last executing test programs:

3m45.120672872s ago: executing program 2 (id=4179):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001480)=@newtaction={0xff4, 0x30, 0xffff, 0x70bd2d, 0x20000000, {}, [{0xfe0, 0x1, [@m_vlan={0x90, 0x20, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x101, 0x6, 0x8, 0x1400, 0x4}, 0x1}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xaee}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x60d}]}, {0x38, 0x6, "9dcd6b962ce1767148c6f2e7684149286928ab73b9791840cf2af48ab72737af5f5e6ff262aaa0aa0b1e48350d8a432d1a6979f8"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_bpf={0xf1c, 0x3, 0x0, 0x0, {{0x8}, {0xef4, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xeed, 0x6, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xff4}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socket$packet(0x11, 0x0, 0x300)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x80000037)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
write$dsp(r4, &(0x7f0000000080)="cd", 0x1)
close(r4)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x1401f)
creat(&(0x7f0000000040)='./file0\x00', 0x24)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
dup(r2)
socket$inet(0x2, 0x3, 0xffff)

3m44.283832095s ago: executing program 2 (id=4182):
r0 = syz_open_dev$sndctrl(&(0x7f0000005a80), 0xce5, 0x2400)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x804)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x108b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540), 0x0, 0x20000001)
openat$nullb(0xffffff9c, &(0x7f00000000c0), 0x224400, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r4, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r4, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(r4, 0x0, 0x6, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(0xffffffffffffffff)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000005ac0)=""/114)

3m42.711505148s ago: executing program 2 (id=4185):
r0 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000000), 0x402000, 0x0)
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000080)={0x2, 0x9, 0x7, 0x4000, <r1=>0xffffffffffffffff})
dup3(r0, r1, 0x80000)
r2 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x22301, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_CAP_X86_USER_SPACE_MSR(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f00000001c0)={0x4376ea830d455498, 0x0, [0xffffffffffffffff, 0xc667, 0x20000006, 0x800000000007ffc, 0x5, 0x8, 0xfffffffffffffffc, 0xfd]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x12, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x6, 0x3f, 0x0, r4}, &(0x7f0000000280)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r5, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
preadv2(r8, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000140)={'dt2801\x00', [0x9e1, 0x2566, 0x0, 0x100000, 0x8, 0x6, 0x5, 0x10, 0x1002, 0xffffffff, 0x1, 0x6, 0x344, 0x1, 0x7, 0x0, 0x8, 0x3, 0x9, 0xe, 0x100, 0x1003, 0x7, 0xa, 0x5, 0x1, 0xb0c4, 0x7df, 0x8, 0x400007, 0x1]})

3m41.677594686s ago: executing program 2 (id=4188):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1f8, 0x0, 0x11, 0x148, 0xf8, 0x0, 0x188, 0x2a8, 0x2a8, 0x188, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x4, 0x4, 0xd, 0x0, 0x9]}, {0x0, [0x2, 0x188, 0x0, 0x2], 0x3}}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x258)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={r3, 0x0, 0xe, 0x0, &(0x7f0000000040)="0000ffffffffa000903626e43925", 0x0, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
listen(r1, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r5 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000240)="e9a4ea8d246a02fb3d7b6d068c4bd0e238a86b018e04", 0x16}], 0x1}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2ebb203023d89132c1980796d3480bf302680bb6d94cc2ddc4b641c81144696a15b4d88e56d04ec393bf39b3774c70aa01f9aee0fc51897c613f9ed201e53a48b093ea3325ebab77c2d8afcdd9e30fec85fdb932aa067d0f6e891750cd952158d3288fc4cb3a551e6d8f828c6e02ef0e295cbf30390c4566dba8ff971c6d212f4b", 0x81}], 0x1}}], 0x2, 0x4008)
recvmsg$kcm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/150, 0x96}], 0x5}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x5000)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0x40015b19, &(0x7f0000000040))

3m38.473972603s ago: executing program 2 (id=4196):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f00000000c0)=0x20)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)=0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x28, &(0x7f00000002c0)=0x2)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44) (fail_nth: 2)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
write$dsp(r0, &(0x7f0000000140)="755a5398d512d39077459e67ee110daaf0413bc745ef85b89f2141d5", 0x1c)
socket$pppoe(0x18, 0x1, 0x0)
syz_io_uring_setup(0x66ad, &(0x7f0000000140)={0x0, 0x8c63, 0x0, 0x1, 0xfffffdfc}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})

3m37.473916458s ago: executing program 2 (id=4200):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001480)=@newtaction={0xf64, 0x30, 0xffff, 0x70bd2d, 0x20000000, {}, [{0xf50, 0x1, [@m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_bpf={0xf1c, 0x3, 0x0, 0x0, {{0x8}, {0xef4, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xeed, 0x6, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xf64}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$packet(0x11, 0x0, 0x300)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x80000037)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
write$dsp(r4, &(0x7f0000000080)="cd", 0x1)
close(r4)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x1401f)
creat(&(0x7f0000000040)='./file0\x00', 0x24)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
dup(r2)
socket$inet(0x2, 0x3, 0xffff)

3m37.305334417s ago: executing program 32 (id=4200):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001480)=@newtaction={0xf64, 0x30, 0xffff, 0x70bd2d, 0x20000000, {}, [{0xf50, 0x1, [@m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_bpf={0xf1c, 0x3, 0x0, 0x0, {{0x8}, {0xef4, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xeed, 0x6, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xf64}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$packet(0x11, 0x0, 0x300)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x80000037)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
write$dsp(r4, &(0x7f0000000080)="cd", 0x1)
close(r4)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x1401f)
creat(&(0x7f0000000040)='./file0\x00', 0x24)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
dup(r2)
socket$inet(0x2, 0x3, 0xffff)

5.622573095s ago: executing program 1 (id=5337):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = io_uring_setup(0x5594, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x1d2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0xf000, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}, {&(0x7f0000000000)=""/19, 0x13}, {0x0}], &(0x7f0000000200)=[0xba], 0x11a}, 0x20)

5.537530182s ago: executing program 1 (id=5338):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0007001f0000000200000022bf000001000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000030000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r6)
syz_usb_connect$cdc_ncm(0x6, 0xf3, &(0x7f0000000540)=ANY=[@ANYBLOB="12011001020000402505a1a44000010203010902e10002011120050904000001020d000009240600014812987e052400df000d240f0101000000000003000506241a0104146e2413ee518feaf0692c135da9476dc0a5eef1567e69a81e949fcd31f4f7d3c3b4a03d43334ecee80f3f7f40ef9a41d4cc2b43f7aa3d305c6fc23775f803abf2a9fa26b1f5b65555ccd23da8bb42fee32af87180a01fb92dc3d08a95ee561798b7881364c756175786ab8d696ff507240a050702800c241b01040300050701000209058103ff030604050904010000020d00000904010102020d0000090582020004f10209090503022000260007"], 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f"], 0x74}}, 0x0)
bind$rxrpc(r4, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], 0x0, 0x4}, 0x94)

4.514035026s ago: executing program 3 (id=5342):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000))

4.407952644s ago: executing program 3 (id=5343):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x4c)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0)
recvmsg$can_raw(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000340)=""/197, 0xc5}], 0x1}, 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x200000, 0x0, 0xff, 0x1, 0x0, 0xfffe}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1e0000000000000003000000fbffffff00000000", @ANYRES32, @ANYBLOB="09000000000000000000000000000000000000008246df037d82701b30cba03195191940e1314b864f9a8b00a0cac9032571b6e96a40c1c924dc477b1890216ee2c48d5a00230c433f934e2135ca7606cf2c60c761c82738cde31cbc00df46035bd4b07dea54c15adcc36e3293527cae9ef911b062ef2cef401a9ba0813f21dad2605747d23054c544574576f172e6287bf68355e5bb95fc3f0e97e47616daceaefd3c6885b32cf852fa99f7fb074f8b3cafb17ac07f1b020791a8f81a112bff9d1a82883da19d1945b9f2509aa14e65a69ec6a24c6e10b5609022afb7b1e056c92fa9e78cacfafaa2b8c924b13adca1e46701822f2941fe5141790dc144a191fe507b8d17597815359a9e78bb5e625d2e5ecab5782b870409547836a932cf4df5c13a47fe4a9c4e4a07eabb011e097b2426d0a422b8fd1f899fefb44b8dea284649e56c4f620cd61e4fec7ea4ba81b3f1fe842ad4243928806e2aaf95e729acab", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000003000000000000000d00"/28], 0x50)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c0000000800124000000000050005000a000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000200)={@ipv4={'\x00', '\xff\xff', @multicast2}, 0x200000, 0x2, 0x0, 0xb, 0x10, 0x600}, 0x20)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002a00)=ANY=[@ANYBLOB="380000003c0007010000000000400000017c00001000fc800c00050006000000000000000c00018006000600000280c4139b78"], 0x38}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

2.40755342s ago: executing program 1 (id=5349):
r0 = socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c8, 0x12)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = dup(r5)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r7, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r8 = memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99\x18\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1f\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\tRJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd99C\x9fF\x9c[M=\xa0^\xa8\xed)\xe8Z\xe8\x9b&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xc9\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8ZmH\x98\xaeb\xa5B5)\x80m\xff\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6\x05\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\x19\x06U)j!\x91\'\x98\xd2kFN\xfa\x80)O\xb9(!n\x9d\x13\x15\xf1\x1a\xb8y\x14l\xd1', 0x7)
ioctl$FS_IOC_RESVSP(r8, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x762})
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r8, 0x0)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {0x10004}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)

1.768018602s ago: executing program 0 (id=5353):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})

1.697789906s ago: executing program 0 (id=5354):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400000010000100000000a8c80000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c0002800800024000000000140000001100010000000000000000000100000a0c193c4362d3148091c2638ed475e314c943c0422e43423973f06742137d6254388af2cd55ba29a9a1d3d944ddc92749853d6d0af9f3d876128aa47863bc5a52c9dd965c488dc0a5517e1c3fec16574104fef4c8a09a969b8119cbcf27674f0408802354ae1673a2603d346b75b578df3fb2b3320cab237102e825bbe813e5ca6fd8b28239a9990e0516e2d7c0f1f431ec8423e33b3f8585e91f7e6a651299c42f86cb4180110cecb78e0fbc8f949dd1f9766c1c433c9df155e666ff0e9ecb660af4a0873abccda17817748b91254f5f8c569c9b04cafdbeea43cf16efd579d2cb50369f58f86b82666205cf53aa496c595fcffce95655453f1811b3d11af26cebea80f4339e5b598088fb5c4993eeaf71bcf1ee2d9de8677fbb5c812bbf604c62dcc7a3614e50e10bf7e2c562a2787fc4d47d3d02d7c4dd8b0874f99271c9e9d8eb95857d7e7cbf0a44df5f8dbf8ba2"], 0x7b}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'veth0_to_bond\x00', {0x1}, 0x26})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_bt_hci(r4, 0x400448c9, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r6, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r6, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x80, &(0x7f00000002c0)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "c172f5", 0x4a, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @mcast2, {[], @param_prob={0x4, 0x2, 0x0, 0xffff, {0x5, 0x6, "80009d", 0x400, 0x3c, 0x1, @local, @private2={0xfc, 0x2, '\x00', 0x1}, [@dstopts={0x33, 0x0, '\x00', [@padn]}], "8a5959e207334044c6c0"}}}}}}}, 0x0)

1.552217646s ago: executing program 3 (id=5355):
ioctl$VIDIOC_G_AUDIO(0xffffffffffffffff, 0x80345621, &(0x7f0000000000))

1.477704997s ago: executing program 3 (id=5356):
r0 = eventfd2(0x8, 0x0)
read(r0, &(0x7f0000002500)=""/126, 0x7e)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000780)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @loopback, 0x3}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x3404c8d4)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000000c0)={0x0, 0xf7, 0x2, [0x4, 0x3]}, 0xc)
read(r0, &(0x7f00000001c0)=""/121, 0x79)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x1, 0x8, 0x0, 0x3}, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg(r5, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)='o', 0x1}], 0x1}}], 0x1, 0x44810)
recvmmsg(r2, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0)
write$eventfd(r0, &(0x7f0000000000)=0xffffffffffff0001, 0x8)
poll(&(0x7f0000000040)=[{r0, 0x8032}], 0x1, 0x2)

997.334864ms ago: executing program 1 (id=5357):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0x3, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x7c}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40010) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
write(0xffffffffffffffff, &(0x7f0000000240), 0x0) (async, rerun: 32)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffff0000380064000000019078ac1e0001ac14142c053490781200183f250000000000fffd0d010000ac14149a00000000001863714ab990430000000000000000"], 0x0) (rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
socket(0x2c, 0x4, 0x0) (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
setrlimit(0x8, 0x0) (async)
r3 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0xfffff, 0xffffffffffffffff)
keyctl$read(0x2, r3, &(0x7f00000003c0)=""/4096, 0x1000)

835.732428ms ago: executing program 1 (id=5358):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000080)="a99c383d33c9c607b1b9d49688a8834a8864", 0x1000e, 0x0, &(0x7f0000000000)={0x11, 0x8100, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000380)={0x8, 0x60}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_open_dev$sndpcmc(0x0, 0x57, 0x200002)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = syz_open_dev$radio(0x0, 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x0, 0x218, 0x0, r4})
io_uring_setup(0x2c49, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x2})
openat$sysctl(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, 0x0, 0x0)
r6 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r6, &(0x7f0000000740), 0xffffffffffffffbc)
fcntl$addseals(r6, 0x409, 0x8)
sendmsg$NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, 0x0, 0x80)

805.976909ms ago: executing program 0 (id=5359):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xc0, &(0x7f0000000640)={0x0, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3b, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r1}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2f00020b, 0x809, 0x2f000000, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

803.863624ms ago: executing program 0 (id=5360):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000000000000000000094000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000341200007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="c1dfb08886dd0000009c2a000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

740.86974ms ago: executing program 0 (id=5362):
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})

700.675707ms ago: executing program 0 (id=5364):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000001000010029bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="6cb20600420003006e657464657673696d3000000000000014001680100001800c00030005000000071e00000000000868ecd9aef9d2fe40da847b0d71b9f9e847376a85ca13dc6cb268ae9b8c68f2d6e7d943c833d50d073012a1c135a9a9a1b60bb8cc096435eb9250eadc87fd7af01c8aa641b9ddfa70e11df9ad03000000f749897c704adfa32957fa82643da21a6a92f4"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x40)
socket$inet_sctp(0x2, 0x1, 0x84)
userfaultfd(0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000480)=@assoc_value, 0x0)
io_setup(0x9, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
io_submit(r2, 0x1, &(0x7f0000000280)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto$inet(r3, 0x0, 0x4d, 0x200047ee, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x2)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x84, 0x0, &(0x7f0000001080))
ioctl$TIOCL_PASTESEL(r6, 0x541c, &(0x7f0000000000))

443.586196ms ago: executing program 3 (id=5366):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x5, 0x88000)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000240)={@remote, @remote, @void, {@canfd={0xd, {{0x4, 0x0, 0x1, 0x1}, 0xe, 0x3, 0x0, 0x0, "cbba75b677ae2b779ba5b8918b83006ab8e10614096f41921c015176eb1a66d0a76323dd06a7d85080c7d6c01436dc1bc711d12fb5a6b077bf56cf7d41400a25"}}}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB='-', @ANYRESDEC], 0x28)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="adffa88800000000180012800e00010077697265ac08b3263067756172640000000400028008000400000000009e28f4f476fe4ed112c380110939a2e8d416b05c86dd5b4d43e9c6a9418b5754c4386948be5eeb4e9c6de33575edf8a2be63561b452c6f091bafb9cfcb0a8df19afe37e773e3793749eeb36e3c00a9cc97454dd918637e5947f1df811b94822dfa80bd30566c94a09d37079858ef733a9ea0e9666056a5e8c60a40e312f3fa294c0839ad927d0d2335fda1a954151f2089916f2c54ecbd3e4490ec8a7dbc7a0012ba3c4a69068de05d000000000000000000"], 0x40}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r5, {0xfff9, 0x7}, {}, {0x1, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, @TCA_FLOWER_KEY_IPV6_DST_MASK={0x14, 0x11, [0xffffff, 0xffffff00, 0xffffffff, 0xff]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x800)

433.069985ms ago: executing program 4 (id=5367):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000000)={{@local, 0x200001}, @local, 0x8, 0x0, 0x347, 0x80000004, 0x24b, 0x10001, 0x9})
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_DELCHAIN={0xdc, 0x5, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_HOOK={0x48, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'geneve0\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_hsr\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'xfrm0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2aa810f0}]}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x5}, @NFTA_CHAIN_HOOK={0x34, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x76df5ac8}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4fd06839}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4cc22ad9}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3aada3cd}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0x104}}, 0x8050)

363.51085ms ago: executing program 4 (id=5368):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xc0, &(0x7f0000000640)={0x0, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3b, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r1}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2f00020b, 0x809, 0x2f000000, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

363.124904ms ago: executing program 4 (id=5369):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000100)=0x5e1, 0x4)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
setresuid(0x0, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000100)=0x5e1, 0x4)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x5e20, 0xffffffff, @ipv4={'\x00', '\xff\xff', @empty}, 0x104}, 0x1c)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x5e20, 0xffffffff, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x6}, 0x1c)

274.741713ms ago: executing program 4 (id=5370):
ioctl$VIDIOC_G_AUDIO(0xffffffffffffffff, 0x80345621, &(0x7f0000000000))

258.96582ms ago: executing program 1 (id=5371):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x19) (fail_nth: 9)

195.870199ms ago: executing program 4 (id=5372):
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})

