
[  347.474985][ T4658] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  347.675411][ T4658] usb 5-1: Using ep0 maxpacket: 8
[  347.679233][ T4658] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  347.682947][ T4658] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  347.682974][ T4658] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  347.682996][ T4658] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  347.697374][ T4658] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  347.703967][ T4658] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  347.709028][ T4658] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.969306][ T4658] usb 5-1: usb_control_msg returned -32
[  347.975046][ T4658] usbtmc 5-1:16.0: can't read capabilities
[  348.193720][T11585] syz.3.1625[11585] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  348.193819][T11585] syz.3.1625[11585] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  348.228286][T11585] ubi0: attaching mtd0
[  348.241929][T11585] ubi0: scanning is finished
[  348.244288][T11585] ubi0: empty MTD device detected
[  348.312808][T11585] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  348.316134][T11585] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  348.319240][T11585] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  348.322235][T11585] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  348.325549][T11585] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  348.328484][T11585] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  348.332184][T11585] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 521163115
[  348.336729][T11585] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  348.343787][T11589] ubi0: background thread "ubi_bgt0d" started, PID 11589
[  348.535257][   T56] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  348.715029][   T56] usb 7-1: Using ep0 maxpacket: 8
[  348.726980][   T56] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  348.730265][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  348.744898][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  348.749853][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  348.757735][   T56] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  348.761154][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  348.767097][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  348.772051][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  348.780105][   T56] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  348.783401][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  348.789168][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  348.794044][   T56] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  348.805041][   T56] usb 7-1: string descriptor 0 read error: -22
[  348.807980][   T56] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  348.812147][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.834298][   T56] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  349.048046][T11587] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90
[  349.055089][T11587] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90
[  349.060861][   T56] usb 7-1: USB disconnect, device number 12
[  349.084941][ T4658] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  349.280702][ T4658] usb 8-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f
[  349.284049][ T4658] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.288647][ T4658] usb 8-1: config 0 descriptor??
[  349.298426][ T4658] rndis_host 8-1:0.0: More than one union descriptor, skipping ...
[  349.301546][ T4658] rndis_host 8-1:0.0: skipping garbage
[  349.303645][ T4658] rndis_host 8-1:0.0: probe with driver rndis_host failed with error -22
[  349.306587][ T4658] cdc_acm 8-1:0.0: More than one union descriptor, skipping ...
[  349.308923][ T4658] cdc_acm 8-1:0.0: skipping garbage
[  349.310542][ T4658] cdc_acm 8-1:0.0: Control and data interfaces are not separated!
[  349.312887][ T4658] cdc_acm 8-1:0.0: This needs exactly 3 endpoints
[  349.314965][ T4658] cdc_acm 8-1:0.0: probe with driver cdc_acm failed with error -22
[  349.378465][T11598] FAULT_INJECTION: forcing a failure.
[  349.378465][T11598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.385453][T11598] CPU: 1 PID: 11598 Comm: syz.1.1629 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  349.390222][T11598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  349.394632][T11598] Call Trace:
[  349.396111][T11598]  <TASK>
[  349.397431][T11598]  dump_stack_lvl+0x16c/0x1f0
[  349.399521][T11598]  should_fail_ex+0x497/0x5b0
[  349.401630][T11598]  _copy_to_user+0x30/0xc0
[  349.403174][T11598]  simple_read_from_buffer+0xd0/0x160
[  349.405007][T11598]  proc_fail_nth_read+0x1b0/0x290
[  349.406999][T11598]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  349.409381][T11598]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  349.411766][T11598]  vfs_read+0x1d4/0xbd0
[  349.413574][T11598]  ? __fdget_pos+0xeb/0x180
[  349.415539][T11598]  ? __pfx_vfs_read+0x10/0x10
[  349.417380][T11598]  ? __pfx___mutex_lock+0x10/0x10
[  349.419113][T11598]  ? __fget_files+0x256/0x400
[  349.420759][T11598]  ksys_read+0x12f/0x260
[  349.422199][T11598]  ? __pfx_ksys_read+0x10/0x10
[  349.423818][T11598]  __do_fast_syscall_32+0x73/0x120
[  349.425741][T11598]  do_fast_syscall_32+0x32/0x80
[  349.427798][T11598]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  349.430435][T11598] RIP: 0023:0xf741f579
[  349.432157][T11598] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  349.439806][T11598] RSP: 002b:00000000f5d375b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  349.442606][T11598] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5d37630
[  349.445300][T11598] RDX: 000000000000000f RSI: 00000000f7409ff4 RDI: 0000000000000000
[  349.448343][T11598] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  349.451323][T11598] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  349.454366][T11598] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  349.457630][T11598]  </TASK>
[  350.135332][ T5243] usb 5-1: USB disconnect, device number 14
[  351.104713][T11624] random: crng reseeded on system resumption
[  351.747724][   T39] audit: type=1804 audit(2000000016.080:15): pid=11634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1639" name="/newroot/224/bus/file0" dev="overlay" ino=1263 res=1 errno=0
[  351.776284][ T4658] usb 8-1: USB disconnect, device number 17
[  351.795898][ T5243] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  352.024982][ T5243] usb 5-1: Using ep0 maxpacket: 8
[  352.036636][ T5243] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  352.036661][T11638] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  352.040358][ T5243] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  352.040386][ T5243] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  352.056772][T11638] overlayfs: failed to set xattr on upper
[  352.057936][ T5243] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  352.064669][T11638] overlayfs: ...falling back to redirect_dir=nofollow.
