last executing test programs:

5.964114412s ago: executing program 2 (id=892):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {0x0, 0x0, 0x5}, 0x6, [0x0, 0x6, 0x3ff, 0x0, 0xffffffff, 0x200, 0x0, 0x0, 0x0, 0x5500, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x800, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000000, 0x0, 0x0, 0x0, 0xffff, 0x7f, 0x0, 0xfffffff4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x8], [0x0, 0xfffffffc, 0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x702f4598, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x80000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffd], [0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501) (fail_nth: 5)
close(r0)

5.888275718s ago: executing program 2 (id=893):
membarrier(0x4, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c40), 0x0, 0x0, 0x0)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00')
read$FUSE(0xffffffffffffffff, &(0x7f0000001940)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c63616368653d6d6d61702c7fa40dec360000349ec9fba24ff9de838030b0eee5c6310ed1f9b39910effd3583ff9267de9529f31f63255f90ac9e955f2cf4eb251d37ece2e496ff1f2784f8eeda2b811d"])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r6 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r6, &(0x7f0000000300), 0x4)
truncate(&(0x7f0000000080)='./file0\x00', 0x800)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000080)={0xff, 0x6, 0x3, 0x3, 0x3, [0x8798, 0x3, 0x2]})
openat$nullb(0xffffffffffffff9c, 0x0, 0x48882, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

5.126189856s ago: executing program 2 (id=898):
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598904004ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dac00000000000000000000002000", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r2 = syz_open_dev$loop(&(0x7f0000000000), 0x1, 0x8000)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
process_vm_writev(0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000700)=ANY=[@ANYBLOB="300200007d40000005ef0000000000000b0002000000070000000000000000000011000000000000000005000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500000200000000000000b9fd9eb196a51cd5157adc8103b494e11400cfc26dd7c500f04cd85f2a70f5e9930e3c5db45a5500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f168a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4c0880e8e289da649a37002c016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff00000000000000000000000000000000000be6fdf776fd7741e9bd2f0c3b4b250a8cf02cd700e3171e2059a696314ed24a133d7d3bec", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x230)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000480)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x18, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000000000000deff0000000000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x800]}})
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r6, 0xc0145401, &(0x7f0000000600)={0x1, 0x0, 0x0, 0xfdfdffff})

4.358080788s ago: executing program 1 (id=900):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80)
sendto(r0, &(0x7f0000000140)="050000007a19b90c9daaeca1b1ec5719af0abbb83b0514127c8b417386b5c7cc0f676b6dac18222d5bf3b8b98708a136ddca61719a13016d", 0x38, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x6, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r5, 0x11b, 0x7, &(0x7f0000001040), &(0x7f0000001080)=0x26)
mkdirat(0xffffffffffffffff, &(0x7f0000000680)='./bus\x00', 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x184c, 0x0, 0x0, 0x0, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x1966cd75, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x641, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff122]}, 0x45c)
ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0)
r7 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xbcV\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x5)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000002, 0x4010012, r7, 0x0)

4.049703239s ago: executing program 2 (id=905):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300), 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002000000852000000200e7090000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4004, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r3 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRESHEX=r2], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800e000100696d6d656469617465000000280002801c000280180002800900020073797a320000000008000180fffffffc08000140000000000900010073797a30000000000900020073797a3200000000140000001100"], 0x94}}, 0x0)
fchown(r5, 0x0, 0x0)

3.638399537s ago: executing program 3 (id=906):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = io_uring_setup(0x16d4, &(0x7f00000002c0)={0x0, 0x2, 0x40})
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x316}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, 0x0)
pipe(&(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
socket$packet(0x11, 0x2, 0x300)
io_uring_enter(r4, 0x3516, 0x7f00, 0x0, 0x0, 0x0)

3.168370338s ago: executing program 1 (id=907):
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x80000)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000040)=ANY=[@ANYBLOB="0900000010"])
syz_io_uring_setup(0xf3d, &(0x7f0000000480), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x48000}, 0x810)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>r1, {0x6}}, './file0\x00'})
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x0, 0x10}, 0x0)
readv(r0, &(0x7f0000000180)=[{&(0x7f0000000200)=""/147, 0x93}], 0x1)
r4 = fsopen(&(0x7f00000000c0)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x6, 0x0, 0x0, 0x3f)
read$FUSE(r0, &(0x7f0000001ac0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000002c0)={{0x0, 0x5, 0xfeff, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x1, r5, 0x0, 0x0, 'syz1\x00', 0x0})

2.467344889s ago: executing program 3 (id=909):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
r0 = creat(&(0x7f00000003c0)='./bus\x00', 0x4)
fanotify_mark(r0, 0xa0, 0x40000011, r0, &(0x7f00000010c0)='./file0\x00')
pipe(&(0x7f0000000080))
socket(0x11, 0x800000003, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x402, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4004841}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r3, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x300, 0x0)
mount$9p_fd(0x0, &(0x7f00000017c0)='./file0\x00', &(0x7f00000019c0), 0x200000, &(0x7f00000021c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cachetag}, {@noextend}, {@version_L}, {@cache_loose}, {@version_9p2000}], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@dont_appraise}]}})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
keyctl$join(0x1, 0x0)
recvmmsg(r2, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000001300), 0x0, &(0x7f0000001340)=""/96, 0x60}, 0x10}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000001680)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000001c40)=[{&(0x7f0000001700)=""/144, 0x90}, {&(0x7f0000001540)=""/18, 0x12}, {&(0x7f0000001800)=""/191, 0xbf}, {&(0x7f00000018c0)=""/243, 0xf3}, {0x0}, {&(0x7f0000001a80)=""/159, 0x9f}, {&(0x7f0000001b40)=""/222, 0xde}], 0x7, &(0x7f0000001c80)=""/158, 0x9e}, 0x1bc}, {{&(0x7f0000001d40)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f0000001f00), 0x0, &(0x7f0000001f40)=""/224, 0xe0}, 0x400}], 0x4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00'})
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r5}, 0x5)

2.306726011s ago: executing program 1 (id=910):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, 0x0}, 0x1f0)
socket$igmp(0x2, 0x3, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0xc048aec8, &(0x7f00000005c0))
openat$vim2m(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="900000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e65766500006000028005000400010000001400070000000000000000000000000000000001060005004e200000050003000000000005000c0001000000050008"], 0x90}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x8001}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
write$binfmt_aout(r8, &(0x7f0000000000)=ANY=[], 0x66)
read(r8, 0x0, 0x0)
r9 = openat$cgroup_pressure(r7, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
ppoll(&(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
close(r9)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, 0x0)

2.30637529s ago: executing program 0 (id=911):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x200401, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000040000000000000000000000850000002c000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0ffff200000000021000aac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200)={0x4800, 0x0, 0xe}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x200401, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
close(0x3) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000040000000000000000000000850000002c000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0ffff200000000021000aac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) (async)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200)={0x4800, 0x0, 0xe}, 0x18) (async)

2.185468416s ago: executing program 0 (id=912):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x84, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4f, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @val={0x3, 0x1, 0x2c}, @val={0x4, 0x6, {0x3, 0x9, 0x3ff, 0x4}}, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x20, 0x0, 0x4, 0x0, {0xad, 0xa, 0x0, 0x5, 0x0, 0x1, 0x1, 0x2}, 0x6, 0x9, 0x4}}, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}]}, 0x84}}, 0x0) (fail_nth: 5)

2.108107708s ago: executing program 0 (id=913):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f00000000c0)="66b8006000000f23d00f21f866352000000d0f23f80f792e00000f01c9c02efaa1003ef3268c850000f30fc7b60076bad10466ed670f013462f30fbdd0bad004ec", 0x41}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 5)

1.878200236s ago: executing program 0 (id=914):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, 0x0}, 0x1f0)
socket$igmp(0x2, 0x3, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0xc048aec8, &(0x7f00000005c0))
openat$vim2m(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="900000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e65766500006000028005000400010000001400070000000000000000000000000000000001060005004e200000050003000000000005000c00010000000500080000"], 0x90}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x8001}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB])
write$binfmt_aout(r8, &(0x7f0000000000)=ANY=[], 0x66)
read(r8, 0x0, 0x0)
r9 = openat$cgroup_pressure(r7, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
ppoll(&(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
close(r9)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, 0x0)

1.484762939s ago: executing program 3 (id=915):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000040)=0xfffffffc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.483788299s ago: executing program 3 (id=916):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0xe0003, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r1, 0x8004510a, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x44, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @generic="0709a74321926d912b4fae5ebbebb8dcd66aefacf5", @typed={0x14, 0x6, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @local}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x24004810)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x0, "ff0f00000000000001a82d866bf4ff0713e4b89c3c00"})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x4, <r5=>r3})
ioctl$DMA_BUF_SET_NAME_A(r5, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
syz_io_uring_setup(0x16b, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000000), 0x4)
pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0xea}, 0x0, 0x0, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TCSETAF(r7, 0x5408, &(0x7f0000000000)={0xe7e, 0x9, 0x6ab9, 0x5, 0x43, "9de6864a48a897e0"})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x20801, 0x0)
ioctl$PIO_UNIMAP(r7, 0x4b67, &(0x7f0000001ec0)={0x1, &(0x7f0000001e80)=[{0x0, 0x1000}]})

1.398526766s ago: executing program 3 (id=917):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r3, 0x10c, 0x4, &(0x7f0000000000)=0xfffffffc, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