189.515753ms ago: executing program 4 (id=5373):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f00000000c0)=0x20)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)=0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x28, &(0x7f00000002c0)=0x2)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
write$dsp(r0, &(0x7f0000000140)="755a5398d512d39077459e67ee110daaf0413bc745ef85b89f2141", 0x1b) (fail_nth: 2)
socket$pppoe(0x18, 0x1, 0x0)
syz_io_uring_setup(0x66ad, &(0x7f0000000140)={0x0, 0x8c63, 0x0, 0x1, 0xfffffdfc}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})

0s ago: executing program 3 (id=5374):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f00000000c0)=0x20)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)=0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x28, &(0x7f00000002c0)=0x2)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
write$dsp(r0, &(0x7f0000000140)="755a5398d512d39077459e67ee110daaf0413bc745ef85b89f2141", 0x1b)
socket$pppoe(0x18, 0x1, 0x0)
syz_io_uring_setup(0x66ad, &(0x7f0000000140)={0x0, 0x8c63, 0x0, 0x1, 0xfffffdfc}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})

kernel console output (not intermixed with test programs):

046] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1374.545936][T25046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1374.545942][T25046] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1374.545949][T25046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1374.545962][T25046]  </TASK>
[ 1374.937135][T25063] [U] :
[ 1374.938684][T25063] [U] 
[ 1374.939892][T25063] [U] 
[ 1374.941109][T25063] [U] 
[ 1374.943228][T25063] [U] 
[ 1374.944441][T25063] [U] 
[ 1374.945644][T25063] [U] 
[ 1374.946836][T25063] [U] 
[ 1374.948377][T25063] [U] 
[ 1374.949579][T25063] [U] 
[ 1374.950770][T25063] [U] 
[ 1374.951975][T25063] [U] 
[ 1374.953871][T25063] [U] 
[ 1374.955083][T25063] [U] 
[ 1374.956275][T25063] [U] 
[ 1374.957483][T25063] [U] 
[ 1374.959254][T25063] [U] 
[ 1374.960451][T25063] [U] 
[ 1374.961660][T25063] [U] 
[ 1374.962846][T25063] [U] 
[ 1374.964622][T25063] [U] 
[ 1374.965834][T25063] [U] 
[ 1374.967035][T25063] [U] 
[ 1374.968229][T25063] [U] 
[ 1374.970100][T25063] [U] 
[ 1374.971004][T25063] [U] 
[ 1374.971896][T25063] [U] 
[ 1374.972813][T25063] [U] 
[ 1374.975119][T25063] [U] 
[ 1374.976020][T25063] [U] 
[ 1374.976946][T25063] [U] 
[ 1374.978054][T25063] [U] 
[ 1374.979852][T25063] [U] 
[ 1374.980999][T25063] [U] 
[ 1374.981960][T25063] [U] 
[ 1374.982901][T25063] [U] 
[ 1374.984544][T25063] [U] 
[ 1374.985641][T25063] [U] 
[ 1374.986733][T25063] [U] 
[ 1374.987856][T25063] [U] 
[ 1375.013542][T25063] [U] 
[ 1375.014733][T25063] [U] 
[ 1375.015855][T25063] [U] 
[ 1375.016833][T25063] [U] 
[ 1375.018269][T25063] [U] 
[ 1375.019250][T25063] [U] 
[ 1375.020371][T25063] [U] 
[ 1375.021515][T25063] [U] 
[ 1375.023349][T25063] [U] 
[ 1375.024538][T25063] [U] 
[ 1375.025574][T25063] [U] 
[ 1375.026461][T25063] [U] 
[ 1375.028569][T25063] [U] 
[ 1375.029484][T25063] [U] 
[ 1375.030368][T25063] [U] 
[ 1375.031254][T25063] [U] 
[ 1375.033002][T25063] [U] 
[ 1375.034163][T25063] [U] 
[ 1375.035310][T25063] [U] 
[ 1375.036251][T25063] [U] 
[ 1375.037702][T25063] [U] 
[ 1375.038831][T25063] [U] 
[ 1375.039954][T25063] [U] 
[ 1375.040989][T25063] [U] 
[ 1375.042708][T25063] [U] 
[ 1375.043853][T25063] [U] 
[ 1375.044989][T25063] [U] 
[ 1375.045995][T25063] [U] 
[ 1375.047227][T25063] [U] 
[ 1375.048375][T25063] [U] 
[ 1375.049541][T25063] [U] 
[ 1375.050677][T25063] [U] 
[ 1375.054433][T25063] [U] 
[ 1375.055568][T25063] [U] 
[ 1375.056695][T25063] [U] 
[ 1375.057829][T25063] [U] 
[ 1375.059502][T25063] [U] 
[ 1375.060664][T25063] [U] 
[ 1375.061791][T25063] [U] 
[ 1375.062916][T25063] [U] 
[ 1375.064530][T25063] [U] 
[ 1375.065682][T25063] [U] 
[ 1375.066693][T25063] [U] 
[ 1375.067644][T25063] [U] 
[ 1375.069178][T25063] [U] 
[ 1375.070319][T25063] [U] 
[ 1375.071367][T25063] [U] 
[ 1375.072471][T25063] [U] 
[ 1375.073928][T25063] [U] 
[ 1375.074858][T25063] [U] 
[ 1375.075769][T25063] [U] 
[ 1375.076649][T25063] [U] 
[ 1375.077766][T25063] [U] 
[ 1375.078639][T25063] [U] 
[ 1375.079431][T25063] [U] 
[ 1375.080311][T25063] [U] 
[ 1375.082173][T25063] [U] 
[ 1375.083166][T25063] [U] 
[ 1375.084242][T25063] [U] 
[ 1375.085378][T25063] [U] 
[ 1375.086676][T25063] [U] 
[ 1375.087645][T25063] [U] 
[ 1375.088762][T25063] [U] 
[ 1375.089885][T25063] [U] 
[ 1375.091530][T25063] [U] 
[ 1375.092484][T25063] [U] 
[ 1375.093608][T25063] [U] 
[ 1375.094745][T25063] [U] 
[ 1375.096185][T25063] [U] 
[ 1375.097314][T25063] [U] 
[ 1375.098387][T25063] [U] 
[ 1375.099502][T25063] [U] 
[ 1375.101052][T25063] [U] 
[ 1375.102201][T25063] [U] 
[ 1375.103312][T25063] [U] 
[ 1375.104431][T25063] [U] 
[ 1375.106968][T25063] [U] 
[ 1375.108124][T25063] [U] 
[ 1375.109251][T25063] [U] 
[ 1375.110336][T25063] [U] 
[ 1375.112286][T25063] [U] 
[ 1375.113399][T25063] [U] 
[ 1375.114285][T25063] [U] 
[ 1375.115188][T25063] [U] 
[ 1375.118038][T25063] [U] 
[ 1375.119123][T25063] [U] 
[ 1375.120244][T25063] [U] 
[ 1375.716965][T25061] [U] 
[ 1375.858262][T25076] netlink: 'syz.3.4887': attribute type 4 has an invalid length.
[ 1375.866395][T25076] netlink: 'syz.3.4887': attribute type 4 has an invalid length.
[ 1375.983454][T25079] FAULT_INJECTION: forcing a failure.
[ 1375.983454][T25079] name failslab, interval 1, probability 0, space 0, times 0
[ 1375.987506][T25079] CPU: 3 UID: 0 PID: 25079 Comm: syz.3.4888 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1375.987521][T25079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1375.987528][T25079] Call Trace:
[ 1375.987532][T25079]  <TASK>
[ 1375.987537][T25079]  dump_stack_lvl+0x16c/0x1f0
[ 1375.987557][T25079]  should_fail_ex+0x512/0x640
[ 1375.987572][T25079]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1375.987590][T25079]  should_failslab+0xc2/0x120
[ 1375.987601][T25079]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1375.987616][T25079]  ? __lock_acquire+0x622/0x1c90
[ 1375.987631][T25079]  ? sk_prot_alloc+0x60/0x2a0
[ 1375.987644][T25079]  sk_prot_alloc+0x60/0x2a0
[ 1375.987656][T25079]  sk_alloc+0x36/0xc20
[ 1375.987671][T25079]  unix_create1+0xa6/0x700
[ 1375.987686][T25079]  unix_create+0x10e/0x1d0
[ 1375.987700][T25079]  __sock_create+0x338/0x8d0
[ 1375.987715][T25079]  __sys_socketpair+0x1d8/0x5a0
[ 1375.987729][T25079]  ? __pfx___sys_socketpair+0x10/0x10
[ 1375.987743][T25079]  ? __pfx_ksys_write+0x10/0x10
[ 1375.987761][T25079]  __ia32_sys_socketpair+0x95/0x100
[ 1375.987774][T25079]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1375.987790][T25079]  __do_fast_syscall_32+0x7c/0x3a0
[ 1375.987808][T25079]  do_fast_syscall_32+0x32/0x80
[ 1375.987824][T25079]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1375.987838][T25079] RIP: 0023:0xf7f33579
[ 1375.987847][T25079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1375.987857][T25079] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000168
[ 1375.987868][T25079] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000000005
[ 1375.987874][T25079] RDX: 0000000000000000 RSI: 00000000800029c0 RDI: 0000000000000000
[ 1375.987880][T25079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1375.987886][T25079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1375.987892][T25079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1375.987905][T25079]  </TASK>
[ 1376.100733][T25081] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.4889'.
[ 1376.367859][T25090] FAULT_INJECTION: forcing a failure.
[ 1376.367859][T25090] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1376.374485][T25090] CPU: 3 UID: 0 PID: 25090 Comm: syz.4.4893 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1376.374501][T25090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1376.374507][T25090] Call Trace:
[ 1376.374511][T25090]  <TASK>
[ 1376.374516][T25090]  dump_stack_lvl+0x16c/0x1f0
[ 1376.374536][T25090]  should_fail_ex+0x512/0x640
[ 1376.374554][T25090]  should_fail_alloc_page+0xe7/0x130
[ 1376.374566][T25090]  prepare_alloc_pages+0x3c2/0x610
[ 1376.374582][T25090]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1376.374600][T25090]  ? kasan_quarantine_put+0x10a/0x240
[ 1376.374615][T25090]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1376.374632][T25090]  ? kmem_cache_free+0x2d1/0x4d0
[ 1376.374647][T25090]  ? mt_destroy_walk+0xbd3/0x1020
[ 1376.374663][T25090]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1376.374680][T25090]  ? mt_destroy_walk+0x1d4/0x1020
[ 1376.374697][T25090]  ? __pfx_mt_destroy_walk+0x10/0x10
[ 1376.374714][T25090]  ? uprobe_mmap+0x133/0x10e0
[ 1376.374725][T25090]  ? vma_wants_writenotify+0x10b/0x390
[ 1376.374740][T25090]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1376.374757][T25090]  ? policy_nodemask+0xea/0x4e0
[ 1376.374769][T25090]  alloc_pages_mpol+0x1fb/0x550
[ 1376.374780][T25090]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1376.374791][T25090]  ? __thp_vma_allowable_orders+0x1c5/0xb10
[ 1376.374806][T25090]  alloc_pages_noprof+0x131/0x390
[ 1376.374816][T25090]  pte_alloc_one+0x1c/0x3a0
[ 1376.374827][T25090]  __handle_mm_fault+0x3a68/0x5490
[ 1376.374845][T25090]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1376.374870][T25090]  handle_mm_fault+0x589/0xd10
[ 1376.374887][T25090]  __get_user_pages+0x589/0x3b80
[ 1376.374903][T25090]  ? __pfx_mt_find+0x10/0x10
[ 1376.374913][T25090]  ? __pfx___get_user_pages+0x10/0x10
[ 1376.374930][T25090]  populate_vma_page_range+0x278/0x3a0
[ 1376.374944][T25090]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1376.374956][T25090]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1376.374969][T25090]  ? do_mmap+0x69c/0x1210
[ 1376.374981][T25090]  __mm_populate+0x1d8/0x380
[ 1376.374995][T25090]  ? __pfx___mm_populate+0x10/0x10
[ 1376.375008][T25090]  ? up_write+0x1b2/0x520
[ 1376.375025][T25090]  vm_mmap_pgoff+0x362/0x450
[ 1376.375038][T25090]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1376.375051][T25090]  ? __fget_files+0x20e/0x3c0
[ 1376.375068][T25090]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1376.375079][T25090]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[ 1376.375095][T25090]  __do_fast_syscall_32+0x7c/0x3a0
[ 1376.375112][T25090]  do_fast_syscall_32+0x32/0x80
[ 1376.375128][T25090]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1376.375142][T25090] RIP: 0023:0xf7ff1579
[ 1376.375150][T25090] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1376.375161][T25090] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[ 1376.375171][T25090] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000b36000
[ 1376.375178][T25090] RDX: 0000000000000002 RSI: 0000000000028011 RDI: 0000000000000003
[ 1376.375184][T25090] RBP: 0000000000004000 R08: 0000000000000000 R09: 0000000000000000
[ 1376.375190][T25090] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1376.375197][T25090] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1376.375209][T25090]  </TASK>
[ 1376.520315][T25093] netlink: 'syz.1.4895': attribute type 11 has an invalid length.
[ 1376.522888][T25093] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4895'.
[ 1377.018688][T25098] lo speed is unknown, defaulting to 1000
[ 1377.088222][T25099] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4896'.
[ 1377.370583][T25099] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1377.707889][T25115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4900'.
[ 1378.497612][T25126] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1378.869660][T25131] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 1378.871779][T25131] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1378.875119][T25131] vhci_hcd vhci_hcd.0: Device attached
[ 1378.878889][T25132] usbip_core: unknown command
[ 1378.881455][T25132] vhci_hcd: unknown pdu 0
[ 1378.882819][T25132] usbip_core: unknown command
[ 1378.900364][ T1229] vhci_hcd: stop threads
[ 1378.910440][ T1229] vhci_hcd: release socket
[ 1378.920577][ T1229] vhci_hcd: disconnect device
[ 1379.053941][T25137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4905'.
[ 1379.186163][T25139] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1379.188310][T25139] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1379.200779][T25139] vhci_hcd vhci_hcd.0: Device attached
[ 1379.222949][T25142] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1379.225672][T25142] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1379.230112][T25140] usbip_core: unknown command
[ 1379.231867][T25140] vhci_hcd: unknown pdu 0
[ 1379.233451][T25140] usbip_core: unknown command
[ 1379.237002][ T7284] vhci_hcd: stop threads
[ 1379.238767][ T7284] vhci_hcd: release socket
[ 1379.240708][T25142] vhci_hcd vhci_hcd.0: Device attached
[ 1379.243266][ T7284] vhci_hcd: disconnect device
[ 1379.492734][T25149] netlink: 'syz.0.4906': attribute type 10 has an invalid length.
[ 1379.496527][T25149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4906'.
[ 1379.561111][T25150] netlink: 'syz.3.4907': attribute type 10 has an invalid length.
[ 1379.564892][T25150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4907'.
[ 1380.831297][   T54] usb 43-1: new high-speed USB device number 11 using vhci_hcd
[ 1380.863249][T25144] vhci_hcd: connection reset by peer
[ 1380.865392][   T91] vhci_hcd: stop threads
[ 1380.866754][   T91] vhci_hcd: release socket
[ 1380.875548][   T91] vhci_hcd: disconnect device
[ 1382.069001][T25159] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[ 1382.073784][T25159] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[ 1382.596391][T25171] bond0: entered promiscuous mode
[ 1382.598580][T25171] bond0: entered allmulticast mode
[ 1382.601593][T25171] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1382.608132][T25171] nbd: nbd0 already in use
[ 1383.121316][T25176] syzkaller1: entered promiscuous mode
[ 1383.129060][T25176] syzkaller1: entered allmulticast mode
[ 1383.157264][T25184] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1383.159529][T25184] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1383.163365][T25184] vhci_hcd vhci_hcd.0: Device attached
[ 1383.167544][T25185] usbip_core: unknown command
[ 1383.168898][T25185] vhci_hcd: unknown pdu 0
[ 1383.170238][T25185] usbip_core: unknown command
[ 1383.173112][T17758] vhci_hcd: stop threads
[ 1383.174466][T17758] vhci_hcd: release socket
[ 1383.182721][T17758] vhci_hcd: disconnect device
[ 1383.193986][T25182] 9p: Unknown uid 00000000004294967295
[ 1383.379577][T25192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4917'.
[ 1383.654918][T25176] netlink: 'syz.0.4914': attribute type 1 has an invalid length.
[ 1384.131148][T25176] bond2: entered promiscuous mode
[ 1384.133891][T25176] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1384.185045][T25180] bond2: (slave veth5): making interface the new active one
[ 1384.187728][T25180] veth5: entered promiscuous mode
[ 1384.190676][T25180] bond2: (slave veth5): Enslaving as an active interface with an up link
[ 1384.379951][T25202] netlink: 'syz.0.4920': attribute type 4 has an invalid length.
[ 1384.383508][T25202] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4920'.
[ 1384.390590][T25202] : renamed from bond0 (while UP)
[ 1384.595818][T25206] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4921'.
[ 1385.400986][T25221] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1385.403693][T25221] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1385.439534][T25221] vhci_hcd vhci_hcd.0: Device attached
[ 1385.450356][T25214] e1000e 0000:00:02.0 eth1: NIC Link is Down
[ 1385.708137][T25230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4926'.
[ 1386.210566][T25249] mkiss: ax0: crc mode is auto.
[ 1387.299178][T25222] vhci_hcd: connection reset by peer
[ 1387.301129][T17758] vhci_hcd: stop threads
[ 1387.303571][T17758] vhci_hcd: release socket
[ 1387.306126][T17758] vhci_hcd: disconnect device
[ 1387.371326][   T54] vhci_hcd: vhci_device speed not set
[ 1388.349579][   T40] audit: type=1326 audit(2000262999.618:8212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25299 comm="syz.3.4939" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f33579 code=0x0
[ 1389.108328][T25312] netlink: 'syz.1.4940': attribute type 4 has an invalid length.
[ 1389.206211][T25314] FAULT_INJECTION: forcing a failure.
[ 1389.206211][T25314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1389.210261][T25314] CPU: 0 UID: 0 PID: 25314 Comm: syz.0.4943 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1389.210276][T25314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1389.210283][T25314] Call Trace:
[ 1389.210290][T25314]  <TASK>
[ 1389.210294][T25314]  dump_stack_lvl+0x16c/0x1f0
[ 1389.210314][T25314]  should_fail_ex+0x512/0x640
[ 1389.210331][T25314]  _copy_to_user+0x32/0xd0
[ 1389.210349][T25314]  simple_read_from_buffer+0xcb/0x170
[ 1389.210365][T25314]  proc_fail_nth_read+0x197/0x270
[ 1389.210379][T25314]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1389.210392][T25314]  ? rw_verify_area+0xcf/0x680
[ 1389.210405][T25314]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1389.210418][T25314]  vfs_read+0x1e4/0xc60
[ 1389.210434][T25314]  ? fdget_pos+0x2a2/0x370
[ 1389.210452][T25314]  ? __pfx_vfs_read+0x10/0x10
[ 1389.210465][T25314]  ? find_held_lock+0x2b/0x80
[ 1389.210481][T25314]  ? __fget_files+0x20e/0x3c0
[ 1389.210499][T25314]  ksys_read+0x12a/0x250
[ 1389.210513][T25314]  ? __pfx_ksys_read+0x10/0x10
[ 1389.210529][T25314]  ? rcu_is_watching+0x12/0xc0
[ 1389.210543][T25314]  __do_fast_syscall_32+0x7c/0x3a0
[ 1389.210560][T25314]  do_fast_syscall_32+0x32/0x80
[ 1389.210576][T25314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1389.210590][T25314] RIP: 0023:0xf70ce579
[ 1389.210598][T25314] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1389.210609][T25314] RSP: 002b:00000000f50be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1389.210619][T25314] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50be620
[ 1389.210626][T25314] RDX: 000000000000000f RSI: 00000000f7433ff4 RDI: 0000000000000000
[ 1389.210632][T25314] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1389.210638][T25314] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1389.210644][T25314] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1389.210657][T25314]  </TASK>
[ 1389.461572][T25316] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1389.464321][T25316] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1389.467768][T25316] vhci_hcd vhci_hcd.0: Device attached
[ 1389.510209][T25316] netdevsim netdevsim1: Direct firmware load for @ failed with error -2
[ 1389.513208][T25316] netdevsim netdevsim1: Falling back to sysfs fallback for: @
[ 1389.585869][T25321] vhci_hcd: connection closed
[ 1389.586086][   T12] vhci_hcd: stop threads
[ 1389.588875][   T12] vhci_hcd: release socket
[ 1389.590301][   T12] vhci_hcd: disconnect device
[ 1389.599836][T25327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4945'.
[ 1389.626314][T25332] FAULT_INJECTION: forcing a failure.
[ 1389.626314][T25332] name failslab, interval 1, probability 0, space 0, times 0
[ 1389.630282][T25332] CPU: 3 UID: 0 PID: 25332 Comm: syz.4.4946 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1389.630297][T25332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1389.630304][T25332] Call Trace:
[ 1389.630309][T25332]  <TASK>
[ 1389.630313][T25332]  dump_stack_lvl+0x16c/0x1f0
[ 1389.630333][T25332]  should_fail_ex+0x512/0x640
[ 1389.630348][T25332]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1389.630366][T25332]  should_failslab+0xc2/0x120
[ 1389.630377][T25332]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1389.630394][T25332]  ? __alloc_skb+0x2b2/0x380
[ 1389.630408][T25332]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1389.630422][T25332]  __alloc_skb+0x2b2/0x380
[ 1389.630436][T25332]  ? __pfx___alloc_skb+0x10/0x10
[ 1389.630455][T25332]  netlink_alloc_large_skb+0x69/0x130
[ 1389.630468][T25332]  netlink_sendmsg+0x6a1/0xdd0
[ 1389.630481][T25332]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1389.630493][T25332]  ? __import_iovec+0x1dd/0x650
[ 1389.630507][T25332]  ____sys_sendmsg+0xa95/0xc70
[ 1389.630520][T25332]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1389.630531][T25332]  ? get_compat_msghdr+0x11a/0x170
[ 1389.630553][T25332]  ___sys_sendmsg+0x134/0x1d0
[ 1389.630569][T25332]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1389.630591][T25332]  ? find_held_lock+0x2b/0x80
[ 1389.630610][T25332]  __sys_sendmsg+0x16d/0x220
[ 1389.630626][T25332]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1389.630647][T25332]  ? rcu_is_watching+0x12/0xc0
[ 1389.630660][T25332]  __do_fast_syscall_32+0x7c/0x3a0
[ 1389.630677][T25332]  do_fast_syscall_32+0x32/0x80
