last executing test programs:

6.510042582s ago: executing program 2 (id=1350):
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = memfd_create(&(0x7f00000024c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xb2\xae\xda\xa9\xf6\x92\xaf4\xb5|W\r0{\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\x97.A\x84\x1d\xc2\x86\x89{\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\x9d\xce\xb3%QF\x03\b\x9dh\xfd\x91\xea\xce\x06\a\xba`\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5I\xd7\xd3#\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\x98\xfa\xbbb\xb1\x00\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5po,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x13\xa4\xad\xd8\xf9\xd2\x95\xa8\x81\xbe\xbc\xa6\x14_o\xfb\xdaL\xcb\xda\x9a\xec\xce\xd18&\xfbG\xa1\f\xf4\xd5u\xb0xE)j\x1b\xecL\xa1\xdc\xabUiN\xdet\xc7Q\xe6\xa4\x99-\xba\x16\xe5\xba!\xbdCI#\x03', 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, r1, 0xce9e1000)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = userfaultfd(0x801)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x41}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00'}, 0x10)
close(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r3, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22, 0x2}, 0x1c)
r5 = syz_open_dev$vim2m(&(0x7f0000000640), 0x40, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000140)={0x11, 0x1, 0x0, "8eb8a828e93b07f1dd06da7a41bfeac48048beb159fbba176fb1de26098c68d9"})
listen(r4, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x694})
r6 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f0000000100))
r7 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r7, 0x80045017, 0x0)

6.380543522s ago: executing program 2 (id=1351):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000))
dup3(r2, r1, 0x80000)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)

5.450197717s ago: executing program 2 (id=1356):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)={0x20, 0x6, 0x17, {0x17, 0x23, "29330dc778c7a4cae9a4c9e0bb43bbd22455bab204"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x0)

4.900450929s ago: executing program 0 (id=1359):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x2}, [{0x2, 0x6}, {0x2, 0x2}, {0x2, 0x2}], {}, [{0x8, 0x7}, {0x8, 0x3}], {0x10, 0x4}, {0x20, 0x3}}, 0x4c, 0x2)

4.90003196s ago: executing program 0 (id=1360):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x40)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f0000004140)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000001c0)="14", 0x1}, {&(0x7f0000000280)="3b942cdf3dbb4d708446209c8a7a9893c711167b6aee1ac4a8cc59d92a394f460b20f21b9add9e84d2dba9e6df8034c449e64138a4aea2a8df6d35031bd3263f", 0x7fffefff}], 0x2}], 0x1, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0xd, 0x2, 0x3})

3.877498094s ago: executing program 0 (id=1365):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
open(&(0x7f0000000140)='./file0\x00', 0x200a01, 0x180)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000400)={0x0, 0x0})
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0xf)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000340))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x20, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000180012800e0001007769726567756172640000000400028008000a00", @ANYRES32=0x0, @ANYBLOB="8b78a0fd3acc489817845094b4f077046a6345f378cedc7eb4c22218f10e8e52b72162164af1b534482ad40a40bf300fd5c7485644829fcae18cf4e4be95afb3bbb7cb6a3cfa77be77266af9619c1b2dadba4224b42f2921bd587cf449c918bb23d7a5ffc9ce8ecf6f9ec3"], 0x40}}, 0x0)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f00000007c0)={0x44, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r5, 0x5b03, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.57016029s ago: executing program 1 (id=1368):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T1(r3, 0x103, 0x1, 0x0, 0x0) (async)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, 0x0, 0x0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
acct(&(0x7f00000001c0)='./file0\x00')
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r6)
sendmsg$NLBL_MGMT_C_ADD(r6, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, r7, 0x1, 0x400000, 0x25dfdbfb}, 0x14}}, 0x0) (async)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f0000000040)=0xd) (async)
unshare(0x62040200) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10)

3.409823232s ago: executing program 1 (id=1371):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffb000/0x2000)=nil)
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x400, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x0, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mounts\x00')
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r6, 0xc008aec1, &(0x7f0000000000))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x121400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r9, 0x0)
futex_waitv(&(0x7f0000003b80)=[{0x4, &(0x7f0000000300)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r8, 0x5000940e, &(0x7f0000000140)={{r8}, "927f1918debe2a143e2422209e17d07cb391c444579b1feafb20f9e82b4e658c7074bd18ed67a450f3ea93f82964f00c525d8409cb5fc750a42330b2f3abbc223054e3fea95779fc836f0c6cfe65aa5ce4e933cd947a4343ecbefdddafa3469baf44a43ab79ed5ecc3e0c9b59da3da119e0aa68f903379b1b8556f443d41486f6e10f897d5ef6e4c56a4f78653f734b6e4143fcbce095879109e07ac7f275225dc25d86ea19a4f4ff0aa98c1e82a05301e956d3c36c7b3236079d5d567bf9e4bcf624a209298848748199d3707e4ce7f77bfaee3c923fe6781182d5da4ec27857189568c68740eef592c92b5e3824a42c401c7044357c017d6ff44c5d9cb253ddb0e819fd04fe876131a604df502d274ead6c0cdda943bd2763f91de3ae142ed9efcbf881866ca194c550df3fdb626ca4cb4db4712c02099f80bc3c9a6263c4023c54f5f101cf366ddcd3c78c5bedcf41ef66306f9cdf04c2207f168839ccbe5fd9d6841c8fedc745df12f3b66949ea50d71c66b8050947d477846b118dc0099c5da0456c0dc246910728be71c86ee0df422f752a26ca888cac6bf8f07004f4ba8cc702fea443bce40fd76f8f68ccf3e52c02e8ba69fdb87adec4a71b0e72a52c1715b027826d8d29bd5e60ef37488a3f307d501fd15c180b7332a0810ba371980eaa90c7e8d579956bab134d2e5c0ef44bfe14307ad11b6b74f090e1d83c4e016d1819e6c2f153a335a50f7f13d05cb4b63f0b852cc43a1e9d7f9dde216ea8dd4e1d434bdd7ef464cf9ecc2fb0448f6faeb3ecfc1c3e65f036a973af0151e45b63577186a0d99fee854c56aa28a352ae98cb90ca28594753dce9ac379bf536e74380e42c423e12e7044288f8054187e77c2e1c0dde7e9d79557da5b89cc210e1aca8ab4d325a18767da70701608e853f74ae3cfb6872cc88d40247f93d8a81e61d820a0aa1b692cf8d633bdf4b15d3335dc9a04a92e87278c3eda259b3c287f82f7fbe5297b8b9f6876a1e8148bf8c85d6700eb35f1d891270a1a23503ce3f7b4eb9fabf16c621825afb97d0044701c2ebfb67816d70667375d66315b240b9d151c2d83dd57fd01614f11f23822b4e275830db865205276b4092fb8b79088d52d95838350d6548bbb860f00c2b095614c83c59e58bc3f715f795790af2289ba7f5078a744d0b3408b961f7abd3a57e2467d3aba6f2a2570fe2c1a9e36c7c710386a2c895b8bfba78f9d1b90c64c333d453406e9d6fff6576e02236271c342b77a364afa27a800352ca34ad712af966dc3f5129d74f3be99922aa4179652490c1846aaf4eca9ed0a96c9b8ea3e6fcdc715c5de1a6d9b678b33e93fb75abf975ad19e1e620385a2e518bc7941ba39e235f149627c36bdf9d317ae28b9c41525bea362bec1c75a5be803b3f136aa3e49d819ab3e411899f52cdfe43ec17e4f9018e99fefa0bd51a54664ad555dbe2b625e5d43a8d423b9dfaaeeacc1c1d962757554d08686df3df2ed4c9b17232c3f337cdd0397819812560cbee58f1fbbf9ca164bf68f432baf55952b10ad29767012cd796193805555876a8f94a43dfe811a6eb3c71ba7e9856558ca4e240cdc3c92137428227e559f2ce57e897bfea7b0d9081e1969c3c0c64642515ac51f66b9ba3ca3b9060cbe0d07049fc3dd3aec30f54ca33a0d7cab0ef2a7ed589546a1cc7d3299d2534d79811e2ad8318d31aa92de42002307a33d4ecad8d05b79bf0c733e0e1cb35efb4aec5d383cf217030ddb48fc007cfd35a2d74460ad881e3fc2ad691c0986327448f422e8282833840f525dabb13a4be95d82c5ed0212a13272db83c5f583a398cf447832853fd3f19ae6aae5555929d150af5947218f95d64dd22bd3dc55bcbc77b7cf1af766bf685f1036e8677cae88edfa2a7bbb78638f632b16f9d5016ea51a32178df29142094d810d28eaa7e471d75256e8baa087dd60b26490f2c18080c73cfb1a61fa06db9c6512c0a8f7ab7254aa2be76c8e8a3daf3d11268ce4b8c180ff37a6bca8eb7542ef733a8d1c614add714d929abf3e9a7544123bc9ddf57da7d07ef0d408f7cc0e69dcb59cc55bafd87529aec8f4c1537edecf2376060cdea333a639daf4beea824e2ab94567ae85a44b2289db87ca29b3a3490cf2121972296170d78b529fb5920bb98263b37b1f1e35feb9b2e11372f4dc1a72708f54b884c40df9d741cafcf20a36546313e6a71e722a91eefe808e2a7c1c9c2fb8d55f8e498270f5494959eb7291ce369b168416d2a0d2cde99c69a6a9e85093a6bec721e3260960fa39e1def444ff99c4a22bf7c0797b3b48ef0034b0e06b6c927b082bb6fd44957b626140d527b96178485fbeb92a48b5791d331ad0e1efc340794385abb6e9ccfbad45377a535c1c1b27e471d69462b76ad261e554bded9b219cb6a064dcdd273ffc3c1c8fb2c603e585df020c29493ff814d308a07c50ddbf44b14e055aa83844f2690357e7ee3ddfcacda4e976f8949f1324a43d8bce734c746c93ab4fc24db8c1b659a8f0ed46008ec5801b085e30209941810f3d5354b700f4a03d60d6ea3f13bd04d31e1b96783392074f9cde555101d76f31195308c20f30947caa668306018d6a73781c182cee7837d3a930f914890b07558f9a55680f5e7839bbc9fa016eabbc0454998ade8f1b49e7d1281c022cacbd61ba39833c5d72706ff3febb0f3989e6df9635c49564ccb784fd1ed42a51af336ba9040f1d35c0178dd322ae74e17d4351b8496c71c8673daf277162308b11714d73285e8bc14217886387f4f9741fe3f27da79480927309f64c977dae1c5cee801fa48884654c1cfe278a4345d4b0391a6125488832995b79ecc736c282a1a6147e73d2f6a14bccdc9033a17f145514187718ead49751dee13dea818b5236fb6ce4bacb3c7d3695ff0cdd6627eda7aa5ec4da18b066d969c9eb28caac93919cd4f79521a257d6c5ae8877d3133c84259aea5fbbb647b37cb60585ee4e30b431b47f6a2f319e17d9a7ab348299c91b16c1d7f34ed0872e9477f26daa0d746388d676c529df9714df57e0a969e6fe1fb7f3b61e4c69e47ce49b01e1fd3b9d6405037bc5ed9af4f21539f5f3681d833d21c43adf9f25a24b93b760a10b4bdd88272ca14bef2a39e94a63b8876b9c116905b54d0ced01b7b80390049fd0e3f9a8d0c35ee93a1088bd29063be212df0f5c32163a801dd0e323064646dc046179ee801a0a2465c1ccb7441263b9c3e308b91bf9719b8ffada1221613e479e73e1faaad1051239868b37b5bbbe642a7ec86ec6ad33e89f501c8042be494bd67afbf64827afa1995d61b4dec471246cbc1596e983c33575ec6ffcc03ca71c17e638e0c1b0685eac2f23db5ecb78533eaf048a5d22a1c66abef71f33e106db551bda4a2a54142baa4fc5276bf44dddadbdcb7836a7f10c3e5d719f637c3536fa6bbd6e51d047bfe05c9a78f88f0285e8fec907d87e1f93f2db122bc6bf69ee07f1298b92b15f9047af841b844e815ba37af7998c7cc62c2a7f4582d11c8cd4899848cfcbbfeed0494b732828f68ebfae0a6ce08867f9237e9edc3f412624100c648f43c8dc1a499e5290fab1d968f551e5dfbc40396376962d280a666c83c5e94ef479078f22d027503df19a85e933401293c5ed27799993cbf9952e02523c1346dbb7efe652bb6c059d387f69498c91aa2b3410a94cf72accf6bd2dcb8ba7e7ee5ebbab67f7962b16373cd85170499c2b3c4cf938c95333438101bc9cb6fadf91e6fff741dc6c03e8f48c1f3fbf6d0343c385a8ee2f2ddb10282ef1571d1889404e684d2e3d13af9634374eecf4094937efe3093c2f0275280f162ffe15f0d318b3fabb58e84ec590f2ecd372f4ec88d00c404c69a4ad60cfde199277bb2b6917dd7f700341ef0bc19325d9b2c5f6bb88b800c282dd3b392ec758c329d88cfb4b6f72e3032ce6be7391f279361a8d2e90a2b10803bcba6f419d23b2117b74402e6e06e8e18453a1cf17736e1ff3ef62fbb8f92f549b0fd1df0940829f24ba163abb64894b11b3aa1b89229b6ae4641c22a30ecd2a67708c4f29a37ec6464dee0a99ac4f1bcdb2b9f7833bcf91844e8af0a879b41d0286900629599e17980ebd7d25e71dfe4a02d9bf7b37bc7b00e179a700acad2a2a7cbd1f68364b688b95e8fe390bad5890c98a3dc407f2637b8ad59fd638eb1063b2ff1f92f574f6090bf08218b093719adb3298036ee2a851539fd7a2101c5d1f530cbcb025cdda4d4a08621b379460954efd25f7490de05468e9349014276110804d7c61f7a20fe8c06178f609d00a41be98d3a7bfe8c6aec08ac45347f003971ec2d19f58b1e325217e571b34626793036af45c2271336d1fee37c8fb82af0dafd2e651e98ffaf37d88abca84b91e25e55b45073237115ed3c4831b43cb826f9052865bcb49c07af0c9ab656cebe87306c21c4ada7de7bb9733cdc7d9e5b29163e0e201eaa753576e9d7f69b008d6ed2ad7cdf8c4de874ad9205143130f9798deced254aa3a0fb71327555fef93ffe696815a57e8a094f51c4013334ab4f950bb9580faf2d27e0a6379335a829fe3a68fc9375c6a46e43fa5372cce11e85dc5cd1fb39ac00a99a330e486d79952f9ca223b0049d0658d47518dcbe8c426c38e705f2554e8a02bf8dea9389ddd426475c01681b3b0e4971832f8505bff45000cb7e6a8ead6befeb682d83ebf0ea0d8525dafb5bd73caa5cfadf18b97679e0715f4d3480dee9a2d5fd636ccb739ffc49e1871660c2a9b55f0ae0641ab8d06975a5e13229ecb5b0f9d591f33f5ff47f8692d04e378d402634da8806b5c6e6fa7a3e3476040fdecf95bfcc6a2d3b0ba6a063333f8566f099b43b96955799905a4e6bf09e10e7b6303416113dbb5cc5e204a43f958f5ef151f74d336cb632d1afa7072e6aafed6aee7e2e327d9c0826582ac09b318bcca8456cd955322ad0f9fa2693796f291fa82def2fd235d14ec10335f9e8c9beb573b0b7a1cd8e43384c37c758742a4379438f022304fc6d6951cb78d18ad242d474b1cb5ce7d7f7089eea61675dfa97627a6eda208b41000ef71dfdc3f50ea16cc7f0f51555a7a4edc6cbf2c5f1960da8b4e18f0d8100dc32bc833561219ca911acfee96480bc7e0de9b0f45ec95d25daf3a84165227fc4a7b974855f232bbe287910acf281e727be502de162bfea33b2ab72785cc009ca0bfd502ab0dd7a383b23159184a338f9d565fc819d91a84e1e669fd18cc6433d932b72a8a41051113458cc2d606e42f1f814fcdb19dc955233fb08f103d7f9c374f158e00328f31857bbd6a7f16b0eeb2a535f7e58cecb402631ddbc56a15bcd2b5e68dcc41058eb76f81ccb8124e66702484a9112d71e0462566f31ea27138d4c684aa13f7e2998dd8292d0d624383108b8f6c732299a817ffc5567f2f01d802106c9435e0ac3c14bd0ce692da358321e94c36adfcf3eaaa2165224036dc3114a1d536e268606230401895697da3f9d1e9ef56a3b5386eb33246c7cd3f80a8a4234210d05b6d4982414652b60ea283fc907ca4ff3b9a1c91a085488ca766dd811cbe543bc6e0bc1706d087d5775897043ec6ebf67e56e4921de091304e16ebc89c1afee18a3f26af7d3c5aac1e0d0fc1e0c911899e64a4dd6f542a1cf53ada2e6679b8fbb580422925a3fe3891a9dc0aa7f6b9714793d02e7274186645b8849f6d103b2a198542240cfe61942ec08e56d75acc4dd52213091b73c32dccee0433cf45ceec0b8567d05b44dac755"})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000000)=ANY=[])
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000006c0)={0x8, 0x0, &(0x7f0000000580)=[@decrefs], 0x0, 0x0, 0x0})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$SNDCTL_DSP_NONBLOCK(r5, 0x500e, 0x0)

3.239105726s ago: executing program 1 (id=1372):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
futex_waitv(&(0x7f0000001700)=[{0x8ba, &(0x7f0000000180)=0xfffffffffffffff5, 0x2}, {0x7, &(0x7f00000001c0), 0x82}, {0x7, &(0x7f0000000200)=0x66, 0x2}, {0x10000, 0x0}, {0x5, &(0x7f00000002c0)=0x2, 0x82}, {0x3, &(0x7f0000000300)=0x2000000000000e5, 0x82}, {0xffff, &(0x7f0000000340)=0x3ff, 0x2}, {0x6, &(0x7f0000000380)=0x80000001, 0x82}, {0xe1b, 0x0, 0x80}, {0x9, &(0x7f0000000400)=0x9, 0x82}, {0x2, &(0x7f0000000480)=0xfff, 0x82}, {0x9, &(0x7f00000004c0)=0x69b, 0x82}, {0x0, &(0x7f0000000500)=0x6, 0x2}, {0x1, &(0x7f0000000540)=0x7, 0x2}, {0x78e55cfd, &(0x7f00000005c0)=0x1, 0x82}, {0x4, &(0x7f0000000600)=0x200, 0x82}, {0x25fa7ef3, &(0x7f0000000640)=0x42, 0x2}, {0xfff, &(0x7f00000006c0)=0x10000, 0x2}, {0xd55e, &(0x7f0000000740)=0xc, 0x82}, {0x252dedf0, 0x0}, {0xf61b, 0x0, 0x82}, {0x80000001, &(0x7f0000000800)=0xb, 0x82}, {0x2, &(0x7f0000000880)=0x3, 0x82}, {0xffffffff, 0x0, 0x82}, {0xb, 0x0, 0x82}, {0x80, 0x0, 0x82}, {0x0, 0x0, 0x2}, {0x7, 0x0, 0x2}, {0x3, &(0x7f0000000d80), 0x2}, {0x1, 0x0, 0x2}], 0x1e, 0x0, &(0x7f0000001f40), 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x31, &(0x7f0000000200)=0x8, 0x4)
bind$inet6(r3, &(0x7f0000f65000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000000c0)={0x0, 0xf00, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e64300000000000000080000000"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000000414010026bd7000ffdbdf250800010000000000080003"], 0x20}, 0x1, 0x0, 0x0, 0x20048001}, 0x20000000)
sendto$inet6(r3, 0x0, 0x0, 0x2000001f, &(0x7f00000001c0)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
getsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, &(0x7f0000000080))
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x80, 0x0, 0x8000000000000001})
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000001700)={0x0, 0x3, 0x3})

2.418592402s ago: executing program 2 (id=1374):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, 0x0, 0x0)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004380), 0x20801a, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@directio}], [], 0x6b}})
read$FUSE(r0, &(0x7f00000022c0)={0x2020}, 0x2020)

2.418224601s ago: executing program 2 (id=1375):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000440)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})