[  352.064688][ T5243] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  352.074486][ T5243] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  352.074761][T11638] overlayfs: ...falling back to index=off.
[  352.081159][T11638] overlayfs: ...falling back to uuid=null.
[  352.081452][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.088229][T11638] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  352.537799][ T5243] usb 5-1: GET_CAPABILITIES returned 0
[  352.539712][ T5243] usbtmc 5-1:16.0: can't read capabilities
[  353.959412][ T5265] usb 5-1: USB disconnect, device number 15
[  354.186921][T11672] xt_TCPMSS: Only works on TCP SYN packets
[  354.396547][T11677] netlink: 'syz.1.1653': attribute type 3 has an invalid length.
[  354.401327][T11677] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1653'.
[  354.470391][T11674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1652'.
[  354.506101][T11674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1652'.
[  354.640370][T11683] FAULT_INJECTION: forcing a failure.
[  354.640370][T11683] name failslab, interval 1, probability 0, space 0, times 0
[  354.646115][T11683] CPU: 2 PID: 11683 Comm: syz.2.1656 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  354.650505][T11683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  354.655247][T11683] Call Trace:
[  354.656727][T11683]  <TASK>
[  354.658032][T11683]  dump_stack_lvl+0x16c/0x1f0
[  354.660151][T11683]  should_fail_ex+0x497/0x5b0
[  354.662237][T11683]  should_failslab+0x9/0x20
[  354.664254][T11683]  kmalloc_trace_noprof+0x6b/0x310
[  354.666527][T11683]  ? p9_client_create+0xcf/0x11b0
[  354.668767][T11683]  p9_client_create+0xcf/0x11b0
[  354.670936][T11683]  ? __pfx_p9_client_create+0x10/0x10
[  354.673264][T11683]  ? rcu_is_watching+0x12/0xc0
[  354.675524][T11683]  ? lockdep_init_map_type+0x16d/0x7d0
[  354.678000][T11683]  ? kmalloc_node_track_caller_noprof+0x22d/0x440
[  354.680827][T11683]  ? v9fs_session_init+0x1f8/0x1a80
[  354.683140][T11683]  v9fs_session_init+0x1f8/0x1a80
[  354.685405][T11683]  ? __pfx_v9fs_session_init+0x10/0x10
[  354.687846][T11683]  ? kasan_save_track+0x14/0x30
[  354.690010][T11683]  v9fs_mount+0xc6/0xaa0
[  354.691891][T11683]  ? __pfx_v9fs_mount+0x10/0x10
[  354.694027][T11683]  ? apparmor_capable+0x126/0x1e0
[  354.696251][T11683]  ? __pfx_v9fs_mount+0x10/0x10
[  354.698404][T11683]  legacy_get_tree+0x109/0x220
[  354.700521][T11683]  vfs_get_tree+0x8f/0x380
[  354.702501][T11683]  path_mount+0x6e1/0x1f10
[  354.704477][T11683]  ? kmem_cache_free+0x12f/0x3a0
[  354.706659][T11683]  ? __pfx_path_mount+0x10/0x10
[  354.708754][T11683]  ? putname+0x12e/0x170
[  354.710595][T11683]  __ia32_sys_mount+0x295/0x320
[  354.712722][T11683]  ? __pfx___ia32_sys_mount+0x10/0x10
[  354.714910][T11683]  __do_fast_syscall_32+0x73/0x120
[  354.717217][T11683]  do_fast_syscall_32+0x32/0x80
[  354.719432][T11683]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  354.722193][T11683] RIP: 0023:0xf740b579
[  354.724010][T11683] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  354.733271][T11683] RSP: 002b:00000000f5d2357c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  354.737929][T11683] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200002c0
[  354.741318][T11683] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000100
[  354.744728][T11683] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  354.748179][T11683] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  354.751851][T11683] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  354.755230][T11683]  </TASK>
[  354.848721][T11691] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  354.952624][T11697] syz.3.1659[11697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  354.952819][T11697] syz.3.1659[11697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  355.218410][T11707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1662'.