[ 1389.630694][T25332]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1389.630707][T25332] RIP: 0023:0xf7ff1579
[ 1389.630716][T25332] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1389.630726][T25332] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1389.630737][T25332] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1389.630743][T25332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1389.630749][T25332] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1389.630755][T25332] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1389.630762][T25332] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1389.630775][T25332]  </TASK>
[ 1389.959880][T25346] syzkaller0: entered allmulticast mode
[ 1389.998346][T25340] netlink: 'syz.4.4948': attribute type 10 has an invalid length.
[ 1390.006219][T25340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4948'.
[ 1390.064641][T25340] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.191135][T25340] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.298737][T25340] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.377292][T25340] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.545346][T25340] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1390.556635][T25340] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1390.578692][T25340] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1390.601646][T25340] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1392.053297][T25399] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4966'.
[ 1392.135834][T25403] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4968'.
[ 1392.389308][T25413] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1392.439415][T25413] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1392.881643][T25413] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1393.100222][T25413] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1393.221942][T25423] vivid-007: =================  START STATUS  =================
[ 1393.224523][T25423] vivid-007: Enable Output Cropping: true
[ 1393.226495][T25423] vivid-007: Enable Output Composing: true
[ 1393.228710][T25423] vivid-007: Enable Output Scaler: true
[ 1393.231463][T25423] vivid-007: Tx RGB Quantization Range: Automatic
[ 1393.233927][T25423] vivid-007: Transmit Mode: HDMI
[ 1393.235662][T25423] vivid-007: Hotplug Present: 0x00000000
[ 1393.237458][T25423] vivid-007: RxSense Present: 0x00000000
[ 1393.239280][T25423] vivid-007: EDID Present: 0x00000000
[ 1393.241014][T25423] vivid-007: ==================  END STATUS  ==================
[ 1394.187139][T25431] input: syz0 as /devices/virtual/input/input33
[ 1394.204207][T25246] udevd[25246]: setting mode of /dev/input/event3 to 020660 failed: Read-only file system
[ 1394.207418][T25246] udevd[25246]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: Read-only file system
[ 1394.329326][T25413] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1394.343574][T25413] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1394.350381][T25413] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1394.358049][T25413] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1394.413620][T25442] FAULT_INJECTION: forcing a failure.
[ 1394.413620][T25442] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1394.417685][T25442] CPU: 0 UID: 0 PID: 25442 Comm: syz.3.4980 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1394.417700][T25442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1394.417707][T25442] Call Trace:
[ 1394.417711][T25442]  <TASK>
[ 1394.417716][T25442]  dump_stack_lvl+0x16c/0x1f0
[ 1394.417735][T25442]  should_fail_ex+0x512/0x640
[ 1394.417754][T25442]  _copy_to_user+0x32/0xd0
[ 1394.417772][T25442]  simple_read_from_buffer+0xcb/0x170
[ 1394.417788][T25442]  proc_fail_nth_read+0x197/0x270
[ 1394.417801][T25442]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1394.417815][T25442]  ? rw_verify_area+0xcf/0x680
[ 1394.417829][T25442]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1394.417841][T25442]  vfs_read+0x1e4/0xc60
[ 1394.417856][T25442]  ? fdget_pos+0x2a2/0x370
[ 1394.417873][T25442]  ? __pfx_vfs_read+0x10/0x10
[ 1394.417886][T25442]  ? find_held_lock+0x2b/0x80
[ 1394.417906][T25442]  ? __fget_files+0x20e/0x3c0
[ 1394.417924][T25442]  ksys_read+0x12a/0x250
[ 1394.417938][T25442]  ? __pfx_ksys_read+0x10/0x10
[ 1394.417954][T25442]  ? rcu_is_watching+0x12/0xc0
[ 1394.417968][T25442]  __do_fast_syscall_32+0x7c/0x3a0
[ 1394.417985][T25442]  do_fast_syscall_32+0x32/0x80
[ 1394.418002][T25442]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1394.418016][T25442] RIP: 0023:0xf7f33579
[ 1394.418024][T25442] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1394.418035][T25442] RSP: 002b:00000000f5056590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1394.418045][T25442] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5056620
[ 1394.418052][T25442] RDX: 000000000000000f RSI: 00000000f73c3ff4 RDI: 0000000000000000
[ 1394.418058][T25442] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1394.418064][T25442] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1394.418071][T25442] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1394.418084][T25442]  </TASK>
[ 1394.482253][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1394.508798][T25445] netlink: 6 bytes leftover after parsing attributes in process `syz.3.4981'.
[ 1394.634695][T25452] 9pnet_fd: Insufficient options for proto=fd
[ 1395.316931][T25462] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1395.318991][T25462] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1395.322457][T25462] vhci_hcd vhci_hcd.0: Device attached
[ 1395.326453][T25463] usbip_core: unknown command
[ 1395.327966][T25463] vhci_hcd: unknown pdu 0
[ 1395.329330][T25463] usbip_core: unknown command
[ 1395.331890][ T1138] vhci_hcd: stop threads
[ 1395.333317][ T1138] vhci_hcd: release socket
[ 1395.334857][ T1138] vhci_hcd: disconnect device
[ 1395.510069][T25473] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4987'.
[ 1396.821309][T24189] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[ 1396.971242][T24189] usb 8-1: Using ep0 maxpacket: 8
[ 1396.974710][T24189] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1396.978021][T24189] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1396.980860][T24189] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1396.985133][T24189] usb 8-1: config 0 descriptor??
[ 1397.190496][T24189] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1397.393955][T25484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1397.397223][T25484] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1397.604174][T24090] usb 8-1: USB disconnect, device number 31
[ 1398.414808][T25515] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1398.416857][T25515] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1398.419247][T25515] vhci_hcd vhci_hcd.0: Device attached
[ 1398.424359][T25516] usbip_core: unknown command
[ 1398.425938][T25516] vhci_hcd: unknown pdu 0
[ 1398.427355][T25516] usbip_core: unknown command
[ 1398.430325][ T1138] vhci_hcd: stop threads
[ 1398.431753][ T1138] vhci_hcd: release socket
[ 1398.433374][ T1138] vhci_hcd: disconnect device
[ 1398.481285][T12461] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[ 1398.549055][T25519] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5002'.
[ 1398.643106][T12461] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1398.645944][T12461] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1398.649123][T12461] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1398.652013][T12461] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1398.656411][T12461] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[ 1398.661308][T12461] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1398.664217][T12461] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1398.666916][T12461] usb 6-1: Product: syz
[ 1398.668485][T12461] usb 6-1: Manufacturer: syz
[ 1398.676758][T12461] cdc_wdm 6-1:1.0: skipping garbage
[ 1398.678452][T12461] cdc_wdm 6-1:1.0: skipping garbage
[ 1398.684490][T12461] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 1398.686402][T12461] cdc_wdm 6-1:1.0: Unknown control protocol
[ 1398.889007][T23244] usb 6-1: USB disconnect, device number 42
[ 1399.311782][T25535] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1399.314423][T25535] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1399.316910][T25535] vhci_hcd vhci_hcd.0: Device attached
[ 1399.322969][T25536] usbip_core: unknown command
[ 1399.324500][T25536] vhci_hcd: unknown pdu 0
[ 1399.325868][T25536] usbip_core: unknown command
[ 1399.327630][   T12] vhci_hcd: stop threads
[ 1399.329579][   T12] vhci_hcd: release socket
[ 1399.333934][   T12] vhci_hcd: disconnect device
[ 1399.415718][T25538] bond2: (slave veth5): Releasing backup interface
[ 1399.417707][T25538] veth5: left promiscuous mode
[ 1399.485349][T25538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5006'.
[ 1399.764143][T25542] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5007'.
[ 1400.294402][T25552] 9pnet_fd: Insufficient options for proto=fd
[ 1400.842909][T25561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5013'.
[ 1401.219368][T25561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5013'.
[ 1401.278503][T25566] netlink: 'syz.4.5013': attribute type 1 has an invalid length.
[ 1401.302420][T25566] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1401.713364][T25580] netlink: 'syz.1.5018': attribute type 1 has an invalid length.
[ 1401.736297][T25580] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1401.740539][T25580] bond1: (slave vxcan3): Error -95 calling set_mac_address
[ 1402.962475][T25594] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[ 1402.972121][T25594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5021'.
[ 1403.254047][T25605] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1403.256680][T25605] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1403.268340][T25605] vhci_hcd vhci_hcd.0: Device attached
[ 1403.275035][T25606] usbip_core: unknown command
[ 1403.277913][T25606] vhci_hcd: unknown pdu 0
[ 1403.279817][T25606] usbip_core: unknown command
[ 1403.282694][ T1138] vhci_hcd: stop threads
[ 1403.286746][ T1138] vhci_hcd: release socket
[ 1403.290157][ T1138] vhci_hcd: disconnect device
[ 1403.549370][T25618] netlink: 'syz.3.5025': attribute type 10 has an invalid length.
[ 1403.554583][T25618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5025'.
[ 1405.447135][T25645] lo speed is unknown, defaulting to 1000
[ 1405.804103][T25654] hpfs: hpfs_map_sector(): read error
[ 1406.451887][T25685] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5049'.
[ 1406.454825][T25685] bond0: entered promiscuous mode
[ 1406.456409][T25685] bond0: entered allmulticast mode
[ 1406.458602][T25685] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1406.552265][T25683] overlay: Unknown parameter 'fowner>00000000000000000000'
[ 1406.950461][ T5969] Bluetooth: hci2: link tx timeout
[ 1406.953562][ T5969] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1406.964262][T21421] Bluetooth: hci2: link tx timeout
[ 1406.966357][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1406.970110][T21421] Bluetooth: hci2: link tx timeout
[ 1406.972484][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1406.975415][T21421] Bluetooth: hci2: link tx timeout
[ 1406.977920][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1406.981527][T21421] Bluetooth: hci2: link tx timeout
[ 1406.983610][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1406.987296][T21421] Bluetooth: hci2: link tx timeout
[ 1406.989754][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1406.994307][T21421] Bluetooth: hci2: link tx timeout
[ 1406.996370][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1407.002351][T21421] Bluetooth: hci2: link tx timeout
[ 1407.004449][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1407.007700][T21421] Bluetooth: hci2: link tx timeout
[ 1407.009760][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1407.013059][T21421] Bluetooth: hci2: link tx timeout
[ 1407.015253][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1407.018440][T21421] Bluetooth: hci2: link tx timeout
[ 1407.020682][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1407.024013][T21421] Bluetooth: hci2: link tx timeout
[ 1407.026466][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1407.029489][T21421] Bluetooth: hci2: link tx timeout
[ 1407.031676][T21421] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1408.048205][T25720] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1408.050300][T25720] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1408.053905][T25720] vhci_hcd vhci_hcd.0: Device attached
[ 1408.057727][T25721] usbip_core: unknown command
[ 1408.059424][T25721] vhci_hcd: unknown pdu 0
[ 1408.060830][T25721] usbip_core: unknown command
[ 1408.065313][ T1138] vhci_hcd: stop threads
[ 1408.066637][ T1138] vhci_hcd: release socket
[ 1408.067904][ T1138] vhci_hcd: disconnect device
[ 1408.103792][T25724] tipc: Started in network mode
[ 1408.105772][T25724] tipc: Node identity d214eecc9ed5, cluster identity 4711
[ 1408.108767][T25724] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1408.113825][T25724] syzkaller0: entered promiscuous mode
[ 1408.115682][T25724] syzkaller0: entered allmulticast mode
[ 1408.161335][T25724] tipc: Resetting bearer <eth:syzkaller0>
[ 1408.174068][T25723] tipc: Resetting bearer <eth:syzkaller0>
[ 1408.192701][T25723] tipc: Disabling bearer <eth:syzkaller0>
[ 1408.241530][T25733] netlink: 'syz.4.5058': attribute type 10 has an invalid length.
[ 1408.247817][T25733] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5058'.
[ 1409.021309][T21421] Bluetooth: hci2: command 0x0406 tx timeout
[ 1409.798922][T25740] 9pnet_fd: Insufficient options for proto=fd
[ 1409.893209][T25744] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1409.896474][T25744] syzkaller0: entered promiscuous mode
[ 1409.898700][T25744] syzkaller0: entered allmulticast mode
[ 1410.048291][T25743] tipc: Resetting bearer <eth:syzkaller0>
[ 1410.058974][T25743] tipc: Disabling bearer <eth:syzkaller0>
[ 1410.409002][T25760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5068'.
[ 1411.111359][   T40] audit: type=1326 audit(2000263022.378:8213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25765 comm="syz.3.5069" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f33579 code=0x0
[ 1412.389682][T25777] netlink: 'syz.1.5072': attribute type 4 has an invalid length.
[ 1412.393255][T25777] netlink: 'syz.1.5072': attribute type 4 has an invalid length.
[ 1412.461353][T21421] Bluetooth: hci4: command 0x1003 tx timeout
[ 1412.461382][ T5969] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1412.695948][T25790] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5076'.
[ 1412.726825][T25790] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1413.196600][T25806] nvme_fabrics: missing parameter 'transport=%s'
[ 1413.198676][T25806] nvme_fabrics: missing parameter 'nqn=%s'
[ 1413.335214][T25812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5080'.
[ 1413.338012][T25812] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5080'.
[ 1413.340756][T25812] netlink: 'syz.3.5080': attribute type 20 has an invalid length.
[ 1413.481888][T12461] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1413.641274][T12461] usb 9-1: Using ep0 maxpacket: 16
[ 1413.644453][T12461] usb 9-1: config 0 has no interfaces?
[ 1413.647965][T12461] usb 9-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[ 1413.650904][T12461] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1413.656956][T12461] usb 9-1: Product: syz
[ 1413.658710][T12461] usb 9-1: Manufacturer: syz
[ 1413.660629][T12461] usb 9-1: SerialNumber: syz
[ 1413.663703][T12461] usb 9-1: config 0 descriptor??
[ 1413.681525][T25820] FAULT_INJECTION: forcing a failure.
[ 1413.681525][T25820] name failslab, interval 1, probability 0, space 0, times 0
[ 1413.686820][T25820] CPU: 3 UID: 0 PID: 25820 Comm: syz.0.5084 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1413.686836][T25820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1413.686843][T25820] Call Trace:
[ 1413.686847][T25820]  <TASK>
[ 1413.686852][T25820]  dump_stack_lvl+0x16c/0x1f0
[ 1413.686872][T25820]  should_fail_ex+0x512/0x640
[ 1413.686890][T25820]  should_failslab+0xc2/0x120
[ 1413.686902][T25820]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1413.686917][T25820]  ? sctp_add_bind_addr+0xae/0x3f0
[ 1413.686934][T25820]  sctp_add_bind_addr+0xae/0x3f0
[ 1413.686951][T25820]  sctp_copy_local_addr_list+0x39d/0x5a0
[ 1413.686964][T25820]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1413.686976][T25820]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[ 1413.686992][T25820]  ? sctp_bind_addr_copy+0xe0/0x530
[ 1413.687008][T25820]  sctp_bind_addr_copy+0xe0/0x530
[ 1413.687026][T25820]  sctp_connect_new_asoc+0x1d7/0x790
[ 1413.687040][T25820]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1413.687054][T25820]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[ 1413.687067][T25820]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1413.687081][T25820]  sctp_sendmsg+0x15f9/0x1ee0
[ 1413.687097][T25820]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1413.687111][T25820]  ? __pfx___might_resched+0x10/0x10
[ 1413.687127][T25820]  ? find_held_lock+0x2b/0x80
[ 1413.687139][T25820]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1413.687153][T25820]  ? __import_iovec+0x1dd/0x650
[ 1413.687163][T25820]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1413.687176][T25820]  inet_sendmsg+0x119/0x140
[ 1413.687192][T25820]  ____sys_sendmsg+0x973/0xc70
[ 1413.687206][T25820]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1413.687217][T25820]  ? get_compat_msghdr+0x11a/0x170
[ 1413.687235][T25820]  ? __pfx__kstrtoull+0x10/0x10
[ 1413.687250][T25820]  ___sys_sendmsg+0x134/0x1d0
[ 1413.687267][T25820]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1413.687281][T25820]  ? __lock_acquire+0x622/0x1c90
[ 1413.687312][T25820]  __sys_sendmmsg+0x2f9/0x420
[ 1413.687329][T25820]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1413.687349][T25820]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1413.687371][T25820]  ? fput+0x70/0xf0
[ 1413.687381][T25820]  ? ksys_write+0x1ac/0x250
[ 1413.687396][T25820]  ? __pfx_ksys_write+0x10/0x10
[ 1413.687413][T25820]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[ 1413.687430][T25820]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1413.687446][T25820]  __do_fast_syscall_32+0x7c/0x3a0
[ 1413.687464][T25820]  do_fast_syscall_32+0x32/0x80
[ 1413.687480][T25820]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1413.687494][T25820] RIP: 0023:0xf70ce579
[ 1413.687503][T25820] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1413.687514][T25820] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[ 1413.687525][T25820] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003780
[ 1413.687531][T25820] RDX: 0000000000000001 RSI: 000000000000c044 RDI: 0000000000000000
[ 1413.687538][T25820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1413.687544][T25820] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1413.687550][T25820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1413.687563][T25820]  </TASK>
[ 1413.921422][T25829] input: syz0 as /devices/virtual/input/input34
[ 1413.974669][T25246] udevd[25246]: setting mode of /dev/input/event3 to 020660 failed: Read-only file system
[ 1413.984639][T25246] udevd[25246]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: Read-only file system
[ 1414.175916][   T54] usb 9-1: USB disconnect, device number 10
[ 1414.385292][T25846] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5090'.
[ 1414.856497][T25827] ALSA: mixer_oss: invalid OSS volume ''
[ 1415.355093][T25872] netlink: 256 bytes leftover after parsing attributes in process `syz.0.5095'.
[ 1416.125987][T25918] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5111'.
[ 1416.137513][T25918] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5111'.
[ 1416.140270][T25918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5111'.
[ 1416.175423][T25923] ubi31: attaching mtd0
[ 1416.179721][T25923] ubi31: scanning is finished
[ 1416.182201][T25923] ubi31: empty MTD device detected
[ 1416.190114][T25920] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5110'.
[ 1416.257281][T25923] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1416.260428][T25923] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1416.265046][T25923] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1416.269458][T25923] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1416.274142][T25923] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1416.278129][T25923] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1416.282401][T25923] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2465810551