2.290249519s ago: executing program 2 (id=1376):
r0 = socket$inet6(0xa, 0x6, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
poll(&(0x7f0000000100)=[{r0, 0x21}, {r0, 0x400}, {0xffffffffffffffff, 0x782}], 0x3, 0xa)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x6, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000340)=ANY=[@ANYRES64=0x0, @ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000240)=[{0x1, 0x5, 0xf, 0x4}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket(0xa, 0x1, 0x0)
setresuid(0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000480)='virtiofs\x00', 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x230}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x9, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$kcm(0x10, 0x5, 0x10)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
sendmsg$kcm(r5, 0x0, 0x1)
pselect6(0x40, &(0x7f0000000000)={0x101, 0x4, 0x4, 0x9, 0x5, 0x320000000000000, 0x1}, &(0x7f0000000040)={0x3, 0xffffffffffffffff, 0x356, 0xdeb4, 0xff, 0x8, 0x8, 0x2}, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x33})
close_range(r0, 0xffffffffffffffff, 0x0)

2.28987792s ago: executing program 1 (id=1377):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000))
dup3(r2, r1, 0x80000)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x0, 0x37, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)

1.90998112s ago: executing program 3 (id=1379):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x2}, [{0x2, 0x6}, {0x2, 0x2}, {0x2, 0x2}], {}, [{0x8, 0x7}, {0x8, 0x3}], {0x10, 0x4}, {0x20, 0x3}}, 0x4c, 0x2)

1.836537556s ago: executing program 3 (id=1380):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffb000/0x2000)=nil)
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x400, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x0, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mounts\x00')
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r6, 0xc008aec1, &(0x7f0000000000))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x121400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r9, 0x0)
futex_waitv(&(0x7f0000003b80)=[{0x4, &(0x7f0000000300)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r8, 0x5000940e, &(0x7f0000000140)={{r8}, "927f1918debe2a143e2422209e17d07cb391c444579b1feafb20f9e82b4e658c7074bd18ed67a450f3ea93f82964f00c525d8409cb5fc750a42330b2f3abbc223054e3fea95779fc836f0c6cfe65aa5ce4e933cd947a4343ecbefdddafa3469baf44a43ab79ed5ecc3e0c9b59da3da119e0aa68f903379b1b8556f443d41486f6e10f897d5ef6e4c56a4f78653f734b6e4143fcbce095879109e07ac7f275225dc25d86ea19a4f4ff0aa98c1e82a05301e956d3c36c7b3236079d5d567bf9e4bcf624a209298848748199d3707e4ce7f77bfaee3c923fe6781182d5da4ec27857189568c68740eef592c92b5e3824a42c401c7044357c017d6ff44c5d9cb253ddb0e819fd04fe876131a604df502d274ead6c0cdda943bd2763f91de3ae142ed9efcbf881866ca194c550df3fdb626ca4cb4db4712c02099f80bc3c9a6263c4023c54f5f101cf366ddcd3c78c5bedcf41ef66306f9cdf04c2207f168839ccbe5fd9d6841c8fedc745df12f3b66949ea50d71c66b8050947d477846b118dc0099c5da0456c0dc246910728be71c86ee0df422f752a26ca888cac6bf8f07004f4ba8cc702fea443bce40fd76f8f68ccf3e52c02e8ba69fdb87adec4a71b0e72a52c1715b027826d8d29bd5e60ef37488a3f307d501fd15c180b7332a0810ba371980eaa90c7e8d579956bab134d2e5c0ef44bfe14307ad11b6b74f090e1d83c4e016d1819e6c2f153a335a50f7f13d05cb4b63f0b852cc43a1e9d7f9dde216ea8dd4e1d434bdd7ef464cf9ecc2fb0448f6faeb3ecfc1c3e65f036a973af0151e45b63577186a0d99fee854c56aa28a352ae98cb90ca28594753dce9ac379bf536e74380e42c423e12e7044288f8054187e77c2e1c0dde7e9d79557da5b89cc210e1aca8ab4d325a18767da70701608e853f74ae3cfb6872cc88d40247f93d8a81e61d820a0aa1b692cf8d633bdf4b15d3335dc9a04a92e87278c3eda259b3c287f82f7fbe5297b8b9f6876a1e8148bf8c85d6700eb35f1d891270a1a23503ce3f7b4eb9fabf16c621825afb97d0044701c2ebfb67816d70667375d66315b240b9d151c2d83dd57fd01614f11f23822b4e275830db865205276b4092fb8b79088d52d95838350d6548bbb860f00c2b095614c83c59e58bc3f715f795790af2289ba7f5078a744d0b3408b961f7abd3a57e2467d3aba6f2a2570fe2c1a9e36c7c710386a2c895b8bfba78f9d1b90c64c333d453406e9d6fff6576e02236271c342b77a364afa27a800352ca34ad712af966dc3f5129d74f3be99922aa4179652490c1846aaf4eca9ed0a96c9b8ea3e6fcdc715c5de1a6d9b678b33e93fb75abf975ad19e1e620385a2e518bc7941ba39e235f149627c36bdf9d317ae28b9c41525bea362bec1c75a5be803b3f136aa3e49d819ab3e411899f52cdfe43ec17e4f9018e99fefa0bd51a54664ad555dbe2b625e5d43a8d423b9dfaaeeacc1c1d962757554d08686df3df2ed4c9b17232c3f337cdd0397819812560cbee58f1fbbf9ca164bf68f432baf55952b10ad29767012cd796193805555876a8f94a43dfe811a6eb3c71ba7e9856558ca4e240cdc3c92137428227e559f2ce57e897bfea7b0d9081e1969c3c0c64642515ac51f66b9ba3ca3b9060cbe0d07049fc3dd3aec30f54ca33a0d7cab0ef2a7ed589546a1cc7d3299d2534d79811e2ad8318d31aa92de42002307a33d4ecad8d05b79bf0c733e0e1cb35efb4aec5d383cf217030ddb48fc007cfd35a2d74460ad881e3fc2ad691c0986327448f422e8282833840f525dabb13a4be95d82c5ed0212a13272db83c5f583a398cf447832853fd3f19ae6aae5555929d150af5947218f95d64dd22bd3dc55bcbc77b7cf1af766bf685f1036e8677cae88edfa2a7bbb78638f632b16f9d5016ea51a32178df29142094d810d28eaa7e471d75256e8baa087dd60b26490f2c18080c73cfb1a61fa06db9c6512c0a8f7ab7254aa2be76c8e8a3daf3d11268ce4b8c180ff37a6bca8eb7542ef733a8d1c614add714d929abf3e9a7544123bc9ddf57da7d07ef0d408f7cc0e69dcb59cc55bafd87529aec8f4c1537edecf2376060cdea333a639daf4beea824e2ab94567ae85a44b2289db87ca29b3a3490cf2121972296170d78b529fb5920bb98263b37b1f1e35feb9b2e11372f4dc1a72708f54b884c40df9d741cafcf20a36546313e6a71e722a91eefe808e2a7c1c9c2fb8d55f8e498270f5494959eb7291ce369b168416d2a0d2cde99c69a6a9e85093a6bec721e3260960fa39e1def444ff99c4a22bf7c0797b3b48ef0034b0e06b6c927b082bb6fd44957b626140d527b96178485fbeb92a48b5791d331ad0e1efc340794385abb6e9ccfbad45377a535c1c1b27e471d69462b76ad261e554bded9b219cb6a064dcdd273ffc3c1c8fb2c603e585df020c29493ff814d308a07c50ddbf44b14e055aa83844f2690357e7ee3ddfcacda4e976f8949f1324a43d8bce734c746c93ab4fc24db8c1b659a8f0ed46008ec5801b085e30209941810f3d5354b700f4a03d60d6ea3f13bd04d31e1b96783392074f9cde555101d76f31195308c20f30947caa668306018d6a73781c182cee7837d3a930f914890b07558f9a55680f5e7839bbc9fa016eabbc0454998ade8f1b49e7d1281c022cacbd61ba39833c5d72706ff3febb0f3989e6df9635c49564ccb784fd1ed42a51af336ba9040f1d35c0178dd322ae74e17d4351b8496c71c8673daf277162308b11714d73285e8bc14217886387f4f9741fe3f27da79480927309f64c977dae1c5cee801fa48884654c1cfe278a4345d4b0391a6125488832995b79ecc736c282a1a6147e73d2f6a14bccdc9033a17f145514187718ead49751dee13dea818b5236fb6ce4bacb3c7d3695ff0cdd6627eda7aa5ec4da18b066d969c9eb28caac93919cd4f79521a257d6c5ae8877d3133c84259aea5fbbb647b37cb60585ee4e30b431b47f6a2f319e17d9a7ab348299c91b16c1d7f34ed0872e9477f26daa0d746388d676c529df9714df57e0a969e6fe1fb7f3b61e4c69e47ce49b01e1fd3b9d6405037bc5ed9af4f21539f5f3681d833d21c43adf9f25a24b93b760a10b4bdd88272ca14bef2a39e94a63b8876b9c116905b54d0ced01b7b80390049fd0e3f9a8d0c35ee93a1088bd29063be212df0f5c32163a801dd0e323064646dc046179ee801a0a2465c1ccb7441263b9c3e308b91bf9719b8ffada1221613e479e73e1faaad1051239868b37b5bbbe642a7ec86ec6ad33e89f501c8042be494bd67afbf64827afa1995d61b4dec471246cbc1596e983c33575ec6ffcc03ca71c17e638e0c1b0685eac2f23db5ecb78533eaf048a5d22a1c66abef71f33e106db551bda4a2a54142baa4fc5276bf44dddadbdcb7836a7f10c3e5d719f637c3536fa6bbd6e51d047bfe05c9a78f88f0285e8fec907d87e1f93f2db122bc6bf69ee07f1298b92b15f9047af841b844e815ba37af7998c7cc62c2a7f4582d11c8cd4899848cfcbbfeed0494b732828f68ebfae0a6ce08867f9237e9edc3f412624100c648f43c8dc1a499e5290fab1d968f551e5dfbc40396376962d280a666c83c5e94ef479078f22d027503df19a85e933401293c5ed27799993cbf9952e02523c1346dbb7efe652bb6c059d387f69498c91aa2b3410a94cf72accf6bd2dcb8ba7e7ee5ebbab67f7962b16373cd85170499c2b3c4cf938c95333438101bc9cb6fadf91e6fff741dc6c03e8f48c1f3fbf6d0343c385a8ee2f2ddb10282ef1571d1889404e684d2e3d13af9634374eecf4094937efe3093c2f0275280f162ffe15f0d318b3fabb58e84ec590f2ecd372f4ec88d00c404c69a4ad60cfde199277bb2b6917dd7f700341ef0bc19325d9b2c5f6bb88b800c282dd3b392ec758c329d88cfb4b6f72e3032ce6be7391f279361a8d2e90a2b10803bcba6f419d23b2117b74402e6e06e8e18453a1cf17736e1ff3ef62fbb8f92f549b0fd1df0940829f24ba163abb64894b11b3aa1b89229b6ae4641c22a30ecd2a67708c4f29a37ec6464dee0a99ac4f1bcdb2b9f7833bcf91844e8af0a879b41d0286900629599e17980ebd7d25e71dfe4a02d9bf7b37bc7b00e179a700acad2a2a7cbd1f68364b688b95e8fe390bad5890c98a3dc407f2637b8ad59fd638eb1063b2ff1f92f574f6090bf08218b093719adb3298036ee2a851539fd7a2101c5d1f530cbcb025cdda4d4a08621b379460954efd25f7490de05468e9349014276110804d7c61f7a20fe8c06178f609d00a41be98d3a7bfe8c6aec08ac45347f003971ec2d19f58b1e325217e571b34626793036af45c2271336d1fee37c8fb82af0dafd2e651e98ffaf37d88abca84b91e25e55b45073237115ed3c4831b43cb826f9052865bcb49c07af0c9ab656cebe87306c21c4ada7de7bb9733cdc7d9e5b29163e0e201eaa753576e9d7f69b008d6ed2ad7cdf8c4de874ad9205143130f9798deced254aa3a0fb71327555fef93ffe696815a57e8a094f51c4013334ab4f950bb9580faf2d27e0a6379335a829fe3a68fc9375c6a46e43fa5372cce11e85dc5cd1fb39ac00a99a330e486d79952f9ca223b0049d0658d47518dcbe8c426c38e705f2554e8a02bf8dea9389ddd426475c01681b3b0e4971832f8505bff45000cb7e6a8ead6befeb682d83ebf0ea0d8525dafb5bd73caa5cfadf18b97679e0715f4d3480dee9a2d5fd636ccb739ffc49e1871660c2a9b55f0ae0641ab8d06975a5e13229ecb5b0f9d591f33f5ff47f8692d04e378d402634da8806b5c6e6fa7a3e3476040fdecf95bfcc6a2d3b0ba6a063333f8566f099b43b96955799905a4e6bf09e10e7b6303416113dbb5cc5e204a43f958f5ef151f74d336cb632d1afa7072e6aafed6aee7e2e327d9c0826582ac09b318bcca8456cd955322ad0f9fa2693796f291fa82def2fd235d14ec10335f9e8c9beb573b0b7a1cd8e43384c37c758742a4379438f022304fc6d6951cb78d18ad242d474b1cb5ce7d7f7089eea61675dfa97627a6eda208b41000ef71dfdc3f50ea16cc7f0f51555a7a4edc6cbf2c5f1960da8b4e18f0d8100dc32bc833561219ca911acfee96480bc7e0de9b0f45ec95d25daf3a84165227fc4a7b974855f232bbe287910acf281e727be502de162bfea33b2ab72785cc009ca0bfd502ab0dd7a383b23159184a338f9d565fc819d91a84e1e669fd18cc6433d932b72a8a41051113458cc2d606e42f1f814fcdb19dc955233fb08f103d7f9c374f158e00328f31857bbd6a7f16b0eeb2a535f7e58cecb402631ddbc56a15bcd2b5e68dcc41058eb76f81ccb8124e66702484a9112d71e0462566f31ea27138d4c684aa13f7e2998dd8292d0d624383108b8f6c732299a817ffc5567f2f01d802106c9435e0ac3c14bd0ce692da358321e94c36adfcf3eaaa2165224036dc3114a1d536e268606230401895697da3f9d1e9ef56a3b5386eb33246c7cd3f80a8a4234210d05b6d4982414652b60ea283fc907ca4ff3b9a1c91a085488ca766dd811cbe543bc6e0bc1706d087d5775897043ec6ebf67e56e4921de091304e16ebc89c1afee18a3f26af7d3c5aac1e0d0fc1e0c911899e64a4dd6f542a1cf53ada2e6679b8fbb580422925a3fe3891a9dc0aa7f6b9714793d02e7274186645b8849f6d103b2a198542240cfe61942ec08e56d75acc4dd52213091b73c32dccee0433cf45ceec0b8567d05b44dac755"})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000000)=ANY=[])
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000006c0)={0x8, 0x0, &(0x7f0000000580)=[@decrefs], 0x0, 0x0, 0x0})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$SNDCTL_DSP_NONBLOCK(r5, 0x500e, 0x0)

1.680019396s ago: executing program 3 (id=1381):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, 0x0, 0x4000010)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_register(r3, &(0x7f00000001c0)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x11, 0x3a, '.^', 0x3a, '9P2000.u', 0x3a, './file1'}, 0x31)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r4, 0x89f2, &(0x7f00000000c0)={0x4000000, 0x0, 0x5, 0x1, 0x0, "bb5dee0000000000000000000000f99200231c"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r7, &(0x7f0000000280)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r7, &(0x7f0000005240)=[{{0x0, 0xfffffdef, 0x0, 0x0, 0x0, 0x0, 0x10}, 0xfffffdef}], 0x4000095, 0x401eb94)
pipe2(&(0x7f00000002c0), 0x80000)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r7)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000200001032abd70000000000002000000000000001b000000080018"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x6c, r8, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x1, {0x8001, 0x7, 0x3ff, 0x1}}}, @NL80211_ATTR_BSS_SELECT={0x34, 0xe3, 0x0, 0x1, [@NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0xd, 0x6}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0xc, 0x5}}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0xd, 0xe0}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x6, 0x6}}]}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x240000d4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r10=>0x0})
sendto$packet(r1, &(0x7f0000000300)="10008100", 0x4, 0x0, &(0x7f0000000200)={0x11, 0x8100, r10, 0x1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)

1.45082059s ago: executing program 3 (id=1382):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x2000)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x7034, &(0x7f0000000500)={0x0, 0xbe36, 0x20, 0x1, 0x145}, 0x0, &(0x7f00000005c0))
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0xfffff7e6, 0xb2ba, 0x8, 0xf, 0xfffffffb, 0x8000}, [@TCA_NETEM_RATE={0x14, 0x6, {0xbe30, 0x200, 0x7, 0x2}}]}}}]}, 0x60}}, 0x44080)
ioctl$VIDIOC_QUERYBUF_DMABUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000480)={0x10001, 0xb, 0x4, 0x10, 0x7, {}, {0x2, 0x0, 0x4, 0x41, 0x5, 0x0, "eaf97807"}, 0x8, 0x4, {}, 0x6})
r5 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)

1.357940034s ago: executing program 1 (id=1383):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)={0x20, 0x6, 0x17, {0x17, 0x23, "29330dc778c7a4cae9a4c9e0bb43bbd22455bab204"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x0)

600.146799ms ago: executing program 0 (id=1384):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, 0x0, 0x0)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004380), 0x20801a, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@directio}], [], 0x6b}})
read$FUSE(r0, &(0x7f00000022c0)={0x2020}, 0x2020)

599.548822ms ago: executing program 0 (id=1385):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000480)={@flat=@weak_handle={0x77682a85, 0xb, 0x1}, @flat=@weak_binder, @fda={0x66646185, 0x3, 0x0, 0x15}}, 0x0}}], 0x0, 0x0, 0x0})

530.18115ms ago: executing program 3 (id=1386):
r0 = socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x2b, 0x0, @fd_index=0x3})
r3 = syz_open_dev$sg(0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r7=>0x0)
io_submit(r7, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r6, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000000001010400000000f7177ca3244833000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c0001801400000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000"/155], 0x94}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0xbc}, 0x1, 0x0, 0x0, 0x1}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3, {0x475}}, './file0\x00'})
sendmsg$key(0xffffffffffffffff, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x40)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x100)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffffffffd21, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x24084040)

529.887743ms ago: executing program 0 (id=1387):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x111}}, 0x20)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0xd2, 0xf6, 0xf0, 0x20, 0xbc7, 0x8, 0x88ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x46, 0xff, 0xd5}}]}}]}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
accept4(r4, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x44854)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

209.039983ms ago: executing program 3 (id=1388):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{0xfffffffc}, {}, {0x0, 0x3}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000ec0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
r6 = dup(0xffffffffffffffff)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB])
ioctl$KVM_SET_MSRS(r0, 0xc008ae88, &(0x7f0000000c40)=ANY=[@ANYRES32, @ANYBLOB="548816e3b86cc487d27c9478f91815dcd209017de2fff1cff66ec265e50e81e0281889d75de7d304373bc4ffc8a17a378468b0807394e43458f76bc7ef0dd5f393c18f6a078727890fea5715057b790d734983770b8870fcb24ea271800f4c24e6e235b95a0024bbf1e2312599dfd429319e960ea964429bc9b4b6d4f579321c5aeb7b34b8ef8ce29e024610c0d7cf2c9bd8a1bc87415405c9a6399b38dd7a6fc46414de740960c507117f0831591c9a292d70aac4", @ANYBLOB="757a28226ec80b43ef297f1445a3e6ebb0c886d67dd88fa0b88f3a205ba5161044f5a4f906f239f3a15f7814cef36e9db454a5d6bfafcb57e932bf462a4e0ac9a71aede668de4e901fcf4c3b8723a0f10241cbd5c8a8ff0b95e912de3b5377de5fff777bff11197ecd40e632cb7d6f11249e049d64335a6733d1da13c847259087051bacfa52a9cdc0e359d2e1eab2325f0ad125bbddbeede8203f5b91b645a830a15b6d2f4eef638da3893328bc05b743f8", @ANYRES8, @ANYRESDEC=r5, @ANYRESDEC, @ANYRES64=r3, @ANYBLOB="3da66d73df272d853a58af4fa1ab394c5efb4ae726207ca2509b6e956b18f422aa306b1d09fad320dc14987350d240b3fc04dd83ea01a717e1970f1e565cd9fee453193e9de70a11ec878e8a4fb4b1f394ff83ee09869efb8b7ff703533e35865a014b726e00f12439b315a44e2bf70fb0504221068c29617b73abbb38f23b4e4c91d25e86f043af9125a509ebcdd774c69be4d6a7564ef5d61e5cbf7e2708625285d7b28bad4fa9f2f54a9aba9a5fb558135c314c4d19aa81eb1ce787466fa94f7f498d5a", @ANYRES32=r6])
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setregid(0x0, 0x0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x8}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000000380)=""/231, 0xe7)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