1.308204405s ago: executing program 1 (id=918):
membarrier(0x4, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c40), 0x0, 0x0, 0x0)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00')
read$FUSE(0xffffffffffffffff, &(0x7f0000001940)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c63616368653d6d6d61702c7fa40dec360000349ec9fba24ff9de838030b0eee5c6310ed1f9b39910effd3583ff9267de9529f31f63255f90ac9e955f2cf4eb251d37ece2e496ff1f2784f8eeda2b811d"])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r6 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r6, &(0x7f0000000300), 0x4)
truncate(&(0x7f0000000080)='./file0\x00', 0x800)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000080)={0xff, 0x6, 0x3, 0x3, 0x3, [0x8798, 0x3, 0x2]})
openat$nullb(0xffffffffffffff9c, 0x0, 0x48882, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

948.440981ms ago: executing program 2 (id=919):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r0, 0x4068aea3, &(0x7f00000000c0)={0x80, 0x0, 0x7fffffff})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffeef)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0600000004000800000001000000800000000000", @ANYRES32=0x1, @ANYBLOB, @ANYBLOB="0b47ee594943e1208a77f1edeb6a709ad227cd7427f9eb22aedceaf66099cd846984ddac60ace236d3c13eeb09049cabaec200022b51503bd9018b7a87053a05080000943196ba17a2", @ANYRES32=r2, @ANYBLOB="000000000100"/21], 0x48)
syz_emit_ethernet(0x8e, &(0x7f00000006c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd60cb653e00583a0000000000000000000000ffffac1414bbff020000000000000000000000000001030090780000000060256b5400002b00ff010000000000000000000000000001fe800000000000000000000000000000040402000000000000000000000000000000000000000000000000000000000000000000100000000000003c54b1c07f9a8b1c6a9ad89a542fc6295c7038a8621e10128acf0c9164f0a2f454819a570e86b7decdea5855fe257f1a1266b063dc1492b09727284134ea2fad9fd6dd1450c216c38cc18df9abd922956081454ae388abd6d46d03bfce29da4c60d887fe4b"], 0x0)
r3 = semget$private(0x0, 0x207, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYRES16], 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
semctl$IPC_SET(r3, 0x0, 0x1, &(0x7f0000000240)={{0x0, 0xee01, 0xffffffffffffffff}})
r4 = io_uring_setup(0x40fc, &(0x7f0000000640)={0x0, 0x0, 0x10, 0x1, 0x1a2})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x4}, 0x68)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f0000005c40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000440)=""/233, 0xe9}], 0x1}}], 0x1, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000001c0), 0x12)
semctl$GETZCNT(r3, 0x4, 0xf, &(0x7f00000007c0)=""/188)
rmdir(&(0x7f0000000180)='./cgroup/../file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000540)='objagg_obj_get\x00', r1}, 0x18)

788.018094ms ago: executing program 1 (id=920):
membarrier(0x4, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c40), 0x0, 0x0, 0x0)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00')
read$FUSE(0xffffffffffffffff, &(0x7f0000001940)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c63616368653d6d6d61702c7fa40dec360000349ec9fba24ff9de838030b0eee5c6310ed1f9b39910effd3583ff9267de9529f31f63255f90ac9e955f2cf4eb251d37ece2e496ff1f2784f8eeda2b811d"])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r6 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r6, &(0x7f0000000300), 0x4)
truncate(&(0x7f0000000080)='./file0\x00', 0x800)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000080)={0xff, 0x6, 0x3, 0x3, 0x3, [0x8798, 0x3, 0x2]})
openat$nullb(0xffffffffffffff9c, 0x0, 0x48882, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

420.574453ms ago: executing program 1 (id=921):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), 0xffffffffffffffff)
futex_waitv(&(0x7f0000001700)=[{0x8ba, &(0x7f0000000180)=0xfffffffffffffff5, 0x2}, {0x7, &(0x7f00000001c0), 0x82}, {0x7, &(0x7f0000000200)=0x66, 0x2}, {0x5, &(0x7f00000002c0)=0x2, 0x82}, {0xfffc, &(0x7f0000000340)=0x3ff, 0x2}, {0x3, &(0x7f0000000500)=0x80000001, 0x82}, {0xe1b, 0x0, 0x2}, {0x9, &(0x7f0000000400)=0x9, 0x82}, {0x2, &(0x7f0000000480)=0xfff, 0x82}, {0x5, &(0x7f00000004c0)=0x69b, 0x2}, {0x0, &(0x7f0000000240)=0x6, 0x2}, {0x8001, &(0x7f0000000540)=0x7, 0x82}, {0x78e55cfd, &(0x7f00000005c0)=0x1, 0x82}, {0x4, &(0x7f0000000600)=0x5, 0x82}, {0x25fa7ef3, &(0x7f0000000640)=0x9, 0x2}, {0xfff, &(0x7f00000006c0)=0x10000, 0x2}, {0xd55e, &(0x7f0000000740)=0xc, 0x82}, {0x252dedfd, 0x0}, {0xf61b, 0x0, 0x82}, {0x80000001, &(0x7f0000000800)=0xb, 0x82}, {0x2, &(0x7f0000000880)=0x3, 0x2}, {0xffffffff, 0x0, 0x82}, {0x9, 0x0, 0x82}, {0x80, 0x0, 0x2}, {0x0, 0x0, 0x2}, {0x3, &(0x7f0000000d80)=0x4, 0x2}, {0x1, 0x0, 0x2}], 0x1b, 0x0, &(0x7f0000001f40), 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x124, 0x30, 0x800, 0xfffffffc, 0x25dfdbfc, {}, [{0x110, 0x1, [@m_ct={0xc4, 0x1, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @multicast2}]}, {0x91, 0x6, "a489d6067976f11554d55007394228e39ba3c36a0926bb7659c45d26484bf60b49868e04a6081202c2a8e0f32126a3d98419c61c2eb3b7c0090000007e769c129932488ade91169288f099b9231c066fbeb762eeefbdeb2ee117f37aef1a6786fde87133fa0b259b150dfbde2bcc9e51093439ea7c7f2c2e2017e52a1b7e8200e8cc9d5c75d439b8c947b6b568"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xfffffffd, 0x3}, 0xfffe}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x124}}, 0x40040)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r7, 0x11, 0x2, 0x0, &(0x7f0000000140))
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)

89.582034ms ago: executing program 0 (id=922):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185647, &(0x7f0000000100)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f909, 0x8000000, '\x00', @string=&(0x7f0000000340)=0xfe}})
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {0x0, 0x0, 0x5}, 0x6, [0x0, 0x6, 0x3ff, 0x0, 0xffffffff, 0x200, 0x0, 0x0, 0x0, 0x5500, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x800, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000000, 0x0, 0x0, 0x0, 0xffff, 0x7f, 0x0, 0xfffffff4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x8], [0x0, 0xfffffffc, 0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x702f4598, 0x400, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x80000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffd], [0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)
close(r0)

86.002553ms ago: executing program 0 (id=923):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
r0 = creat(&(0x7f00000003c0)='./bus\x00', 0x4)
fanotify_mark(r0, 0xa0, 0x40000011, r0, &(0x7f00000010c0)='./file0\x00')
pipe(&(0x7f0000000080))
socket(0x11, 0x800000003, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x402, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4004841}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r3, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x300, 0x0)
mount$9p_fd(0x0, &(0x7f00000017c0)='./file0\x00', &(0x7f00000019c0), 0x200000, &(0x7f00000021c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cachetag}, {@noextend}, {@version_L}, {@cache_loose}, {@version_9p2000}], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@dont_appraise}]}})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
keyctl$join(0x1, 0x0)
recvmmsg(r2, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000001300), 0x0, &(0x7f0000001340)=""/96, 0x60}, 0x10}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000001680)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000001c40)=[{&(0x7f0000001700)=""/144, 0x90}, {&(0x7f0000001540)=""/18, 0x12}, {&(0x7f0000001800)=""/191, 0xbf}, {&(0x7f00000018c0)=""/243, 0xf3}, {0x0}, {&(0x7f0000001a80)=""/159, 0x9f}, {&(0x7f0000001b40)=""/222, 0xde}], 0x7, &(0x7f0000001c80)=""/158, 0x9e}, 0x1bc}, {{&(0x7f0000001d40)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f0000001f00), 0x0, &(0x7f0000001f40)=""/224, 0xe0}, 0x400}], 0x4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00'})
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r5}, 0x5)

38.548263ms ago: executing program 2 (id=924):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x18, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}]}], {0x14}}, 0x40}}, 0x0)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r3, &(0x7f0000000300), 0xfec) (fail_nth: 5)

0s ago: executing program 3 (id=925):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0xe0003, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r1, 0x8004510a, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x44, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @generic="0709a74321926d912b4fae5ebbebb8dcd66aefacf5", @typed={0x14, 0x6, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @local}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x24004810)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x0, "ff0f00000000000001a82d866bf4ff0713e4b89c3c00", <r3=>0xffffffffffffffff})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000100)={0x4, <r6=>r4})
ioctl$DMA_BUF_SET_NAME_A(r6, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
dup(r3)
socket$unix(0x1, 0x1, 0x0)
syz_io_uring_setup(0x16b, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet(r7, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000000), 0x4)
pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0xea}, 0x0, 0x0, 0x0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TCSETAF(r8, 0x5408, &(0x7f0000000000)={0xe7e, 0x9, 0x6ab9, 0x5, 0x43, "9de6864a48a897e0"})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x20801, 0x0)
ioctl$PIO_UNIMAP(r8, 0x4b67, &(0x7f0000001ec0)={0x1, &(0x7f0000001e80)=[{0x0, 0x1000}]})

kernel console output (not intermixed with test programs):