[ 1416.286795][T25923] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1416.293485][T25927] ubi31: background thread "ubi_bgt31d" started, PID 25927
[ 1416.790999][T25950] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5116'.
[ 1417.073078][T25955] netlink: 'syz.4.5121': attribute type 4 has an invalid length.
[ 1417.081853][T25955] netlink: 'syz.4.5121': attribute type 4 has an invalid length.
[ 1417.368859][T25967] IPVS: Error connecting to the multicast addr
[ 1417.379452][   T40] audit: type=1326 audit(2000263028.648:8214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.387734][   T40] audit: type=1326 audit(2000263028.648:8215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.395714][   T40] audit: type=1326 audit(2000263028.658:8216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.411487][   T40] audit: type=1326 audit(2000263028.658:8217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.419134][   T40] audit: type=1326 audit(2000263028.658:8218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.427618][   T40] audit: type=1326 audit(2000263028.668:8219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.434759][   T40] audit: type=1326 audit(2000263028.668:8220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.441028][   T40] audit: type=1326 audit(2000263028.668:8221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.451854][   T40] audit: type=1326 audit(2000263028.668:8222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.460708][   T40] audit: type=1326 audit(2000263028.678:8223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25963 comm="syz.0.5123" exe="/syz-executor" sig=0 arch=40000003 syscall=95 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1417.556359][T25972] syzkaller1: entered promiscuous mode
[ 1417.558157][T25972] syzkaller1: entered allmulticast mode
[ 1418.250172][T25993] FAULT_INJECTION: forcing a failure.
[ 1418.250172][T25993] name failslab, interval 1, probability 0, space 0, times 0
[ 1418.255317][T25993] CPU: 1 UID: 0 PID: 25993 Comm: syz.0.5131 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1418.255345][T25993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1418.255352][T25993] Call Trace:
[ 1418.255356][T25993]  <TASK>
[ 1418.255361][T25993]  dump_stack_lvl+0x16c/0x1f0
[ 1418.255388][T25993]  should_fail_ex+0x512/0x640
[ 1418.255410][T25993]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1418.255438][T25993]  should_failslab+0xc2/0x120
[ 1418.255455][T25993]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1418.255482][T25993]  ? __pfx___might_resched+0x10/0x10
[ 1418.255505][T25993]  ? alloc_vmap_area+0xdc8/0x29c0
[ 1418.255529][T25993]  alloc_vmap_area+0xdc8/0x29c0
[ 1418.255559][T25993]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1418.255586][T25993]  __get_vm_area_node+0x1ca/0x330
[ 1418.255606][T25993]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1418.255620][T25993]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1418.255635][T25993]  ? trace_sched_exit_tp+0xde/0x130
[ 1418.255648][T25993]  ? __schedule+0x1181/0x5de0
[ 1418.255664][T25993]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1418.255679][T25993]  ? find_held_lock+0x2b/0x80
[ 1418.255695][T25993]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1418.255709][T25993]  ? __pfx___schedule+0x10/0x10
[ 1418.255724][T25993]  ? _copy_from_user+0x59/0xd0
[ 1418.255741][T25993]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1418.255755][T25993]  __vmalloc_node_noprof+0xad/0xf0
[ 1418.255768][T25993]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1418.255783][T25993]  bpf_prog_alloc_no_stats+0x54/0x630
[ 1418.255801][T25993]  bpf_prog_alloc+0x3b/0x230
[ 1418.255816][T25993]  __get_filter+0x112/0x2d0
[ 1418.255834][T25993]  sk_attach_filter+0x1e/0x180
[ 1418.255846][T25993]  sk_setsockopt+0x2e40/0x3e40
[ 1418.255859][T25993]  ? __pfx_sk_setsockopt+0x10/0x10
[ 1418.255871][T25993]  ? aa_sk_perm+0x2f4/0xb10
[ 1418.255885][T25993]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1418.255898][T25993]  ? __schedule+0x1181/0x5de0
[ 1418.255915][T25993]  do_sock_setsockopt+0x3f2/0x470
[ 1418.255926][T25993]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1418.255944][T25993]  __sys_setsockopt+0x120/0x1a0
[ 1418.255961][T25993]  __ia32_sys_setsockopt+0xbc/0x160
[ 1418.255975][T25993]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1418.255990][T25993]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1418.256006][T25993]  __do_fast_syscall_32+0x7c/0x3a0
[ 1418.256023][T25993]  do_fast_syscall_32+0x32/0x80
[ 1418.256043][T25993]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1418.256057][T25993] RIP: 0023:0xf70ce579
[ 1418.256066][T25993] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1418.256076][T25993] RSP: 002b:00000000f507c55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[ 1418.256087][T25993] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000001
[ 1418.256093][T25993] RDX: 000000000000001a RSI: 0000000080000040 RDI: 0000000000000008
[ 1418.256100][T25993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1418.256105][T25993] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1418.256111][T25993] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1418.256124][T25993]  </TASK>
[ 1418.266427][T25996] FAULT_INJECTION: forcing a failure.
[ 1418.266427][T25996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1418.366474][T25996] CPU: 0 UID: 0 PID: 25996 Comm: syz.4.5132 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1418.366490][T25996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1418.366496][T25996] Call Trace:
[ 1418.366501][T25996]  <TASK>
[ 1418.366505][T25996]  dump_stack_lvl+0x16c/0x1f0
[ 1418.366526][T25996]  should_fail_ex+0x512/0x640
[ 1418.366544][T25996]  _copy_from_user+0x2e/0xd0
[ 1418.366561][T25996]  kstrtouint_from_user+0xd6/0x1d0
[ 1418.366574][T25996]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1418.366586][T25996]  ? __lock_acquire+0xb8a/0x1c90
[ 1418.366607][T25996]  proc_fail_nth_write+0x83/0x250
[ 1418.366621][T25996]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1418.366637][T25996]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1418.366649][T25996]  vfs_write+0x29d/0x1150
[ 1418.366667][T25996]  ? __pfx_vfs_write+0x10/0x10
[ 1418.366680][T25996]  ? find_held_lock+0x2b/0x80
[ 1418.366695][T25996]  ? __fget_files+0x20e/0x3c0
[ 1418.366713][T25996]  ksys_write+0x12a/0x250
[ 1418.366727][T25996]  ? __pfx_ksys_write+0x10/0x10
[ 1418.366743][T25996]  ? rcu_is_watching+0x12/0xc0
[ 1418.366757][T25996]  __do_fast_syscall_32+0x7c/0x3a0
[ 1418.366774][T25996]  do_fast_syscall_32+0x32/0x80
[ 1418.366790][T25996]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1418.366804][T25996] RIP: 0023:0xf7ff1579
[ 1418.366813][T25996] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1418.366824][T25996] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 1418.366834][T25996] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5116620
[ 1418.366841][T25996] RDX: 0000000000000001 RSI: 00000000f7483ff4 RDI: 0000000000000000
[ 1418.366847][T25996] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1418.366853][T25996] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1418.366859][T25996] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1418.366872][T25996]  </TASK>
[ 1418.474273][T25246] udevd[25246]: symlink '../../loop8' '/dev/disk/by-diskseq/74.tmp-b7:8' failed: Read-only file system
[ 1418.654300][T26011] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1418.656590][T26011] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1418.659341][T26011] vhci_hcd vhci_hcd.0: Device attached
[ 1418.664408][T26012] usbip_core: unknown command
[ 1418.666395][T26012] vhci_hcd: unknown pdu 0
[ 1418.668156][T26012] usbip_core: unknown command
[ 1418.673812][   T91] vhci_hcd: stop threads
[ 1418.675574][   T91] vhci_hcd: release socket
[ 1418.677422][   T91] vhci_hcd: disconnect device
[ 1418.844480][T26017] netlink: 'syz.3.5138': attribute type 10 has an invalid length.
[ 1418.848874][T26017] bond0: left promiscuous mode
[ 1418.851133][T26017] bond0: left allmulticast mode
[ 1420.962946][T26023] sd 0:0:0:0: PR command failed: 1026
[ 1420.964664][T26023] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[ 1420.966745][T26023] sd 0:0:0:0: Add. Sense: Invalid command operation code
[ 1421.540309][T26058] FAULT_INJECTION: forcing a failure.
[ 1421.540309][T26058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1421.544429][T26058] CPU: 1 UID: 0 PID: 26058 Comm: syz.1.5149 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1421.544444][T26058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1421.544451][T26058] Call Trace:
[ 1421.544455][T26058]  <TASK>
[ 1421.544460][T26058]  dump_stack_lvl+0x16c/0x1f0
[ 1421.544501][T26058]  should_fail_ex+0x512/0x640
[ 1421.544519][T26058]  _copy_to_user+0x32/0xd0
[ 1421.544537][T26058]  simple_read_from_buffer+0xcb/0x170
[ 1421.544553][T26058]  proc_fail_nth_read+0x197/0x270
[ 1421.544566][T26058]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1421.544580][T26058]  ? rw_verify_area+0xcf/0x680
[ 1421.544594][T26058]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1421.544606][T26058]  vfs_read+0x1e4/0xc60
[ 1421.544622][T26058]  ? fdget_pos+0x2a2/0x370
[ 1421.544639][T26058]  ? __pfx_vfs_read+0x10/0x10
[ 1421.544652][T26058]  ? find_held_lock+0x2b/0x80
[ 1421.544668][T26058]  ? __fget_files+0x20e/0x3c0
[ 1421.544689][T26058]  ksys_read+0x12a/0x250
[ 1421.544704][T26058]  ? __pfx_ksys_read+0x10/0x10
[ 1421.544720][T26058]  ? rcu_is_watching+0x12/0xc0
[ 1421.544733][T26058]  __do_fast_syscall_32+0x7c/0x3a0
[ 1421.544751][T26058]  do_fast_syscall_32+0x32/0x80
[ 1421.544767][T26058]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1421.544781][T26058] RIP: 0023:0xf7ff2579
[ 1421.544789][T26058] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1421.544800][T26058] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1421.544810][T26058] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5116620
[ 1421.544817][T26058] RDX: 000000000000000f RSI: 00000000f7483ff4 RDI: 0000000000000000
[ 1421.544823][T26058] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1421.544829][T26058] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1421.544835][T26058] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1421.544848][T26058]  </TASK>
[ 1421.627089][T26054] __nla_validate_parse: 2 callbacks suppressed
[ 1421.627099][T26054] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5148'.
[ 1421.746231][T26067] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1421.771331][T24189] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[ 1421.944303][T24189] usb 9-1: config 135 has an invalid interface number: 230 but max is 0
[ 1421.946732][T24189] usb 9-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 1421.949949][T24189] usb 9-1: config 135 has no interface number 0
[ 1421.961457][T24189] usb 9-1: config 135 interface 230 has no altsetting 0
[ 1421.967260][T24189] usb 9-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 1421.970035][T24189] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1421.972567][T24189] usb 9-1: Product: syz
[ 1421.973916][T24189] usb 9-1: Manufacturer: syz
[ 1421.975396][T24189] usb 9-1: SerialNumber: syz
[ 1422.297622][ T5964] usb 9-1: USB disconnect, device number 11
[ 1422.465194][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[ 1422.645812][T26068] tmpfs: Unknown parameter 'Pˆ¨x
[ 1422.645812][T26068] �Õ.púÞö'
[ 1422.664483][T26068] FAULT_INJECTION: forcing a failure.
[ 1422.664483][T26068] name failslab, interval 1, probability 0, space 0, times 0
[ 1422.669422][T26068] CPU: 2 UID: 0 PID: 26068 Comm: syz.1.5150 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1422.669446][T26068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1422.669457][T26068] Call Trace:
[ 1422.669464][T26068]  <TASK>
[ 1422.669471][T26068]  dump_stack_lvl+0x16c/0x1f0
[ 1422.669501][T26068]  should_fail_ex+0x512/0x640
[ 1422.669527][T26068]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1422.669556][T26068]  should_failslab+0xc2/0x120
[ 1422.669573][T26068]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1422.669600][T26068]  ? __kernfs_new_node+0xd2/0x8e0
[ 1422.669629][T26068]  __kernfs_new_node+0xd2/0x8e0
[ 1422.669654][T26068]  ? kernfs_add_one+0x37d/0x840
[ 1422.669686][T26068]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1422.669716][T26068]  ? find_held_lock+0x2b/0x80
[ 1422.669736][T26068]  ? kernfs_root+0xee/0x2a0
[ 1422.669764][T26068]  kernfs_new_node+0x13c/0x1e0
[ 1422.669796][T26068]  __kernfs_create_file+0x53/0x350
[ 1422.669820][T26068]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1422.669850][T26068]  sysfs_create_file_ns+0x13d/0x1d0
[ 1422.669873][T26068]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[ 1422.669893][T26068]  ? down_read+0x13d/0x480
[ 1422.669910][T26068]  ? __pfx___up_read+0x10/0x10
[ 1422.669936][T26068]  ? acpi_device_notify+0x351/0x480
[ 1422.669966][T26068]  device_create_file+0xf2/0x1e0
[ 1422.669990][T26068]  device_add+0x2bf/0x1a70
[ 1422.670009][T26068]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1422.670033][T26068]  ? __pfx_device_add+0x10/0x10
[ 1422.670053][T26068]  ? kfree+0x2b4/0x4d0
[ 1422.670073][T26068]  ? input_register_device+0xc0d/0x1130
[ 1422.670102][T26068]  input_register_device+0x7e8/0x1130
[ 1422.670131][T26068]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[ 1422.670155][T26068]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[ 1422.670180][T26068]  ? find_held_lock+0x2b/0x80
[ 1422.670206][T26068]  ? __fput_deferred+0x450/0x480
[ 1422.670224][T26068]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1422.670253][T26068]  ? __pfx_uinput_compat_ioctl+0x10/0x10
[ 1422.670272][T26068]  __ia32_compat_sys_ioctl+0x23f/0x370
[ 1422.670313][T26068]  __do_fast_syscall_32+0x7c/0x3a0
[ 1422.670342][T26068]  do_fast_syscall_32+0x32/0x80
[ 1422.670368][T26068]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1422.670390][T26068] RIP: 0023:0xf7ff2579
[ 1422.670404][T26068] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1422.670420][T26068] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1422.670437][T26068] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000005501
[ 1422.670448][T26068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1422.670459][T26068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1422.670468][T26068] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1422.670479][T26068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1422.670503][T26068]  </TASK>
[ 1422.851060][T26074] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1422.852895][T26074] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1422.857049][T26074] vhci_hcd vhci_hcd.0: Device attached
[ 1422.864790][T26075] usbip_core: unknown command
[ 1422.866917][T26075] vhci_hcd: unknown pdu 0
[ 1422.870415][T26075] usbip_core: unknown command
[ 1422.873955][ T1140] vhci_hcd: stop threads
[ 1422.875803][ T1140] vhci_hcd: release socket
[ 1422.877966][ T1140] vhci_hcd: disconnect device
[ 1422.879974][T26078] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 1422.882134][T26078] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1422.885573][T26078] vhci_hcd vhci_hcd.0: Device attached
[ 1422.915009][T26079] usbip_core: unknown command
[ 1422.916079][T26082] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1422.916661][T26079] vhci_hcd: unknown pdu 0
[ 1422.918710][T26082] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1422.920517][T26079] usbip_core: unknown command
[ 1422.924219][T26082] vhci_hcd vhci_hcd.0: Device attached
[ 1422.931224][T17758] vhci_hcd: stop threads
[ 1422.932689][T17758] vhci_hcd: release socket
[ 1422.934432][T17758] vhci_hcd: disconnect device
[ 1422.941289][T26083] usbip_core: unknown command
[ 1422.942788][T26083] vhci_hcd: unknown pdu 0
[ 1422.944139][T26083] usbip_core: unknown command
[ 1422.947094][T17758] vhci_hcd: stop threads
[ 1422.948933][T17758] vhci_hcd: release socket
[ 1422.950811][T17758] vhci_hcd: disconnect device
[ 1423.129661][T26089] netlink: 'syz.4.5154': attribute type 10 has an invalid length.
[ 1423.146694][T26090] netlink: 'syz.3.5152': attribute type 10 has an invalid length.
[ 1423.153123][T26090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5152'.
[ 1425.522295][T26093] netlink: 'syz.1.5153': attribute type 10 has an invalid length.
[ 1427.197577][T26100] tmpfs: Unknown parameter 'Pˆ¨x
[ 1427.197577][T26100] �Õ.púÞö'
[ 1427.205318][T26100] input: syz1 as /devices/virtual/input/input36
[ 1427.233876][T25500] udevd[25500]: setting mode of /dev/input/event3 to 020660 failed: Read-only file system
[ 1427.238076][T25500] udevd[25500]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: Read-only file system
[ 1427.485834][T26121] macsec1: entered promiscuous mode
[ 1427.490245][T26121] macsec1: entered allmulticast mode
[ 1428.021296][T24189] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[ 1428.191318][T24189] usb 6-1: Using ep0 maxpacket: 32
[ 1428.194175][T24189] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1428.196715][T24189] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1428.199286][T24189] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1428.202093][T24189] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1428.204941][T24189] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1428.207794][T24189] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1428.211690][T24189] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1428.214348][T24189] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1428.218264][T24189] usb 6-1: config 0 descriptor??
[ 1428.484931][T24189] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 43 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1428.525654][T24189] usb 6-1: USB disconnect, device number 43
[ 1428.574961][T24189] usblp0: removed
[ 1428.656605][T26145] tmpfs: Bad value for 'mpol'
[ 1428.658808][T26145] netlink: 'syz.4.5165': attribute type 5 has an invalid length.
[ 1428.698759][T26149] FAULT_INJECTION: forcing a failure.
[ 1428.698759][T26149] name failslab, interval 1, probability 0, space 0, times 0
[ 1428.704186][T26149] CPU: 0 UID: 0 PID: 26149 Comm: syz.4.5167 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1428.704212][T26149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1428.704224][T26149] Call Trace:
[ 1428.704233][T26149]  <TASK>
[ 1428.704247][T26149]  dump_stack_lvl+0x16c/0x1f0
[ 1428.704276][T26149]  should_fail_ex+0x512/0x640
[ 1428.704301][T26149]  ? fs_reclaim_acquire+0xae/0x150
[ 1428.704325][T26149]  should_failslab+0xc2/0x120
[ 1428.704342][T26149]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1428.704370][T26149]  ? security_inode_alloc+0x3b/0x2b0
[ 1428.704394][T26149]  security_inode_alloc+0x3b/0x2b0
[ 1428.704441][T26149]  inode_init_always_gfp+0xce4/0x1030
[ 1428.704470][T26149]  alloc_inode+0x86/0x240
[ 1428.704492][T26149]  sock_alloc+0x40/0x280
[ 1428.704511][T26149]  do_accept+0xf7/0x530
[ 1428.704536][T26149]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1428.704565][T26149]  ? __pfx_do_accept+0x10/0x10
[ 1428.704606][T26149]  __sys_accept4+0x100/0x1c0
[ 1428.704628][T26149]  ? __pfx___sys_accept4+0x10/0x10
[ 1428.704657][T26149]  ? __pfx_ksys_write+0x10/0x10
[ 1428.704687][T26149]  __ia32_sys_accept4+0x94/0x100
[ 1428.704709][T26149]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1428.704736][T26149]  __do_fast_syscall_32+0x7c/0x3a0
[ 1428.704765][T26149]  do_fast_syscall_32+0x32/0x80
[ 1428.704792][T26149]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1428.704813][T26149] RIP: 0023:0xf7ff1579
[ 1428.704828][T26149] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1428.704845][T26149] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 000000000000016c
[ 1428.704862][T26149] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040
[ 1428.704874][T26149] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000000
[ 1428.704885][T26149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1428.704894][T26149] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1428.704905][T26149] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1428.704929][T26149]  </TASK>
[ 1428.783334][T26151] input: syz1 as /devices/virtual/input/input37
[ 1428.807627][T25246] udevd[25246]: setting mode of /dev/input/event3 to 020660 failed: Read-only file system
[ 1428.811778][T25246] udevd[25246]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: Read-only file system
[ 1428.916245][T26157] lo speed is unknown, defaulting to 1000