0s ago: executing program 1 (id=1389):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffb000/0x2000)=nil)
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x400, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x0, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mounts\x00')
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r6, 0xc008aec1, &(0x7f0000000000))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x121400, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r9, 0x0)
futex_waitv(&(0x7f0000003b80)=[{0x4, &(0x7f0000000300)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r8, 0x5000940e, &(0x7f0000000140)={{r8}, "927f1918debe2a143e2422209e17d07cb391c444579b1feafb20f9e82b4e658c7074bd18ed67a450f3ea93f82964f00c525d8409cb5fc750a42330b2f3abbc223054e3fea95779fc836f0c6cfe65aa5ce4e933cd947a4343ecbefdddafa3469baf44a43ab79ed5ecc3e0c9b59da3da119e0aa68f903379b1b8556f443d41486f6e10f897d5ef6e4c56a4f78653f734b6e4143fcbce095879109e07ac7f275225dc25d86ea19a4f4ff0aa98c1e82a05301e956d3c36c7b3236079d5d567bf9e4bcf624a209298848748199d3707e4ce7f77bfaee3c923fe6781182d5da4ec27857189568c68740eef592c92b5e3824a42c401c7044357c017d6ff44c5d9cb253ddb0e819fd04fe876131a604df502d274ead6c0cdda943bd2763f91de3ae142ed9efcbf881866ca194c550df3fdb626ca4cb4db4712c02099f80bc3c9a6263c4023c54f5f101cf366ddcd3c78c5bedcf41ef66306f9cdf04c2207f168839ccbe5fd9d6841c8fedc745df12f3b66949ea50d71c66b8050947d477846b118dc0099c5da0456c0dc246910728be71c86ee0df422f752a26ca888cac6bf8f07004f4ba8cc702fea443bce40fd76f8f68ccf3e52c02e8ba69fdb87adec4a71b0e72a52c1715b027826d8d29bd5e60ef37488a3f307d501fd15c180b7332a0810ba371980eaa90c7e8d579956bab134d2e5c0ef44bfe14307ad11b6b74f090e1d83c4e016d1819e6c2f153a335a50f7f13d05cb4b63f0b852cc43a1e9d7f9dde216ea8dd4e1d434bdd7ef464cf9ecc2fb0448f6faeb3ecfc1c3e65f036a973af0151e45b63577186a0d99fee854c56aa28a352ae98cb90ca28594753dce9ac379bf536e74380e42c423e12e7044288f8054187e77c2e1c0dde7e9d79557da5b89cc210e1aca8ab4d325a18767da70701608e853f74ae3cfb6872cc88d40247f93d8a81e61d820a0aa1b692cf8d633bdf4b15d3335dc9a04a92e87278c3eda259b3c287f82f7fbe5297b8b9f6876a1e8148bf8c85d6700eb35f1d891270a1a23503ce3f7b4eb9fabf16c621825afb97d0044701c2ebfb67816d70667375d66315b240b9d151c2d83dd57fd01614f11f23822b4e275830db865205276b4092fb8b79088d52d95838350d6548bbb860f00c2b095614c83c59e58bc3f715f795790af2289ba7f5078a744d0b3408b961f7abd3a57e2467d3aba6f2a2570fe2c1a9e36c7c710386a2c895b8bfba78f9d1b90c64c333d453406e9d6fff6576e02236271c342b77a364afa27a800352ca34ad712af966dc3f5129d74f3be99922aa4179652490c1846aaf4eca9ed0a96c9b8ea3e6fcdc715c5de1a6d9b678b33e93fb75abf975ad19e1e620385a2e518bc7941ba39e235f149627c36bdf9d317ae28b9c41525bea362bec1c75a5be803b3f136aa3e49d819ab3e411899f52cdfe43ec17e4f9018e99fefa0bd51a54664ad555dbe2b625e5d43a8d423b9dfaaeeacc1c1d962757554d08686df3df2ed4c9b17232c3f337cdd0397819812560cbee58f1fbbf9ca164bf68f432baf55952b10ad29767012cd796193805555876a8f94a43dfe811a6eb3c71ba7e9856558ca4e240cdc3c92137428227e559f2ce57e897bfea7b0d9081e1969c3c0c64642515ac51f66b9ba3ca3b9060cbe0d07049fc3dd3aec30f54ca33a0d7cab0ef2a7ed589546a1cc7d3299d2534d79811e2ad8318d31aa92de42002307a33d4ecad8d05b79bf0c733e0e1cb35efb4aec5d383cf217030ddb48fc007cfd35a2d74460ad881e3fc2ad691c0986327448f422e8282833840f525dabb13a4be95d82c5ed0212a13272db83c5f583a398cf447832853fd3f19ae6aae5555929d150af5947218f95d64dd22bd3dc55bcbc77b7cf1af766bf685f1036e8677cae88edfa2a7bbb78638f632b16f9d5016ea51a32178df29142094d810d28eaa7e471d75256e8baa087dd60b26490f2c18080c73cfb1a61fa06db9c6512c0a8f7ab7254aa2be76c8e8a3daf3d11268ce4b8c180ff37a6bca8eb7542ef733a8d1c614add714d929abf3e9a7544123bc9ddf57da7d07ef0d408f7cc0e69dcb59cc55bafd87529aec8f4c1537edecf2376060cdea333a639daf4beea824e2ab94567ae85a44b2289db87ca29b3a3490cf2121972296170d78b529fb5920bb98263b37b1f1e35feb9b2e11372f4dc1a72708f54b884c40df9d741cafcf20a36546313e6a71e722a91eefe808e2a7c1c9c2fb8d55f8e498270f5494959eb7291ce369b168416d2a0d2cde99c69a6a9e85093a6bec721e3260960fa39e1def444ff99c4a22bf7c0797b3b48ef0034b0e06b6c927b082bb6fd44957b626140d527b96178485fbeb92a48b5791d331ad0e1efc340794385abb6e9ccfbad45377a535c1c1b27e471d69462b76ad261e554bded9b219cb6a064dcdd273ffc3c1c8fb2c603e585df020c29493ff814d308a07c50ddbf44b14e055aa83844f2690357e7ee3ddfcacda4e976f8949f1324a43d8bce734c746c93ab4fc24db8c1b659a8f0ed46008ec5801b085e30209941810f3d5354b700f4a03d60d6ea3f13bd04d31e1b96783392074f9cde555101d76f31195308c20f30947caa668306018d6a73781c182cee7837d3a930f914890b07558f9a55680f5e7839bbc9fa016eabbc0454998ade8f1b49e7d1281c022cacbd61ba39833c5d72706ff3febb0f3989e6df9635c49564ccb784fd1ed42a51af336ba9040f1d35c0178dd322ae74e17d4351b8496c71c8673daf277162308b11714d73285e8bc14217886387f4f9741fe3f27da79480927309f64c977dae1c5cee801fa48884654c1cfe278a4345d4b0391a6125488832995b79ecc736c282a1a6147e73d2f6a14bccdc9033a17f145514187718ead49751dee13dea818b5236fb6ce4bacb3c7d3695ff0cdd6627eda7aa5ec4da18b066d969c9eb28caac93919cd4f79521a257d6c5ae8877d3133c84259aea5fbbb647b37cb60585ee4e30b431b47f6a2f319e17d9a7ab348299c91b16c1d7f34ed0872e9477f26daa0d746388d676c529df9714df57e0a969e6fe1fb7f3b61e4c69e47ce49b01e1fd3b9d6405037bc5ed9af4f21539f5f3681d833d21c43adf9f25a24b93b760a10b4bdd88272ca14bef2a39e94a63b8876b9c116905b54d0ced01b7b80390049fd0e3f9a8d0c35ee93a1088bd29063be212df0f5c32163a801dd0e323064646dc046179ee801a0a2465c1ccb7441263b9c3e308b91bf9719b8ffada1221613e479e73e1faaad1051239868b37b5bbbe642a7ec86ec6ad33e89f501c8042be494bd67afbf64827afa1995d61b4dec471246cbc1596e983c33575ec6ffcc03ca71c17e638e0c1b0685eac2f23db5ecb78533eaf048a5d22a1c66abef71f33e106db551bda4a2a54142baa4fc5276bf44dddadbdcb7836a7f10c3e5d719f637c3536fa6bbd6e51d047bfe05c9a78f88f0285e8fec907d87e1f93f2db122bc6bf69ee07f1298b92b15f9047af841b844e815ba37af7998c7cc62c2a7f4582d11c8cd4899848cfcbbfeed0494b732828f68ebfae0a6ce08867f9237e9edc3f412624100c648f43c8dc1a499e5290fab1d968f551e5dfbc40396376962d280a666c83c5e94ef479078f22d027503df19a85e933401293c5ed27799993cbf9952e02523c1346dbb7efe652bb6c059d387f69498c91aa2b3410a94cf72accf6bd2dcb8ba7e7ee5ebbab67f7962b16373cd85170499c2b3c4cf938c95333438101bc9cb6fadf91e6fff741dc6c03e8f48c1f3fbf6d0343c385a8ee2f2ddb10282ef1571d1889404e684d2e3d13af9634374eecf4094937efe3093c2f0275280f162ffe15f0d318b3fabb58e84ec590f2ecd372f4ec88d00c404c69a4ad60cfde199277bb2b6917dd7f700341ef0bc19325d9b2c5f6bb88b800c282dd3b392ec758c329d88cfb4b6f72e3032ce6be7391f279361a8d2e90a2b10803bcba6f419d23b2117b74402e6e06e8e18453a1cf17736e1ff3ef62fbb8f92f549b0fd1df0940829f24ba163abb64894b11b3aa1b89229b6ae4641c22a30ecd2a67708c4f29a37ec6464dee0a99ac4f1bcdb2b9f7833bcf91844e8af0a879b41d0286900629599e17980ebd7d25e71dfe4a02d9bf7b37bc7b00e179a700acad2a2a7cbd1f68364b688b95e8fe390bad5890c98a3dc407f2637b8ad59fd638eb1063b2ff1f92f574f6090bf08218b093719adb3298036ee2a851539fd7a2101c5d1f530cbcb025cdda4d4a08621b379460954efd25f7490de05468e9349014276110804d7c61f7a20fe8c06178f609d00a41be98d3a7bfe8c6aec08ac45347f003971ec2d19f58b1e325217e571b34626793036af45c2271336d1fee37c8fb82af0dafd2e651e98ffaf37d88abca84b91e25e55b45073237115ed3c4831b43cb826f9052865bcb49c07af0c9ab656cebe87306c21c4ada7de7bb9733cdc7d9e5b29163e0e201eaa753576e9d7f69b008d6ed2ad7cdf8c4de874ad9205143130f9798deced254aa3a0fb71327555fef93ffe696815a57e8a094f51c4013334ab4f950bb9580faf2d27e0a6379335a829fe3a68fc9375c6a46e43fa5372cce11e85dc5cd1fb39ac00a99a330e486d79952f9ca223b0049d0658d47518dcbe8c426c38e705f2554e8a02bf8dea9389ddd426475c01681b3b0e4971832f8505bff45000cb7e6a8ead6befeb682d83ebf0ea0d8525dafb5bd73caa5cfadf18b97679e0715f4d3480dee9a2d5fd636ccb739ffc49e1871660c2a9b55f0ae0641ab8d06975a5e13229ecb5b0f9d591f33f5ff47f8692d04e378d402634da8806b5c6e6fa7a3e3476040fdecf95bfcc6a2d3b0ba6a063333f8566f099b43b96955799905a4e6bf09e10e7b6303416113dbb5cc5e204a43f958f5ef151f74d336cb632d1afa7072e6aafed6aee7e2e327d9c0826582ac09b318bcca8456cd955322ad0f9fa2693796f291fa82def2fd235d14ec10335f9e8c9beb573b0b7a1cd8e43384c37c758742a4379438f022304fc6d6951cb78d18ad242d474b1cb5ce7d7f7089eea61675dfa97627a6eda208b41000ef71dfdc3f50ea16cc7f0f51555a7a4edc6cbf2c5f1960da8b4e18f0d8100dc32bc833561219ca911acfee96480bc7e0de9b0f45ec95d25daf3a84165227fc4a7b974855f232bbe287910acf281e727be502de162bfea33b2ab72785cc009ca0bfd502ab0dd7a383b23159184a338f9d565fc819d91a84e1e669fd18cc6433d932b72a8a41051113458cc2d606e42f1f814fcdb19dc955233fb08f103d7f9c374f158e00328f31857bbd6a7f16b0eeb2a535f7e58cecb402631ddbc56a15bcd2b5e68dcc41058eb76f81ccb8124e66702484a9112d71e0462566f31ea27138d4c684aa13f7e2998dd8292d0d624383108b8f6c732299a817ffc5567f2f01d802106c9435e0ac3c14bd0ce692da358321e94c36adfcf3eaaa2165224036dc3114a1d536e268606230401895697da3f9d1e9ef56a3b5386eb33246c7cd3f80a8a4234210d05b6d4982414652b60ea283fc907ca4ff3b9a1c91a085488ca766dd811cbe543bc6e0bc1706d087d5775897043ec6ebf67e56e4921de091304e16ebc89c1afee18a3f26af7d3c5aac1e0d0fc1e0c911899e64a4dd6f542a1cf53ada2e6679b8fbb580422925a3fe3891a9dc0aa7f6b9714793d02e7274186645b8849f6d103b2a198542240cfe61942ec08e56d75acc4dd52213091b73c32dccee0433cf45ceec0b8567d05b44dac755"})
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000000)=ANY=[])
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000006c0)={0x8, 0x0, &(0x7f0000000580)=[@decrefs], 0x0, 0x0, 0x0})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$SNDCTL_DSP_NONBLOCK(r5, 0x500e, 0x0)

kernel console output (not intermixed with test programs):