684][    T9] usb 7-1: GET_CAPABILITIES returned 0
[  110.280186][    T9] usbtmc 7-1:16.0: can't read capabilities
[  110.495760][   T73] usb 7-1: USB disconnect, device number 3
[  111.056438][ T7635] bridge_slave_1: left allmulticast mode
[  111.058637][ T7635] bridge_slave_1: left promiscuous mode
[  111.060928][ T7635] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.075428][ T7635] bridge_slave_0: left allmulticast mode
[  111.079629][ T7635] bridge_slave_0: left promiscuous mode
[  111.081282][ T7635] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.166464][ T7640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.456'.
[  111.298888][ T7646] netlink: 32 bytes leftover after parsing attributes in process `syz.3.459'.
[  111.859931][ T7660] netlink: 4 bytes leftover after parsing attributes in process `syz.2.463'.
[  111.893878][ T7661] netlink: 44 bytes leftover after parsing attributes in process `syz.1.464'.
[  111.906655][ T7661] openvswitch: netlink: Flow key attr not present in new flow.
[  111.913925][ T7665] netlink: 32 bytes leftover after parsing attributes in process `syz.0.462'.
[  112.011742][ T7669] lo speed is unknown, defaulting to 1000
[  112.013320][ T7669] lo speed is unknown, defaulting to 1000
[  112.016308][ T7669] lo speed is unknown, defaulting to 1000
[  112.019775][ T7669] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  112.024664][ T7669] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  112.036441][ T7669] lo speed is unknown, defaulting to 1000
[  112.038506][ T7669] lo speed is unknown, defaulting to 1000
[  112.041668][ T7669] lo speed is unknown, defaulting to 1000
[  112.044289][ T7669] lo speed is unknown, defaulting to 1000
[  112.061251][ T7669] smc: removing ib device syz0
[  112.145386][ T5943] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  112.274514][ T7672] 9pnet_fd: Insufficient options for proto=fd
[  112.298044][ T5943] usb 7-1: Using ep0 maxpacket: 8
[  112.300812][ T5943] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  112.303616][ T5943] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  112.307077][ T5943] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.309949][ T5943] usb 7-1: config 0 descriptor??
[  112.320811][ T1335] IPVS: starting estimator thread 0...
[  112.405417][ T7677] IPVS: using max 40 ests per chain, 96000 per kthread
[  112.521416][ T5943] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  112.982708][ T7698] [U] :
[  112.983616][ T7698] [U] 
[  112.984362][ T7698] [U] 
[  112.985085][ T7698] [U] 
[  112.986311][ T7698] [U] 
[  112.987061][ T7698] [U] 
[  112.987798][ T7698] [U] 
[  112.988523][ T7698] [U] 
[  112.989418][ T7698] [U] 
[  112.990164][ T7698] [U] 
[  112.990899][ T7698] [U] 
[  112.991619][ T7698] [U] 
[  112.992524][ T7698] [U] 
[  112.993248][ T7698] [U] 
[  112.993968][ T7698] [U] 
[  112.994692][ T7698] [U] 
[  112.995570][ T7698] [U] 
[  112.996307][ T7698] [U] 
[  112.997023][ T7698] [U] 
[  112.997755][ T7698] [U] 
[  112.998643][ T7698] [U] 
[  112.999374][ T7698] [U] 
[  113.000102][ T7698] [U] 
[  113.000850][ T7698] [U] 
[  113.001864][ T7698] [U] 
[  113.002644][ T7698] [U] 
[  113.003382][ T7698] [U] 
[  113.004112][ T7698] [U] 
[  113.005021][ T7698] [U] 
[  113.005756][ T7698] [U] 
[  113.006477][ T7698] [U] 
[  113.007192][ T7698] [U] 
[  113.008091][ T7698] [U] 
[  113.008834][ T7698] [U] 
[  113.009549][ T7698] [U] 
[  113.010263][ T7698] [U] 
[  113.011164][ T7698] [U] 
[  113.011930][ T7698] [U] 
[  113.012654][ T7698] [U] 
[  113.013378][ T7698] [U] 
[  113.014233][ T7698] [U] 
[  113.014964][ T7698] [U] 
[  113.015684][ T7698] [U] 
[  113.016407][ T7698] [U] 
[  113.019271][ T7698] [U] 
[  113.020020][ T7698] [U] 
[  113.020739][ T7698] [U] 
[  113.021459][ T7698] [U] 
[  113.022421][ T7698] [U] 
[  113.023161][ T7698] [U] 
[  113.023896][ T7698] [U] 
[  113.024621][ T7698] [U] 
[  113.028037][ T7698] [U] 
[  113.028788][ T7698] [U] 
[  113.029516][ T7698] [U] 
[  113.030209][ T7698] [U] 
[  113.031479][ T7698] [U] 
[  113.032219][ T7698] [U] 
[  113.032903][ T7698] [U] 
[  113.033599][ T7698] [U] 
[  113.034270][ T7705] siw: device registration error -23
[  113.036201][ T7698] [U] 
[  113.036936][ T7698] [U] 
[  113.037659][ T7698] [U] 
[  113.038385][ T7698] [U] 
[  113.039263][ T7698] [U] 
[  113.040008][ T7698] [U] 
[  113.040730][ T7698] [U] 
[  113.041453][ T7698] [U] 
[  113.042351][ T7698] [U] 
[  113.043087][ T7698] [U] 
[  113.043829][ T7698] [U] 
[  113.044555][ T7698] [U] 
[  113.046396][ T7698] [U] 
[  113.047140][ T7698] [U] 
[  113.047879][ T7698] [U] 
[  113.048609][ T7698] [U] 
[  113.049488][ T7698] [U] 
[  113.050229][ T7698] [U] 
[  113.050952][ T7698] [U] 
[  113.051688][ T7698] [U] 
[  113.052560][ T7698] [U] 
[  113.053302][ T7698] [U] 
[  113.054027][ T7698] [U] 
[  113.054760][ T7698] [U] 
[  113.056412][ T7698] [U] 
[  113.057174][ T7698] [U] 
[  113.057901][ T7698] [U] 
[  113.058624][ T7698] [U] 
[  113.059499][ T7698] [U] 
[  113.060234][ T7698] [U] 
[  113.060959][ T7698] [U] 
[  113.061689][ T7698] [U] 
[  113.063341][ T7698] [U] 
[  113.064102][ T7698] [U] 
[  113.064787][ T7698] [U] 
[  113.065520][ T7698] [U] 
[  113.066472][ T7698] [U] 
[  113.067216][ T7698] [U] 
[  113.067963][ T7698] [U] 
[  113.068696][ T7698] [U] 
[  113.070326][ T7698] [U] 
[  113.071064][ T7698] [U] 
[  113.071937][ T7698] [U] 
[  113.072675][ T7698] [U] 
[  113.073539][ T7698] [U] 
[  113.074271][ T7698] [U] 
[  113.075008][ T7698] [U] 
[  113.075753][ T7698] [U] 
[  113.076673][ T7698] [U] 
[  113.077428][ T7698] [U] 
[  113.078170][ T7698] [U] 
[  113.078941][ T7698] [U] 
[  113.079819][ T7698] [U] 
[  113.080562][ T7698] [U] 
[  113.081300][ T7698] [U] 
[  113.082038][ T7698] [U] 
[  113.085362][ T7698] [U] 
[  113.086119][ T7698] [U] 
[  113.086862][ T7698] [U] 
[  113.087601][ T7698] [U] 
[  113.088500][ T7698] [U] 
[  113.089253][ T7698] [U] 
[  113.089988][ T7698] [U] 
[  113.090693][ T7698] [U] 
[  113.091513][ T7698] [U] 
[  113.092261][ T7698] [U] 
[  113.092987][ T7698] [U] 
[  113.135948][ T7691] [U] 
[  113.493323][ T7737] netlink: 32 bytes leftover after parsing attributes in process `syz.3.475'.
[  113.960437][   T57] usb 7-1: USB disconnect, device number 4
[  114.577826][ T7760] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  114.640231][ T7755] infiniband syz0: set active
[  114.641972][ T7755] infiniband syz0: added bond0
[  114.668446][ T7755] RDS/IB: syz0: added
[  114.673906][ T7755] smc: adding ib device syz0 with port count 1
[  114.676284][ T7755] smc:    ib device syz0 port 1 has pnetid 
[  114.694590][ T7767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.483'.
[  115.071647][ T7771] random: crng reseeded on system resumption
[  115.208219][ T7782] capability: warning: `syz.0.486' uses deprecated v2 capabilities in a way that may be insecure
[  115.229743][   T39] audit: type=1326 audit(1734955397.090:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.229766][   T39] audit: type=1326 audit(1734955397.100:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.230109][   T39] audit: type=1326 audit(1734955397.100:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.230953][   T39] audit: type=1326 audit(1734955397.100:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.231353][   T39] audit: type=1326 audit(1734955397.100:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.232268][   T39] audit: type=1326 audit(1734955397.100:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.232951][   T39] audit: type=1326 audit(1734955397.100:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.233311][   T39] audit: type=1326 audit(1734955397.100:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.234015][   T39] audit: type=1326 audit(1734955397.100:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.234663][   T39] audit: type=1326 audit(1734955397.100:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.2.484" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f27579 code=0x7ffc0000
[  115.437511][ T7788] Bluetooth: hci0: Opcode 0x0c20 failed: -112
[  115.472990][   T56] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  115.535954][ T7794] netlink: 32 bytes leftover after parsing attributes in process `syz.0.490'.
[  115.628807][   T56] usb 6-1: config 55 has an invalid interface number: 151 but max is 1
[  115.630996][   T56] usb 6-1: config 55 contains an unexpected descriptor of type 0x2, skipping
[  115.633344][   T56] usb 6-1: config 55 has an invalid interface number: 221 but max is 1
[  115.635499][   T56] usb 6-1: config 55 has no interface number 0
[  115.637065][   T56] usb 6-1: config 55 has no interface number 1
[  115.638698][   T56] usb 6-1: config 55 interface 151 altsetting 249 has an invalid descriptor for endpoint zero, skipping
[  115.641501][   T56] usb 6-1: config 55 interface 151 altsetting 249 has a duplicate endpoint with address 0x2, skipping