[ 1429.071345][T24189] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[ 1429.221312][T24189] usb 6-1: Using ep0 maxpacket: 32
[ 1429.225353][T24189] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1429.228904][T24189] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1429.235077][T24189] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1429.239029][T24189] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1429.243718][T24189] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1429.247903][T24189] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1429.254104][T24189] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1429.257875][T24189] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1429.263623][T24189] usb 6-1: config 0 descriptor??
[ 1429.337144][T26161] vivid-000: =================  START STATUS  =================
[ 1429.342571][T26161] vivid-000: Test Pattern: 75% Colorbar
[ 1429.345620][T26161] vivid-000: Fill Percentage of Frame: 100
[ 1429.347452][T26161] vivid-000: Horizontal Movement: No Movement
[ 1429.349335][T26161] vivid-000: Vertical Movement: No Movement
[ 1429.351138][T26161] vivid-000: OSD Text Mode: All
[ 1429.359003][T26161] vivid-000: Show Border: false
[ 1429.360519][T26161] vivid-000: Show Square: false
[ 1429.362143][T26161] vivid-000: Sensor Flipped Horizontally: false
[ 1429.364114][T26161] vivid-000: Sensor Flipped Vertically: true
[ 1429.365994][T26161] vivid-000: Insert SAV Code in Image: false
[ 1429.367816][T26161] vivid-000: Insert EAV Code in Image: false
[ 1429.369673][T26161] vivid-000: Insert Video Guard Band: false
[ 1429.373179][T26161] vivid-000: Reduced Framerate: false
[ 1429.374821][T26161] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[ 1429.377127][T26161] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1429.379487][T26161] vivid-000: Enable Capture Cropping: true grabbed
[ 1429.381795][T26161] vivid-000: Enable Capture Composing: true grabbed
[ 1429.383785][T26161] vivid-000: Enable Capture Scaler: true grabbed
[ 1429.385714][T26161] vivid-000: Timestamp Source: Start of Exposure
[ 1429.387614][T26161] vivid-000: Colorspace: SMPTE 170M
[ 1429.389212][T26161] vivid-000: Transfer Function: Default
[ 1429.390723][T26161] vivid-000: Y'CbCr Encoding: Default
[ 1429.393781][T26161] vivid-000: HSV Encoding: Hue 0-179
[ 1429.395392][T26161] vivid-000: Quantization: Default
[ 1429.396922][T26161] vivid-000: Apply Alpha To Red Only: false
[ 1429.398749][T26161] vivid-000: Standard Aspect Ratio: 4x3
[ 1429.400470][T26161] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[ 1429.403251][T26161] vivid-000: DV Timings: 640x480p59 inactive
[ 1429.405141][T26161] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[ 1429.407333][T26161] vivid-000: Maximum EDID Blocks: 2
[ 1429.408989][T26161] vivid-000: Limited RGB Range (16-235): false
[ 1429.410905][T26161] vivid-000: Rx RGB Quantization Range: Automatic
[ 1429.416538][T26161] vivid-000: Power Present: 0x00000001
[ 1429.418259][T26161] tpg source WxH: 720x576 (Y'CbCr)
[ 1429.419856][T26161] tpg field: 4
[ 1429.420964][T26161] tpg crop: (0,0)/64x64
[ 1429.422664][T26161] tpg compose: (0,560)/16x16
[ 1429.424115][T26161] tpg colorspace: 1
[ 1429.425335][T26161] tpg transfer function: 0/1
[ 1429.426769][T26161] tpg Y'CbCr encoding: 0/1
[ 1429.428152][T26161] tpg quantization: 0/2
[ 1429.429457][T26161] tpg RGB range: 0/2
[ 1429.430689][T26161] vivid-000: ==================  END STATUS  ==================
[ 1429.478327][T24189] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 44 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1429.543145][T26164] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1429.545513][T26164] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1429.548772][T26164] vhci_hcd vhci_hcd.0: Device attached
[ 1429.554836][T26165] usbip_core: unknown command
[ 1429.556680][T26165] vhci_hcd: unknown pdu 0
[ 1429.558381][T26165] usbip_core: unknown command
[ 1429.560253][ T1229] vhci_hcd: stop threads
[ 1429.570289][ T1229] vhci_hcd: release socket
[ 1429.572103][ T1229] vhci_hcd: disconnect device
[ 1429.694467][T24189] usb 6-1: USB disconnect, device number 44
[ 1429.700261][T24189] usblp0: removed
[ 1429.815125][T26167] netlink: 'syz.0.5169': attribute type 10 has an invalid length.
[ 1429.817841][T26167] : left promiscuous mode
[ 1429.819560][T26167] : left allmulticast mode
[ 1429.826911][T26167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5169'.
[ 1430.141656][T12461] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[ 1430.271361][T12461] usb 6-1: device descriptor read/64, error -71
[ 1430.511303][T12461] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[ 1430.641347][T12461] usb 6-1: device descriptor read/64, error -71
[ 1430.751660][T12461] usb usb6-port1: attempt power cycle
[ 1431.876199][T26190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5173'.
[ 1431.938532][T26192] syz.0.5174: attempt to access beyond end of device
[ 1431.938532][T26192] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[ 1431.950499][T26192] XFS (nbd0): SB validate failed with error -5.
[ 1432.011297][T26205] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5177'.
[ 1433.078351][T26211] gfs2: not a GFS2 filesystem
[ 1433.421240][   T10] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[ 1433.701386][   T61] usb 6-1: new full-speed USB device number 48 using dummy_hcd
[ 1433.732896][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1433.737188][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1433.742532][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1433.750170][   T10] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1433.753896][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1433.887909][   T10] usb 8-1: config 0 descriptor??
[ 1433.912648][   T61] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1433.920468][   T61] usb 6-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[ 1433.926437][   T61] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1433.928922][   T61] usb 6-1: Product: syz
[ 1433.930256][   T61] usb 6-1: Manufacturer: syz
[ 1433.931818][   T61] usb 6-1: SerialNumber: syz
[ 1433.935669][   T61] usb 6-1: config 0 descriptor??
[ 1433.938884][   T61] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[ 1433.942605][   T61] dvb-usb: bulk message failed: -22 (3/0)
[ 1433.978214][   T61] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1433.983598][   T61] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[ 1433.987405][   T61] usb 6-1: media controller created
[ 1433.990298][   T61] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1434.002475][   T61] dvb-usb: bulk message failed: -22 (6/0)
[ 1434.004645][   T61] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[ 1434.009563][   T61] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input38
[ 1434.015488][   T61] dvb-usb: schedule remote query interval to 150 msecs.
[ 1434.017709][   T61] dvb-usb: bulk message failed: -22 (3/0)
[ 1434.041309][   T61] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[ 1434.076769][T25246] udevd[25246]: setting mode of /dev/input/event3 to 020660 failed: Read-only file system
[ 1434.080416][T25246] udevd[25246]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: Read-only file system
[ 1434.182462][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1434.185610][   T61] dvb-usb: error while querying for an remote control event.
[ 1434.302566][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.307758][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.310767][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.314132][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.317131][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.319406][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.322013][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.325690][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.328062][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.330635][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.334047][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.336417][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.338861][   T10] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[ 1434.348571][   T10] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1434.351260][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1434.354322][   T61] dvb-usb: error while querying for an remote control event.
[ 1434.435775][T25246] udevd[25246]: setting mode of /dev/hidraw0 to 020600 failed: Read-only file system
[ 1434.438798][T25246] udevd[25246]: setting owner of /dev/hidraw0 to uid=0, gid=0 failed: Read-only file system
[ 1434.502103][ T5969] Bluetooth: hci2: unexpected event for opcode 0x1005
[ 1434.511126][   T10] usb 8-1: USB disconnect, device number 32
[ 1434.521291][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1434.523274][   T61] dvb-usb: error while querying for an remote control event.
[ 1434.681289][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1434.683225][   T61] dvb-usb: error while querying for an remote control event.
[ 1434.832989][   T40] kauditd_printk_skb: 30 callbacks suppressed
[ 1434.833005][   T40] audit: type=1326 audit(2000263046.108:8254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26230 comm="syz.0.5182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1434.846978][   T40] audit: type=1326 audit(2000263046.108:8255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26230 comm="syz.0.5182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1434.851234][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1434.857012][   T61] dvb-usb: error while querying for an remote control event.
[ 1434.865442][   T40] audit: type=1326 audit(2000263046.138:8256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26230 comm="syz.0.5182" exe="/syz-executor" sig=0 arch=40000003 syscall=376 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1434.872627][   T40] audit: type=1326 audit(2000263046.138:8257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26230 comm="syz.0.5182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1434.879430][   T40] audit: type=1326 audit(2000263046.138:8258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26230 comm="syz.0.5182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[ 1434.932636][T26234] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5183'.
[ 1434.939132][T26234] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1434.942148][T26234] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1434.945214][T26234] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1434.948226][T26234] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1434.953909][T26234] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1434.957355][T26234] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1434.960753][T26234] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1434.964965][T26234] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1435.023510][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1435.026708][   T61] dvb-usb: error while querying for an remote control event.
[ 1435.289425][T21421] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1435.297632][T21421] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1435.304174][T21421] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1435.309286][T21421] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1435.314211][T21421] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1435.367840][T26239] lo speed is unknown, defaulting to 1000
[ 1435.629028][T26239] chnl_net:caif_netlink_parms(): no params data found
[ 1435.748414][T26239] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1435.752549][T26239] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1435.755593][T26239] bridge_slave_0: entered allmulticast mode
[ 1435.759423][T26239] bridge_slave_0: entered promiscuous mode
[ 1435.764774][T26239] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1435.767858][T26239] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1435.770918][T26239] bridge_slave_1: entered allmulticast mode
[ 1435.775291][T26239] bridge_slave_1: entered promiscuous mode
[ 1435.821675][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1435.824325][   T61] dvb-usb: error while querying for an remote control event.
[ 1435.877803][T26239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1435.885659][T26239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1435.968545][T26239] team0: Port device team_slave_0 added
[ 1435.974071][T26239] team0: Port device team_slave_1 added
[ 1435.982229][   T61] dvb-usb: bulk message failed: -22 (1/0)
[ 1435.986785][   T61] dvb-usb: error while querying for an remote control event.
[ 1436.016513][T26239] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1436.018779][T26239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1436.027185][T26239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1436.031689][T26239] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1436.034287][T26239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1436.042347][T26239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1436.183935][T26171] dvb-usb: bulk message failed: -22 (1/0)
[ 1436.186532][T26171] dvb-usb: error while querying for an remote control event.
[ 1436.190269][   T61] usb 6-1: USB disconnect, device number 48
[ 1436.197764][T26239] hsr_slave_0: entered promiscuous mode
[ 1436.203716][T26239] hsr_slave_1: entered promiscuous mode
[ 1436.214677][T26239] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1436.221233][T26239] Cannot create hsr debugfs directory
[ 1436.241265][   T61] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[ 1436.361519][T26265] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1436.364376][T26265] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1436.367872][T26265] vhci_hcd vhci_hcd.0: Device attached
[ 1436.374997][T26266] usbip_core: unknown command
[ 1436.377286][T26266] vhci_hcd: unknown pdu 0
[ 1436.379277][T26266] usbip_core: unknown command
[ 1436.384462][   T91] vhci_hcd: stop threads
[ 1436.386267][   T91] vhci_hcd: release socket
[ 1436.429001][   T91] vhci_hcd: disconnect device
[ 1436.794956][T26274] netlink: 'syz.3.5194': attribute type 10 has an invalid length.
[ 1437.341273][ T5969] Bluetooth: hci4: command tx timeout
[ 1438.070910][T24729]  (unregistering): Released all slaves
[ 1438.266572][T24729] bond1 (unregistering): Released all slaves
[ 1438.602464][T24729] bond2 (unregistering): Released all slaves
[ 1438.627722][T24729] bond0 (unregistering): Released all slaves
[ 1438.723260][T24729] : left promiscuous mode
[ 1438.790540][T26281] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[ 1438.793024][T26281] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1438.797877][T26281] vhci_hcd vhci_hcd.0: Device attached
[ 1438.814008][T24729] tipc: Left network mode
[ 1438.858908][T26282] vhci_hcd: connection closed
[ 1438.859155][   T91] vhci_hcd: stop threads
[ 1438.864786][   T91] vhci_hcd: release socket
[ 1438.866623][   T91] vhci_hcd: disconnect device
[ 1438.869073][   T40] audit: type=1326 audit(2000263050.138:8259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26280 comm="syz.1.5196" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x0
[ 1439.050978][T24729] hsr_slave_0: left promiscuous mode
[ 1439.053432][T24729] 0·: left promiscuous mode
[ 1439.421268][ T5969] Bluetooth: hci4: command tx timeout
[ 1440.808580][ T1140] smc: removing ib device s
z1
[ 1440.812724][T26290] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[ 1440.815318][T24090] lo speed is unknown, defaulting to 1000
[ 1440.817122][T24090] s
z1: Port: 1 Link DOWN
[ 1440.910131][T26239] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1440.919008][T26239] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1440.924550][T26239] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1440.928870][T26239] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1440.987468][T26239] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1440.996844][T26239] 8021q: adding VLAN 0 to HW filter on device team0
[ 1441.009941][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1441.012455][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1441.018337][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1441.021395][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1441.180065][T26239] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1441.232247][T26239] veth0_vlan: entered promiscuous mode
[ 1441.238849][T26239] veth1_vlan: entered promiscuous mode
[ 1441.251486][T24090] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 1441.257757][T26239] veth0_macvtap: entered promiscuous mode
[ 1441.261414][T26239] veth1_macvtap: entered promiscuous mode
[ 1441.273751][T26239] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1441.286182][T26239] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1441.294011][T26239] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.297026][T26239] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.300404][T26239] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.303601][T26239] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.368692][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1441.371150][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1441.406374][T24090] usb 6-1: Using ep0 maxpacket: 32
[ 1441.462043][T24090] usb 6-1: config 149 has an invalid interface number: 126 but max is 1
[ 1441.464636][T24090] usb 6-1: config 149 has an invalid descriptor of length 1, skipping remainder of the config
[ 1441.467639][T24090] usb 6-1: config 149 has 1 interface, different from the descriptor's value: 2
[ 1441.470339][T24090] usb 6-1: config 149 has no interface number 0
[ 1441.481951][T24090] usb 6-1: config 149 interface 126 altsetting 11 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1441.486538][T24090] usb 6-1: config 149 interface 126 has no altsetting 0
[ 1441.497743][T24733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1441.501350][T24733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1441.511468][ T5969] Bluetooth: hci4: command tx timeout
[ 1441.533537][T24090] usb 6-1: New USB device found, idVendor=07c4, idProduct=a002, bcdDevice=44.86
[ 1441.536449][T24090] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1441.539244][T24090] usb 6-1: Product: Х
[ 1441.540559][T24090] usb 6-1: SerialNumber: Х
[ 1441.630644][T24729] IPVS: stop unused estimator thread 0...
[ 1441.832570][T24090] ums-datafab 6-1:149.126: USB Mass Storage device detected
[ 1441.847487][T24090] ums-datafab 6-1:149.126: Quirks match for vid 07c4 pid a002: 1
[ 1441.925523][T24090] usb 6-1: USB disconnect, device number 49
[ 1441.972422][T26357] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5213'.
[ 1442.055705][T26359] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5214'.
[ 1442.439659][T26370] lo speed is unknown, defaulting to 1000
[ 1442.441721][T26370] lo speed is unknown, defaulting to 1000
[ 1442.444744][T26370] lo speed is unknown, defaulting to 1000
[ 1442.468778][T26370] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1442.563397][T26374] fuse: Unknown parameter 'ò'
[ 1442.655872][T26370] lo speed is unknown, defaulting to 1000
[ 1442.661075][T26370] lo speed is unknown, defaulting to 1000
[ 1442.666340][T26370] lo speed is unknown, defaulting to 1000
[ 1442.671440][T26370] lo speed is unknown, defaulting to 1000
[ 1442.676819][T26370] lo speed is unknown, defaulting to 1000
[ 1442.683842][T25246] udevd[25246]: setting mode of /dev/infiniband/uverbs0 to 020666 failed: Read-only file system
[ 1442.687134][T25246] udevd[25246]: setting owner of /dev/infiniband/uverbs0 to uid=0, gid=0 failed: Read-only file system
[ 1442.898348][T26386] netlink: 'syz.1.5220': attribute type 4 has an invalid length.
[ 1442.904129][T26386] netlink: 'syz.1.5220': attribute type 4 has an invalid length.
[ 1442.974102][T26385] netdevsim netdevsim3: Direct firmware load for @ failed with error -2
[ 1442.985055][T26385] netdevsim netdevsim3: Falling back to sysfs fallback for: @
[ 1443.216589][   T40] audit: type=1326 audit(2000000001.159:8260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.231050][   T40] audit: type=1326 audit(2000000001.159:8261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.244947][T26396] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[ 1443.247016][T26396] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1443.249444][T26396] vhci_hcd vhci_hcd.0: Device attached