=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.675815][   T39] audit: type=1326 audit(1733287016.088:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.682958][   T39] audit: type=1326 audit(1733287016.088:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.693833][   T39] audit: type=1326 audit(1733287016.088:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.701650][   T39] audit: type=1326 audit(1733287016.088:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.723567][   T39] audit: type=1326 audit(1733287016.088:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.732414][ T8382] binder: 8380:8382 ioctl c0306201 200003c0 returned -14
[  139.742826][   T39] audit: type=1326 audit(1733287016.088:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.756062][   T39] audit: type=1326 audit(1733287016.088:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  139.768763][   T39] audit: type=1326 audit(1733287016.088:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.0.516" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  140.588882][ T8401] FAULT_INJECTION: forcing a failure.
[  140.588882][ T8401] name failslab, interval 1, probability 0, space 0, times 0
[  140.592198][ T8401] CPU: 1 UID: 0 PID: 8401 Comm: syz.2.522 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  140.594940][ T8401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.597767][ T8401] Call Trace:
[  140.598659][ T8401]  <TASK>
[  140.599448][ T8401]  dump_stack_lvl+0x16c/0x1f0
[  140.600707][ T8401]  should_fail_ex+0x497/0x5b0
[  140.601953][ T8401]  ? fs_reclaim_acquire+0xae/0x150
[  140.603294][ T8401]  should_failslab+0xc2/0x120
[  140.604545][ T8401]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  140.606081][ T8401]  ? __alloc_skb+0x2b3/0x380
[  140.607555][ T8401]  __alloc_skb+0x2b3/0x380
[  140.608750][ T8401]  ? __pfx___alloc_skb+0x10/0x10
[  140.610064][ T8401]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  140.611422][ T8401]  netlink_ack+0x164/0xb20
[  140.612617][ T8401]  netlink_rcv_skb+0x327/0x410
[  140.613890][ T8401]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  140.615329][ T8401]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  140.616740][ T8401]  ? netlink_deliver_tap+0x1ae/0xca0
[  140.618137][ T8401]  netlink_unicast+0x53c/0x7f0
[  140.619406][ T8401]  ? __pfx_netlink_unicast+0x10/0x10
[  140.620814][ T8401]  ? __phys_addr_symbol+0x30/0x80
[  140.622142][ T8401]  ? __check_object_size+0x488/0x710
[  140.623531][ T8401]  netlink_sendmsg+0x8b8/0xd70
[  140.624804][ T8401]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.626191][ T8401]  ____sys_sendmsg+0x9ae/0xb40
[  140.627450][ T8401]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.628848][ T8401]  ? get_compat_msghdr+0x11b/0x170
[  140.630195][ T8401]  ___sys_sendmsg+0x135/0x1e0
[  140.631447][ T8401]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.632800][ T8401]  ? __pfx_lock_release+0x10/0x10
[  140.634086][ T8401]  ? trace_lock_acquire+0x14e/0x1f0
[  140.635459][ T8401]  ? __fget_files+0x206/0x3a0
[  140.636745][ T8401]  __sys_sendmsg+0x16e/0x220
[  140.637975][ T8401]  ? __pfx___sys_sendmsg+0x10/0x10
[  140.639336][ T8401]  __do_fast_syscall_32+0x73/0x120
[  140.640701][ T8401]  do_fast_syscall_32+0x32/0x80
[  140.642229][ T8401]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.643911][ T8401] RIP: 0023:0xf7f07579
[  140.644993][ T8401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.650051][ T8401] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  140.652247][ T8401] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  140.654312][ T8401] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  140.656386][ T8401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.658460][ T8401] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.660547][ T8401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.662624][ T8401]  </TASK>
[  140.857315][ T8408] mkiss: ax0: crc mode is auto.
[  141.100936][ T8408] netlink: 8 bytes leftover after parsing attributes in process `syz.2.524'.
[  141.646807][ T8427] mkiss: ax0: crc mode is auto.
[  143.947710][ T8473] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.539'.
[  143.953197][ T8473] netlink: 'syz.1.539': attribute type 3 has an invalid length.
[  143.956043][ T8473] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.539'.
[  144.141543][ T8480] FAULT_INJECTION: forcing a failure.
[  144.141543][ T8480] name failslab, interval 1, probability 0, space 0, times 0
[  144.144858][ T8480] CPU: 3 UID: 0 PID: 8480 Comm: syz.1.541 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  144.147582][ T8480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.150387][ T8480] Call Trace:
[  144.151269][ T8480]  <TASK>
[  144.152060][ T8480]  dump_stack_lvl+0x16c/0x1f0
[  144.153334][ T8480]  should_fail_ex+0x497/0x5b0
[  144.154570][ T8480]  ? fs_reclaim_acquire+0xae/0x150
[  144.155913][ T8480]  should_failslab+0xc2/0x120
[  144.157150][ T8480]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  144.158688][ T8480]  ? vm_area_dup+0x21/0x300
[  144.160027][ T8480]  vm_area_dup+0x21/0x300
[  144.161169][ T8480]  copy_mm+0xd89/0x2550
[  144.162279][ T8480]  ? __pfx_copy_mm+0x10/0x10
[  144.163526][ T8480]  ? copy_process+0x3ca7/0x6f20
[  144.164818][ T8480]  ? __raw_spin_lock_init+0x3a/0x110
[  144.166198][ T8480]  copy_process+0x3e6d/0x6f20
[  144.167437][ T8480]  ? __pfx_copy_process+0x10/0x10
[  144.168765][ T8480]  ? find_held_lock+0x2d/0x110
[  144.170021][ T8480]  kernel_clone+0xfd/0x960
[  144.171214][ T8480]  ? __pfx_kernel_clone+0x10/0x10
[  144.172544][ T8480]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  144.174117][ T8480]  __do_compat_sys_ia32_clone+0xb7/0x100
[  144.175588][ T8480]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  144.177232][ T8480]  __do_fast_syscall_32+0x73/0x120
[  144.178575][ T8480]  do_fast_syscall_32+0x32/0x80
[  144.179862][ T8480]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.181516][ T8480] RIP: 0023:0xf742e579
[  144.182590][ T8480] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.187545][ T8480] RSP: 002b:00000000f511652c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  144.189711][ T8480] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000000000000
[  144.191771][ T8480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  144.193829][ T8480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.195884][ T8480] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.197936][ T8480] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.200010][ T8480]  </TASK>
[  144.280842][ T8481] netlink: 128 bytes leftover after parsing attributes in process `syz.0.540'.
[  145.241619][ T8493] wireguard5: entered promiscuous mode
[  146.290451][ T8515] sg_read: process 557 (syz.0.552) changed security contexts after opening file descriptor, this is not allowed.
[  146.695435][ T6040] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  146.845396][ T6040] usb 5-1: Using ep0 maxpacket: 8
[  146.848488][ T6040] usb 5-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  146.851438][ T6040] usb 5-1: config 1 interface 0 has no altsetting 0
[  146.854423][ T6040] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.40
[  146.856609][ T6040] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.858578][ T6040] usb 5-1: Product: ⡍齍≉䙕⤬㢢⡤栬檇䊥楽釃㨏싎徝梢玐纉尪榆셲盾ﻉ㲛肨爷ᄼڍ太䉖᬴䓝끚錿㡹ཱི펶褦긊롗쐅솩㺤䗢঺뗓䓛ᚼ뒹䗢鲬뢄㧼箤ﱍ⣷䘸◱ᓦ璬牗섾ሺᮖᮽ鴓蝔ㄏ蘟啿鸋ⴥ－≪鼩诔쮧繢禃꡴ﾎ㵙筛፟套㽝塞ꥃ昚ｦ胆쥡ᤸ׻䜸杓꽦芒Ც䙡尪⼶푄Ӫ㆘ද
[  146.867312][ T6040] usb 5-1: Manufacturer: Ђ
[  146.868404][ T6040] usb 5-1: SerialNumber: ⒭䭈槐峒烈䣑⥇䏋땘鵧ㅨ楦툗ꖣﾯ䧉櫛뱘
[  147.277356][ T8524] input: syz1 as /devices/virtual/input/input9
[  147.965542][ T6010] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  148.115393][ T6010] usb 6-1: Using ep0 maxpacket: 8
[  148.118710][ T6010] usb 6-1: config 1 interface 0 altsetting 162 bulk endpoint 0x1 has invalid maxpacket 112
[  148.121280][ T6010] usb 6-1: config 1 interface 0 has no altsetting 0
[  148.124221][ T6010] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  148.128029][ T6010] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.130128][ T6010] usb 6-1: Product: Ј
[  148.131247][ T6010] usb 6-1: Manufacturer: Ж
[  148.132409][ T6010] usb 6-1: SerialNumber: syz
[  148.136779][ T8534] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  148.341944][ T8534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.344422][ T8534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.422930][ T8551] netlink: 16 bytes leftover after parsing attributes in process `syz.2.559'.
[  148.425409][ T8551] netlink: 20 bytes leftover after parsing attributes in process `syz.2.559'.
[  148.435558][ T5954] Bluetooth: hci3: command 0x0c1a tx timeout
[  148.494247][ T8553] netlink: 16 bytes leftover after parsing attributes in process `syz.2.559'.
[  148.496959][ T8553] netlink: 20 bytes leftover after parsing attributes in process `syz.2.559'.
[  148.552646][ T6010] usblp 6-1:1.0: usblp0: USB Bidirectional printer dev 17 if 0 alt 162 proto 2 vid 0x0525 pid 0xA4A8
[  148.556508][ T6010] usb 6-1: USB disconnect, device number 17
[  148.560056][ T6010] usblp0: removed
[  148.965405][ T5945] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  149.117298][ T5945] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  149.120211][ T5945] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  149.122764][ T5945] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  149.125505][ T5945] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.129018][ T8555] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  149.132137][ T5945] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  149.440670][ T6040] usbhid 5-1:1.0: can't add hid device: -71
[  149.442335][ T6040] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  149.446762][ T6040] usb 5-1: USB disconnect, device number 14
[  149.642068][ T8572] netlink: 'syz.1.561': attribute type 9 has an invalid length.
[  149.644752][ T8572] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.561'.
[  149.704774][ T5945] usb 6-1: USB disconnect, device number 18
[  150.187256][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.568'.
[  150.354134][ T8587] futex_wake_op: syz.2.570 tries to shift op by 144; fix this program
[  150.644824][ T8599] binder: 8598:8599 ioctl c0306201 200006c0 returned -14
[  150.741999][ T8597] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  150.844517][ T8606] tipc: Enabled bearer <udp:s>, priority 10
[  150.932223][ T8611] netlink: 4 bytes leftover after parsing attributes in process `syz.1.578'.
[  150.934568][ T8611] netlink: 'syz.1.578': attribute type 18 has an invalid length.
[  150.937486][ T8611] netlink: 'syz.1.578': attribute type 15 has an invalid length.
[  150.944507][ T8611] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 65535 - 0
[  150.947115][ T8611] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 65535 - 0
[  150.949812][ T8611] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 65535 - 0
[  150.952256][ T8611] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 65535 - 0
[  150.956632][ T8611] vxlan0: entered promiscuous mode
[  150.959985][ T8610] ata3.00: invalid multi_count 1 ignored
[  151.027030][ T8610] netlink: 24 bytes leftover after parsing attributes in process `syz.0.579'.
[  151.338218][ T8619] all: renamed from bridge_slave_0 (while UP)
[  151.773100][ T8638] tmpfs: Bad value for 'mpol'
[  151.806578][ T8636] binder: 8632:8636 ioctl c0306201 200006c0 returned -14
[  152.084795][ T8616] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  152.088313][ T8616] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  152.091926][ T8616] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  152.129193][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.590'.
[  152.159656][ T8649] netlink: 24 bytes leftover after parsing attributes in process `syz.0.591'.
[  152.244350][ T8658] netlink: 'syz.0.592': attribute type 18 has an invalid length.
[  152.249238][ T8658] netlink: 'syz.0.592': attribute type 15 has an invalid length.
[  152.251657][ T8658] FAULT_INJECTION: forcing a failure.
[  152.251657][ T8658] name failslab, interval 1, probability 0, space 0, times 0
[  152.256030][ T8658] CPU: 2 UID: 0 PID: 8658 Comm: syz.0.592 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  152.258865][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.258887][ T8658] Call Trace:
[  152.258891][ T8658]  <TASK>
[  152.258896][ T8658]  dump_stack_lvl+0x16c/0x1f0
[  152.258913][ T8658]  should_fail_ex+0x497/0x5b0
[  152.265966][ T8658]  ? fs_reclaim_acquire+0xae/0x150
[  152.267267][ T8658]  should_failslab+0xc2/0x120
[  152.268461][ T8658]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  152.269835][ T8658]  ? __kernfs_new_node+0xd3/0x890
[  152.271189][ T8658]  __kernfs_new_node+0xd3/0x890
[  152.272909][ T8658]  ? __pfx___kernfs_new_node+0x10/0x10
[  152.274540][ T8658]  ? __pfx___lock_acquire+0x10/0x10
[  152.275868][ T8658]  ? lock_acquire.part.0+0x11b/0x380
[  152.277145][ T8658]  ? find_held_lock+0x2d/0x110
[  152.278315][ T8658]  kernfs_new_node+0x186/0x240
[  152.279489][ T8658]  kernfs_create_link+0xcc/0x240
[  152.280711][ T8658]  sysfs_do_create_link_sd+0x90/0x140
[  152.282061][ T8658]  sysfs_create_link+0x61/0xc0
[  152.283304][ T8658]  device_add+0x50c/0x1a70
[  152.284480][ T8658]  ? __pfx_device_add+0x10/0x10
[  152.285690][ T8658]  ? __init_waitqueue_head+0xca/0x150
[  152.287017][ T8658]  netdev_register_kobject+0x183/0x3a0
[  152.288371][ T8658]  register_netdevice+0x1473/0x1e20
[  152.289661][ T8658]  ? __pfx_register_netdevice+0x10/0x10
[  152.291106][ T8658]  ? vxlan_config_apply+0x53a/0x7d0
[  152.292896][ T8658]  __vxlan_dev_create+0x7c6/0xa30
[  152.294532][ T8658]  ? __pfx___vxlan_dev_create+0x10/0x10
[  152.295930][ T8658]  ? __pfx_vxlan_nl2conf+0x10/0x10
[  152.297216][ T8658]  ? rcu_is_watching+0x12/0xc0
[  152.298403][ T8658]  vxlan_newlink+0xd1/0x130
[  152.299527][ T8658]  ? __pfx_vxlan_newlink+0x10/0x10
[  152.300813][ T8658]  ? rtnl_create_link+0xa2e/0xf10
[  152.302211][ T8658]  rtnl_newlink+0x11ad/0x1c10
[  152.303423][ T8658]  ? __pfx_vxlan_newlink+0x10/0x10
[  152.304741][ T8658]  ? __pfx_rtnl_newlink+0x10/0x10
[  152.306046][ T8658]  ? can_eth_ioctl_hwts+0x2c/0x1e0
[  152.307357][ T8658]  ? __pfx___lock_acquire+0x10/0x10
[  152.308686][ T8658]  ? kmem_cache_free+0x152/0x4c0
[  152.309970][ T8658]  ? aa_get_newest_label+0x376/0x680
[  152.311399][ T8658]  ? find_held_lock+0x2d/0x110
[  152.312652][ T8658]  ? find_held_lock+0x2d/0x110
[  152.313849][ T8658]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  152.315116][ T8658]  ? __pfx_lock_release+0x10/0x10
[  152.316422][ T8658]  ? trace_lock_acquire+0x14e/0x1f0
[  152.317785][ T8658]  ? __pfx_rtnl_newlink+0x10/0x10
[  152.319103][ T8658]  rtnetlink_rcv_msg+0x95b/0xea0
[  152.320409][ T8658]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  152.321949][ T8658]  ? __pfx___dev_queue_xmit+0x10/0x10
[  152.323340][ T8658]  netlink_rcv_skb+0x165/0x410
[  152.324590][ T8658]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  152.325991][ T8658]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  152.327361][ T8658]  ? netlink_deliver_tap+0x1ae/0xca0
[  152.328735][ T8658]  netlink_unicast+0x53c/0x7f0
[  152.329978][ T8658]  ? __pfx_netlink_unicast+0x10/0x10
[  152.331452][ T8658]  ? const_folio_flags.constprop.0+0x56/0x150
[  152.333022][ T8658]  ? __phys_addr_symbol+0x30/0x80
[  152.334321][ T8658]  ? __check_object_size+0x488/0x710
[  152.335685][ T8658]  netlink_sendmsg+0x8b8/0xd70
[  152.336936][ T8658]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.338311][ T8658]  ? trace_contention_end+0xee/0x140
[  152.339629][ T8658]  sock_sendmsg+0x369/0x410
[  152.340794][ T8658]  ? __pfx_sock_sendmsg+0x10/0x10
[  152.342102][ T8658]  splice_to_socket+0xaac/0x1040
[  152.343395][ T8658]  ? __pfx_splice_to_socket+0x10/0x10
[  152.344805][ T8658]  ? apparmor_file_permission+0x251/0x400
[  152.346302][ T8658]  ? bpf_lsm_file_permission+0x9/0x10
[  152.347692][ T8658]  ? security_file_permission+0x71/0x210
[  152.349142][ T8658]  ? __pfx_splice_to_socket+0x10/0x10
[  152.350536][ T8658]  do_splice+0x145c/0x1f60
[  152.351716][ T8658]  ? __pfx_do_splice+0x10/0x10
[  152.352978][ T8658]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  152.354387][ T8658]  ? __pfx_lock_release+0x10/0x10
[  152.355659][ T8658]  ? trace_lock_acquire+0x14e/0x1f0
[  152.357012][ T8658]  __do_splice+0x327/0x360
[  152.358169][ T8658]  ? __pfx___do_splice+0x10/0x10
[  152.359451][ T8658]  ? __fget_files+0x206/0x3a0
[  152.360676][ T8658]  __ia32_sys_splice+0x189/0x250
[  152.362087][ T8658]  __do_fast_syscall_32+0x73/0x120
[  152.363430][ T8658]  do_fast_syscall_32+0x32/0x80
[  152.364711][ T8658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  152.366346][ T8658] RIP: 0023:0xf7fb7579
[  152.367410][ T8658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  152.372368][ T8658] RSP: 002b:00000000f511557c EFLAGS: 00000292 ORIG_RAX: 0000000000000139
[  152.374676][ T8658] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  152.376744][ T8658] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 000000000004ffe6
[  152.378793][ T8658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  152.380842][ T8658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  152.383400][ T8658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  152.386166][ T8658]  </TASK>
[  152.494070][ T8664] FAULT_INJECTION: forcing a failure.
[  152.494070][ T8664] name failslab, interval 1, probability 0, space 0, times 0
[  152.497814][ T8664] CPU: 0 UID: 0 PID: 8664 Comm: syz.3.595 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  152.500562][ T8664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.503338][ T8664] Call Trace:
[  152.504224][ T8664]  <TASK>
[  152.505012][ T8664]  dump_stack_lvl+0x16c/0x1f0
[  152.506261][ T8664]  should_fail_ex+0x497/0x5b0
[  152.507516][ T8664]  ? fs_reclaim_acquire+0xae/0x150
[  152.508879][ T8664]  should_failslab+0xc2/0x120
[  152.510138][ T8664]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  152.511672][ T8664]  ? __alloc_skb+0x2b3/0x380
[  152.512909][ T8664]  __alloc_skb+0x2b3/0x380
[  152.514088][ T8664]  ? __pfx___alloc_skb+0x10/0x10
[  152.515398][ T8664]  ? lock_acquire+0x2f/0xb0
[  152.516514][ T8664]  netlink_alloc_large_skb+0x69/0x130
[  152.517122][ T8666] bond0: entered promiscuous mode
[  152.517912][ T8664]  netlink_sendmsg+0x689/0xd70
[  152.519454][ T8666] bond_slave_0: entered promiscuous mode
[  152.520710][ T8664]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.522532][ T8666] bond_slave_1: entered promiscuous mode
[  152.523805][ T8664]  ____sys_sendmsg+0x9ae/0xb40
[  152.526999][ T8664]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.528429][ T8664]  ? get_compat_msghdr+0x11b/0x170
[  152.529782][ T8664]  ___sys_sendmsg+0x135/0x1e0
[  152.530474][ T8666] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.531031][ T8664]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.534515][ T8664]  ? __pfx_lock_release+0x10/0x10
[  152.535858][ T8664]  ? trace_lock_acquire+0x14e/0x1f0
[  152.537243][ T8664]  ? __fget_files+0x206/0x3a0
[  152.538517][ T8664]  __sys_sendmsg+0x16e/0x220
[  152.539761][ T8664]  ? __pfx___sys_sendmsg+0x10/0x10
[  152.541120][ T8664]  __do_fast_syscall_32+0x73/0x120
[  152.542437][ T8664]  do_fast_syscall_32+0x32/0x80
[  152.543693][ T8664]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  152.545372][ T8664] RIP: 0023:0xf743e579
[  152.546475][ T8664] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  152.551510][ T8664] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  152.553701][ T8664] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  152.555769][ T8664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  152.557843][ T8664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  152.559921][ T8664] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  152.561990][ T8664] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  152.564003][ T8664]  </TASK>
[  152.564888][    C0] vkms_vblank_simulate: vblank timer overrun
[  152.576723][ T8666] bond0: left promiscuous mode
[  152.578051][ T8666] bond_slave_0: left promiscuous mode
[  152.579542][ T8666] bond_slave_1: left promiscuous mode
[  152.638548][ T8671] binder: 8670:8671 ioctl c0306201 200006c0 returned -14
[  152.730599][ T8678] FAULT_INJECTION: forcing a failure.
[  152.730599][ T8678] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  152.736362][ T8678] CPU: 2 UID: 0 PID: 8678 Comm: syz.2.599 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  152.739081][ T8678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.742427][ T8678] Call Trace:
[  152.743513][ T8678]  <TASK>
[  152.744496][ T8678]  dump_stack_lvl+0x16c/0x1f0
[  152.746065][ T8678]  should_fail_ex+0x497/0x5b0
[  152.747536][ T8678]  ? fs_reclaim_acquire+0xae/0x150
[  152.749187][ T8678]  should_fail_alloc_page+0xe7/0x130
[  152.750889][ T8678]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  152.752864][ T8678]  __alloc_pages_noprof+0x190/0x25b0
[  152.754635][ T8678]  ? __pfx_mark_lock+0x10/0x10
[  152.756213][ T8678]  ? __pfx_mark_lock+0x10/0x10
[  152.757651][ T8678]  ? hlock_class+0x4e/0x130
[  152.758732][ T8678]  ? mark_lock+0xb5/0xc60
[  152.759811][ T8678]  ? __lock_acquire+0xcc5/0x3c40
[  152.761018][ T8678]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  152.762434][ T8678]  ? __bfs+0x2fa/0x670
[  152.763462][ T8678]  ? __pfx_usage_accumulate+0x10/0x10
[  152.764947][ T8678]  ? hlock_class+0x4e/0x130
[  152.766078][ T8678]  ? mark_lock+0xb5/0xc60
[  152.767174][ T8678]  ? hlock_class+0x4e/0x130
[  152.768339][ T8678]  ? __lock_acquire+0xcc5/0x3c40
[  152.769620][ T8678]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  152.771174][ T8678]  ? policy_nodemask+0xea/0x4e0
[  152.772434][ T8678]  alloc_pages_mpol_noprof+0x2c9/0x610
[  152.773754][ T8678]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  152.775263][ T8678]  ? find_held_lock+0x2d/0x110
[  152.776481][ T8678]  folio_alloc_mpol_noprof+0x36/0xd0
[  152.777845][ T8678]  shmem_alloc_folio+0x135/0x160
[  152.779137][ T8678]  shmem_alloc_and_add_folio+0x48b/0xc00
[  152.780641][ T8678]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  152.782198][ T8678]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  152.783817][ T8678]  ? shmem_huge_global_enabled+0x176/0x250
[  152.785304][ T8678]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[  152.787193][ T8678]  shmem_get_folio_gfp+0x689/0x1530
[  152.788834][ T8678]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  152.790593][ T8678]  shmem_fault+0x200/0xae0
[  152.792029][ T8678]  ? __switch_to+0x749/0x1190
[  152.793260][ T8678]  ? __pfx_shmem_fault+0x10/0x10
[  152.794612][ T8678]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  152.796074][ T8678]  ? rcu_is_watching+0x12/0xc0
[  152.797329][ T8678]  ? __pfx_filemap_map_pages+0x10/0x10
[  152.798753][ T8678]  __do_fault+0x10a/0x490
[  152.799893][ T8678]  ? __pfx_filemap_map_pages+0x10/0x10
[  152.801309][ T8678]  do_pte_missing+0x1a8/0x3e00
[  152.802573][ T8678]  __handle_mm_fault+0x103c/0x2a40
[  152.803921][ T8678]  ? __pfx___handle_mm_fault+0x10/0x10
[  152.805388][ T8678]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  152.806900][ T8678]  ? rcu_preempt_deferred_qs_irqrestore+0x505/0xb80
[  152.808633][ T8678]  ? follow_page_pte+0x3f7/0x1b20
[  152.809905][ T8678]  handle_mm_fault+0x3fa/0xaa0
[  152.811124][ T8678]  __get_user_pages+0x8d9/0x3b50
[  152.812396][ T8678]  ? __pfx___get_user_pages+0x10/0x10
[  152.813782][ T8678]  ? down_read_killable+0xcc/0x380
[  152.815078][ T8678]  ? __pfx_down_read_killable+0x10/0x10
[  152.816490][ T8678]  ? mark_lock+0xb5/0xc60
[  152.817578][ T8678]  ? __pfx___lock_acquire+0x10/0x10
[  152.818871][ T8678]  __gup_longterm_locked+0x5ff/0x1870
[  152.820201][ T8678]  ? __pfx___gup_longterm_locked+0x10/0x10
[  152.821660][ T8678]  ? gup_fast_fallback+0x84c/0x2690
[  152.822976][ T8678]  ? __pfx_lock_release+0x10/0x10
[  152.824266][ T8678]  ? sanity_check_pinned_pages+0x23/0x11c0
[  152.825942][ T8678]  gup_fast_fallback+0x1802/0x2690
[  152.827269][ T8678]  ? __pfx_gup_fast_fallback+0x10/0x10
[  152.828697][ T8678]  ? rcu_is_watching+0x12/0xc0
[  152.829941][ T8678]  pin_user_pages_fast+0xa8/0x100