[  115.644239][   T56] usb 6-1: config 55 interface 151 altsetting 249 has a duplicate endpoint with address 0xF, skipping
[  115.650065][   T56] usb 6-1: config 55 interface 151 altsetting 249 has a duplicate endpoint with address 0xF, skipping
[  115.652928][   T56] usb 6-1: config 55 interface 151 altsetting 249 has a duplicate endpoint with address 0x5, skipping
[  115.655929][   T56] usb 6-1: config 55 interface 151 altsetting 249 has a duplicate endpoint with address 0x2, skipping
[  115.658785][   T56] usb 6-1: config 55 interface 151 has no altsetting 0
[  115.660750][   T56] usb 6-1: config 55 interface 221 has no altsetting 0
[  115.668535][   T56] usb 6-1: New USB device found, idVendor=093a, idProduct=2460, bcdDevice=16.0a
[  115.671075][   T56] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.673299][   T56] usb 6-1: Product: 渪�ᷟ쥴娻텭謄胶�ⰸ఩䳳꫅�ไ䦭壪뽨ۓ�⳧賓碅�軅瀨ｬ맭�讚擾䘡粦㮠�痗伮⃸㿖뺌ୡ䒃䡪�뜭
[  115.679410][   T56] usb 6-1: Manufacturer: 兦谎嬺䩢�ປ㢷三뭙겂콇챇걡Ʊ롗᫄�Ἠ邹颎溄鴲鳫ᙖ�ɚ೗Ʌ䀡娾䠡葽煦뜄륕ῑⅣ풒뙺憭飋륂
[  115.683722][   T56] usb 6-1: SerialNumber: �
[  115.745337][ T5937] Bluetooth: hci3: command 0x0405 tx timeout
[  115.907794][   T56] usb 6-1: USB disconnect, device number 4
[  116.513388][ T7812] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  116.535645][ T7812] syz.0.495 (7812) used greatest stack depth: 19728 bytes left
[  116.579107][ T7810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.494'.
[  116.853833][ T7819] overlayfs: failed to resolve './file0': -2
[  117.150095][ T7833] GUP no longer grows the stack in syz.3.502 (7833): 20004000-2000a000 (20002000)
[  117.152851][ T7833] CPU: 1 UID: 0 PID: 7833 Comm: syz.3.502 Not tainted 6.13.0-rc4-syzkaller #0
[  117.155217][ T7833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.158105][ T7833] Call Trace:
[  117.159060][ T7833]  <TASK>
[  117.159906][ T7833]  dump_stack_lvl+0x16c/0x1f0
[  117.161486][ T7833]  gup_vma_lookup+0x1d2/0x220
[  117.163116][ T7833]  __get_user_pages+0x236/0x3b50
[  117.164820][ T7833]  ? find_held_lock+0x2d/0x110
[  117.166398][ T7833]  ? mtree_load+0x30a/0xa40
[  117.167959][ T7833]  ? __pfx_lock_release+0x10/0x10
[  117.169368][ T7833]  ? __pfx___get_user_pages+0x10/0x10
[  117.170814][ T7833]  get_user_pages_remote+0x25e/0xb30
[  117.172445][ T7833]  ? __pfx_get_user_pages_remote+0x10/0x10
[  117.173956][ T7833]  __access_remote_vm+0x3a5/0x7b0
[  117.175289][ T7833]  ? __pfx___access_remote_vm+0x10/0x10
[  117.176765][ T7833]  ? lock_acquire+0x2f/0xb0
[  117.177962][ T7833]  ? proc_pid_cmdline_read+0x25b/0x8d0
[  117.179407][ T7833]  proc_pid_cmdline_read+0x4f4/0x8d0
[  117.180813][ T7833]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  117.182370][ T7833]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  117.183914][ T7833]  vfs_readv+0x6bf/0x890
[  117.185068][ T7833]  ? __pfx___lock_acquire+0x10/0x10
[  117.186550][ T7833]  ? __pfx_vfs_readv+0x10/0x10
[  117.187850][ T7833]  ? __fget_files+0x1fc/0x3a0
[  117.189106][ T7833]  ? __pfx_lock_release+0x10/0x10
[  117.190369][ T7833]  ? __fget_files+0x206/0x3a0
[  117.191617][ T7833]  ? do_preadv+0x1b1/0x270
[  117.192789][ T7833]  do_preadv+0x1b1/0x270
[  117.193944][ T7833]  ? __pfx_do_preadv+0x10/0x10
[  117.195389][ T7833]  __do_fast_syscall_32+0x73/0x120
[  117.197187][ T7833]  do_fast_syscall_32+0x32/0x80
[  117.199024][ T7833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.201340][ T7833] RIP: 0023:0xf7fb3579
[  117.202854][ T7833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  117.209742][ T7833] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  117.212598][ T7833] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000040
[  117.215186][ T7833] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  117.217880][ T7833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.220648][ T7833] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  117.223266][ T7833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.226235][ T7833]  </TASK>
[  117.425388][ T5941] Bluetooth: hci0: command 0x0c20 tx timeout
[  117.484465][ T5297] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  117.608726][ T7843] netlink: 'syz.0.505': attribute type 10 has an invalid length.
[  117.621132][ T7843] netlink: 164 bytes leftover after parsing attributes in process `syz.0.505'.
[  118.465911][ T7871] syz.2.509: attempt to access beyond end of device
[  118.465911][ T7871] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  118.658203][ T7885] rdma_rxe: rxe_newlink: failed to add bond0
[  119.505378][ T5297] Bluetooth: hci0: command 0x0c20 tx timeout
[  119.628855][ T7908] netlink: 32 bytes leftover after parsing attributes in process `syz.3.518'.
[  119.774054][ T7911] 9pnet_fd: Insufficient options for proto=fd
[  119.998328][ T7917] netlink: 'syz.0.520': attribute type 10 has an invalid length.
[  120.011061][ T7917] batman_adv: batadv0: Adding interface: team0
[  120.015285][ T7917] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.029151][ T7917] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  120.758126][ T7927] lo speed is unknown, defaulting to 1000
[  120.887073][ T7935] binder: 7934:7935 ioctl 4018620d 0 returned -22
[  121.429809][ T7945] netlink: 32 bytes leftover after parsing attributes in process `syz.3.528'.
[  121.535390][ T7951] siw: device registration error -23
[  121.855185][ T7963] netlink: 32 bytes leftover after parsing attributes in process `syz.1.532'.
[  121.887485][ T7965] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  122.645564][ T7979] FAULT_INJECTION: forcing a failure.
[  122.645564][ T7979] name failslab, interval 1, probability 0, space 0, times 0
[  122.650430][ T7979] CPU: 3 UID: 0 PID: 7979 Comm: syz.2.538 Not tainted 6.13.0-rc4-syzkaller #0
[  122.653620][ T7979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.657488][ T7979] Call Trace:
[  122.658742][ T7979]  <TASK>
[  122.659840][ T7979]  dump_stack_lvl+0x16c/0x1f0
[  122.661560][ T7979]  should_fail_ex+0x497/0x5b0
[  122.663296][ T7979]  should_failslab+0xc2/0x120
[  122.665027][ T7979]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  122.666697][ T7979]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  122.668182][ T7979]  ? dst_alloc+0x99/0x1a0
[  122.669325][ T7979]  ? __pfx_ip6_dst_gc+0x10/0x10
[  122.670595][ T7979]  dst_alloc+0x99/0x1a0
[  122.671692][ T7979]  ip6_dst_alloc+0x2c/0xa0
[  122.672849][ T7979]  ip6_pol_route+0x956/0x1120
[  122.674069][ T7979]  ? __pfx_ip6_pol_route+0x10/0x10
[  122.675577][ T7979]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  122.677058][ T7979]  fib6_rule_lookup+0x536/0x720
[  122.678348][ T7979]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  122.679781][ T7979]  ? nf_nat_ipv6_fn+0x103/0x2e0
[  122.681057][ T7979]  ? inet6_ehashfn+0x89/0x510
[  122.682310][ T7979]  ? __pfx___lock_acquire+0x10/0x10
[  122.683676][ T7979]  ? __pfx_inet6_ehashfn+0x10/0x10
[  122.685020][ T7979]  ip6_route_input+0x60b/0xc10
[  122.686303][ T7979]  ? __pfx_ip6_route_input+0x10/0x10
[  122.687674][ T7979]  ? __pfx_lock_release+0x10/0x10
[  122.689018][ T7979]  ? __pfx___inet6_lookup_established+0x10/0x10
[  122.690636][ T7979]  ? tcp_v6_early_demux+0x40a/0xb40
[  122.692005][ T7979]  ip6_rcv_finish_core.constprop.0+0x1a0/0x5d0
[  122.693595][ T7979]  ipv6_rcv+0x1e4/0x680
[  122.694682][ T7979]  ? __pfx_ipv6_rcv+0x10/0x10
[  122.696077][ T7979]  __netif_receive_skb_one_core+0x12e/0x1e0
[  122.697878][ T7979]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  122.699833][ T7979]  ? rcu_is_watching+0x12/0xc0
[  122.701288][ T7979]  ? ktime_get_with_offset+0x273/0x3a0
[  122.702949][ T7979]  ? lockdep_hardirqs_on+0x7c/0x110
[  122.704533][ T7979]  ? netif_receive_skb+0x109/0x7b0
[  122.706093][ T7979]  __netif_receive_skb+0x1d/0x160
[  122.707624][ T7979]  netif_receive_skb+0x13f/0x7b0
[  122.709129][ T7979]  ? __pfx_netif_receive_skb+0x10/0x10
[  122.710777][ T7979]  ? __pfx___lock_acquire+0x10/0x10
[  122.712365][ T7979]  tun_rx_batched.isra.0+0x3eb/0x730
[  122.713966][ T7979]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  122.715747][ T7979]  ? tun_get_user+0x13c9/0x3e40
[  122.717220][ T7979]  ? lock_acquire+0x2f/0xb0
[  122.718613][ T7979]  ? tun_get_user+0x13c9/0x3e40
[  122.720109][ T7979]  tun_get_user+0x2a0d/0x3e40
[  122.721540][ T7979]  ? find_held_lock+0x2d/0x110
[  122.722997][ T7979]  ? __pfx_tun_get_user+0x10/0x10
[  122.724529][ T7979]  ? find_held_lock+0x2d/0x110
[  122.725988][ T7979]  ? __pfx_lock_release+0x10/0x10
[  122.727522][ T7979]  tun_chr_write_iter+0xdc/0x210
[  122.729120][ T7979]  vfs_write+0x5ae/0x1150
[  122.730489][ T7979]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  122.732184][ T7979]  ? __pfx_vfs_write+0x10/0x10
[  122.733677][ T7979]  ? __fget_files+0x40/0x3a0
[  122.735168][ T7979]  ksys_write+0x12b/0x250
[  122.736565][ T7979]  ? __pfx_ksys_write+0x10/0x10