[ 1443.251387][   T40] audit: type=1326 audit(2000000001.159:8262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.258809][   T40] audit: type=1326 audit(2000000001.159:8263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.269258][   T40] audit: type=1326 audit(2000000001.159:8264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.277305][   T40] audit: type=1326 audit(2000000001.169:8265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=349 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.291420][   T40] audit: type=1326 audit(2000000001.169:8266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.298048][   T40] audit: type=1326 audit(2000000001.169:8267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.305464][   T40] audit: type=1326 audit(2000000001.169:8268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.314486][   T40] audit: type=1326 audit(2000000001.169:8269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.0.5225" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[ 1443.318860][T26399] vhci_hcd: connection closed
[ 1443.324463][T24729] vhci_hcd: stop threads
[ 1443.331537][T24729] vhci_hcd: release socket
[ 1443.337644][T24729] vhci_hcd: disconnect device
[ 1443.474432][T26410] netlink: 'syz.4.5227': attribute type 1 has an invalid length.
[ 1443.476898][T26410] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5227'.
[ 1443.483794][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/85.tmp-b7:7' failed: Read-only file system
[ 1443.545890][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/85.tmp-b7:7' failed: Read-only file system
[ 1443.583084][ T5969] Bluetooth: hci4: command tx timeout
[ 1443.719659][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/85.tmp-b7:7' failed: Read-only file system
[ 1443.755179][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/85.tmp-b7:7' failed: Read-only file system
[ 1444.093395][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/87.tmp-b7:7' failed: Read-only file system
[ 1444.126580][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/87.tmp-b7:7' failed: Read-only file system
[ 1444.136571][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/87.tmp-b7:7' failed: Read-only file system
[ 1444.150483][T25246] udevd[25246]: symlink '../../loop7' '/dev/disk/by-diskseq/87.tmp-b7:7' failed: Read-only file system
[ 1444.856500][T26456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5242'.
[ 1445.181381][ T5969] Bluetooth: hci2: command 0x0406 tx timeout
[ 1445.760189][T26477] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5250'.
[ 1446.108606][T26485] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5252'.
[ 1446.370315][T26485] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1446.615277][T26493] input: syz1 as /devices/virtual/input/input39
[ 1446.655863][T26496] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1446.658640][T26496] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1446.662421][T26496] vhci_hcd vhci_hcd.0: Device attached
[ 1446.669306][T26497] usbip_core: unknown command
[ 1446.670884][T26497] vhci_hcd: unknown pdu 0
[ 1446.673044][T26497] usbip_core: unknown command
[ 1446.676008][T24733] vhci_hcd: stop threads
[ 1446.677539][T24733] vhci_hcd: release socket
[ 1446.679000][T24733] vhci_hcd: disconnect device
[ 1446.826527][T26505] bridge_slave_0: left allmulticast mode
[ 1446.829007][T26505] bridge_slave_0: left promiscuous mode
[ 1446.832146][T26505] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1446.905294][T26507] netlink: 'syz.0.5255': attribute type 10 has an invalid length.
[ 1446.926123][T26505] bridge_slave_1: left allmulticast mode
[ 1446.928689][T26505] bridge_slave_1: left promiscuous mode
[ 1446.931937][T26505] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1446.977871][T26509] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5255'.
[ 1446.992598][T26505] bond0: (slave bond_slave_0): Releasing backup interface
[ 1447.008781][T26505] bond0: (slave bond_slave_1): Releasing backup interface
[ 1447.045037][T26505] team0: Port device team_slave_0 removed
[ 1447.144306][T26505] team0: Port device team_slave_1 removed
[ 1447.174781][T26505] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1447.178338][T26505] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1447.282845][T26505] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1447.285443][T26505] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1447.372077][   T61] lo speed is unknown, defaulting to 1000
[ 1447.390589][T26507] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1447.398528][T26507] team0: Port device bond0 added
[ 1447.611943][T26512] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1447.614039][T26512] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1447.617219][T26512] vhci_hcd vhci_hcd.0: Device attached
[ 1447.622466][T26513] usbip_core: unknown command
[ 1447.623971][T26513] vhci_hcd: unknown pdu 0
[ 1447.625320][T26513] usbip_core: unknown command
[ 1447.627420][T24733] vhci_hcd: stop threads
[ 1447.628843][T24733] vhci_hcd: release socket
[ 1447.630186][T24733] vhci_hcd: disconnect device
[ 1447.635304][T26509] team0 (unregistering): Port device bond0 removed
[ 1447.838543][T26517] netlink: 'syz.4.5258': attribute type 10 has an invalid length.
[ 1447.842993][T26517] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5258'.
[ 1448.072503][T26520] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5259'.
[ 1448.297529][   T40] kauditd_printk_skb: 21 callbacks suppressed
[ 1448.298647][   T40] audit: type=1326 audit(2000000006.239:8291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26518 comm="syz.3.5259" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x0
[ 1448.701326][ T5969] Bluetooth: hci0: command 0x0406 tx timeout
[ 1448.701329][T17939] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1449.477563][T26519] lo speed is unknown, defaulting to 1000
[ 1449.626735][T17939] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[ 1449.818226][T26533] 9pnet_fd: Insufficient options for proto=fd
[ 1449.847987][T26535] netlink: 'syz.3.5264': attribute type 2 has an invalid length.
[ 1449.851324][T26535] FAULT_INJECTION: forcing a failure.
[ 1449.851324][T26535] name failslab, interval 1, probability 0, space 0, times 0
[ 1449.855575][T26535] CPU: 3 UID: 0 PID: 26535 Comm: syz.3.5264 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1449.855590][T26535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1449.855596][T26535] Call Trace:
[ 1449.855601][T26535]  <TASK>
[ 1449.855606][T26535]  dump_stack_lvl+0x16c/0x1f0
[ 1449.855636][T26535]  should_fail_ex+0x512/0x640
[ 1449.855653][T26535]  ? __kernel_text_address+0xd/0x40
[ 1449.855665][T26535]  should_failslab+0xc2/0x120
[ 1449.855677][T26535]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1449.855694][T26535]  ? skb_clone+0x190/0x3f0
[ 1449.855711][T26535]  skb_clone+0x190/0x3f0
[ 1449.855727][T26535]  dev_queue_xmit_nit+0x3e7/0xca0
[ 1449.855747][T26535]  dev_hard_start_xmit+0x5c3/0x740
[ 1449.855760][T26535]  ? skb_clone+0x190/0x3f0
[ 1449.855777][T26535]  __dev_queue_xmit+0x7eb/0x43e0
[ 1449.855795][T26535]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1449.855822][T26535]  ? __skb_clone+0x570/0x760
[ 1449.855838][T26535]  netlink_deliver_tap+0xa87/0xd30
[ 1449.855858][T26535]  netlink_unicast+0x62f/0x850
[ 1449.855871][T26535]  ? __pfx_netlink_unicast+0x10/0x10
[ 1449.855885][T26535]  netlink_sendmsg+0x8d1/0xdd0
[ 1449.855898][T26535]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1449.855909][T26535]  ? __import_iovec+0x1dd/0x650
[ 1449.855923][T26535]  ____sys_sendmsg+0xa95/0xc70
[ 1449.855936][T26535]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1449.855946][T26535]  ? get_compat_msghdr+0x11a/0x170
[ 1449.855969][T26535]  ___sys_sendmsg+0x134/0x1d0
[ 1449.855985][T26535]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1449.856006][T26535]  ? find_held_lock+0x2b/0x80
[ 1449.856026][T26535]  __sys_sendmsg+0x16d/0x220
[ 1449.856041][T26535]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1449.856062][T26535]  ? rcu_is_watching+0x12/0xc0
[ 1449.856075][T26535]  __do_fast_syscall_32+0x7c/0x3a0
[ 1449.856093][T26535]  do_fast_syscall_32+0x32/0x80
[ 1449.856109][T26535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1449.856122][T26535] RIP: 0023:0xf7f33579
[ 1449.856131][T26535] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1449.856142][T26535] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1449.856152][T26535] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000280
[ 1449.856159][T26535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1449.856165][T26535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1449.856170][T26535] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1449.856176][T26535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1449.856189][T26535]  </TASK>
[ 1449.856292][T26535] netlink: 532 bytes leftover after parsing attributes in process `syz.3.5264'.
[ 1450.797116][T26564] bond0: (slave batadv0): Error: Device can not be enslaved while up
[ 1450.804786][T26564] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5272'.
[ 1450.807648][T26564] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5272'.
[ 1450.810493][T26564] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5272'.
[ 1450.813383][T26564] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5272'.
[ 1450.823682][T26564] cgroup: Unknown subsys name 'fowner>00000000000000000000'
[ 1451.006450][T26569] siw: device registration error -23
[ 1451.024041][T26571] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5274'.
[ 1451.741273][ T5969] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1451.742151][T17939] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[ 1451.951022][T17939] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[ 1452.301922][T26575] netdevsim netdevsim3: Direct firmware load for @ failed with error -2
[ 1452.305056][T26575] netdevsim netdevsim3: Falling back to sysfs fallback for: @
[ 1452.946543][ T5969] Bluetooth: hci4: connection err: -111
[ 1452.954778][T26579] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5276'.
[ 1453.211466][T26582] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1453.213848][T26582] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1453.220225][T26582] vhci_hcd vhci_hcd.0: Device attached
[ 1453.231007][T26583] usbip_core: unknown command
[ 1453.232755][T26583] vhci_hcd: unknown pdu 0
[ 1453.234123][T26583] usbip_core: unknown command
[ 1453.235876][   T12] vhci_hcd: stop threads
[ 1453.237713][   T12] vhci_hcd: release socket
[ 1453.239572][   T12] vhci_hcd: disconnect device
[ 1453.547032][T26587] netlink: 'syz.3.5277': attribute type 10 has an invalid length.
[ 1453.554646][T26587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5277'.
[ 1453.649629][T26590] FAULT_INJECTION: forcing a failure.
[ 1453.649629][T26590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1453.653844][T26590] CPU: 0 UID: 0 PID: 26590 Comm: syz.0.5278 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1453.653859][T26590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1453.653866][T26590] Call Trace:
[ 1453.653870][T26590]  <TASK>
[ 1453.653874][T26590]  dump_stack_lvl+0x16c/0x1f0
[ 1453.653894][T26590]  should_fail_ex+0x512/0x640
[ 1453.653911][T26590]  _copy_from_user+0x2e/0xd0
[ 1453.653928][T26590]  kvm_dev_ioctl_get_cpuid+0x43f/0x700
[ 1453.653943][T26590]  ? __might_fault+0xe3/0x190
[ 1453.653959][T26590]  ? __pfx_kvm_dev_ioctl_get_cpuid+0x10/0x10
[ 1453.653975][T26590]  kvm_arch_dev_ioctl+0x3f8/0x760
[ 1453.653987][T26590]  ? __pfx_kvm_arch_dev_ioctl+0x10/0x10
[ 1453.653998][T26590]  ? do_vfs_ioctl+0x523/0x1a60
[ 1453.654011][T26590]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1453.654028][T26590]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1453.654045][T26590]  kvm_dev_ioctl+0x787/0x1ad0
[ 1453.654058][T26590]  ? find_held_lock+0x2b/0x80
[ 1453.654069][T26590]  ? hook_file_ioctl_common+0x145/0x410
[ 1453.654081][T26590]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1453.654093][T26590]  ? __fget_files+0x20e/0x3c0
[ 1453.654106][T26590]  ? __fput_deferred+0x450/0x480
[ 1453.654119][T26590]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1453.654130][T26590]  __ia32_compat_sys_ioctl+0x23f/0x370
[ 1453.654144][T26590]  __do_fast_syscall_32+0x7c/0x3a0
[ 1453.654162][T26590]  do_fast_syscall_32+0x32/0x80
[ 1453.654178][T26590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1453.654191][T26590] RIP: 0023:0xf7f85579
[ 1453.654200][T26590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1453.654211][T26590] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1453.654221][T26590] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008ae09
[ 1453.654228][T26590] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1453.654234][T26590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1453.654240][T26590] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1453.654246][T26590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1453.654259][T26590]  </TASK>
[ 1453.981302][T17939] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[ 1453.981353][ T5969] Bluetooth: hci2: command 0x0406 tx timeout
[ 1453.983253][T17939] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[ 1454.083420][T26598] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1454.085784][T26598] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1454.088528][T26598] vhci_hcd vhci_hcd.0: Device attached
[ 1454.361272][   T61] usb 40-1: SetAddress Request (2) to port 0
[ 1454.363371][   T61] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1454.583471][T26171] usb 9-1: new low-speed USB device number 12 using dummy_hcd
[ 1454.718320][T26610] FAULT_INJECTION: forcing a failure.
[ 1454.718320][T26610] name failslab, interval 1, probability 0, space 0, times 0
[ 1454.723740][T26610] CPU: 1 UID: 0 PID: 26610 Comm: syz.0.5282 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1454.723756][T26610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1454.723763][T26610] Call Trace:
[ 1454.723767][T26610]  <TASK>
[ 1454.723772][T26610]  dump_stack_lvl+0x16c/0x1f0
[ 1454.723791][T26610]  should_fail_ex+0x512/0x640
[ 1454.723808][T26610]  ? __kmalloc_noprof+0xbf/0x510
[ 1454.723825][T26610]  ? sock_kmalloc+0x111/0x170
[ 1454.723835][T26610]  should_failslab+0xc2/0x120
[ 1454.723846][T26610]  __kmalloc_noprof+0xd2/0x510
[ 1454.723861][T26610]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1454.723881][T26610]  sock_kmalloc+0x111/0x170
[ 1454.723893][T26610]  hash_alloc_result+0xd7/0x150
[ 1454.723911][T26610]  hash_recvmsg+0x198/0x960
[ 1454.723921][T26610]  ? iovec_from_user+0xbb/0x140
[ 1454.723933][T26610]  ____sys_recvmsg+0x5f9/0x6b0
[ 1454.723947][T26610]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1454.723958][T26610]  ? import_iovec+0x86/0xb0
[ 1454.723972][T26610]  ? __lock_acquire+0x622/0x1c90
[ 1454.723988][T26610]  ___sys_recvmsg+0x114/0x1a0
[ 1454.724004][T26610]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1454.724021][T26610]  ? find_held_lock+0x2b/0x80
[ 1454.724036][T26610]  ? __pfx___might_resched+0x10/0x10
[ 1454.724051][T26610]  do_recvmmsg+0x55d/0x750
[ 1454.724068][T26610]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1454.724093][T26610]  ? __fget_files+0x20e/0x3c0
[ 1454.724107][T26610]  ? handle_mm_fault+0x1e0/0xd10
[ 1454.724123][T26610]  __sys_recvmmsg+0x21c/0x280
[ 1454.724139][T26610]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1454.724156][T26610]  ? __pfx_ksys_write+0x10/0x10
[ 1454.724197][T26610]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1454.724213][T26610]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1454.724234][T26610]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1454.724252][T26610]  __do_fast_syscall_32+0x7c/0x3a0
[ 1454.724269][T26610]  do_fast_syscall_32+0x32/0x80
[ 1454.724285][T26610]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1454.724299][T26610] RIP: 0023:0xf7f85579
[ 1454.724308][T26610] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1454.724318][T26610] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[ 1454.724328][T26610] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080003700
[ 1454.724335][T26610] RDX: 0000000000000600 RSI: 0000000000000000 RDI: 0000000000000000
[ 1454.724341][T26610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1454.724347][T26610] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1454.724353][T26610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1454.724367][T26610]  </TASK>
[ 1454.724468][T26599] vhci_hcd: connection reset by peer
[ 1454.811158][T24733] vhci_hcd: stop threads
[ 1454.816967][T24733] vhci_hcd: release socket
[ 1454.822203][T24733] vhci_hcd: disconnect device
[ 1454.833918][T26171] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1454.836516][T26171] usb 9-1: config 0 has no interface number 0
[ 1454.838415][T26171] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1454.842261][T26171] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1454.846350][T26171] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1454.850057][T26171] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1454.860120][T26171] usb 9-1: config 0 descriptor??
[ 1454.863006][T26603] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1454.885178][T26171] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1455.090478][T24243] usb 9-1: USB disconnect, device number 12
[ 1455.350354][T26612] program syz.1.5283 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1456.061295][ T5969] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1456.076359][T17939] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[ 1456.078275][T17939] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[ 1456.722884][T26633] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5292'.
[ 1457.085285][T26657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5296'.
[ 1457.089045][T26657] netlink: 'syz.3.5296': attribute type 5 has an invalid length.
[ 1457.092616][T26657] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5296'.
[ 1457.109953][T26657] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[ 1457.115450][T26657] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[ 1457.119458][T26657] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[ 1457.122932][T26657] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[ 1457.126385][T26657] geneve2: entered promiscuous mode
[ 1457.128202][T26657] geneve2: entered allmulticast mode
[ 1457.427197][T26669] virtio-fs: tag <c:::> not found
[ 1457.429431][T26668] netlink: 88 bytes leftover after parsing attributes in process `syz.4.5301'.
[ 1457.435274][T26668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5301'.
[ 1457.596851][T26673] fuse: Unknown parameter '000000000000367757600000x0000000000000009'
[ 1457.928682][T26679] openvswitch: netlink: Unknown key attributes 2
[ 1457.964643][T26681] ref_tracker: memory allocation failure, unreliable refcount tracker.
[ 1457.987988][T17939] libceph: connect (1)[c::]:6789 error -101
[ 1457.990598][T17939] libceph: mon0 (1)[c::]:6789 connect error
[ 1458.261757][T17939] libceph: connect (1)[c::]:6789 error -101
[ 1458.263730][T17939] libceph: mon0 (1)[c::]:6789 connect error
[ 1458.774870][T17939] libceph: connect (1)[c::]:6789 error -101
[ 1458.776902][T17939] libceph: mon0 (1)[c::]:6789 connect error
[ 1458.852155][T26683] ceph: No mds server is up or the cluster is laggy
[ 1458.958674][T26700] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5313'.
[ 1459.017875][T26703] netlink: 'syz.4.5312': attribute type 4 has an invalid length.
[ 1459.027604][T26703] netlink: 'syz.4.5312': attribute type 4 has an invalid length.
[ 1459.433736][   T61] usb 40-1: device descriptor read/8, error -110
[ 1459.831791][   T61] usb usb40-port1: attempt power cycle
[ 1460.001774][T26725] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1460.402239][   T61] usb usb40-port1: unable to enumerate USB device
[ 1461.238447][T26734] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5324'.
[ 1461.652149][T26740] netlink: 'syz.4.5325': attribute type 4 has an invalid length.
[ 1461.668440][T26740] netlink: 'syz.4.5325': attribute type 4 has an invalid length.
[ 1461.946559][T26744] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5327'.
[ 1461.949746][T26744] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5327'.
[ 1462.107627][T26749] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5326'.
[ 1462.165935][T26756] FAULT_INJECTION: forcing a failure.
[ 1462.165935][T26756] name failslab, interval 1, probability 0, space 0, times 0
[ 1462.169865][T26756] CPU: 3 UID: 0 PID: 26756 Comm: syz.4.5329 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1462.169880][T26756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1462.169886][T26756] Call Trace:
[ 1462.169891][T26756]  <TASK>
[ 1462.169895][T26756]  dump_stack_lvl+0x16c/0x1f0
[ 1462.169915][T26756]  should_fail_ex+0x512/0x640
[ 1462.169933][T26756]  should_failslab+0xc2/0x120