[  355.287466][T11704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1662'.
[  355.491402][   T39] audit: type=1326 audit(2000000019.820:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11713 comm="syz.2.1664" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf740b579 code=0x0
[  355.774955][ T5243] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  355.865195][ T5242] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  355.975162][ T5243] usb 5-1: Using ep0 maxpacket: 8
[  355.991548][ T5243] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  356.001519][ T5243] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  356.007136][ T5243] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  356.011263][ T5243] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  356.018436][ T5243] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  356.022990][ T5243] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  356.026612][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.064915][ T5242] usb 6-1: Using ep0 maxpacket: 8
[  356.069228][ T5242] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  356.072829][ T5242] usb 6-1: config 179 has no interface number 0
[  356.076264][ T5242] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  356.084935][ T5242] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  356.089921][ T5242] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  356.094689][ T5242] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  356.103040][ T5242] usb 6-1: config 179 interface 65 has no altsetting 0
[  356.106392][ T5242] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  356.110546][ T5242] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.119973][T11723] fuse: Bad value for 'fd'
[  356.125560][T11716] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  356.151602][ T5242] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input21
[  356.216254][ T4683] input input21: unable to receive magic message: -110
[  356.226078][ T4683] input input21: unable to receive magic message: -32
[  356.234732][ T4683] input input21: unable to receive magic message: -32
[  356.243389][ T4683] input input21: unable to receive magic message: -32
[  356.392012][ T7568] input input21: unable to receive magic message: -32
[  356.392271][ T5243] usb 5-1: GET_CAPABILITIES returned 0
[  356.413448][ T5243] usbtmc 5-1:16.0: can't read capabilities
[  356.455903][ T5835] usb 6-1: USB disconnect, device number 19
[  356.455992][    C3] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  356.464834][ T5835] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  356.652361][T11727] xt_TCPMSS: Only works on TCP SYN packets
[  357.050383][T11729] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  357.063748][T11731] binder: 11730:11731 ioctl c0306201 0 returned -14
[  357.185464][ T5265] usb 5-1: USB disconnect, device number 16
[  357.592088][T11741] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  357.594555][T11741] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  357.599358][T11741] vhci_hcd vhci_hcd.0: Device attached
[  357.604452][T11742] vhci_hcd: cannot find the pending unlink 0
[  357.874923][ T5242] usb 17-1: new high-speed USB device number 19 using vhci_hcd
[  358.195267][ T5243] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  358.225514][T11756] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1676'.
[  358.236567][T11756] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1676'.
[  358.335159][T11742] vhci_hcd: connection reset by peer
[  358.338840][ T3104] vhci_hcd: stop threads
[  358.340565][ T3104] vhci_hcd: release socket
[  358.342676][ T3104] vhci_hcd: disconnect device
[  358.385239][ T5243] usb 6-1: Using ep0 maxpacket: 32
[  358.398854][ T5243] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.404184][ T5243] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  358.414952][ T5243] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  358.419897][ T5243] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  358.423584][ T5243] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  358.432999][ T5243] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  358.441698][ T5243] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  358.446522][ T5243] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.449802][ T5243] usb 6-1: Product: syz