[  152.831251][ T8678]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  152.832708][ T8678]  io_pin_pages+0xe1/0x1e0
[  152.833894][ T8678]  io_sqe_buffer_register+0x22f/0x22d0
[  152.835334][ T8678]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[  152.836860][ T8678]  ? iovec_from_user.part.0+0x7e/0x130
[  152.838275][ T8678]  io_sqe_buffers_register+0x1fa/0x740
[  152.839652][ T8678]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[  152.841175][ T8678]  ? __pfx___mutex_trylock_common+0x10/0x10
[  152.842695][ T8678]  __io_uring_register+0x222f/0x2290
[  152.844047][ T8678]  ? trace_contention_end+0xee/0x140
[  152.845493][ T8678]  ? __pfx___io_uring_register+0x10/0x10
[  152.846944][ T8678]  ? __mutex_lock+0x1cc/0xa60
[  152.848175][ T8678]  ? __fget_files+0x1fc/0x3a0
[  152.849400][ T8678]  ? __ia32_sys_io_uring_register+0x167/0x2b0
[  152.850984][ T8678]  ? __pfx_lock_release+0x10/0x10
[  152.852296][ T8678]  ? __pfx___mutex_lock+0x10/0x10
[  152.853589][ T8678]  ? __fget_files+0x40/0x3a0
[  152.854774][ T8678]  ? __fget_files+0x206/0x3a0
[  152.855986][ T8678]  __ia32_sys_io_uring_register+0x17a/0x2b0
[  152.857429][ T8678]  __do_fast_syscall_32+0x73/0x120
[  152.858710][ T8678]  do_fast_syscall_32+0x32/0x80
[  152.860005][ T8678]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  152.861597][ T8678] RIP: 0023:0xf7f07579
[  152.862614][ T8678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  152.868379][ T8678] RSP: 002b:00000000f506557c EFLAGS: 00000292 ORIG_RAX: 00000000000001ab
[  152.870515][ T8678] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  152.872522][ T8678] RDX: 00000000200002c0 RSI: 000000000000011a RDI: 0000000000000000
[  152.874518][ T8678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  152.876816][ T8678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  152.879304][ T8678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  152.881699][ T8678]  </TASK>
[  153.005506][ T6010] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  153.181065][ T6010] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  153.183909][ T6010] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  153.186511][ T6010] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  153.188828][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.193133][ T8680] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  153.196363][ T6010] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  153.405457][ T5954] Bluetooth: hci1: command 0x0c1a tx timeout
[  153.946963][ T8688] virtio-fs: tag <(null)> not found
[  153.987255][ T5945] usb 8-1: USB disconnect, device number 15
[  154.115565][ T5954] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.117204][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  155.337169][ T8709] binder: 8708:8709 ioctl c0306201 200006c0 returned -14
[  155.513729][ T8719] netlink: 'syz.1.610': attribute type 10 has an invalid length.
[  155.516710][ T8719] team0: Device batadv0 is of different type
[  155.926239][ T8728] tmpfs: Unknown parameter 'use'
[  156.338781][ T8736] netlink: 'syz.1.617': attribute type 10 has an invalid length.
[  156.340798][ T8736] team0: Device batadv0 is of different type
[  156.577018][ T8741] __nla_validate_parse: 1 callbacks suppressed
[  156.577029][ T8741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'.
[  156.644102][ T8747] binder: 8746:8747 ioctl c0306201 200006c0 returned -14
[  156.683991][ T8749] usb 2-1: USB disconnect, device number 3
[  156.862488][ T8755] netlink: 'syz.2.622': attribute type 10 has an invalid length.
[  157.115465][ T6010] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  157.165018][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.168031][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.170144][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.175389][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.177354][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.179299][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.181570][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.192870][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.195593][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.198055][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.200273][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.202965][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.205674][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.209901][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.213355][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.216027][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.218572][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.221138][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.224292][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.227197][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.230089][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.232524][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.234647][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.236786][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.238913][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.240882][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.242879][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.245186][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.247861][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.250205][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.252623][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.254843][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.257104][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.259154][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.261321][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.263821][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.266129][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.268574][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.271538][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.274350][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.276943][ T6010] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  157.279845][ T6010] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  157.282384][ T6010] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  157.284915][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.287209][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.289309][ T5990] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  157.289379][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.301268][ T5990] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  157.305570][ T8757] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  157.310702][ T6010] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  157.789605][ T8768] virtio-fs: tag <(null)> not found
[  157.966575][ T5945] usb 8-1: USB disconnect, device number 16
[  158.157653][ T8780] binder: 8779:8780 ioctl c0306201 200006c0 returned -14
[  158.448257][ T8787] netlink: 'syz.0.632': attribute type 10 has an invalid length.
[  158.457705][ T8787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.462598][ T8787] team0: Port device batadv0 added
[  158.941112][ T8796] wireguard7: entered promiscuous mode
[  159.185486][ T5945] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  159.245100][ T1327] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  159.345471][ T5945] usb 5-1: Using ep0 maxpacket: 8
[  159.352070][ T5945] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  159.355293][ T5945] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  159.358556][ T5945] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  159.361722][ T5945] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  159.369723][ T5945] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  159.374030][ T5945] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  159.377368][ T5945] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.395432][ T1327] usb 8-1: Using ep0 maxpacket: 8
[  159.398865][ T1327] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  159.400846][ T1327] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  159.403124][ T1327] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  159.405524][ T1327] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  159.407844][ T1327] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  159.410921][ T1327] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  159.413058][ T1327] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.610292][ T5945] usb 5-1: GET_CAPABILITIES returned 0
[  159.611741][ T5945] usbtmc 5-1:16.0: can't read capabilities
[  159.619603][ T1327] usb 8-1: usb_control_msg returned -32
[  159.621058][ T1327] usbtmc 8-1:16.0: can't read capabilities
[  160.083577][ T8804] nfs: Unknown parameter '
'
[  160.300945][ T8814] binder: 8813:8814 ioctl c0306201 200006c0 returned -14
[  160.532957][ T8820] tipc: Enabled bearer <udp:syz0>, priority 10
[  161.330017][ T8830] netlink: 'syz.2.642': attribute type 10 has an invalid length.
[  161.626195][ T5945] usb 8-1: USB disconnect, device number 17
[  161.716171][   T25] usb 5-1: USB disconnect, device number 15
[  162.372151][ T8851] binder: 8850:8851 ioctl c0306201 200006c0 returned -14
[  162.525191][ T8855] netlink: 'syz.1.650': attribute type 10 has an invalid length.
[  162.542310][ T8855] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  162.941973][ T8866] wireguard8: entered promiscuous mode
[  162.947989][ T8863] netlink: 'syz.2.652': attribute type 10 has an invalid length.
[  163.205434][ T6040] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  163.648010][ T6040] usb 5-1: Using ep0 maxpacket: 8
[  163.651270][ T6040] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  163.653435][ T6040] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  163.665765][ T6040] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  163.668269][ T6040] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  163.670732][ T6040] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  163.674241][ T6040] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  163.684750][ T6040] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.695541][ T8875] wireguard6: entered promiscuous mode
[  163.719427][ T8878] syzkaller0: entered promiscuous mode
[  163.721366][ T8878] syzkaller0: entered allmulticast mode
[  163.739379][ T8878] overlayfs: missing 'lowerdir'
[  163.805742][ T8882] netlink: 20 bytes leftover after parsing attributes in process `syz.1.656'.
[  163.808855][ T8882] nbd: must specify at least one socket
[  163.899917][ T6040] usb 5-1: usb_control_msg returned -32
[  163.905369][ T6040] usbtmc 5-1:16.0: can't read capabilities
[  164.669164][ T8887] binder: 8886:8887 ioctl c0306201 200006c0 returned -14
[  165.374107][ T8894] wireguard7: entered promiscuous mode
[  165.405493][ T5945] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  165.565473][ T5945] usb 8-1: Using ep0 maxpacket: 8
[  165.569007][ T5945] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  165.571769][ T5945] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  165.574930][ T5945] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  165.578334][ T5945] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  165.581685][ T5945] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  165.586034][ T5945] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  165.589124][ T5945] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.837468][ T5945] usb 8-1: usb_control_msg returned -32
[  165.841946][ T5945] usbtmc 8-1:16.0: can't read capabilities
[  166.460639][ T5945] usb 5-1: USB disconnect, device number 16
[  166.934176][ T8909] netlink: 'syz.0.663': attribute type 10 has an invalid length.
[  167.225555][ T1327] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  167.375594][ T1327] usb 6-1: Using ep0 maxpacket: 16
[  167.378705][ T1327] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.381866][ T1327] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.384713][ T1327] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  167.388439][ T1327] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  167.391369][ T1327] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.394718][ T1327] usb 6-1: config 0 descriptor??
[  167.789373][ T5945] usb 8-1: USB disconnect, device number 18
[  167.805165][ T1327] input: HID 0955:7214 Haptics as /devices/virtual/input/input10
[  167.813759][ T1327] shield 0003:0955:7214.0004: Registered Thunderstrike controller
[  167.816414][ T1327] shield 0003:0955:7214.0004: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  168.003183][ T8911] random: crng reseeded on system resumption
[  168.021938][ T1327] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  168.025167][ T5983] usb 6-1: USB disconnect, device number 19
[  168.029071][ T1327] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  168.032325][ T1327] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  168.035062][ T1327] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  168.318723][ T8934] netlink: 24 bytes leftover after parsing attributes in process `syz.0.672'.
[  168.475427][ T6010] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  168.555729][ T5946] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  168.647017][ T6010] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  168.649749][ T6010] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  168.652103][ T6010] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  168.652406][ T8951] netlink: 72 bytes leftover after parsing attributes in process `syz.1.679'.
[  168.654460][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.660081][ T8928] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  168.663128][ T6010] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  168.775478][ T5990] usb 5-1: new low-speed USB device number 17 using dummy_hcd
[  168.936998][ T5990] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.939573][ T5990] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  168.941843][ T5990] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  168.944535][ T5990] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  168.947057][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.950606][ T8943] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  168.953443][ T5990] hub 5-1:1.0: bad descriptor, ignoring hub
[  168.955039][ T5990] hub 5-1:1.0: probe with driver hub failed with error -5
[  168.957402][ T5990] cdc_wdm 5-1:1.0: skipping garbage
[  168.958808][ T5990] cdc_wdm 5-1:1.0: skipping garbage
[  168.960729][ T5990] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  168.962258][ T5990] cdc_wdm 5-1:1.0: Unknown control protocol
[  169.075458][ T5984] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  169.155265][ T8960] virtio-fs: tag <(null)> not found
[  169.188052][ T5945] usb 8-1: USB disconnect, device number 19
[  169.227757][ T5984] usb 6-1: unable to get BOS descriptor or descriptor too short
[  169.230918][ T5984] usb 6-1: config index 0 descriptor too short (expected 27686, got 38)
[  169.233356][ T5984] usb 6-1: config 143 has an invalid descriptor of length 135, skipping remainder of the config
[  169.236592][ T5984] usb 6-1: config 143 has 0 interfaces, different from the descriptor's value: 32
[  169.241288][ T5984] usb 6-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  169.243978][ T5984] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.247661][ T5984] usb 6-1: Product: syz
[  169.249234][ T5984] usb 6-1: Manufacturer: syz
[  169.250687][ T5984] usb 6-1: SerialNumber: syz
[  169.265539][ T5990] usb 5-1: USB disconnect, device number 17
[  169.463790][ T8957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.472196][ T8957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.482517][ T5984] usb 6-1: USB disconnect, device number 20
[  170.840829][ T8993] input: syz0 as /devices/virtual/input/input11
[  171.202499][ T9012] netlink: 56 bytes leftover after parsing attributes in process `syz.3.699'.
[  171.910210][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.428250][ T9062] netlink: 'syz.1.720': attribute type 18 has an invalid length.
[  172.962006][ T9100] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.328562][ T9113] netlink: 'syz.2.735': attribute type 1 has an invalid length.
[  173.330913][ T9113] netlink: 'syz.2.735': attribute type 4 has an invalid length.
[  173.332979][ T9113] netlink: 212 bytes leftover after parsing attributes in process `syz.2.735'.
[  173.413895][ T9119] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  173.445872][ T5946] Bluetooth: hci1: unexpected event for opcode 0x2023
[  173.549549][ T9128] bridge0: left allmulticast mode
[  173.718725][ T9140] netlink: 'syz.1.748': attribute type 3 has an invalid length.
[  174.053948][ T9161] binder: Bad value for 'max'
[  174.992931][ T9184] netlink: 64 bytes leftover after parsing attributes in process `syz.3.765'.
[  174.995409][ T9184] netlink: 52 bytes leftover after parsing attributes in process `syz.3.765'.
[  174.997880][ T9184] unsupported nlmsg_type 40
[  176.038783][ T5946] Bluetooth: hci2: unexpected event for opcode 0x1004
[  176.648968][ T9221] netlink: 256 bytes leftover after parsing attributes in process `syz.1.779'.
[  178.067122][ T9255] netlink: 8 bytes leftover after parsing attributes in process `syz.0.792'.
[  178.639912][ T9259] bridge0: port 1(syz_tun) entered blocking state
[  178.642121][ T9259] bridge0: port 1(syz_tun) entered disabled state
[  178.643982][ T9259] syz_tun: entered allmulticast mode
[  178.646993][ T9259] syz_tun: entered promiscuous mode
[  178.649787][ T9259] bridge0: port 1(syz_tun) entered blocking state
[  178.651575][ T9259] bridge0: port 1(syz_tun) entered forwarding state
[  179.789537][ T5946] Bluetooth: hci1: unexpected event for opcode 0x0413
[  179.815466][ T9290] netlink: 208 bytes leftover after parsing attributes in process `syz.2.806'.
[  179.881526][ T9295] binder_alloc: 9294: binder_alloc_buf, no vma
[  180.118015][ T5946] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  180.120325][ T5946] Bluetooth: hci2: Injecting HCI hardware error event
[  180.123216][ T5954] Bluetooth: hci2: hardware error 0x00
[  180.197678][ T9317] binder_alloc: 9316: binder_alloc_buf, no vma
[  180.216755][ T9315] netlink: 168 bytes leftover after parsing attributes in process `syz.2.816'.
[  180.367413][ T6040] IPVS: starting estimator thread 0...
[  180.392480][ T9332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.824'.
[  180.449402][ T9339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.824'.
[  180.465518][ T9330] IPVS: using max 38 ests per chain, 91200 per kthread
[  180.814740][ T9358] syz.1.836 (9358): drop_caches: 2
[  180.911640][ T9364] netlink: 64 bytes leftover after parsing attributes in process `syz.1.839'.
[  180.914311][ T9364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.839'.
[  181.078429][ T5946] Bluetooth: hci3: Malformed LE Event: 0x1b
[  182.195850][ T5954] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  182.611086][ T9415] netlink: 'syz.2.859': attribute type 2 has an invalid length.
[  182.723139][ T9423] vlan2: entered promiscuous mode
[  183.547219][ T9440] netlink: 64 bytes leftover after parsing attributes in process `syz.2.868'.
[  183.550537][ T9440] netlink: 52 bytes leftover after parsing attributes in process `syz.2.868'.
[  183.579617][ T5954] Bluetooth: hci1: unexpected event for opcode 0x2041
[  183.811538][ T9461] vlan2: entered promiscuous mode
[  183.813333][ T9461] dummy0: entered promiscuous mode
[  183.817871][ T9461] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  183.971027][ T9470] netlink: 64 bytes leftover after parsing attributes in process `syz.2.881'.
[  183.973460][ T9470] netlink: 52 bytes leftover after parsing attributes in process `syz.2.881'.
[  184.002191][ T9472] binder: BINDER_SET_CONTEXT_MGR already set
[  184.004928][ T9472] binder: 9471:9472 ioctl 4018620d 20000040 returned -16
[  184.402447][ T9490] netlink: 'syz.2.890': attribute type 1 has an invalid length.
[  184.405265][ T9490] netlink: 236 bytes leftover after parsing attributes in process `syz.2.890'.
[  184.715940][ T9513] netlink: 'syz.1.900': attribute type 1 has an invalid length.
[  184.718003][ T9513] netlink: 236 bytes leftover after parsing attributes in process `syz.1.900'.
[  185.324394][ T9541] binder: 9540:9541 ioctl c0306201 20000000 returned -14
[  185.335479][ T5983] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  185.352712][ T9543] netlink: 64 bytes leftover after parsing attributes in process `syz.2.912'.
[  185.355122][ T9543] netlink: 52 bytes leftover after parsing attributes in process `syz.2.912'.
[  185.505618][ T5983] usb 6-1: Using ep0 maxpacket: 32
[  185.516211][ T5983] usb 6-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=88.ea
[  185.518699][ T5983] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.520792][ T5983] usb 6-1: Product: syz
[  185.521892][ T5983] usb 6-1: Manufacturer: syz
[  185.523117][ T5983] usb 6-1: SerialNumber: syz
[  185.525268][ T5983] usb 6-1: config 0 descriptor??
[  185.528176][ T5983] ati_remote 6-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  186.321322][ T9568] netlink: 64 bytes leftover after parsing attributes in process `syz.2.921'.
[  186.323930][ T9568] netlink: 52 bytes leftover after parsing attributes in process `syz.2.921'.
[  186.520106][ T9574] netlink: 'syz.0.924': attribute type 1 has an invalid length.
[  187.007607][ T5954] block nbd0: Receive control failed (result -32)
[  187.013333][ T9599] block nbd0: shutting down sockets
[  187.024713][ T9610] netlink: 'syz.2.941': attribute type 29 has an invalid length.
[  187.028097][ T9610] netlink: 'syz.2.941': attribute type 29 has an invalid length.
[  187.030574][ T9610] netlink: 'syz.2.941': attribute type 29 has an invalid length.
[  187.214878][ T9629] netlink: 'syz.2.949': attribute type 1 has an invalid length.
[  187.250728][ T5954] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  188.114656][ T5984] usb 6-1: USB disconnect, device number 21
[  188.760117][ T9651] netlink: 'syz.0.958': attribute type 1 has an invalid length.
[  188.762199][ T9651] __nla_validate_parse: 8 callbacks suppressed
[  188.762206][ T9651] netlink: 236 bytes leftover after parsing attributes in process `syz.0.958'.
[  188.951419][ T9669] netlink: 64 bytes leftover after parsing attributes in process `syz.0.967'.
[  188.953791][ T9669] netlink: 52 bytes leftover after parsing attributes in process `syz.0.967'.
[  188.982976][ T9672] netlink: 'syz.0.968': attribute type 1 has an invalid length.
[  188.985016][ T9672] netlink: 236 bytes leftover after parsing attributes in process `syz.0.968'.
[  189.122327][ T9678] netlink: 'syz.0.970': attribute type 10 has an invalid length.
[  189.645521][   T30] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  189.754916][ T9685] binder: 9684:9685 ioctl c0306201 200006c0 returned -14
[  189.809129][   T30] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  189.812753][   T30] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  189.817274][   T30] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  189.819643][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.823217][ T9683] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  189.830239][   T30] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  190.191275][ T9695] wireguard8: entered promiscuous mode
[  190.300131][ T9700] virtio-fs: tag <(null)> not found
[  190.333979][ T5984] usb 5-1: USB disconnect, device number 18
[  190.425470][   T30] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  190.575385][   T30] usb 8-1: Using ep0 maxpacket: 8
[  190.578041][   T30] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  190.580213][   T30] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  190.582941][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  190.586316][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  190.589603][   T30] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  190.592808][   T30] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  190.595885][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.662930][ T9705] netlink: 'syz.1.977': attribute type 1 has an invalid length.
[  190.664978][ T9705] netlink: 236 bytes leftover after parsing attributes in process `syz.1.977'.