[ 1462.169944][T26756]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1462.169958][T26756]  ? __sctp_v6_cmp_addr+0x206/0x530
[ 1462.169969][T26756]  ? sctp_add_bind_addr+0xae/0x3f0
[ 1462.169985][T26756]  sctp_add_bind_addr+0xae/0x3f0
[ 1462.170002][T26756]  sctp_copy_local_addr_list+0x39d/0x5a0
[ 1462.170015][T26756]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1462.170028][T26756]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[ 1462.170041][T26756]  ? sctp_bind_addr_copy+0xe0/0x530
[ 1462.170057][T26756]  sctp_bind_addr_copy+0xe0/0x530
[ 1462.170078][T26756]  sctp_connect_new_asoc+0x1d7/0x790
[ 1462.170092][T26756]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1462.170109][T26756]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1462.170122][T26756]  sctp_sendmsg+0x15f9/0x1ee0
[ 1462.170139][T26756]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1462.170153][T26756]  ? __pfx___might_resched+0x10/0x10
[ 1462.170170][T26756]  ? find_held_lock+0x2b/0x80
[ 1462.170182][T26756]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1462.170196][T26756]  ? __import_iovec+0x1dd/0x650
[ 1462.170206][T26756]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1462.170219][T26756]  inet_sendmsg+0x119/0x140
[ 1462.170234][T26756]  ____sys_sendmsg+0x973/0xc70
[ 1462.170248][T26756]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1462.170259][T26756]  ? get_compat_msghdr+0x11a/0x170
[ 1462.170277][T26756]  ? __pfx__kstrtoull+0x10/0x10
[ 1462.170292][T26756]  ___sys_sendmsg+0x134/0x1d0
[ 1462.170309][T26756]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1462.170323][T26756]  ? __lock_acquire+0x622/0x1c90
[ 1462.170354][T26756]  __sys_sendmmsg+0x2f9/0x420
[ 1462.170371][T26756]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1462.170391][T26756]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1462.170413][T26756]  ? fput+0x70/0xf0
[ 1462.170423][T26756]  ? ksys_write+0x1ac/0x250
[ 1462.170438][T26756]  ? __pfx_ksys_write+0x10/0x10
[ 1462.170455][T26756]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[ 1462.170472][T26756]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1462.170488][T26756]  __do_fast_syscall_32+0x7c/0x3a0
[ 1462.170505][T26756]  do_fast_syscall_32+0x32/0x80
[ 1462.170521][T26756]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1462.170535][T26756] RIP: 0023:0xf7ff1579
[ 1462.170544][T26756] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1462.170555][T26756] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[ 1462.170565][T26756] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[ 1462.170572][T26756] RDX: 0000000000000001 RSI: 00000000200100c0 RDI: 0000000000000000
[ 1462.170578][T26756] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1462.170584][T26756] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1462.170591][T26756] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1462.170603][T26756]  </TASK>
[ 1462.214633][T26758] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1462.274843][T26758] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1462.287027][T26758] vhci_hcd vhci_hcd.0: Device attached
[ 1462.505188][T26765] netlink: 'syz.0.5330': attribute type 10 has an invalid length.
[ 1462.510536][T26765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5330'.
[ 1462.521255][T16080] usb 37-1: new high-speed USB device number 16 using vhci_hcd
[ 1462.717970][T26773] batadv_slave_0: entered promiscuous mode
[ 1463.387748][T26782] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5335'.
[ 1463.798040][T26787] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1464.047859][T26759] vhci_hcd: connection reset by peer
[ 1464.050201][   T12] vhci_hcd: stop threads
[ 1464.052010][   T12] vhci_hcd: release socket
[ 1464.053841][   T12] vhci_hcd: disconnect device
[ 1465.127137][T26804] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5341'.
[ 1465.265393][T26793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5338'.
[ 1465.268203][T26793] netlink: 'syz.1.5338': attribute type 5 has an invalid length.
[ 1465.270867][T26793] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5338'.
[ 1465.280907][T26793] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[ 1465.286902][T26793] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[ 1465.289995][T26793] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[ 1465.294326][T26793] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[ 1465.297942][T26793] geneve2: entered promiscuous mode
[ 1465.299646][T26793] geneve2: entered allmulticast mode
[ 1465.787122][T26816] netlink: 'syz.3.5343': attribute type 5 has an invalid length.
[ 1465.821352][T26816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5343'.
[ 1466.217392][T26822] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5345'.
[ 1467.397129][T26831] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1467.475597][T26831] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1467.550965][T26831] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1467.651351][T16080] vhci_hcd: vhci_device speed not set
[ 1467.812707][T26831] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1467.896447][   T40] audit: type=1326 audit(2000000025.839:8292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26827 comm="syz.4.5347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7fc00000
[ 1467.961638][T26831] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1467.997058][T26831] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1468.015033][T26831] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1468.030734][T26831] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1469.388503][T26881] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5364'.
[ 1469.529406][T26884] FAULT_INJECTION: forcing a failure.
[ 1469.529406][T26884] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.533745][T26884] CPU: 1 UID: 0 PID: 26884 Comm: syz.4.5365 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1469.533761][T26884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1469.533768][T26884] Call Trace:
[ 1469.533774][T26884]  <TASK>
[ 1469.533781][T26884]  dump_stack_lvl+0x16c/0x1f0
[ 1469.533809][T26884]  should_fail_ex+0x512/0x640
[ 1469.533832][T26884]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1469.533850][T26884]  should_failslab+0xc2/0x120
[ 1469.533865][T26884]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1469.533889][T26884]  ? mas_alloc_nodes+0x18b/0x8b0
[ 1469.533913][T26884]  mas_alloc_nodes+0x18b/0x8b0
[ 1469.533934][T26884]  mas_node_count_gfp+0x105/0x130
[ 1469.533955][T26884]  mas_preallocate+0x7e0/0xde0
[ 1469.533975][T26884]  ? __pfx_mas_preallocate+0x10/0x10
[ 1469.533999][T26884]  ? __pfx_mt_find+0x10/0x10
[ 1469.534014][T26884]  vma_link+0x135/0x6a0
[ 1469.534038][T26884]  ? __pfx_vma_link+0x10/0x10
[ 1469.534075][T26884]  insert_vm_struct+0xf4/0x2d0
[ 1469.534097][T26884]  create_init_stack_vma+0x2da/0x700
[ 1469.534116][T26884]  alloc_bprm+0x420/0x6f0
[ 1469.534132][T26884]  do_execveat_common.isra.0+0x1ce/0x610
[ 1469.534149][T26884]  __ia32_compat_sys_execveat+0xe0/0x120
[ 1469.534166][T26884]  __do_fast_syscall_32+0x7c/0x3a0
[ 1469.534183][T26884]  do_fast_syscall_32+0x32/0x80
[ 1469.534198][T26884]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1469.534212][T26884] RIP: 0023:0xf7ff1579
[ 1469.534221][T26884] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1469.534232][T26884] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000166
[ 1469.534248][T26884] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080001400
[ 1469.534254][T26884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1469.534260][T26884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1469.534267][T26884] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1469.534273][T26884] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1469.534285][T26884]  </TASK>
[ 1469.673657][T26890] PM: Enabling pm_trace changes system date and time during resume.
[ 1469.673657][T26890] PM: Correct system time has to be restored manually after resume.
[ 1469.680650][T26890] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5366'.
[ 1469.683683][T26890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5366'.
[ 1470.131109][T26906] FAULT_INJECTION: forcing a failure.
[ 1470.131109][T26906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1470.135108][T26906] CPU: 1 UID: 0 PID: 26906 Comm: syz.4.5373 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1470.135135][T26906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1470.135141][T26906] Call Trace:
[ 1470.135146][T26906]  <TASK>
[ 1470.135150][T26906]  dump_stack_lvl+0x16c/0x1f0
[ 1470.135170][T26906]  should_fail_ex+0x512/0x640
[ 1470.135188][T26906]  _copy_to_user+0x32/0xd0
[ 1470.135206][T26906]  simple_read_from_buffer+0xcb/0x170
[ 1470.135221][T26906]  proc_fail_nth_read+0x197/0x270
[ 1470.135234][T26906]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1470.135248][T26906]  ? rw_verify_area+0xcf/0x680
[ 1470.135262][T26906]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1470.135274][T26906]  vfs_read+0x1e4/0xc60
[ 1470.135289][T26906]  ? fdget_pos+0x2a2/0x370
[ 1470.135306][T26906]  ? __pfx_vfs_read+0x10/0x10
[ 1470.135319][T26906]  ? find_held_lock+0x2b/0x80
[ 1470.135335][T26906]  ? __fget_files+0x20e/0x3c0
[ 1470.135348][T26906]  ? handle_mm_fault+0x1e0/0xd10
[ 1470.135366][T26906]  ksys_read+0x12a/0x250
[ 1470.135380][T26906]  ? __pfx_ksys_read+0x10/0x10
[ 1470.135396][T26906]  ? rcu_is_watching+0x12/0xc0
[ 1470.135409][T26906]  __do_fast_syscall_32+0x7c/0x3a0
[ 1470.135426][T26906]  do_fast_syscall_32+0x32/0x80
[ 1470.135442][T26906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1470.135456][T26906] RIP: 0023:0xf7ff1579
[ 1470.135468][T26906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1470.135479][T26906] RSP: 002b:00000000f50d4590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1470.135490][T26906] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f50d4620
[ 1470.135497][T26906] RDX: 000000000000000f RSI: 00000000f7483ff4 RDI: 0000000000000000
[ 1470.135503][T26906] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1470.135509][T26906] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1470.135516][T26906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1470.135529][T26906]  </TASK>
[ 1470.139689][T23244] IPVS: starting estimator thread 0...
[ 1470.302440][T26901] FAULT_INJECTION: forcing a failure.
[ 1470.302440][T26901] name failslab, interval 1, probability 0, space 0, times 0
[ 1470.312821][T26901] CPU: 1 UID: 0 PID: 26901 Comm: syz.1.5371 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1470.312837][T26901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1470.312844][T26901] Call Trace:
[ 1470.312848][T26901]  <TASK>
[ 1470.312853][T26901]  dump_stack_lvl+0x16c/0x1f0
[ 1470.312884][T26901]  should_fail_ex+0x512/0x640
[ 1470.312902][T26901]  should_failslab+0xc2/0x120
[ 1470.312914][T26901]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1470.312931][T26901]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1470.312954][T26901]  ? find_held_lock+0x2b/0x80
[ 1470.312967][T26901]  ? async_schedule_node_domain+0x54/0x120
[ 1470.312988][T26901]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 1470.313013][T26901]  async_schedule_node_domain+0x54/0x120
[ 1470.313034][T26901]  dev_cache_fw_image+0x38e/0x490
[ 1470.313060][T26901]  ? __pfx_dev_cache_fw_image+0x10/0x10
[ 1470.313099][T26901]  ? __pfx_dev_cache_fw_image+0x10/0x10
[ 1470.313121][T26901]  dpm_for_each_dev+0x5a/0xb0
[ 1470.313159][T26901]  fw_pm_notify+0x81/0x150
[ 1470.313178][T26901]  notifier_call_chain+0xbc/0x410
[ 1470.313196][T26901]  ? __pfx_fw_pm_notify+0x10/0x10
[ 1470.313222][T26901]  blocking_notifier_call_chain_robust+0xc8/0x160
[ 1470.313244][T26901]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 1470.313269][T26901]  ? do_raw_spin_unlock+0x172/0x230
[ 1470.313291][T26901]  pm_notifier_call_chain_robust+0x27/0x60
[ 1470.313317][T26901]  snapshot_open+0x189/0x2b0
[ 1470.313339][T26901]  ? __pfx_snapshot_open+0x10/0x10
[ 1470.313361][T26901]  misc_open+0x35d/0x420
[ 1470.313382][T26901]  ? __pfx_misc_open+0x10/0x10
[ 1470.313395][T26901]  chrdev_open+0x231/0x6a0
[ 1470.313412][T26901]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1470.313426][T26901]  ? __pfx_chrdev_open+0x10/0x10
[ 1470.313444][T26901]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1470.313461][T26901]  do_dentry_open+0x744/0x1c10
[ 1470.313478][T26901]  ? __pfx_chrdev_open+0x10/0x10
[ 1470.313497][T26901]  vfs_open+0x82/0x3f0
[ 1470.313510][T26901]  path_openat+0x1de4/0x2cb0
[ 1470.313538][T26901]  ? __pfx_path_openat+0x10/0x10
[ 1470.313557][T26901]  do_filp_open+0x20b/0x470
[ 1470.313573][T26901]  ? __pfx_do_filp_open+0x10/0x10
[ 1470.313598][T26901]  ? _raw_spin_unlock+0x28/0x50
[ 1470.313612][T26901]  ? alloc_fd+0x471/0x7d0
[ 1470.313630][T26901]  do_sys_openat2+0x11b/0x1d0
[ 1470.313642][T26901]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1470.313656][T26901]  ? __fget_files+0x20e/0x3c0
[ 1470.313669][T26901]  ? handle_mm_fault+0x1e0/0xd10
[ 1470.313686][T26901]  __ia32_compat_sys_openat+0x16d/0x210
[ 1470.313699][T26901]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1470.313712][T26901]  ? ksys_write+0x1ac/0x250
[ 1470.313728][T26901]  ? rcu_is_watching+0x12/0xc0
[ 1470.313742][T26901]  __do_fast_syscall_32+0x7c/0x3a0
[ 1470.313760][T26901]  do_fast_syscall_32+0x32/0x80
[ 1470.313776][T26901]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1470.313790][T26901] RIP: 0023:0xf7ff2579
[ 1470.313798][T26901] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1470.313809][T26901] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[ 1470.313820][T26901] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800001c0
[ 1470.313827][T26901] RDX: 0000000000000000 RSI: 0000000000000019 RDI: 0000000000000000
[ 1470.313833][T26901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1470.313839][T26901] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1470.313845][T26901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1470.313859][T26901]  </TASK>
[ 1470.484062][T26901] 
[ 1470.485112][T26901] ============================================
[ 1470.487583][T26901] WARNING: possible recursive locking detected
[ 1470.490077][T26901] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted
[ 1470.494302][T26901] --------------------------------------------
[ 1470.496225][T26901] syz.1.5371/26901 is trying to acquire lock:
[ 1470.498104][T26901] ffffffff8f516be8 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640
[ 1470.500725][T26901] 
[ 1470.500725][T26901] but task is already holding lock:
[ 1470.502985][T26901] ffffffff8f516be8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[ 1470.505457][T26901] 
[ 1470.505457][T26901] other info that might help us debug this:
[ 1470.507857][T26901]  Possible unsafe locking scenario:
[ 1470.507857][T26901] 
[ 1470.510433][T26901]        CPU0
[ 1470.511802][T26901]        ----
[ 1470.512989][T26901]   lock(fw_lock);
[ 1470.514191][T26901]   lock(fw_lock);
[ 1470.515348][T26901] 
[ 1470.515348][T26901]  *** DEADLOCK ***
[ 1470.515348][T26901] 
[ 1470.517749][T26901]  May be due to missing lock nesting notation
[ 1470.517749][T26901] 
[ 1470.520725][T26901] 5 locks held by syz.1.5371/26901:
[ 1470.522676][T26901]  #0: ffffffff8f3043a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[ 1470.525255][T26901]  #1: ffffffff8e488228 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0
[ 1470.528437][T26901]  #2: ffffffff8e4c8910 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160
[ 1470.532878][T26901]  #3: ffffffff8f516be8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[ 1470.535571][T26901]  #4: ffffffff8f5115e8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0
[ 1470.538432][T26901] 
[ 1470.538432][T26901] stack backtrace:
[ 1470.540441][T26901] CPU: 2 UID: 0 PID: 26901 Comm: syz.1.5371 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1470.540456][T26901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1470.540464][T26901] Call Trace:
[ 1470.540469][T26901]  <TASK>
[ 1470.540473][T26901]  dump_stack_lvl+0x116/0x1f0
[ 1470.540491][T26901]  print_deadlock_bug+0x1e9/0x240
[ 1470.540505][T26901]  __lock_acquire+0x1106/0x1c90
[ 1470.540520][T26901]  ? __kasan_slab_free+0x51/0x70
[ 1470.540537][T26901]  lock_acquire+0x179/0x350
[ 1470.540551][T26901]  ? assign_fw+0x4e/0x640
[ 1470.540564][T26901]  ? __pfx___might_resched+0x10/0x10
[ 1470.540575][T26901]  ? do_sys_openat2+0x11b/0x1d0
[ 1470.540587][T26901]  ? __ia32_compat_sys_openat+0x16d/0x210
[ 1470.540599][T26901]  ? __do_fast_syscall_32+0x7c/0x3a0
[ 1470.540615][T26901]  __mutex_lock+0x199/0xb90
[ 1470.540630][T26901]  ? assign_fw+0x4e/0x640
[ 1470.540642][T26901]  ? assign_fw+0x4e/0x640
[ 1470.540655][T26901]  ? __pfx___mutex_lock+0x10/0x10
[ 1470.540672][T26901]  ? kasan_quarantine_put+0x10a/0x240
[ 1470.540686][T26901]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1470.540701][T26901]  ? assign_fw+0x4e/0x640
[ 1470.540712][T26901]  assign_fw+0x4e/0x640
[ 1470.540724][T26901]  ? _request_firmware+0x957/0x1470
[ 1470.540738][T26901]  _request_firmware+0x988/0x1470
[ 1470.540754][T26901]  ? __pfx__request_firmware+0x10/0x10
[ 1470.540767][T26901]  ? dump_stack_lvl+0x197/0x1f0
[ 1470.540781][T26901]  ? dump_stack_lvl+0x1a3/0x1f0
[ 1470.540796][T26901]  __async_dev_cache_fw_image+0xb1/0x340
[ 1470.540811][T26901]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 1470.540826][T26901]  ? mark_held_locks+0x49/0x80
[ 1470.540839][T26901]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1470.540853][T26901]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 1470.540867][T26901]  async_schedule_node_domain+0xd4/0x120
[ 1470.540880][T26901]  dev_cache_fw_image+0x38e/0x490
[ 1470.540893][T26901]  ? __pfx_dev_cache_fw_image+0x10/0x10
[ 1470.540907][T26901]  ? __pfx_dev_cache_fw_image+0x10/0x10
[ 1470.540922][T26901]  dpm_for_each_dev+0x5a/0xb0
[ 1470.540939][T26901]  fw_pm_notify+0x81/0x150
[ 1470.540954][T26901]  notifier_call_chain+0xbc/0x410
[ 1470.540973][T26901]  ? __pfx_fw_pm_notify+0x10/0x10
[ 1470.540992][T26901]  blocking_notifier_call_chain_robust+0xc8/0x160
[ 1470.541015][T26901]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 1470.541038][T26901]  ? do_raw_spin_unlock+0x172/0x230
[ 1470.541057][T26901]  pm_notifier_call_chain_robust+0x27/0x60
[ 1470.541078][T26901]  snapshot_open+0x189/0x2b0
[ 1470.541098][T26901]  ? __pfx_snapshot_open+0x10/0x10
[ 1470.541114][T26901]  misc_open+0x35d/0x420
[ 1470.541134][T26901]  ? __pfx_misc_open+0x10/0x10
[ 1470.541150][T26901]  chrdev_open+0x231/0x6a0
[ 1470.541170][T26901]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1470.541188][T26901]  ? __pfx_chrdev_open+0x10/0x10
[ 1470.541218][T26901]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1470.541243][T26901]  do_dentry_open+0x744/0x1c10
[ 1470.541266][T26901]  ? __pfx_chrdev_open+0x10/0x10
[ 1470.541286][T26901]  vfs_open+0x82/0x3f0
[ 1470.541301][T26901]  path_openat+0x1de4/0x2cb0
[ 1470.541322][T26901]  ? __pfx_path_openat+0x10/0x10
[ 1470.541341][T26901]  do_filp_open+0x20b/0x470
[ 1470.541360][T26901]  ? __pfx_do_filp_open+0x10/0x10
[ 1470.541383][T26901]  ? _raw_spin_unlock+0x28/0x50
[ 1470.541398][T26901]  ? alloc_fd+0x471/0x7d0
[ 1470.541422][T26901]  do_sys_openat2+0x11b/0x1d0
[ 1470.541441][T26901]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1470.541461][T26901]  ? __fget_files+0x20e/0x3c0
[ 1470.541478][T26901]  ? handle_mm_fault+0x1e0/0xd10
[ 1470.541497][T26901]  __ia32_compat_sys_openat+0x16d/0x210
[ 1470.541513][T26901]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1470.541528][T26901]  ? ksys_write+0x1ac/0x250
[ 1470.541547][T26901]  ? rcu_is_watching+0x12/0xc0
[ 1470.541561][T26901]  __do_fast_syscall_32+0x7c/0x3a0
[ 1470.541581][T26901]  do_fast_syscall_32+0x32/0x80
[ 1470.541600][T26901]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1470.541617][T26901] RIP: 0023:0xf7ff2579
[ 1470.541631][T26901] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1470.541647][T26901] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[ 1470.541664][T26901] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800001c0
[ 1470.541676][T26901] RDX: 0000000000000000 RSI: 0000000000000019 RDI: 0000000000000000
[ 1470.541686][T26901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1470.541698][T26901] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1470.541707][T26901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1470.541719][T26901]  </TASK>
[ 1470.708130][T26907] IPVS: using max 54 ests per chain, 129600 per kthread
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1471.272956][T23244] IPVS: starting estimator thread 0...
[ 1471.381284][T26914] IPVS: using max 54 ests per chain, 129600 per kthread