[  358.451237][ T5243] usb 6-1: Manufacturer: syz
[  358.452959][ T5243] usb 6-1: SerialNumber: syz
[  358.457089][T11763] fuse: Bad value for 'fd'
[  358.691323][T11751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  358.695680][T11751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  358.751966][ T5243] cdc_ncm 6-1:1.0: bind() failure
[  358.767983][ T5243] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  358.773103][ T5243] cdc_ncm 6-1:1.1: bind() failure
[  358.779410][ T5243] usb 6-1: USB disconnect, device number 20
[  359.189455][   T75] ------------[ cut here ]------------
[  359.192588][   T75] WARNING: CPU: 0 PID: 75 at net/wireless/nl80211.c:19473 cfg80211_bss_color_notify+0x60b/0x7d0
[  359.197042][   T75] Modules linked in:
[  359.198288][   T75] CPU: 0 PID: 75 Comm: kworker/u32:4 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  359.203587][   T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.208151][   T75] Workqueue: phy59 ieee80211_color_collision_detection_work
[  359.213634][   T75] RIP: 0010:cfg80211_bss_color_notify+0x60b/0x7d0
[  359.218849][   T75] Code: bc 5b f7 49 8d 7f 68 be ff ff ff ff e8 ce 3b a9 00 31 ff 89 c3 89 c6 e8 e3 b7 5b f7 85 db 0f 85 16 fb ff ff e8 d6 bc 5b f7 90 <0f> 0b 90 e9 08 fb ff ff e8 c8 bc 5b f7 0f b6 44 24 1c ba 01 00 00
[  359.227067][   T75] RSP: 0018:ffffc90000e17bf8 EFLAGS: 00010293
[  359.229763][   T75] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a32d1ad
[  359.233236][   T75] RDX: ffff88801a2f0000 RSI: ffffffff8a32d1ba RDI: 0000000000000005
[  359.237273][   T75] RBP: 000000000000008d R08: 0000000000000005 R09: 0000000000000000
[  359.240404][   T75] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888050d78000
[  359.243647][   T75] R13: ffff8880154b0000 R14: ffff888050d78cb0 R15: ffff88805c088700
[  359.247015][   T75] FS:  0000000000000000(0000) GS:ffff88802c000000(0000) knlGS:0000000000000000
[  359.250852][   T75] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  359.253499][   T75] CR2: 000000002fa0cffc CR3: 0000000057636000 CR4: 0000000000352ef0
[  359.256493][   T75] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  359.259313][   T75] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  359.262366][   T75] Call Trace:
[  359.263726][   T75]  <TASK>
[  359.265120][   T75]  ? show_regs+0x8c/0xa0
[  359.266929][   T75]  ? __warn+0xe5/0x3c0
[  359.268406][   T75]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  359.270554][   T75]  ? report_bug+0x3c0/0x580
[  359.272257][   T75]  ? handle_bug+0x3d/0x70
[  359.273968][   T75]  ? exc_invalid_op+0x17/0x50
[  359.275934][   T75]  ? asm_exc_invalid_op+0x1a/0x20
[  359.277909][   T75]  ? cfg80211_bss_color_notify+0x5fd/0x7d0
[  359.280090][   T75]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  359.282746][   T75]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  359.285561][   T75]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  359.288022][   T75]  ? __pfx_lock_acquire+0x10/0x10
[  359.290265][   T75]  ? __pfx_cfg80211_bss_color_notify+0x10/0x10
[  359.293016][   T75]  process_one_work+0x958/0x1ad0
[  359.295179][   T75]  ? __pfx_lock_acquire+0x10/0x10
[  359.297853][   T75]  ? __pfx_process_one_work+0x10/0x10
[  359.300206][   T75]  ? assign_work+0x1a0/0x250
[  359.302238][   T75]  worker_thread+0x6c8/0xf30
[  359.304254][   T75]  ? __pfx_worker_thread+0x10/0x10
[  359.306592][   T75]  kthread+0x2c1/0x3a0
[  359.308520][   T75]  ? _raw_spin_unlock_irq+0x23/0x50
[  359.310546][   T75]  ? __pfx_kthread+0x10/0x10
[  359.312556][   T75]  ret_from_fork+0x45/0x80
[  359.314330][   T75]  ? __pfx_kthread+0x10/0x10
[  359.316385][   T75]  ret_from_fork_asm+0x1a/0x30
[  359.318271][   T75]  </TASK>
[  359.319498][   T75] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  359.322587][   T75] CPU: 0 PID: 75 Comm: kworker/u32:4 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  359.326857][   T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.331534][   T75] Workqueue: phy59 ieee80211_color_collision_detection_work
[  359.334665][   T75] Call Trace:
[  359.336138][   T75]  <TASK>
[  359.337504][   T75]  dump_stack_lvl+0x3d/0x1f0
[  359.339348][   T75]  panic+0x6f5/0x7a0