[  190.713351][ T9708] netlink: 64 bytes leftover after parsing attributes in process `syz.1.978'.
[  190.716700][ T9708] netlink: 52 bytes leftover after parsing attributes in process `syz.1.978'.
[  190.807358][   T30] usb 8-1: GET_CAPABILITIES returned 0
[  190.809293][   T30] usbtmc 8-1:16.0: can't read capabilities
[  191.147363][ T9715] netlink: 'syz.0.980': attribute type 10 has an invalid length.
[  192.606053][ T9735] netlink: 'syz.0.986': attribute type 1 has an invalid length.
[  192.608059][ T9735] netlink: 236 bytes leftover after parsing attributes in process `syz.0.986'.
[  192.914985][   T30] usb 8-1: USB disconnect, device number 20
[  193.176130][ T9754] fuse: Bad value for 'fd'
[  193.194540][ T9756] netlink: 'syz.0.996': attribute type 1 has an invalid length.
[  193.197300][ T9756] netlink: 236 bytes leftover after parsing attributes in process `syz.0.996'.
[  193.465661][ T5952] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  193.616617][ T5952] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  193.620206][ T5952] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  193.623493][ T5952] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  193.626719][ T5952] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.631054][ T9762] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  193.634724][ T5952] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  194.111109][   T30] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  194.197513][ T9786] virtio-fs: tag <(null)> not found
[  194.220962][ T5952] usb 5-1: USB disconnect, device number 19
[  194.465405][   T30] usb 6-1: Using ep0 maxpacket: 8
[  194.470876][   T30] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  194.473054][   T30] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  194.475995][   T30] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  194.478480][   T30] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  194.481070][   T30] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  194.484474][   T30] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  194.486893][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.712951][   T30] usb 6-1: usb_control_msg returned -32
[  194.714525][   T30] usbtmc 6-1:16.0: can't read capabilities
[  195.415520][ T5952] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  195.566675][ T5952] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  195.569612][ T5952] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  195.572302][ T5952] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  195.574681][ T5952] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.578380][ T9807] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  195.581701][ T5952] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  196.087425][ T9819] virtio-fs: tag <(null)> not found
[  196.196647][   T30] usb 8-1: USB disconnect, device number 21
[  196.674213][ T6011] usb 6-1: USB disconnect, device number 22
[  197.059707][ T9828] netlink: 'syz.1.1017': attribute type 10 has an invalid length.
[  197.061875][ T9828] team0: Device batadv0 is of different type
[  198.991660][ T9867] netlink: 'syz.3.1030': attribute type 10 has an invalid length.
[  199.905473][ T6010] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  200.055089][ T9889] netlink: 'syz.0.1038': attribute type 10 has an invalid length.
[  200.055402][ T6010] usb 8-1: Using ep0 maxpacket: 8
[  200.060889][ T6010] usb 8-1: config 0 has no interfaces?
[  200.062322][ T6010] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  200.064620][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.067512][ T6010] usb 8-1: config 0 descriptor??
[  200.280554][ T5983] usb 8-1: USB disconnect, device number 22
[  200.292030][ T9892] binder: 9891:9892 ioctl c0306201 200006c0 returned -14
[  200.504026][ T9901] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  200.745411][ T5983] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  200.887970][ T9917] binder: 9916:9917 ioctl c0306201 200006c0 returned -14
[  200.895513][ T5983] usb 5-1: Using ep0 maxpacket: 8
[  200.898440][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.901209][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.908648][ T5983] usb 5-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  200.910984][ T5983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.914549][ T5983] usb 5-1: config 0 descriptor??
[  200.919032][ T5983] usbhid 5-1:0.0: can't add hid device: -22
[  200.920965][ T5983] usbhid 5-1:0.0: probe with driver usbhid failed with error -22
[  200.990965][ T9922] binder: 9921:9922 ioctl c0306201 200006c0 returned -14
[  201.206276][ T6040] usb 5-1: USB disconnect, device number 20
[  201.499220][ T9926] syz.3.1051: attempt to access beyond end of device
[  201.499220][ T9926] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  201.503921][ T9926] (syz.3.1051,9926,0):ocfs2_get_sector:1769 ERROR: status = -5
[  201.507372][ T9926] (syz.3.1051,9926,0):ocfs2_sb_probe:749 ERROR: status = -5
[  201.509178][ T9926] (syz.3.1051,9926,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  201.511428][ T9926] (syz.3.1051,9926,0):ocfs2_fill_super:1178 ERROR: status = -5
[  201.755410][ T6040] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  201.837992][ T9950] netlink: 'syz.3.1059': attribute type 10 has an invalid length.
[  201.976488][ T6040] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  201.979402][ T6040] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  201.981951][ T6040] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  201.984326][ T6040] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.117421][ T9928] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  202.124252][ T6040] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  202.792414][ T9960] virtio-fs: tag <(null)> not found
[  202.811683][ T6010] usb 6-1: USB disconnect, device number 23
[  203.194941][ T9965] netlink: 'syz.0.1063': attribute type 1 has an invalid length.
[  203.197129][ T9965] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1063'.
[  203.404373][ T9970] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  203.406093][ T9970] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  203.408448][ T9970] vhci_hcd vhci_hcd.0: Device attached
[  203.655496][ T5983] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  204.400447][ T9993] netlink: 'syz.1.1072': attribute type 10 has an invalid length.
[  204.402509][ T9993] team0: Device batadv0 is of different type
[  204.702494][ T9971] vhci_hcd: connection reset by peer
[  204.706814][   T11] vhci_hcd: stop threads
[  204.708315][   T11] vhci_hcd: release socket
[  204.710100][   T11] vhci_hcd: disconnect device
[  204.792728][T10007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'.
[  205.036005][T10026] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1086'.
[  205.269247][T10032] netlink: 'syz.0.1087': attribute type 10 has an invalid length.
[  205.315413][ T6040] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  205.465406][ T6040] usb 8-1: Using ep0 maxpacket: 8
[  205.468683][ T6040] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  205.472173][ T6040] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  205.475909][ T6040] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  205.479144][ T6040] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  205.483382][ T6040] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  205.486355][ T6040] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.565467][T10038] binder: 10037:10038 ioctl c0306201 200006c0 returned -14
[  205.692987][ T6040] usb 8-1: GET_CAPABILITIES returned 0
[  205.694512][ T6040] usbtmc 8-1:16.0: can't read capabilities
[  205.743323][T10045] netlink: 'syz.0.1092': attribute type 1 has an invalid length.
[  205.765450][T10045] 8021q: adding VLAN 0 to HW filter on device bond1
[  206.508388][   T30] usb 8-1: USB disconnect, device number 23
[  206.954575][T10067] wireguard9: entered promiscuous mode
[  207.384673][T10080] wireguard5: entered promiscuous mode
[  207.495401][   T30] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  207.646082][   T30] usb 8-1: Using ep0 maxpacket: 8
[  207.649099][   T30] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  207.651705][   T30] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  207.654464][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  207.657571][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  207.660882][   T30] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  207.665399][   T30] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  207.668440][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.675469][ T5984] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  207.809086][T10083] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1102'.
[  207.812413][T10083] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1102'.
[  207.845741][ T5984] usb 6-1: Using ep0 maxpacket: 8
[  207.848460][ T5984] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  207.850550][ T5984] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  207.851107][T10085] netlink: 'syz.0.1103': attribute type 1 has an invalid length.
[  207.852979][ T5984] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  207.855841][T10085] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1103'.
[  207.858290][ T5984] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  207.863910][ T5984] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  207.867441][ T5984] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  207.869815][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.877030][   T30] usb 8-1: usb_control_msg returned -32
[  207.878495][   T30] usbtmc 8-1:16.0: can't read capabilities
[  208.108958][ T5984] usb 6-1: usb_control_msg returned -32
[  208.110450][ T5984] usbtmc 6-1:16.0: can't read capabilities
[  208.155481][   T25] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  208.315449][   T25] usb 5-1: Using ep0 maxpacket: 16
[  208.318833][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.322470][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.325994][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  208.330439][   T25] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  208.333668][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.337986][   T25] usb 5-1: config 0 descriptor??
[  208.745679][   T25] input: HID 0955:7214 Haptics as /devices/virtual/input/input12
[  208.747757][ T5983] vhci_hcd: vhci_device speed not set
[  208.751782][   T25] shield 0003:0955:7214.0005: Registered Thunderstrike controller
[  208.753823][   T25] shield 0003:0955:7214.0005: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[  208.944387][T10087] random: crng reseeded on system resumption
[  208.959084][   T25] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  208.960663][ T6040] usb 5-1: USB disconnect, device number 21
[  208.962041][   T25] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  208.967027][   T25] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  208.970064][   T25] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  209.725649][   T30] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  209.780944][ T5984] usb 8-1: USB disconnect, device number 24
[  209.928783][   T30] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  209.931696][   T30] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  209.934322][   T30] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  209.936791][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.940311][T10089] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  209.944214][   T30] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  209.950755][T10091] binder: 10090:10091 ioctl c0306201 200006c0 returned -14
[  210.092963][ T5984] usb 6-1: USB disconnect, device number 24
[  210.458831][T10107] virtio-fs: tag <(null)> not found
[  210.640259][ T6010] usb 5-1: USB disconnect, device number 22
[  210.774201][T10117] netlink: 'syz.1.1112': attribute type 1 has an invalid length.
[  210.778197][T10117] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1112'.
[  211.006069][T10120] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1113'.
[  211.009629][T10120] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1113'.
[  211.170837][T10125] netlink: 'syz.3.1114': attribute type 10 has an invalid length.
[  211.395987][T10129] fuse: Bad value for 'group_id'
[  211.398206][T10129] fuse: Bad value for 'group_id'
[  211.771870][T10140] wireguard6: entered promiscuous mode
[  212.025856][   T25] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  212.195406][   T25] usb 6-1: Using ep0 maxpacket: 8
[  212.201775][   T25] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  212.204024][   T25] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  212.206760][   T25] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  212.209837][   T25] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  212.212429][   T25] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  212.216166][   T25] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  212.219313][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.434384][   T25] usb 6-1: usb_control_msg returned -32
[  212.438261][   T25] usbtmc 6-1:16.0: can't read capabilities
[  212.968689][T10157] netlink: 'syz.3.1124': attribute type 1 has an invalid length.
[  212.970761][T10157] netlink: 236 bytes leftover after parsing attributes in process `syz.3.1124'.
[  213.235471][   T25] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  213.386942][   T25] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  213.391088][   T25] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  213.394603][   T25] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  213.397965][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.405181][T10161] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  213.409998][   T25] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  213.871511][T10172] virtio-fs: tag <(null)> not found
[  213.924334][ T5984] usb 8-1: USB disconnect, device number 25
[  214.497820][   T25] usb 6-1: USB disconnect, device number 25
[  214.542327][T10179] input: syz0 as /devices/virtual/input/input13
[  214.777288][T10183] netlink: 'syz.1.1130': attribute type 10 has an invalid length.
[  214.779746][T10183] team0: Device batadv0 is of different type
[  214.785980][T10185] fuse: Bad value for 'group_id'
[  214.787335][T10185] fuse: Bad value for 'group_id'
[  214.852404][T10193] netlink: 'syz.0.1134': attribute type 1 has an invalid length.
[  214.855062][T10193] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1134'.
[  215.934028][T10209] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1139'.
[  215.936554][T10209] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1139'.
[  216.205480][ T6010] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  216.367630][ T6010] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  216.371007][ T6010] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  216.373444][ T6010] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  216.375845][ T6010] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.379138][T10211] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  216.382163][ T6010] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  216.475447][ T5984] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  216.483434][T10221] netlink: 'syz.3.1143': attribute type 10 has an invalid length.
[  216.625435][ T5984] usb 6-1: Using ep0 maxpacket: 8
[  216.628267][ T5984] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  216.630819][ T5984] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  216.634269][ T5984] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  216.637907][ T5984] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  216.641420][ T5984] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  216.646065][ T5984] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  216.649243][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.745985][T10229] netlink: 'syz.3.1145': attribute type 1 has an invalid length.
[  216.749027][T10229] netlink: 236 bytes leftover after parsing attributes in process `syz.3.1145'.
[  216.824956][T10232] virtio-fs: tag <(null)> not found
[  216.958524][ T5984] usb 6-1: usb_control_msg returned -32
[  216.960533][ T5984] usbtmc 6-1:16.0: can't read capabilities
[  216.965890][ T5984] usb 5-1: USB disconnect, device number 23
[  217.770238][T10244] netlink: 'syz.2.1150': attribute type 10 has an invalid length.
[  217.844034][T10249] binder: 10248:10249 ioctl c0306201 200006c0 returned -14
[  218.030180][T10257] netlink: 'syz.0.1155': attribute type 1 has an invalid length.
[  218.032892][T10257] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1155'.
[  218.306020][ T6010] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  218.477701][ T6010] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  218.480695][ T6010] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  218.483271][ T6010] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  218.486009][ T6010] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.491922][T10261] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  218.496473][ T6010] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  218.731684][T10272] binder: 10271:10272 ioctl c0306201 200006c0 returned -14
[  218.753616][   T30] usb 6-1: USB disconnect, device number 26
[  219.042445][T10289] virtio-fs: tag <(null)> not found
[  219.057974][ T6010] usb 5-1: USB disconnect, device number 24
[  219.398890][T10294] netlink: 'syz.3.1166': attribute type 1 has an invalid length.
[  219.401067][T10294] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1166'.
[  219.541314][T10301] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1168'.
[  219.543536][T10301] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1168'.
[  219.931559][T10307] wireguard9: entered promiscuous mode
[  220.079753][ T5954] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  220.205410][ T5984] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  220.238709][T10317] netlink: 'syz.1.1172': attribute type 10 has an invalid length.
[  220.241674][T10317] team0: Device batadv0 is of different type
[  220.332865][T10321] netlink: 'syz.3.1175': attribute type 1 has an invalid length.
[  220.334833][T10321] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1175'.
[  220.380470][T10324] binder: 10323:10324 ioctl c0306201 200006c0 returned -14
[  220.435519][ T5984] usb 5-1: Using ep0 maxpacket: 8
[  220.442890][ T5984] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  220.445160][ T5984] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  220.448032][ T5984] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  220.450705][ T5984] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  220.453416][ T5984] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  220.457094][ T5984] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  220.459691][ T5984] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.528362][T10329] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1177'.
[  220.528400][T10329] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1177'.
[  220.669130][ T5984] usb 5-1: usb_control_msg returned -32
[  220.671731][ T5984] usbtmc 5-1:16.0: can't read capabilities
[  220.815666][   T25] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  220.976778][   T25] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  220.979604][   T25] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  220.982083][   T25] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  220.984355][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.987835][T10333] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  220.990907][   T25] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  221.108293][T10342] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1182'.
[  221.415664][T10352] virtio-fs: tag <(null)> not found
[  221.651985][ T6010] usb 8-1: USB disconnect, device number 26
[  221.799457][T10356] binder: 10355:10356 ioctl c0306201 200006c0 returned -14
[  221.900954][T10360] 9pnet_fd: Insufficient options for proto=fd
[  222.049084][T10364] netlink: 'syz.1.1188': attribute type 10 has an invalid length.
[  222.054167][T10364] team0: Device batadv0 is of different type
[  222.266024][T10381] binder: 10380:10381 ioctl c0306201 200006c0 returned -14
[  222.410132][T10397] fuse: Unknown parameter 'grou00000000000000000000'
[  222.625432][ T6040] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  222.777711][ T6040] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  222.778086][ T5984] usb 5-1: USB disconnect, device number 25
[  222.790719][ T6040] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  222.793295][ T6040] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  222.795694][ T6040] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.799120][T10395] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  222.802354][ T6040] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  223.228454][ T5984] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  223.263934][T10414] virtio-fs: tag <(null)> not found
[  223.282350][ T6010] usb 6-1: USB disconnect, device number 27
[  223.390695][ T5984] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.394183][ T5984] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.398341][ T5984] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  223.402926][ T5984] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  223.405897][ T5984] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.411769][ T5984] usb 5-1: config 0 descriptor??
[  223.649143][T10425] binder: 10424:10425 ioctl c0306201 200006c0 returned -14
[  223.777769][T10429] fuse: Unknown parameter 'grou00000000000000000000'
[  223.897813][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.899793][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.901692][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.903589][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.905615][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x2
[  223.908550][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.910495][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.912389][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.914279][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.916371][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.918278][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.920167][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.922063][ T5984] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  223.924067][ T5984] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  223.928841][ T5984] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  223.959158][T10435] wireguard10: entered promiscuous mode
[  224.072543][T10439] SET target dimension over the limit!
[  224.098972][ T5984] usb 5-1: USB disconnect, device number 26
[  224.198346][ T6010] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  224.355446][ T6010] usb 8-1: Using ep0 maxpacket: 8
[  224.358804][ T6010] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  224.360974][ T6010] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  224.363522][ T6010] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  224.366109][ T6010] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  224.368697][ T6010] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  224.372058][ T6010] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  224.374370][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.581299][ T6010] usb 8-1: usb_control_msg returned -32
[  224.582842][ T6010] usbtmc 8-1:16.0: can't read capabilities
[  224.875530][ T6040] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  224.936233][T10453] binder: 10451:10453 ioctl 4018620d 0 returned -22
[  224.975745][T10449] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1217'.
[  225.035384][ T6040] usb 5-1: Using ep0 maxpacket: 16
[  225.041495][ T6040] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.045225][ T6040] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.050523][ T6040] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  225.062033][ T6040] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  225.065282][ T6040] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.068906][ T6040] usb 5-1: config 0 descriptor??