[  122.738068][ T7979]  __do_fast_syscall_32+0x73/0x120
[  122.739677][ T7979]  do_fast_syscall_32+0x32/0x80
[  122.741171][ T7979]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.743102][ T7979] RIP: 0023:0xf7f27579
[  122.744382][ T7979] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.750179][ T7979] RSP: 002b:00000000f5076520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  122.752697][ T7979] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000040
[  122.755079][ T7979] RDX: 000000000000004a RSI: 00000000f73b3ff4 RDI: 0000000000000000
[  122.757477][ T7979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  122.759886][ T7979] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.762279][ T7979] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.764685][ T7979]  </TASK>
[  122.765684][    C3] vkms_vblank_simulate: vblank timer overrun
[  122.804578][ T7986] siw: device registration error -23
[  122.826987][ T7988] netlink: 68 bytes leftover after parsing attributes in process `syz.2.540'.
[  122.889594][ T7992] binder: 7991:7992 ioctl 4018620d 0 returned -22
[  123.051076][ T7995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.542'.
[  123.455090][ T8005] FAULT_INJECTION: forcing a failure.
[  123.455090][ T8005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.458560][ T8005] CPU: 2 UID: 0 PID: 8005 Comm: syz.1.544 Not tainted 6.13.0-rc4-syzkaller #0
[  123.460879][ T8005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.463656][ T8005] Call Trace:
[  123.464534][ T8005]  <TASK>
[  123.465318][ T8005]  dump_stack_lvl+0x16c/0x1f0
[  123.466558][ T8005]  should_fail_ex+0x497/0x5b0
[  123.467945][ T8005]  _copy_from_iter+0x29b/0x1400
[  123.469353][ T8005]  ? trace_lock_acquire+0x14e/0x1f0
[  123.470704][ T8005]  ? __alloc_skb+0x200/0x380
[  123.471825][ T8005]  ? __pfx__copy_from_iter+0x10/0x10
[  123.473194][ T8005]  ? __virt_addr_valid+0x1a4/0x590
[  123.474521][ T8005]  ? __virt_addr_valid+0x5e/0x590
[  123.475857][ T8005]  ? __phys_addr_symbol+0x30/0x80
[  123.477259][ T8005]  ? __check_object_size+0x488/0x710
[  123.478640][ T8005]  netlink_sendmsg+0x813/0xd70
[  123.479899][ T8005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.481278][ T8005]  ____sys_sendmsg+0x9ae/0xb40
[  123.482532][ T8005]  ? __pfx_____sys_sendmsg+0x10/0x10
[  123.483915][ T8005]  ? get_compat_msghdr+0x11b/0x170
[  123.485254][ T8005]  ___sys_sendmsg+0x135/0x1e0
[  123.486461][ T8005]  ? __pfx____sys_sendmsg+0x10/0x10
[  123.487822][ T8005]  ? __pfx_lock_release+0x10/0x10
[  123.489151][ T8005]  ? trace_lock_acquire+0x14e/0x1f0
[  123.490507][ T8005]  ? __fget_files+0x206/0x3a0
[  123.491755][ T8005]  __sys_sendmsg+0x16e/0x220
[  123.492972][ T8005]  ? __pfx___sys_sendmsg+0x10/0x10
[  123.494314][ T8005]  __do_fast_syscall_32+0x73/0x120
[  123.495655][ T8005]  do_fast_syscall_32+0x32/0x80
[  123.496927][ T8005]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  123.498582][ T8005] RIP: 0023:0xf707e579
[  123.499659][ T8005] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  123.504557][ T8005] RSP: 002b:00000000f507055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  123.506706][ T8005] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000480
[  123.508781][ T8005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  123.510820][ T8005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  123.512843][ T8005] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  123.514825][ T8005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  123.516820][ T8005]  </TASK>
[  123.723884][ T8013] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  123.934997][ T8017] siw: device registration error -23
[  124.438285][ T8038] syz.1.553 uses obsolete (PF_INET,SOCK_PACKET)
[  124.440642][ T8038] syzkaller1: entered promiscuous mode
[  124.442176][ T8038] syzkaller1: entered allmulticast mode
[  124.454009][ T8038] program syz.1.553 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.029729][ T8052] siw: device registration error -23
[  126.398887][ T8088] FAULT_INJECTION: forcing a failure.
[  126.398887][ T8088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.404232][ T8088] CPU: 1 UID: 0 PID: 8088 Comm: syz.1.569 Not tainted 6.13.0-rc4-syzkaller #0
[  126.406510][ T8088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.410112][ T8088] Call Trace:
[  126.411275][ T8088]  <TASK>
[  126.412337][ T8088]  dump_stack_lvl+0x16c/0x1f0
[  126.414110][ T8088]  should_fail_ex+0x497/0x5b0
[  126.415833][ T8088]  _copy_from_user+0x2e/0xd0
[  126.417181][ T8088]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  126.418992][ T8088]  drm_ioctl+0x4fc/0xba0
[  126.420401][ T8088]  ? __pfx_drm_ioctl+0x10/0x10
[  126.422077][ T8088]  drm_compat_ioctl+0x327/0x460
[  126.423870][ T8088]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  126.425790][ T8088]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  126.427665][ T8088]  __do_fast_syscall_32+0x73/0x120
[  126.429397][ T8088]  do_fast_syscall_32+0x32/0x80
[  126.430978][ T8088]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  126.432633][ T8088] RIP: 0023:0xf707e579
[  126.433697][ T8088] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  126.438560][ T8088] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  126.440648][ T8088] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000c00c642e
[  126.442640][ T8088] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000
[  126.444648][ T8088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  126.446597][ T8088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  126.449164][ T8088] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  126.451695][ T8088]  </TASK>
[  127.140254][ T8101] FAULT_INJECTION: forcing a failure.
[  127.140254][ T8101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.143679][ T8101] CPU: 0 UID: 0 PID: 8101 Comm: syz.0.574 Not tainted 6.13.0-rc4-syzkaller #0
[  127.146218][ T8101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.149004][ T8101] Call Trace:
[  127.149892][ T8101]  <TASK>
[  127.150669][ T8101]  dump_stack_lvl+0x16c/0x1f0
[  127.151912][ T8101]  should_fail_ex+0x497/0x5b0
[  127.153207][ T8101]  _copy_from_iter+0x29b/0x1400
[  127.154662][ T8101]  ? trace_lock_acquire+0x14e/0x1f0
[  127.156039][ T8101]  ? __alloc_skb+0x200/0x380
[  127.157256][ T8101]  ? __pfx__copy_from_iter+0x10/0x10
[  127.158700][ T8101]  ? __virt_addr_valid+0x1a4/0x590
[  127.160065][ T8101]  ? __virt_addr_valid+0x5e/0x590
[  127.161373][ T8101]  ? __phys_addr_symbol+0x30/0x80
[  127.162689][ T8101]  ? __check_object_size+0x488/0x710
[  127.164083][ T8101]  netlink_sendmsg+0x813/0xd70
[  127.165342][ T8101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.166726][ T8101]  ____sys_sendmsg+0x9ae/0xb40
[  127.167988][ T8101]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.169379][ T8101]  ? get_compat_msghdr+0x11b/0x170
[  127.170716][ T8101]  ___sys_sendmsg+0x135/0x1e0
[  127.171979][ T8101]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.173338][ T8101]  ? __pfx_lock_release+0x10/0x10
[  127.174490][ T8101]  ? trace_lock_acquire+0x14e/0x1f0
[  127.175701][ T8101]  ? __fget_files+0x206/0x3a0
[  127.177268][ T8101]  __sys_sendmsg+0x16e/0x220
[  127.178839][ T8101]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.180626][ T8101]  __do_fast_syscall_32+0x73/0x120
[  127.182315][ T8101]  do_fast_syscall_32+0x32/0x80
[  127.183983][ T8101]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.185701][ T8101] RIP: 0023:0xf7fa8579
[  127.186772][ T8101] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  127.191768][ T8101] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  127.194308][ T8101] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  127.196378][ T8101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  127.198411][ T8101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.200603][ T8101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  127.202716][ T8101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.204792][ T8101]  </TASK>
[  127.542142][ T8114] netlink: 32 bytes leftover after parsing attributes in process `syz.3.578'.
[  127.602780][ T8117] netlink: 44 bytes leftover after parsing attributes in process `syz.2.579'.
[  127.607597][ T8117] openvswitch: netlink: Flow key attr not present in new flow.
[  128.391584][ T8129] netlink: 8 bytes leftover after parsing attributes in process `syz.0.583'.
[  128.488619][ T8132] netlink: 8 bytes leftover after parsing attributes in process `syz.0.584'.
[  128.650264][ T8144] netlink: 44 bytes leftover after parsing attributes in process `syz.3.588'.
[  128.652675][ T8144] openvswitch: netlink: Flow key attr not present in new flow.
[  128.742489][ T8151] netlink: 32 bytes leftover after parsing attributes in process `syz.2.589'.
[  128.797516][ T8154] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  129.589310][ T8162] lo speed is unknown, defaulting to 1000