[  359.340922][   T75]  ? __pfx_panic+0x10/0x10
[  359.342688][   T75]  ? show_trace_log_lvl+0x363/0x500
[  359.344865][   T75]  ? check_panic_on_warn+0x1f/0xb0
[  359.347085][   T75]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  359.349366][   T75]  check_panic_on_warn+0xab/0xb0
[  359.351304][   T75]  __warn+0xf1/0x3c0
[  359.352998][   T75]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  359.355481][   T75]  report_bug+0x3c0/0x580
[  359.357323][   T75]  handle_bug+0x3d/0x70
[  359.359094][   T75]  exc_invalid_op+0x17/0x50
[  359.362934][   T75]  asm_exc_invalid_op+0x1a/0x20
[  359.366412][   T75] RIP: 0010:cfg80211_bss_color_notify+0x60b/0x7d0
[  359.369176][   T75] Code: bc 5b f7 49 8d 7f 68 be ff ff ff ff e8 ce 3b a9 00 31 ff 89 c3 89 c6 e8 e3 b7 5b f7 85 db 0f 85 16 fb ff ff e8 d6 bc 5b f7 90 <0f> 0b 90 e9 08 fb ff ff e8 c8 bc 5b f7 0f b6 44 24 1c ba 01 00 00
[  359.377284][   T75] RSP: 0018:ffffc90000e17bf8 EFLAGS: 00010293
[  359.379926][   T75] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a32d1ad
[  359.383268][   T75] RDX: ffff88801a2f0000 RSI: ffffffff8a32d1ba RDI: 0000000000000005
[  359.386565][   T75] RBP: 000000000000008d R08: 0000000000000005 R09: 0000000000000000
[  359.389915][   T75] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888050d78000
[  359.393312][   T75] R13: ffff8880154b0000 R14: ffff888050d78cb0 R15: ffff88805c088700
[  359.396682][   T75]  ? cfg80211_bss_color_notify+0x5fd/0x7d0
[  359.399157][   T75]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  359.401684][   T75]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  359.404289][   T75]  ? __pfx_lock_acquire+0x10/0x10
[  359.406531][   T75]  ? __pfx_cfg80211_bss_color_notify+0x10/0x10
[  359.409276][   T75]  process_one_work+0x958/0x1ad0
[  359.411640][   T75]  ? __pfx_lock_acquire+0x10/0x10
[  359.414060][   T75]  ? __pfx_process_one_work+0x10/0x10
[  359.416325][   T75]  ? assign_work+0x1a0/0x250
[  359.418135][   T75]  worker_thread+0x6c8/0xf30
[  359.419847][   T75]  ? __pfx_worker_thread+0x10/0x10
[  359.421856][   T75]  kthread+0x2c1/0x3a0
[  359.423576][   T75]  ? _raw_spin_unlock_irq+0x23/0x50
[  359.425706][   T75]  ? __pfx_kthread+0x10/0x10
[  359.427729][   T75]  ret_from_fork+0x45/0x80
[  359.429669][   T75]  ? __pfx_kthread+0x10/0x10
[  359.431551][   T75]  ret_from_fork_asm+0x1a/0x30
[  359.433635][   T75]  </TASK>
[  359.435511][   T75] Kernel Offset: disabled
[  359.436937][   T75] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:31:42  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84f94585 RDI=ffffffff94d59e00 RBP=ffffffff94d59dc0 RSP=ffffc90000e175e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005
R12=0000000000000000 R13=000000000000003a R14=ffffffff84f94520 R15=0000000000000000
RIP=ffffffff84f945af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fa0cffc CR3=0000000057636000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88802c3462e0 RCX=ffffffff818263bb RDX=ffff88801ffac880
RSI=ffffffff81826395 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90006e57910
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000007
R12=ffffed1005868c5d R13=0000000000000001 R14=ffff88802c3462e8 R15=ffff88802c13fd80
RIP=ffffffff8182639c RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000003221affc CR3=000000000d97a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000004 RBX=ffff888016350bca RCX=0000000000000002 RDX=0000000000000002
RSI=0000000000000008 RDI=ffff888016350bc9 RBP=0000000000000026 RSP=ffffc9000053f880
R8 =0000000000000000 R9 =0000000000000001 R10=ffffffff941f32c7 R11=0000000000000005
R12=ffffed1002c6a15b R13=ffff888016350ae0 R14=ffff888016350ba8 R15=0000000000000002
RIP=ffffffff816c80dd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000202b9000 CR3=000000005fcba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000001 RBX=00fff40000050028 RCX=ffffffff81c7fd32 RDX=ffff88801a3d2440
RSI=0000000000000000 RDI=0000000000000007 RBP=ffffea0000af7180 RSP=ffffc90001f27300
R8 =0000000000000007 R9 =0000000000000000 R10=0000040000000000 R11=0000000000000002
R12=0000040000000000 R13=0000000000000001 R14=ffff888021d01000 R15=0000000000000000
RIP=ffffffff818e87fe RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fa00ff8 CR3=000000005fcba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000