[  225.080627][T10457] netlink: 'syz.1.1219': attribute type 10 has an invalid length.
[  225.082814][T10457] team0: Device batadv0 is of different type
[  225.219955][T10459] binder: 10458:10459 ioctl c0306201 200006c0 returned -14
[  225.315458][T10463] fuse: Unknown parameter 'grou00000000000000000000'
[  225.475666][ T6040] input: HID 0955:7214 Haptics as /devices/virtual/input/input14
[  225.482340][ T6040] shield 0003:0955:7214.0007: Registered Thunderstrike controller
[  225.484450][ T6040] shield 0003:0955:7214.0007: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[  225.675968][T10442] random: crng reseeded on system resumption
[  225.682142][ T5320] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  225.685705][ T5320] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  225.688995][ T5320] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  225.692282][ T5320] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  225.695222][ T5952] usb 5-1: USB disconnect, device number 27
[  226.288720][T10479] FAULT_INJECTION: forcing a failure.
[  226.288720][T10479] name failslab, interval 1, probability 0, space 0, times 0
[  226.293429][T10479] CPU: 2 UID: 0 PID: 10479 Comm: syz.1.1226 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  226.297337][T10479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.301136][T10479] Call Trace:
[  226.302588][T10479]  <TASK>
[  226.303699][T10479]  dump_stack_lvl+0x16c/0x1f0
[  226.305437][T10479]  should_fail_ex+0x497/0x5b0
[  226.307183][T10479]  ? fs_reclaim_acquire+0xae/0x150
[  226.309069][T10479]  should_failslab+0xc2/0x120
[  226.310829][T10479]  __kmalloc_node_noprof+0xd1/0x520
[  226.312710][T10479]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  226.314658][T10479]  __kvmalloc_node_noprof+0xad/0x1a0
[  226.316576][T10479]  alloc_netdev_mqs+0xc4e/0x1320
[  226.318389][T10479]  rtnl_create_link+0xbed/0xf10
[  226.320190][T10479]  rtnl_newlink+0x10ba/0x1c10
[  226.321919][T10479]  ? __pfx_rtnl_newlink+0x10/0x10
[  226.323767][T10479]  ? __pfx___lock_acquire+0x10/0x10
[  226.325694][T10479]  ? kmem_cache_free+0x152/0x4c0
[  226.327552][T10479]  ? aa_get_newest_label+0x376/0x680
[  226.329516][T10479]  ? find_held_lock+0x2d/0x110
[  226.331351][T10479]  ? find_held_lock+0x2d/0x110
[  226.333130][T10479]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  226.335050][T10479]  ? __pfx_lock_release+0x10/0x10
[  226.336950][T10479]  ? trace_lock_acquire+0x14e/0x1f0
[  226.338853][T10479]  ? __pfx_rtnl_newlink+0x10/0x10
[  226.340719][T10479]  rtnetlink_rcv_msg+0x95b/0xea0
[  226.342528][T10479]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  226.344546][T10479]  ? __pfx___dev_queue_xmit+0x10/0x10
[  226.346499][T10479]  netlink_rcv_skb+0x165/0x410
[  226.348243][T10479]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  226.350256][T10479]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  226.352211][T10479]  ? netlink_deliver_tap+0x1ae/0xca0
[  226.354173][T10479]  netlink_unicast+0x53c/0x7f0
[  226.355947][T10479]  ? __pfx_netlink_unicast+0x10/0x10
[  226.358125][T10479]  ? __phys_addr_symbol+0x30/0x80
[  226.360005][T10479]  ? __check_object_size+0x488/0x710
[  226.361950][T10479]  netlink_sendmsg+0x8b8/0xd70
[  226.363740][T10479]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.365243][T10481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1227'.
[  226.365691][T10479]  ____sys_sendmsg+0x9ae/0xb40
[  226.365719][T10479]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.365740][T10479]  ? get_compat_msghdr+0x11b/0x170
[  226.374544][T10479]  ___sys_sendmsg+0x135/0x1e0
[  226.376305][T10479]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.378246][T10479]  ? __pfx_lock_release+0x10/0x10
[  226.380190][T10479]  ? trace_lock_acquire+0x14e/0x1f0
[  226.382137][T10479]  ? __fget_files+0x206/0x3a0
[  226.383894][T10479]  __sys_sendmsg+0x16e/0x220
[  226.385607][T10479]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.387517][T10479]  __do_fast_syscall_32+0x73/0x120
[  226.389438][T10479]  do_fast_syscall_32+0x32/0x80
[  226.391250][T10479]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.393562][T10479] RIP: 0023:0xf742e579
[  226.395082][T10479] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.402010][T10479] RSP: 002b:00000000f50f557c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  226.405028][T10479] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000180
[  226.407938][T10479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  226.410808][T10479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.413672][T10479] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.416575][T10479] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.419459][T10479]  </TASK>
[  226.425717][T10481] tipc: Started in network mode
[  226.427771][T10481] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  226.430376][T10481] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  226.433109][T10481] tipc: Enabled bearer <udp:syz1>, priority 10
[  227.272497][ T5984] usb 8-1: USB disconnect, device number 27
[  227.490638][T10492] binder: 10491:10492 ioctl c0306201 200006c0 returned -14
[  227.498439][T10495] fuse: Unknown parameter 'group_i00000000000000000000'
[  227.556848][ T5990] tipc: Node number set to 1
[  227.865424][ T1327] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  228.015458][ T1327] usb 8-1: Using ep0 maxpacket: 16
[  228.020635][ T1327] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.023536][ T1327] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.026159][ T1327] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  228.029475][ T1327] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  228.031727][ T1327] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.034472][ T1327] usb 8-1: config 0 descriptor??
[  228.204436][T10508] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  228.450887][ T1327] input: HID 0955:7214 Haptics as /devices/virtual/input/input15
[  228.471189][ T1327] shield 0003:0955:7214.0008: Registered Thunderstrike controller
[  228.474070][ T1327] shield 0003:0955:7214.0008: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  228.621740][T10520] wireguard10: entered promiscuous mode
[  228.645482][ T5983] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  228.648952][ T5983] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  228.653955][   T25] usb 8-1: USB disconnect, device number 28
[  228.655866][T10523] 9pnet_fd: Insufficient options for proto=fd
[  228.657183][ T5983] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  228.663927][ T5983] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  228.689857][T10525] fuse: Unknown parameter 'group_i00000000000000000000'
[  228.875478][ T5990] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  229.025393][ T5990] usb 5-1: Using ep0 maxpacket: 8
[  229.028040][ T5990] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  229.030164][ T5990] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  229.032605][ T5990] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  229.035099][ T5990] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  229.037863][ T5990] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  229.041190][ T5990] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  229.043516][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.095516][ T5984] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  229.210036][T10536] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1248'.
[  229.340654][ T5984] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  229.343657][ T5984] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  229.345578][ T5990] usb 5-1: usb_control_msg returned -32
[  229.346321][ T5984] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  229.347688][ T5990] usbtmc 5-1:16.0: can't read capabilities
[  229.350030][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.355570][T10530] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  229.358622][ T5984] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  229.359500][T10540] netlink: 'syz.3.1247': attribute type 10 has an invalid length.
[  229.887356][T10545] virtio-fs: tag <(null)> not found
[  229.900514][   T25] usb 6-1: USB disconnect, device number 28
[  230.692825][T10556] binder: 10555:10556 ioctl c0306201 0 returned -14
[  231.130752][T10568] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1257'.
[  231.185384][ T5984] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  231.254039][T10573] netlink: 'syz.1.1259': attribute type 10 has an invalid length.
[  231.256367][T10573] team0: Device batadv0 is of different type
[  231.365603][ T5984] usb 8-1: Using ep0 maxpacket: 16
[  231.368545][ T5984] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.371435][ T5984] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.373999][ T5984] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  231.377466][ T5984] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  231.380204][ T5984] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.383910][ T5984] usb 8-1: config 0 descriptor??
[  231.485392][   T30] usb 5-1: USB disconnect, device number 28
[  231.570906][T10577] binder: 10576:10577 ioctl c0306201 0 returned -14
[  231.679557][T10586] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1264'.
[  231.681926][T10586] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1264'.
[  231.841599][ T5984] input: HID 0955:7214 Haptics as /devices/virtual/input/input16
[  231.856920][ T5984] shield 0003:0955:7214.0009: Registered Thunderstrike controller
[  231.859056][ T5984] shield 0003:0955:7214.0009: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  231.867136][T10580] process 'syz.1.1260' launched './file0' with NULL argv: empty string added
[  231.899630][T10589] wireguard11: entered promiscuous mode
[  231.996641][ T5984] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  231.996751][ T5990] usb 8-1: USB disconnect, device number 29
[  231.999673][ T5984] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  232.006023][ T5984] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  232.008962][ T5984] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  232.145448][ T5952] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  232.295436][ T5952] usb 5-1: Using ep0 maxpacket: 8
[  232.298823][ T5952] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  232.301774][ T5952] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  232.305274][ T5952] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  232.308753][ T5952] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  232.312413][ T5952] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  232.317074][ T5952] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  232.320227][ T5952] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.363735][T10595] capability: warning: `syz.1.1267' uses 32-bit capabilities (legacy support in use)
[  232.523604][ T5952] usb 5-1: usb_control_msg returned -32
[  232.525088][ T5952] usbtmc 5-1:16.0: can't read capabilities
[  232.620646][T10599] netlink: 'syz.3.1268': attribute type 10 has an invalid length.
[  232.852740][T10596] syz.1.1267 (10596) used greatest stack depth: 20448 bytes left
[  232.930036][T10605] fuse: Unknown parameter 'group_id00000000000000000000'
[  233.195939][ T5990] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  233.299936][T10612] wireguard7: entered promiscuous mode
[  233.357455][ T5990] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 228, changing to 11
[  233.360488][ T5990] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  233.365568][ T5990] usb 8-1: New USB device found, idVendor=04b3, idProduct=3100, bcdDevice= 0.40
[  233.368480][ T5990] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.371241][ T5990] usb 8-1: Product: ࠾
[  233.372321][ T5990] usb 8-1: Manufacturer: 崻Ÿ⣗ꤥ빴幝减㖎抁飱꘨鳠觑ȹ⅂色芡긍㍣鮎䵞壨륱툮蛒궏⡎졪檴랇盛ំ꿌婸瑍ཁ᧛ᕙ舚璩恓ꌹ玞绪ꠍ愐㑨舕낽斗믦㕾쒚낥蕗꓈艔撚縲딦ꐇ寘찭庝먺狯醨眇뉱찇爹ꑍ젊嵱陟첃䌺夾轐睆젋
[  233.379661][ T5990] usb 8-1: SerialNumber: 쥵烦퐶嫁൒ﵑ≐仐̊鰊㷺뗿죜ႈ껬蕀ꗇ嵼஝佯㽱ࣙ뻀涭킾⬦녱ś脬荋嗢뒆須霻ꟕ髋ڈ᷎潢醿ꡫ濣寙聠鶴九舫葎㔟ת䱅圎뎡妣蘚鎶ﳬꃄ銛☧费⠗췉ჹ躂ޙ鰅ಛꨍὭ㄁极亢ﵓ蔪䔜﹘茻珛〲ꦕウ쫪ﯫ☀ᅗࢾㅩ삻ḁ뜞篁ﺖꌢ剐였
[  233.535795][ T6010] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  233.596999][ T5990] usbhid 8-1:1.0: can't add hid device: -71
[  233.598621][ T5990] usbhid 8-1:1.0: probe with driver usbhid failed with error -71
[  233.601165][ T5990] usb 8-1: USB disconnect, device number 30
[  233.695445][ T6010] usb 6-1: Using ep0 maxpacket: 8
[  233.698697][ T6010] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  233.701484][ T6010] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  233.704807][ T6010] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  233.708329][ T6010] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  233.711635][ T6010] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  233.716134][ T6010] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  233.719150][ T6010] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.932579][ T6010] usb 6-1: usb_control_msg returned -32
[  233.934106][ T6010] usbtmc 6-1:16.0: can't read capabilities
[  234.124487][T10615] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1273'.
[  234.127081][T10615] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1273'.
[  234.729696][ T6011] usb 5-1: USB disconnect, device number 29
[  234.739204][ T5984] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  234.853399][T10631] binder: 10630:10631 ioctl c0306201 0 returned -14
[  234.854612][T10629] netlink: 'syz.2.1278': attribute type 10 has an invalid length.
[  234.895616][ T5984] usb 8-1: Using ep0 maxpacket: 16
[  234.898268][ T5984] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.901020][ T5984] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.903415][ T5984] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  234.906709][ T5984] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  234.908957][ T5984] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.911877][ T5984] usb 8-1: config 0 descriptor??
[  235.005677][T10637] fuse: Bad value for 'user_id'
[  235.007475][T10637] fuse: Bad value for 'user_id'
[  235.041603][T10639] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1282'.
[  235.044285][T10639] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1282'.
[  235.305434][ T6011] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  235.321589][ T5984] input: HID 0955:7214 Haptics as /devices/virtual/input/input17
[  235.328111][ T5984] shield 0003:0955:7214.000A: Registered Thunderstrike controller
[  235.330182][ T5984] shield 0003:0955:7214.000A: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  235.456638][ T6011] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  235.459545][ T6011] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  235.462098][ T6011] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  235.464467][ T6011] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.468258][T10641] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  235.476751][ T6011] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  235.521057][ T5945] shield 0003:0955:7214.000A: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  235.521923][ T5952] usb 8-1: USB disconnect, device number 31
[  235.524040][ T5945] shield 0003:0955:7214.000A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  235.529506][ T5945] shield 0003:0955:7214.000A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  235.532210][ T5945] shield 0003:0955:7214.000A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  235.853041][T10650] wireguard7: entered promiscuous mode
[  235.898177][T10653] virtio-fs: tag <(null)> not found
[  235.910886][ T5945] usb 5-1: USB disconnect, device number 30
[  236.097886][   T25] usb 6-1: USB disconnect, device number 29
[  236.229984][T10662] fuse: Bad value for 'user_id'
[  236.231267][T10662] fuse: Bad value for 'user_id'
[  237.141444][T10676] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  237.242941][T10679] xt_TCPMSS: Only works on TCP SYN packets
[  237.504750][T10684] netlink: 'syz.1.1298': attribute type 10 has an invalid length.
[  237.505389][ T6010] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  237.507049][T10684] team0: Device batadv0 is of different type
[  237.564824][T10686] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1299'.
[  237.655399][ T6010] usb 8-1: Using ep0 maxpacket: 16
[  237.658590][ T6010] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.661965][ T6010] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.664954][ T6010] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  237.669386][ T6010] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  237.671683][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.675253][ T6010] usb 8-1: config 0 descriptor??
[  237.815558][T10690] wireguard12: entered promiscuous mode
[  238.055450][ T5990] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  238.080769][T10681] random: crng reseeded on system resumption
[  238.087930][ T6010] usbhid 8-1:0.0: can't add hid device: -71
[  238.089504][ T6010] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  238.092011][ T6010] usb 8-1: USB disconnect, device number 32
[  238.225380][ T5990] usb 5-1: Using ep0 maxpacket: 8
[  238.226839][    T8] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  238.229894][ T5990] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  238.231989][ T5990] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  238.234405][ T5990] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  238.237139][ T5990] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  238.239594][ T5990] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  238.242926][ T5990] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  238.245241][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.396881][    T8] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  238.399824][    T8] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  238.402261][    T8] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  238.404498][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.408117][T10693] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  238.411502][    T8] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  238.454130][ T5990] usb 5-1: usb_control_msg returned -32
[  238.455633][ T5990] usbtmc 5-1:16.0: can't read capabilities
[  238.826179][T10702] virtio-fs: tag <(null)> not found
[  238.840803][ T6011] usb 6-1: USB disconnect, device number 30
[  238.889482][T10704] fuse: Bad value for 'fd'
[  239.080579][T10706] binder: 10705:10706 ioctl c0306201 200006c0 returned -14
[  240.135493][    T8] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  240.150583][T10721] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1311'.
[  240.162659][T10721] FAULT_INJECTION: forcing a failure.
[  240.162659][T10721] name failslab, interval 1, probability 0, space 0, times 0
[  240.166905][T10721] CPU: 3 UID: 0 PID: 10721 Comm: syz.2.1311 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  240.170433][T10721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  240.173987][T10721] Call Trace:
[  240.174844][T10721]  <TASK>
[  240.175682][T10721]  dump_stack_lvl+0x16c/0x1f0
[  240.176945][T10721]  should_fail_ex+0x497/0x5b0
[  240.178530][T10721]  ? fs_reclaim_acquire+0xae/0x150
[  240.179982][T10721]  should_failslab+0xc2/0x120
[  240.181286][T10721]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  240.182758][T10721]  ? __d_alloc+0x35/0x8c0
[  240.183870][T10721]  __d_alloc+0x35/0x8c0
[  240.184960][T10721]  d_alloc+0x4a/0x1e0
[  240.186140][T10721]  d_alloc_parallel+0xe9/0x12b0
[  240.187461][T10721]  ? __pfx_d_alloc_parallel+0x10/0x10
[  240.188873][T10721]  ? lockdep_init_map_type+0x16d/0x7d0
[  240.190314][T10721]  ? lockdep_init_map_type+0x16d/0x7d0
[  240.191764][T10721]  __lookup_slow+0x194/0x460
[  240.193023][T10721]  ? __pfx___lookup_slow+0x10/0x10
[  240.194376][T10721]  ? __pfx_lock_release+0x10/0x10
[  240.195744][T10721]  ? d_lookup+0xe9/0x180
[  240.196873][T10721]  lookup_one_len+0x181/0x1b0
[  240.198111][T10721]  ? __pfx_lookup_one_len+0x10/0x10
[  240.199491][T10721]  ? mntput+0x10/0x90
[  240.200537][T10721]  start_creating.part.0+0x12f/0x3a0
[  240.202005][T10721]  debugfs_create_dir+0x6c/0x5f0
[  240.202038][T10721]  ieee80211_debugfs_recreate_netdev+0x1cb/0x1700
[  240.202054][T10721]  ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10
[  240.202069][T10721]  ? __pfx___might_resched+0x10/0x10
[  240.202084][T10721]  drv_remove_interface+0x1b9/0x610
[  240.202099][T10721]  ieee80211_do_stop+0x1679/0x25a0
[  240.202121][T10721]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  240.202142][T10721]  ? mark_held_locks+0x9f/0xe0
[  240.202161][T10721]  ieee80211_stop+0x11e/0x6b0
[  240.202177][T10721]  ? __pfx_ieee80211_stop+0x10/0x10
[  240.202190][T10721]  __dev_close_many+0x1c5/0x310
[  240.202202][T10721]  ? __pfx___dev_close_many+0x10/0x10
[  240.202213][T10721]  ? __pfx_lock_release+0x10/0x10
[  240.202222][T10721]  ? trace_contention_end+0xee/0x140
[  240.202235][T10721]  dev_close_many+0x24c/0x6a0
[  240.202247][T10721]  ? __pfx_dev_close_many+0x10/0x10
[  240.202256][T10721]  ? __mutex_unlock_slowpath+0x164/0x690
[  240.202274][T10721]  dev_close+0x181/0x230
[  240.202284][T10721]  ? __pfx_dev_close+0x10/0x10
[  240.202297][T10721]  nl80211_del_interface+0xec/0x190
[  240.202313][T10721]  genl_family_rcv_msg_doit+0x202/0x2f0
[  240.202329][T10721]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  240.202342][T10721]  ? genl_get_cmd+0x195/0x580
[  240.202357][T10721]  ? bpf_lsm_capable+0x9/0x10
[  240.202369][T10721]  ? security_capable+0x7e/0x260
[  240.202385][T10721]  ? ns_capable+0xd7/0x110
[  240.202397][T10721]  genl_rcv_msg+0x565/0x800
[  240.202412][T10721]  ? __pfx_genl_rcv_msg+0x10/0x10
[  240.202425][T10721]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  240.202441][T10721]  ? __pfx_nl80211_del_interface+0x10/0x10
[  240.202458][T10721]  ? __pfx_nl80211_post_doit+0x10/0x10
[  240.202473][T10721]  ? __pfx___lock_acquire+0x10/0x10
[  240.202491][T10721]  netlink_rcv_skb+0x165/0x410
[  240.202503][T10721]  ? __pfx_genl_rcv_msg+0x10/0x10
[  240.202517][T10721]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  240.202535][T10721]  ? down_read+0xc9/0x330
[  240.202548][T10721]  ? __pfx_down_read+0x10/0x10
[  240.202562][T10721]  ? netlink_deliver_tap+0x1ae/0xca0
[  240.202576][T10721]  genl_rcv+0x28/0x40
[  240.202587][T10721]  netlink_unicast+0x53c/0x7f0
[  240.202600][T10721]  ? __pfx_netlink_unicast+0x10/0x10
[  240.202613][T10721]  ? __phys_addr_symbol+0x30/0x80
[  240.202627][T10721]  ? __check_object_size+0x488/0x710
[  240.202644][T10721]  netlink_sendmsg+0x8b8/0xd70
[  240.202658][T10721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  240.202675][T10721]  ____sys_sendmsg+0x9ae/0xb40
[  240.202688][T10721]  ? __pfx_____sys_sendmsg+0x10/0x10
[  240.202699][T10721]  ? get_compat_msghdr+0x11b/0x170
[  240.202716][T10721]  ___sys_sendmsg+0x135/0x1e0
[  240.202732][T10721]  ? __pfx____sys_sendmsg+0x10/0x10
[  240.202753][T10721]  ? __pfx_lock_release+0x10/0x10
[  240.202762][T10721]  ? trace_lock_acquire+0x14e/0x1f0
[  240.202781][T10721]  ? __fget_files+0x206/0x3a0
[  240.202796][T10721]  __sys_sendmsg+0x16e/0x220
[  240.202812][T10721]  ? __pfx___sys_sendmsg+0x10/0x10
[  240.202835][T10721]  __do_fast_syscall_32+0x73/0x120
[  240.202850][T10721]  do_fast_syscall_32+0x32/0x80
[  240.202863][T10721]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.202879][T10721] RIP: 0023:0xf7f07579
[  240.202889][T10721] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.202899][T10721] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  240.202911][T10721] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200003c0
[  240.202918][T10721] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.202925][T10721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.202931][T10721] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  240.202938][T10721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.202966][T10721]  </TASK>
[  240.315410][    T8] usb 8-1: Using ep0 maxpacket: 16