[  129.631461][ T8168] netlink: 32 bytes leftover after parsing attributes in process `syz.3.593'.
[  129.664088][ T8168] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  129.664088][ T8168]    program syz.3.593 not setting count and/or reply_len properly
[  129.765510][ T8177] netlink: 32 bytes leftover after parsing attributes in process `syz.2.594'.
[  130.743554][ T8198] nftables ruleset with unbound set
[  130.862174][ T8207] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  130.913986][ T8213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.604'.
[  130.914010][ T8214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.604'.
[  131.689998][ T8229] openvswitch: netlink: Flow key attr not present in new flow.
[  131.803993][ T8235] FAULT_INJECTION: forcing a failure.
[  131.803993][ T8235] name failslab, interval 1, probability 0, space 0, times 0
[  131.813760][ T8235] CPU: 0 UID: 0 PID: 8235 Comm: syz.2.610 Not tainted 6.13.0-rc4-syzkaller #0
[  131.816123][ T8235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.818708][ T8235] Call Trace:
[  131.819624][ T8235]  <TASK>
[  131.820347][ T8235]  dump_stack_lvl+0x16c/0x1f0
[  131.821527][ T8235]  should_fail_ex+0x497/0x5b0
[  131.822767][ T8235]  ? fs_reclaim_acquire+0xae/0x150
[  131.824111][ T8235]  should_failslab+0xc2/0x120
[  131.824707][ T8237] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  131.824707][ T8237]    program syz.1.609 not setting count and/or reply_len properly
[  131.825474][ T8235]  __kmalloc_noprof+0xce/0x4f0
[  131.825491][ T8235]  ? __might_fault+0xe3/0x190
[  131.825505][ T8235]  ? sk_prot_alloc+0x1a8/0x2a0
[  131.825517][ T8235]  sk_prot_alloc+0x1a8/0x2a0
[  131.825528][ T8235]  sk_alloc+0x36/0xb90
[  131.836352][ T8235]  bpf_prog_test_run_skb+0x335/0x22c0
[  131.837754][ T8235]  ? __fget_files+0x40/0x3a0
[  131.838946][ T8235]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  131.840526][ T8235]  ? fput+0x67/0x440
[  131.841550][ T8235]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  131.843055][ T8235]  __sys_bpf+0x1921/0x57a0
[  131.844242][ T8235]  ? __pfx_lock_release+0x10/0x10
[  131.845573][ T8235]  ? __pfx___sys_bpf+0x10/0x10
[  131.846764][ T8235]  ? vfs_write+0x306/0x1150
[  131.847915][ T8235]  ? __mutex_unlock_slowpath+0x164/0x690
[  131.849341][ T8235]  ? fput+0x67/0x440
[  131.850378][ T8235]  ? ksys_write+0x1ba/0x250
[  131.851529][ T8235]  ? __pfx_ksys_write+0x10/0x10
[  131.852962][ T8235]  __ia32_sys_bpf+0x76/0xe0
[  131.854259][ T8235]  __do_fast_syscall_32+0x73/0x120
[  131.855623][ T8235]  do_fast_syscall_32+0x32/0x80
[  131.856884][ T8235]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.858586][ T8235] RIP: 0023:0xf7f27579
[  131.859769][ T8235] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  131.864744][ T8235] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  131.866943][ T8235] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[  131.868908][ T8235] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  131.870855][ T8235] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.873107][ T8235] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  131.875138][ T8235] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.877146][ T8235]  </TASK>
[  132.504155][ T8251] openvswitch: netlink: Flow key attr not present in new flow.
[  132.546229][ T8253] FAULT_INJECTION: forcing a failure.
[  132.546229][ T8253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.550807][ T8253] CPU: 2 UID: 0 PID: 8253 Comm: syz.0.614 Not tainted 6.13.0-rc4-syzkaller #0
[  132.553868][ T8253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  132.557600][ T8253] Call Trace:
[  132.558789][ T8253]  <TASK>
[  132.559852][ T8253]  dump_stack_lvl+0x16c/0x1f0
[  132.561479][ T8253]  should_fail_ex+0x497/0x5b0
[  132.563149][ T8253]  _copy_to_user+0x32/0xd0
[  132.564751][ T8253]  simple_read_from_buffer+0xd0/0x160
[  132.566665][ T8253]  proc_fail_nth_read+0x198/0x270
[  132.568492][ T8253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.570385][ T8253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.572339][ T8253]  vfs_read+0x1df/0xbe0
[  132.573810][ T8253]  ? __fget_files+0x1fc/0x3a0
[  132.575475][ T8253]  ? __pfx___mutex_lock+0x10/0x10
[  132.577251][ T8253]  ? __pfx_vfs_read+0x10/0x10
[  132.578920][ T8253]  ? __fget_files+0x206/0x3a0
[  132.580634][ T8253]  ksys_read+0x12b/0x250
[  132.582153][ T8253]  ? __pfx_ksys_read+0x10/0x10
[  132.583876][ T8253]  __do_fast_syscall_32+0x73/0x120
[  132.585698][ T8253]  do_fast_syscall_32+0x32/0x80
[  132.587432][ T8253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.589718][ T8253] RIP: 0023:0xf7fa8579
[  132.591175][ T8253] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  132.597863][ T8253] RSP: 002b:00000000f50f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  132.600826][ T8253] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50f6620
[  132.603635][ T8253] RDX: 000000000000000f RSI: 00000000f7433ff4 RDI: 0000000000000000
[  132.606418][ T8253] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  132.609217][ T8253] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  132.612010][ T8253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  132.614749][ T8253]  </TASK>
[  132.729948][ T8260] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  133.157184][ T8272] __nla_validate_parse: 6 callbacks suppressed
[  133.157202][ T8272] netlink: 112 bytes leftover after parsing attributes in process `syz.1.620'.
[  133.574542][ T8287] netlink: 32 bytes leftover after parsing attributes in process `syz.0.621'.
[  133.958116][ T8293] netlink: 32 bytes leftover after parsing attributes in process `syz.2.625'.
[  133.967208][ T8293] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  133.967208][ T8293]    program syz.2.625 not setting count and/or reply_len properly
[  134.218970][ T8300] netlink: 36 bytes leftover after parsing attributes in process `syz.1.627'.
[  134.221355][ T8300] netlink: 16 bytes leftover after parsing attributes in process `syz.1.627'.
[  134.223758][ T8300] netlink: 36 bytes leftover after parsing attributes in process `syz.1.627'.
[  134.226808][ T8300] netlink: 36 bytes leftover after parsing attributes in process `syz.1.627'.
[  134.236897][ T8300] FAULT_INJECTION: forcing a failure.
[  134.236897][ T8300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.240304][ T8300] CPU: 2 UID: 0 PID: 8300 Comm: syz.1.627 Not tainted 6.13.0-rc4-syzkaller #0
[  134.242865][ T8300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.245745][ T8300] Call Trace:
[  134.246630][ T8300]  <TASK>
[  134.247416][ T8300]  dump_stack_lvl+0x16c/0x1f0
[  134.248698][ T8300]  should_fail_ex+0x497/0x5b0
[  134.249984][ T8300]  _copy_from_iter+0x29b/0x1400
[  134.251259][ T8300]  ? trace_lock_acquire+0x14e/0x1f0
[  134.252672][ T8300]  ? __alloc_skb+0x200/0x380
[  134.253886][ T8300]  ? __pfx__copy_from_iter+0x10/0x10
[  134.255269][ T8300]  ? __virt_addr_valid+0x1a4/0x590
[  134.257142][ T8300]  ? __virt_addr_valid+0x5e/0x590
[  134.258737][ T8300]  ? __phys_addr_symbol+0x30/0x80
[  134.260120][ T8300]  ? __check_object_size+0x488/0x710
[  134.261485][ T8300]  netlink_sendmsg+0x813/0xd70
[  134.262781][ T8300]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.264178][ T8300]  ____sys_sendmsg+0x9ae/0xb40
[  134.265465][ T8300]  ? __pfx_____sys_sendmsg+0x10/0x10
[  134.266823][ T8300]  ? get_compat_msghdr+0x11b/0x170
[  134.268109][ T8300]  ___sys_sendmsg+0x135/0x1e0
[  134.269291][ T8300]  ? __pfx____sys_sendmsg+0x10/0x10
[  134.270598][ T8300]  ? __pfx_lock_release+0x10/0x10
[  134.271837][ T8300]  ? trace_lock_acquire+0x14e/0x1f0
[  134.273207][ T8300]  ? __fget_files+0x206/0x3a0
[  134.274422][ T8300]  __sys_sendmsg+0x16e/0x220
[  134.275779][ T8300]  ? __pfx___sys_sendmsg+0x10/0x10
[  134.277595][ T8300]  __do_fast_syscall_32+0x73/0x120
[  134.279037][ T8300]  do_fast_syscall_32+0x32/0x80
[  134.280402][ T8300]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.282088][ T8300] RIP: 0023:0xf707e579
[  134.283256][ T8300] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.288334][ T8300] RSP: 002b:00000000f507055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  134.290594][ T8300] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000200
[  134.292753][ T8300] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  134.294819][ T8300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  134.297540][ T8300] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.299740][ T8300] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.301805][ T8300]  </TASK>
[  134.362735][ T8304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.628'.
[  134.366541][ T8304] bridge_slave_1: left allmulticast mode
[  134.368057][ T8304] bridge_slave_1: left promiscuous mode