VM DIAGNOSIS:
18:44:45  Registers:
info registers vcpu 0

CPU#0
RAX=0000000003141cc4 RBX=0000000000000000 RCX=ffffffff8b847c69 RDX=ffffed1005646646
RSI=ffffffff8c1578e0 RDI=ffffffff819197b1 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08
R8 =0000000000000000 R9 =ffffed1005646645 R10=ffff88802b23322b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a9a150 R15=0000000000000000
RIP=ffffffff8b8467cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097520000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000801df000 CR3=000000005fd44000 CR4=00352ef0
DR0=0000000000000001 DR1=0000000000000002 DR2=0000000000000004 DR3=0000000080000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000007777 Opmask02=000000000000000f Opmask03=0000000000000001
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000d147f3 0000000000bb6c1e 0000000001954a0b 00000000002051ca 0000000001251827 0000000001fe0220 000000000011c66d 0000000002bcd77b
ZMM17=00000000021c7100 000000000149b38d 0000000000c9e71b 0000000001cd46d2 00000000036b9378 0000000001aea191 0000000000ffe3a9 0000000003d9dc93
ZMM18=0000000000f900eb 0000000001b509dd 000000000052a961 00000000002c8bb7 0000000003a85b2b 0000000003eae391 0000000000788af6 00000000016c41f4
ZMM19=0000000000b03852 0000000002c1ed3d 0000000000561712 00000000002ce992 0000000000b7ec9f 00000000033753c7 000000000214371d 00000000004a94d2
ZMM20=00000000000e6e08 0000000001e1c6f9 00000000039c70dd 000000000020d612 00000000006f068b 00000000019b9911 0000000000e994b5 00000000009615c1
ZMM21=000000000a8e3500 00000000067081c1 0000000003f18387 000000000902621a 000000001119e158 00000000086927d5 0000000004ff724d 0000000013414edf
ZMM22=0000000004dd0497 0000000008893151 00000000019d4ee5 0000000000deba93 000000001249c7d7 00000000139671d5 00000000025ab6ce 00000000071d49c4
ZMM23=000000000371199a 000000000dc9a231 0000000001ae735a 0000000000e08fda 0000000003979f1b 000000001014a2e3 000000000a651391 000000000174e81a
ZMM24=0000000000482628 000000000968e2dd 00000000120e3451 0000000000a42e5a 00000000022b20b7 000000000809fd55 00000000048fe789 0000000002ee6cc5
ZMM25=0014d9883e324600 00211d2fc8dfe74d 0006c17a8c1fde33 002aa68ef3061aaa 005871ad6d80ea78 002dd87d215e8699 00136ae3b6d2bcee 00700527c291fd48
ZMM26=00099b387b60f362 002be5023d87999d 0002c4123e591b29 00041e696600774b 005e95667806918b 006ac4e4d9bdd899 000925a83f5d4394 002963ada8fb90e0
ZMM27=0006cc645dd6772c 0046e69592e7c4fd 0002e17075b9b922 00042716fc661e6a 00129421a0556d7f 0057a717705f457f 002862c7e9657b06 00087973f28140b0
ZMM28=00008e83292be130 003063514a19a3b9 001eeeaae4044385 0003093e3da1a0ea 000b37079d6ec8eb 002bd1c13e26fa19 0011b987187215d6 00110dbc0e770c98
ZMM29=00019d61d96b4eea 0003c3ca30bfac86 0002b65556ec2287 000099009ee3f9da 0005ebd5f736d39b 000adbf82bd6a0a0 0000450f41e4a9ae 000fed468402c168
ZMM30=0000000001000000 0000000001000000 0000000001000000 0000000001000000 0000000001000000 0000000001000000 0000000001000000 0000000001000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 52acb6dd542e0059 d77273d46d1d90a2 06291150353e194f 8a703650cd883049
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff888064743008 RCX=ffffffff8208dd58 RDX=ffff8880240e2440
RSI=0000000000000000 RDI=0000000000000080 RBP=0000000056445067 RSP=ffffc9000c46f8e8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=000000000007fffc
R12=0000000000000067 R13=0000000000000000 R14=ffff88805e80d180 R15=0000000000000067
RIP=ffffffff81bb5a58 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097620000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000051006000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85584950 RDI=ffffffff9b0ac980 RBP=ffffffff9b0ac940 RSP=ffffc9000c88eca8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e36312e36
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff3615982 R15=dffffc0000000000
RIP=ffffffff85584977 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097720000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f537dadd CR3=000000005fd44000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000019457cc RBX=0000000000000003 RCX=ffffffff8b847c69 RDX=ffffed10056a6646
RSI=ffffffff8c1578e0 RDI=ffffffff819197b1 RBP=ffffed1003866000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a6645 R10=ffff88802b53322b R11=0000000000000001
R12=0000000000000003 R13=ffff88801c330000 R14=ffffffff90a9a150 R15=0000000000000000
RIP=ffffffff8b8467cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097820000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080007000 CR3=0000000051006000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 fa03917dc1daa0db f11090712b060e2a
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 48cad3063d0cd15c 2ac05f9eed282d9c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6ef28f16a1438fae f44e88820f1d18b5
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 85a62758e0964e41 a88fbfb15b7e8af2
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005500
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000100007bd00000 6d6de2b2037b4e04
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 be1c0000eebe1bc1 0ef2c4ad33e2f4ed
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c019000001564d99 01564d9900000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 579d232e96914ad4 ae2300000000002e
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b80cad6fac587ed2 c5a60ecafded9e51
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bb649233795aa489 5071923561df01c7
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000