[  240.318669][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.322585][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.326978][    T8] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  240.331390][    T8] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  240.334567][    T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.337926][ T5954] Bluetooth: hci1: unexpected event for opcode 0x2041
[  240.341756][    T8] usb 8-1: config 0 descriptor??
[  240.603172][T10738] wireguard8: entered promiscuous mode
[  240.622762][   T25] usb 5-1: USB disconnect, device number 31
[  240.709720][T10745] fuse: Bad value for 'fd'
[  240.749131][T10719] random: crng reseeded on system resumption
[  240.756446][    T8] usbhid 8-1:0.0: can't add hid device: -71
[  240.758013][    T8] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  240.760591][    T8] usb 8-1: USB disconnect, device number 33
[  240.999628][T10750] netlink: 'syz.0.1316': attribute type 10 has an invalid length.
[  241.308326][T10759] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1320'.
[  241.458311][T10765] syz_tun: left allmulticast mode
[  241.459709][T10765] syz_tun: left promiscuous mode
[  241.461160][T10765] bridge0: port 1(syz_tun) entered disabled state
[  241.474470][T10765] team0: Port device wg2 removed
[  241.481433][T10765] bond0: (slave wlan1): Releasing backup interface
[  241.495740][T10765] team0: Port device wg2 added
[  241.569745][T10770] libceph: resolve '.
[  241.569745][T10770] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  241.569745][T10770] ' (ret=-3): failed
[  241.594300][T10772] wireguard11: entered promiscuous mode
[  241.817081][T10778] netlink: 'syz.1.1326': attribute type 10 has an invalid length.
[  241.819233][T10778] team0: Device batadv0 is of different type
[  241.835424][ T5983] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  241.985438][ T5983] usb 8-1: Using ep0 maxpacket: 8
[  241.988579][ T5983] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  241.991348][ T5983] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  241.994147][ T5983] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  241.997125][ T5983] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  242.000644][ T5983] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  242.004920][ T5983] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  242.007542][ T5983] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.217327][ T5983] usb 8-1: usb_control_msg returned -32
[  242.218791][ T5983] usbtmc 8-1:16.0: can't read capabilities
[  242.224914][T10783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1328'.
[  242.295433][ T5952] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  242.457297][ T5952] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  242.461210][ T5952] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  242.464320][ T5952] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  242.467601][ T5952] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.472559][T10780] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  242.477158][ T5952] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  242.825432][ T1327] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  242.913034][T10790] virtio-fs: tag <(null)> not found
[  242.929783][ T5945] usb 6-1: USB disconnect, device number 31
[  242.995371][ T1327] usb 5-1: Using ep0 maxpacket: 16
[  242.998137][ T1327] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  243.001041][ T1327] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  243.003629][ T1327] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  243.007077][ T1327] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  243.009494][ T1327] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.012447][ T1327] usb 5-1: config 0 descriptor??
[  243.418536][T10788] random: crng reseeded on system resumption
[  243.425751][ T1327] usbhid 5-1:0.0: can't add hid device: -71
[  243.427459][ T1327] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  243.430141][ T1327] usb 5-1: USB disconnect, device number 32
[  243.494860][T10792] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1331'.
[  243.568908][T10796] binder: 10795:10796 ioctl c0306201 200006c0 returned -14
[  243.888118][T10803] netlink: 'syz.2.1335': attribute type 10 has an invalid length.
[  244.352585][ T1327] usb 8-1: USB disconnect, device number 34
[  244.381078][T10809] FAULT_INJECTION: forcing a failure.
[  244.381078][T10809] name failslab, interval 1, probability 0, space 0, times 0
[  244.384476][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.2.1337 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  244.387373][T10809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.390210][T10809] Call Trace:
[  244.391137][T10809]  <TASK>
[  244.391954][T10809]  dump_stack_lvl+0x16c/0x1f0
[  244.393223][T10809]  should_fail_ex+0x497/0x5b0
[  244.394525][T10809]  ? fs_reclaim_acquire+0xae/0x150
[  244.395923][T10809]  should_failslab+0xc2/0x120
[  244.397261][T10809]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  244.398817][T10809]  ? __lock_acquire+0x15a9/0x3c40
[  244.400191][T10809]  ? __alloc_skb+0x2b3/0x380
[  244.401446][T10809]  __alloc_skb+0x2b3/0x380
[  244.402655][T10809]  ? __pfx___alloc_skb+0x10/0x10
[  244.404076][T10809]  netlink_alloc_large_skb+0x69/0x130
[  244.405510][T10809]  netlink_sendmsg+0x689/0xd70
[  244.407068][T10809]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.408998][T10809]  ____sys_sendmsg+0x9ae/0xb40
[  244.410758][T10809]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.412502][T10809]  ? get_compat_msghdr+0x11b/0x170
[  244.413842][T10809]  ___sys_sendmsg+0x135/0x1e0
[  244.415131][T10809]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.416561][T10809]  ? __pfx_lock_release+0x10/0x10
[  244.417888][T10809]  ? trace_lock_acquire+0x14e/0x1f0
[  244.419275][T10809]  ? __fget_files+0x206/0x3a0
[  244.420531][T10809]  __sys_sendmsg+0x16e/0x220
[  244.421751][T10809]  ? __pfx___sys_sendmsg+0x10/0x10
[  244.423104][T10809]  __do_fast_syscall_32+0x73/0x120
[  244.424494][T10809]  do_fast_syscall_32+0x32/0x80
[  244.425838][T10809]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.428337][T10809] RIP: 0023:0xf7f07579
[  244.429862][T10809] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  244.435720][T10809] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  244.437922][T10809] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200
[  244.439987][T10809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  244.442038][T10809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.444094][T10809] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  244.446775][T10809] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.449574][T10809]  </TASK>
[  244.637712][T10815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1338'.
[  244.649895][T10815] fuse: Unknown parameter '�d�'
[  245.236143][T10822] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1341'.
[  245.328352][T10811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.374452][T10819] wireguard13: entered promiscuous mode
[  245.655643][   T30] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  245.805527][   T30] usb 5-1: Using ep0 maxpacket: 8
[  245.812899][   T30] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  245.815545][   T30] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  245.818374][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  245.821069][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  245.823842][   T30] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  245.827868][   T30] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  245.831220][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.062229][T10833] binder: 10832:10833 ioctl c0306201 200006c0 returned -14
[  246.068426][   T30] usb 5-1: usb_control_msg returned -32
[  246.070154][   T30] usbtmc 5-1:16.0: can't read capabilities
[  246.243446][T10840] netlink: 'syz.2.1345': attribute type 10 has an invalid length.
[  246.686770][T10849] fuse: Invalid rootmode
[  247.173519][T10859] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  247.394660][T10861] binder: 10860:10861 ioctl c0306201 200006c0 returned -14
[  247.534001][   T39] kauditd_printk_skb: 34 callbacks suppressed
[  247.534012][   T39] audit: type=1800 audit(1733287123.958:95): pid=10865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1354" name="file0" dev="9p" ino=37617945 res=0 errno=0
qemu-system-x86_64: warning: 9p: bad client: T_read request on directory only expected with 9P2000.u protocol version
[  247.576687][   T39] audit: type=1800 audit(1733287124.008:96): pid=10865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1354" name="file0" dev="9p" ino=37617945 res=0 errno=0
[  247.943163][T10856] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.137036][   T30] usb 5-1: USB disconnect, device number 33
[  248.327767][T10876] fuse: Invalid rootmode
[  248.570018][T10883] binder: 10882:10883 ioctl c0306201 200006c0 returned -14
[  249.509023][T10898] wireguard14: entered promiscuous mode
[  249.765420][   T30] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  249.829302][T10912] fuse: Unknown parameter '00000000000000000000'
[  249.874414][T10916] binder: 10915:10916 ioctl c0306201 200006c0 returned -14
[  249.925386][   T30] usb 5-1: Using ep0 maxpacket: 8
[  249.928745][   T30] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  249.931364][   T30] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  249.934348][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  249.937694][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  249.940926][   T30] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  249.945149][   T30] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  249.948260][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.153834][   T30] usb 5-1: usb_control_msg returned -32
[  250.155855][   T30] usbtmc 5-1:16.0: can't read capabilities
[  250.248193][T10924] siw: device registration error -23
[  251.368064][T10941] fuse: Unknown parameter '00000000000000000000'
[  251.437504][T10943] binder: 10942:10943 ioctl c0306201 200006c0 returned -14
[  252.105500][   T30] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  252.265406][   T30] usb 6-1: Using ep0 maxpacket: 16
[  252.268530][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.271265][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.273719][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  252.277248][   T30] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  252.280291][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.283309][   T30] usb 6-1: config 0 descriptor??
[  252.438853][ T1327] usb 5-1: USB disconnect, device number 34
[  252.690775][T10952] random: crng reseeded on system resumption
[  252.701228][   T30] usbhid 6-1:0.0: can't add hid device: -71
[  252.702823][   T30] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  252.706095][   T30] usb 6-1: USB disconnect, device number 32
[  252.807292][T10962] netlink: 'syz.3.1386': attribute type 10 has an invalid length.
[  252.955460][    T8] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  253.019588][   T39] audit: type=1326 audit(1733287129.448:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.027091][   T39] audit: type=1326 audit(1733287129.458:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.035170][   T39] audit: type=1326 audit(1733287129.458:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.041078][   T39] audit: type=1326 audit(1733287129.458:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.046758][   T39] audit: type=1326 audit(1733287129.458:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.052222][   T39] audit: type=1326 audit(1733287129.458:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.057996][   T39] audit: type=1326 audit(1733287129.458:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.063655][   T39] audit: type=1326 audit(1733287129.458:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.069219][   T39] audit: type=1326 audit(1733287129.458:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.074815][   T39] audit: type=1326 audit(1733287129.458:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10963 comm="syz.3.1388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000
[  253.105649][    T8] usb 5-1: Using ep0 maxpacket: 32
[  253.114024][    T8] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=88.ea
[  253.117285][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.119465][    T8] usb 5-1: Product: syz
[  253.120498][    T8] usb 5-1: Manufacturer: syz
[  253.121697][    T8] usb 5-1: SerialNumber: syz
[  253.125501][    T8] usb 5-1: config 0 descriptor??
[  253.130109][    T8] ati_remote 5-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  253.260108][T10969] binder: 10968:10969 ioctl c0306201 200006c0 returned -14
[  253.368384][T10965] ==================================================================
[  253.370555][T10965] BUG: KASAN: vmalloc-out-of-bounds in push_insn_history+0x615/0x690
[  253.372697][T10965] Write of size 4 at addr ffffc90002d9e010 by task syz.3.1388/10965
[  253.375845][T10965] 
[  253.376807][T10965] CPU: 2 UID: 0 PID: 10965 Comm: syz.3.1388 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  253.379612][T10965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.382402][T10965] Call Trace:
[  253.383305][T10965]  <TASK>
[  253.384098][T10965]  dump_stack_lvl+0x116/0x1f0
[  253.385352][T10965]  print_report+0xc3/0x620
[  253.386546][T10965]  ? __virt_addr_valid+0x5e/0x590
[  253.387884][T10965]  kasan_report+0xd9/0x110
[  253.389070][T10965]  ? push_insn_history+0x615/0x690
[  253.390435][T10965]  ? push_insn_history+0x615/0x690
[  253.391796][T10965]  push_insn_history+0x615/0x690
[  253.393110][T10965]  do_check_common+0xb78/0xd540
[  253.394405][T10965]  ? lockdep_hardirqs_on+0x7c/0x110
[  253.395800][T10965]  ? __pfx_do_check_common+0x10/0x10
[  253.397201][T10965]  ? kvfree+0x47/0x50
[  253.398271][T10965]  ? check_cfg+0x403/0x840
[  253.399478][T10965]  bpf_check+0x77c2/0xc9b0
[  253.400729][T10965]  ? hlock_class+0x4e/0x130
[  253.401917][T10965]  ? __pfx_bpf_check+0x10/0x10
[  253.403202][T10965]  ? find_held_lock+0x2d/0x110
[  253.404534][T10965]  ? bpf_prog_load+0xd45/0x2670
[  253.405832][T10965]  ? __pfx_lock_release+0x10/0x10
[  253.407174][T10965]  ? trace_lock_acquire+0x14e/0x1f0
[  253.408552][T10965]  ? bpf_prog_load+0xd45/0x2670
[  253.409862][T10965]  ? lockdep_hardirqs_on+0x7c/0x110
[  253.411244][T10965]  ? read_tsc+0x9/0x20
[  253.412340][T10965]  ? ktime_get_with_offset+0x20f/0x3a0
[  253.413787][T10965]  ? bpf_obj_name_cpy+0x156/0x1b0
[  253.415133][T10965]  bpf_prog_load+0xe3f/0x2670
[  253.416383][T10965]  ? __pfx_bpf_prog_load+0x10/0x10
[  253.417701][T10965]  ? find_held_lock+0x2d/0x110
[  253.418985][T10965]  ? __might_fault+0x13b/0x190
[  253.420269][T10965]  ? __might_fault+0xe3/0x190
[  253.421524][T10965]  __sys_bpf+0x5677/0x57a0
[  253.422713][T10965]  ? __pfx___sys_bpf+0x10/0x10
[  253.423994][T10965]  ? do_futex+0x123/0x350
[  253.425149][T10965]  ? __pfx_do_futex+0x10/0x10
[  253.426407][T10965]  ? xfd_validate_state+0x5d/0x180
[  253.427775][T10965]  ? rcu_is_watching+0x12/0xc0
[  253.429050][T10965]  __ia32_sys_bpf+0x76/0xe0
[  253.430383][T10965]  __do_fast_syscall_32+0x73/0x120
[  253.431754][T10965]  do_fast_syscall_32+0x32/0x80
[  253.433062][T10965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.434739][T10965] RIP: 0023:0xf743e579
[  253.435828][T10965] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.440826][T10965] RSP: 002b:00000000f510557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  253.443011][T10965] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  253.445080][T10965] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  253.447128][T10965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.449181][T10965] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  253.451250][T10965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.453487][T10965]  </TASK>
[  253.454279][T10965] 
[  253.454906][T10965] The buggy address belongs to the virtual mapping at
[  253.454906][T10965]  [ffffc90002d7e000, ffffc90002da0000) created by:
[  253.454906][T10965]  kvrealloc_noprof+0xfc/0x150
[  253.459213][T10965] 
[  253.459814][T10965] The buggy address belongs to the physical page:
[  253.461432][T10965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880126fa700 pfn:0x72314
[  253.463923][T10965] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  253.465702][T10965] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  253.467858][T10965] raw: ffff8880126fa700 0000000000000000 00000001ffffffff 0000000000000000
[  253.470003][T10965] page dumped because: kasan: bad access detected
[  253.471617][T10965] page_owner tracks the page as allocated
[  253.473042][T10965] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 10965, tgid 10963 (syz.3.1388), ts 253368320031, free_ts 250842007902
[  253.477278][T10965]  post_alloc_hook+0x2d1/0x350
[  253.478495][T10965]  get_page_from_freelist+0xfce/0x2f80
[  253.479939][T10965]  __alloc_pages_noprof+0x6a6/0x25b0
[  253.481372][T10965]  alloc_pages_mpol_noprof+0x2c9/0x610
[  253.482806][T10965]  __vmalloc_node_range_noprof+0x724/0x1530
[  253.484326][T10965]  __kvmalloc_node_noprof+0x14f/0x1a0
[  253.485683][T10965]  kvrealloc_noprof+0xfc/0x150
[  253.486906][T10965]  push_insn_history+0x2ac/0x690
[  253.488158][T10965]  do_check_common+0xb78/0xd540
[  253.489419][T10965]  bpf_check+0x77c2/0xc9b0
[  253.490547][T10965]  bpf_prog_load+0xe3f/0x2670
[  253.491724][T10965]  __sys_bpf+0x5677/0x57a0
[  253.492814][T10965]  __ia32_sys_bpf+0x76/0xe0
[  253.493912][T10965]  __do_fast_syscall_32+0x73/0x120
[  253.495207][T10965]  do_fast_syscall_32+0x32/0x80
[  253.496436][T10965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.498070][T10965] page last free pid 10928 tgid 10928 stack trace:
[  253.499751][T10965]  free_unref_page+0x661/0x1080
[  253.500979][T10965]  __mmdrop+0xd5/0x460
[  253.502051][T10965]  __mmput+0x404/0x4c0
[  253.503128][T10965]  mmput+0x62/0x70
[  253.504112][T10965]  do_exit+0x9bf/0x2d70
[  253.505200][T10965]  do_group_exit+0xd3/0x2a0
[  253.506391][T10965]  __ia32_sys_exit_group+0x3e/0x50
[  253.507782][T10965]  ia32_sys_call+0x1b1c/0x1c20
[  253.509043][T10965]  __do_fast_syscall_32+0x73/0x120
[  253.510418][T10965]  do_fast_syscall_32+0x32/0x80
[  253.511687][T10965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.513339][T10965] 
[  253.513965][T10965] Memory state around the buggy address:
[  253.515458][T10965]  ffffc90002d9df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  253.517574][T10965]  ffffc90002d9df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  253.519690][T10965] >ffffc90002d9e000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  253.521765][T10965]                          ^
[  253.522989][T10965]  ffffc90002d9e080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  253.525066][T10965]  ffffc90002d9e100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  253.527147][T10965] ==================================================================
[  253.531462][T10965] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  253.533336][T10965] CPU: 2 UID: 0 PID: 10965 Comm: syz.3.1388 Not tainted 6.13.0-rc1-syzkaller-00005-gceb8bf2ceaa7 #0
[  253.536041][T10965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.538810][T10965] Call Trace:
[  253.539696][T10965]  <TASK>
[  253.540478][T10965]  dump_stack_lvl+0x3d/0x1f0
[  253.541698][T10965]  panic+0x71d/0x800
[  253.542733][T10965]  ? __pfx_panic+0x10/0x10
[  253.543927][T10965]  ? preempt_schedule_thunk+0x1a/0x30
[  253.545340][T10965]  ? preempt_schedule_common+0x44/0xc0
[  253.546763][T10965]  check_panic_on_warn+0xab/0xb0
[  253.548080][T10965]  end_report+0x117/0x180
[  253.549231][T10965]  kasan_report+0xe9/0x110
[  253.550415][T10965]  ? push_insn_history+0x615/0x690
[  253.551749][T10965]  ? push_insn_history+0x615/0x690
[  253.553098][T10965]  push_insn_history+0x615/0x690
[  253.554469][T10965]  do_check_common+0xb78/0xd540
[  253.555770][T10965]  ? lockdep_hardirqs_on+0x7c/0x110
[  253.557109][T10965]  ? __pfx_do_check_common+0x10/0x10
[  253.558506][T10965]  ? kvfree+0x47/0x50
[  253.559587][T10965]  ? check_cfg+0x403/0x840
[  253.560779][T10965]  bpf_check+0x77c2/0xc9b0
[  253.561966][T10965]  ? hlock_class+0x4e/0x130
[  253.563168][T10965]  ? __pfx_bpf_check+0x10/0x10
[  253.564438][T10965]  ? find_held_lock+0x2d/0x110
[  253.565711][T10965]  ? bpf_prog_load+0xd45/0x2670
[  253.567004][T10965]  ? __pfx_lock_release+0x10/0x10
[  253.568333][T10965]  ? trace_lock_acquire+0x14e/0x1f0
[  253.569713][T10965]  ? bpf_prog_load+0xd45/0x2670
[  253.571004][T10965]  ? lockdep_hardirqs_on+0x7c/0x110
[  253.572375][T10965]  ? read_tsc+0x9/0x20
[  253.573464][T10965]  ? ktime_get_with_offset+0x20f/0x3a0
[  253.574908][T10965]  ? bpf_obj_name_cpy+0x156/0x1b0
[  253.576244][T10965]  bpf_prog_load+0xe3f/0x2670
[  253.577488][T10965]  ? __pfx_bpf_prog_load+0x10/0x10
[  253.578818][T10965]  ? find_held_lock+0x2d/0x110
[  253.580086][T10965]  ? __might_fault+0x13b/0x190
[  253.581364][T10965]  ? __might_fault+0xe3/0x190
[  253.582618][T10965]  __sys_bpf+0x5677/0x57a0
[  253.583799][T10965]  ? __pfx___sys_bpf+0x10/0x10
[  253.585055][T10965]  ? do_futex+0x123/0x350
[  253.586203][T10965]  ? __pfx_do_futex+0x10/0x10
[  253.587461][T10965]  ? xfd_validate_state+0x5d/0x180
[  253.588804][T10965]  ? rcu_is_watching+0x12/0xc0
[  253.590079][T10965]  __ia32_sys_bpf+0x76/0xe0
[  253.591278][T10965]  __do_fast_syscall_32+0x73/0x120
[  253.592657][T10965]  do_fast_syscall_32+0x32/0x80
[  253.593959][T10965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.595739][T10965] RIP: 0023:0xf743e579
[  253.596835][T10965] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.601948][T10965] RSP: 002b:00000000f510557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  253.604128][T10965] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  253.606209][T10965] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  253.608293][T10965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.610363][T10965] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  253.612387][T10965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.614425][T10965]  </TASK>
[  253.615947][T10965] Kernel Offset: disabled
[  253.617117][T10965] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:38:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000046 RBX=1ffff92000dc0ed4 RCX=00000000ad59e436 RDX=0000000000000001
RSI=ffffffff8b4cd3e0 RDI=ffffffff8bb136c0 RBP=0000000000000200 RSP=ffffc90006e07698
R8 =0000000000000000 R9 =fffffbfff2d36f98 R10=ffffffff969b7cc7 R11=0000000000000003
R12=0000000000000000 R13=ffffffff8ddba940 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff817648a5 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f316ffc CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080000000 RBX=0000000000000001 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8b4cd3e0 RDI=ffffffff8bb136c0 RBP=ffff888045de6848 RSP=ffffc9000422e980
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003
R12=ffff888021468000 R13=0000000000000000 R14=00000000ffffffff R15=0000000000000004
RIP=ffffffff8b1ac03c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3dfc14 CR3=000000002127e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85153290 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc9000e59ef60
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666657
R12=0000000000000000 R13=0000000000000060 R14=fffffbfff34cd0aa R15=dffffc0000000000
RIP=ffffffff851532b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020021000 CR3=0000000023bb4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000009a95 RBX=ffff8880246d8000 RCX=1ffffffff2038de9 RDX=0000000000000000
RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb136c0 RBP=ffffc90004287738 RSP=ffffc900042876f0
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff901cb197 R11=0000000000000000
R12=ffff88802b73fb20 R13=ffff888000dd8000 R14=0000000000000000 R15=ffff88802b63ed00
RIP=ffffffff816865a0 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020025000 CR3=0000000023bb4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000