[  134.369627][ T8304] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.540318][ T8309] netlink: 32 bytes leftover after parsing attributes in process `syz.1.629'.
[  135.080171][ T8318] netlink: 'syz.0.632': attribute type 13 has an invalid length.
[  135.082332][ T8318] netlink: 152 bytes leftover after parsing attributes in process `syz.0.632'.
[  135.091378][ T8318] syz_tun: refused to change device tx_queue_len
[  135.093767][ T8318] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  135.312829][ T8322] syz0: rxe_newlink: already configured on bond0
[  136.264613][ T8345] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  136.264613][ T8345]    program syz.2.639 not setting count and/or reply_len properly
[  137.173877][ T8370] lo speed is unknown, defaulting to 1000
[  138.078237][ T8392] openvswitch: netlink: Flow key attr not present in new flow.
[  138.103891][ T5297] Bluetooth: hci3: unexpected cc 0x202d length: 5 > 1
[  138.106584][ T5297] Bluetooth: hci3: unexpected event for opcode 0x202d
[  138.261059][ T8397] rdma_rxe: rxe_newlink: failed to add bond0
[  139.773862][ T8449] __nla_validate_parse: 5 callbacks suppressed
[  139.773877][ T8449] netlink: 44 bytes leftover after parsing attributes in process `syz.1.667'.
[  139.779556][ T8449] openvswitch: netlink: Flow key attr not present in new flow.
[  139.785605][ T8447] rdma_rxe: rxe_newlink: failed to add bond0
[  139.862092][ T8451] vlan1: entered promiscuous mode
[  139.865011][ T8451] vlan1: entered allmulticast mode
[  139.870255][ T8453] FAULT_INJECTION: forcing a failure.
[  139.870255][ T8453] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.874964][ T8453] CPU: 3 UID: 0 PID: 8453 Comm: syz.2.668 Not tainted 6.13.0-rc4-syzkaller #0
[  139.877860][ T8453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.881428][ T8453] Call Trace:
[  139.882579][ T8453]  <TASK>
[  139.883659][ T8453]  dump_stack_lvl+0x16c/0x1f0
[  139.885347][ T8453]  should_fail_ex+0x497/0x5b0
[  139.887041][ T8453]  _copy_from_iter+0x29b/0x1400
[  139.888979][ T8453]  ? trace_lock_acquire+0x14e/0x1f0
[  139.890865][ T8453]  ? __alloc_skb+0x200/0x380
[  139.892536][ T8453]  ? __pfx__copy_from_iter+0x10/0x10
[  139.894290][ T8453]  ? __virt_addr_valid+0x1a4/0x590
[  139.896020][ T8453]  ? __virt_addr_valid+0x5e/0x590
[  139.897698][ T8453]  ? __phys_addr_symbol+0x30/0x80
[  139.899409][ T8453]  ? __check_object_size+0x488/0x710
[  139.901170][ T8453]  netlink_sendmsg+0x813/0xd70
[  139.902795][ T8453]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.904560][ T8453]  ____sys_sendmsg+0x9ae/0xb40
[  139.906173][ T8453]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.907940][ T8453]  ? get_compat_msghdr+0x11b/0x170
[  139.909635][ T8453]  ___sys_sendmsg+0x135/0x1e0
[  139.911205][ T8453]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.913013][ T8453]  ? __pfx_lock_release+0x10/0x10
[  139.914838][ T8453]  ? trace_lock_acquire+0x14e/0x1f0
[  139.916582][ T8453]  ? __fget_files+0x206/0x3a0
[  139.918209][ T8453]  __sys_sendmsg+0x16e/0x220
[  139.919703][ T8453]  ? __pfx___sys_sendmsg+0x10/0x10
[  139.921464][ T8453]  __do_fast_syscall_32+0x73/0x120
[  139.923183][ T8453]  do_fast_syscall_32+0x32/0x80
[  139.924814][ T8453]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  139.926883][ T8453] RIP: 0023:0xf7f27579
[  139.928244][ T8453] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  139.934237][ T8453] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  139.936891][ T8453] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  139.939511][ T8453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.942115][ T8453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  139.944646][ T8453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  139.947172][ T8453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  139.949802][ T8453]  </TASK>
[  140.066192][ T8461] netlink: 32 bytes leftover after parsing attributes in process `syz.2.672'.
[  140.087455][ T8461] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  140.087455][ T8461]    program syz.2.672 not setting count and/or reply_len properly
[  140.396540][ T8467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.673'.
[  140.400596][ T8467] netlink: 60 bytes leftover after parsing attributes in process `syz.3.673'.
[  140.403495][ T8467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.673'.
[  140.405350][ T5979] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  140.406798][ T8467] netlink: 60 bytes leftover after parsing attributes in process `syz.3.673'.
[  140.411111][ T8467] netlink: 104 bytes leftover after parsing attributes in process `syz.3.673'.
[  140.465369][ T5297] Bluetooth: hci2: command tx timeout
[  140.556975][ T5979] usb 6-1: Using ep0 maxpacket: 8
[  140.559707][ T5979] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  140.562343][ T5979] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  140.564612][ T5979] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  140.567979][ T5979] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  140.571178][ T5979] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  140.573714][ T5979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.581627][ T5979] hub 6-1:1.0: bad descriptor, ignoring hub
[  140.583341][ T5979] hub 6-1:1.0: probe with driver hub failed with error -5
[  140.585655][ T5979] cdc_wdm 6-1:1.0: skipping garbage
[  140.587099][ T5979] cdc_wdm 6-1:1.0: skipping garbage
[  140.590388][ T5979] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  140.591985][ T5979] cdc_wdm 6-1:1.0: Unknown control protocol
[  140.843808][ T8475] netlink: 44 bytes leftover after parsing attributes in process `syz.0.676'.
[  140.846287][ T8475] openvswitch: netlink: Flow key attr not present in new flow.
[  141.121919][ T8484] netlink: 44 bytes leftover after parsing attributes in process `syz.2.678'.
[  141.125379][ T8484] openvswitch: netlink: Flow key attr not present in new flow.
[  141.197051][ T8458] usb 6-1: reset high-speed USB device number 5 using dummy_hcd
[  142.694770][ T1335] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  142.717319][ T8509] input: syz1 as /devices/virtual/input/input11
[  142.956134][ T8514] block device autoloading is deprecated and will be removed.
[  143.146120][ T1335] usb 6-1: USB disconnect, device number 5
[  143.217632][ T8522] netlink: 32 bytes leftover after parsing attributes in process `syz.1.687'.
[  143.914195][ T8526] openvswitch: netlink: Flow key attr not present in new flow.
[  143.959677][ T8529] FAULT_INJECTION: forcing a failure.
[  143.959677][ T8529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.962728][ T8530] input: syz0 as /devices/virtual/input/input12
[  143.963292][ T8529] CPU: 1 UID: 0 PID: 8529 Comm: syz.2.690 Not tainted 6.13.0-rc4-syzkaller #0
[  143.967390][ T8529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.970245][ T8529] Call Trace:
[  143.971186][ T8529]  <TASK>
[  143.971979][ T8529]  dump_stack_lvl+0x16c/0x1f0
[  143.973211][ T8529]  should_fail_ex+0x497/0x5b0
[  143.974440][ T8529]  _copy_from_user+0x2e/0xd0
[  143.975714][ T8529]  btf_new_fd+0x73a/0x53c0
[  143.976891][ T8529]  ? __pfx___lock_acquire+0x10/0x10
[  143.978277][ T8529]  ? aa_get_newest_label+0x376/0x680
[  143.979721][ T8529]  ? __pfx_btf_new_fd+0x10/0x10
[  143.981086][ T8529]  ? __pfx_lock_release+0x10/0x10
[  143.982406][ T8529]  ? apparmor_capable+0x114/0x1d0
[  143.983744][ T8529]  ? bpf_lsm_capable+0x9/0x10
[  143.984989][ T8529]  ? security_capable+0x7e/0x260
[  143.986393][ T8529]  ? ns_capable+0xd7/0x110
[  143.987563][ T8529]  __sys_bpf+0x23fb/0x57a0
[  143.988763][ T8529]  ? __pfx_lock_release+0x10/0x10
[  143.990085][ T8529]  ? __pfx___sys_bpf+0x10/0x10
[  143.991623][ T8529]  ? vfs_write+0x306/0x1150
[  143.992818][ T8529]  ? __mutex_unlock_slowpath+0x164/0x690
[  143.994289][ T8529]  ? fput+0x67/0x440
[  143.995381][ T8529]  ? ksys_write+0x1ba/0x250
[  143.996570][ T8529]  ? __pfx_ksys_write+0x10/0x10
[  143.997843][ T8529]  __ia32_sys_bpf+0x76/0xe0
[  143.999059][ T8529]  __do_fast_syscall_32+0x73/0x120
[  144.000405][ T8529]  do_fast_syscall_32+0x32/0x80
[  144.001769][ T8529]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.003430][ T8529] RIP: 0023:0xf7f27579
[  144.004509][ T8529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.009621][ T8529] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  144.011756][ T8529] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 0000000020000280
[  144.013885][ T8529] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  144.016315][ T8529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.019044][ T8529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.021840][ T8529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.024638][ T8529]  </TASK>
[  144.465324][ T1335] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  144.625345][ T1335] usb 6-1: Using ep0 maxpacket: 8
[  144.627837][ T1335] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  144.630318][ T1335] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  144.632960][ T1335] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  144.635751][ T1335] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  144.639309][ T1335] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  144.641756][ T1335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.848647][ T1335] usb 6-1: GET_CAPABILITIES returned 0
[  144.850169][ T1335] usbtmc 6-1:16.0: can't read capabilities
[  145.157568][ T8554] syzkaller1: entered promiscuous mode
[  145.159169][ T8554] syzkaller1: entered allmulticast mode
[  145.223835][   T57] usb 6-1: USB disconnect, device number 6
[  145.280092][ T8565] FAULT_INJECTION: forcing a failure.
[  145.280092][ T8565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.283381][ T8565] CPU: 3 UID: 0 PID: 8565 Comm: syz.1.698 Not tainted 6.13.0-rc4-syzkaller #0
[  145.285530][ T8565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  145.288164][ T8565] Call Trace:
[  145.289043][ T8565]  <TASK>
[  145.289784][ T8565]  dump_stack_lvl+0x16c/0x1f0
[  145.290957][ T8565]  should_fail_ex+0x497/0x5b0
[  145.292157][ T8565]  _copy_from_user+0x2e/0xd0
[  145.293295][ T8565]  memdup_user+0x71/0xd0
[  145.294369][ T8565]  strndup_user+0x78/0xe0
[  145.295469][ T8565]  __do_sys_request_key+0x162/0x3d0
[  145.296759][ T8565]  ? __pfx___do_sys_request_key+0x10/0x10
[  145.298192][ T8565]  ? ksys_write+0x1ba/0x250
[  145.299370][ T8565]  __do_fast_syscall_32+0x73/0x120
[  145.300847][ T8565]  do_fast_syscall_32+0x32/0x80
[  145.302122][ T8565]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  145.303691][ T8565] RIP: 0023:0xf707e579
[  145.304670][ T8565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  145.309309][ T8565] RSP: 002b:00000000f507055c EFLAGS: 00000296 ORIG_RAX: 000000000000011f
[  145.311388][ T8565] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020001ffb
[  145.313328][ T8565] RDX: 0000000020001fee RSI: 0000000000000000 RDI: 0000000000000000
[  145.315409][ T8565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  145.317392][ T8565] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  145.319327][ T8565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  145.321233][ T8565]  </TASK>
[  145.398176][ T8575] __nla_validate_parse: 2 callbacks suppressed
[  145.398193][ T8575] netlink: 112 bytes leftover after parsing attributes in process `syz.2.699'.
[  145.904531][ T8591] netlink: 'syz.0.704': attribute type 10 has an invalid length.
[  145.912102][ T8591] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  145.996283][ T8597] netlink: 'syz.0.707': attribute type 1 has an invalid length.
[  145.998397][ T8597] netlink: 224 bytes leftover after parsing attributes in process `syz.0.707'.
[  146.004205][ T8597] syz.0.707 (8597): /proc/8596/oom_adj is deprecated, please use /proc/8596/oom_score_adj instead.
[  146.740046][ T8603] nbd: must specify a size in bytes for the device
[  146.846986][ T8609] netlink: 44 bytes leftover after parsing attributes in process `syz.0.711'.
[  146.849505][ T8609] openvswitch: netlink: Flow key attr not present in new flow.
[  146.912687][ T8605] netlink: 'syz.1.709': attribute type 4 has an invalid length.
[  146.914720][ T8605] netlink: 17 bytes leftover after parsing attributes in process `syz.1.709'.
[  147.048980][ T8605] FAT-fs (sr0): bogus number of reserved sectors
[  147.054579][ T8605] FAT-fs (sr0): Can't find a valid FAT filesystem
[  147.156028][ T8625] netlink: 32 bytes leftover after parsing attributes in process `syz.2.716'.
[  147.804425][ T8639] netlink: 8 bytes leftover after parsing attributes in process `syz.0.720'.
[  148.013651][ T8643] netlink: 44 bytes leftover after parsing attributes in process `syz.2.721'.
[  148.016473][ T8643] openvswitch: netlink: Flow key attr not present in new flow.
[  148.088671][ T8646] FAULT_INJECTION: forcing a failure.
[  148.088671][ T8646] name failslab, interval 1, probability 0, space 0, times 0
[  148.093055][ T8646] CPU: 1 UID: 0 PID: 8646 Comm: syz.2.722 Not tainted 6.13.0-rc4-syzkaller #0
[  148.096300][ T8646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.100163][ T8646] Call Trace:
[  148.101345][ T8646]  <TASK>
[  148.102392][ T8646]  dump_stack_lvl+0x16c/0x1f0
[  148.104070][ T8646]  should_fail_ex+0x497/0x5b0
[  148.105736][ T8646]  ? fs_reclaim_acquire+0xae/0x150
[  148.107577][ T8646]  should_failslab+0xc2/0x120
[  148.109283][ T8646]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  148.111342][ T8646]  ? __lock_acquire+0x15a9/0x3c40
[  148.113129][ T8646]  ? __alloc_skb+0x2b3/0x380
[  148.114371][ T8646]  __alloc_skb+0x2b3/0x380
[  148.115665][ T8646]  ? __pfx___alloc_skb+0x10/0x10
[  148.116961][ T8646]  netlink_alloc_large_skb+0x69/0x130
[  148.118356][ T8646]  netlink_sendmsg+0x689/0xd70
[  148.119618][ T8646]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.120993][ T8646]  ____sys_sendmsg+0x9ae/0xb40
[  148.122236][ T8646]  ? __pfx_____sys_sendmsg+0x10/0x10
[  148.123815][ T8646]  ? get_compat_msghdr+0x11b/0x170
[  148.125149][ T8646]  ___sys_sendmsg+0x135/0x1e0
[  148.126374][ T8646]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.127729][ T8646]  ? __pfx_lock_release+0x10/0x10
[  148.129139][ T8646]  ? trace_lock_acquire+0x14e/0x1f0
[  148.130497][ T8646]  ? __fget_files+0x206/0x3a0
[  148.131736][ T8646]  __sys_sendmsg+0x16e/0x220
[  148.132993][ T8646]  ? __pfx___sys_sendmsg+0x10/0x10
[  148.134318][ T8646]  __do_fast_syscall_32+0x73/0x120
[  148.135620][ T8646]  do_fast_syscall_32+0x32/0x80
[  148.136854][ T8646]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.138520][ T8646] RIP: 0023:0xf7f27579
[  148.139600][ T8646] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  148.144589][ T8646] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  148.146752][ T8646] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000500
[  148.148746][ T8646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  148.150786][ T8646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.152838][ T8646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  148.154867][ T8646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.156862][ T8646]  </TASK>
[  148.157715][    C1] vkms_vblank_simulate: vblank timer overrun
[  148.313453][ T8659] fuse: Bad value for 'group_id'
[  148.314661][ T8659] fuse: Bad value for 'group_id'
[  148.425350][ T5943] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  148.575460][ T5943] usb 6-1: Using ep0 maxpacket: 8
[  148.584718][ T5943] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  148.587698][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  148.591766][ T5943] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  148.596133][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  148.600167][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  148.605205][ T5943] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  148.608011][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  148.612061][ T5943] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  148.616394][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  148.620383][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  148.625451][ T5943] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  148.629505][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  148.633584][ T5943] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  148.637302][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  148.640139][ T5943] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  148.645132][ T5943] usb 6-1: string descriptor 0 read error: -22
[  148.647003][ T5943] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  148.649330][ T5943] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.653752][ T5943] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  148.697923][ T8672] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  149.008540][ T8673] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  149.010426][ T8673] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  149.013702][ T8673] vhci_hcd vhci_hcd.0: Device attached
[  149.195460][ T5943] vhci_hcd: vhci_device speed not set
[  149.256285][ T5943] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  149.392077][ T8679] netlink: 48 bytes leftover after parsing attributes in process `syz.0.734'.
[  149.526495][ T8685] netlink: 32 bytes leftover after parsing attributes in process `syz.2.736'.
[  149.555130][ T8685] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  149.555130][ T8685]    program syz.2.736 not setting count and/or reply_len properly
[  149.609527][ T8674] vhci_hcd: connection reset by peer
[  149.617229][ T8652] ALSA: mixer_oss: invalid OSS volume '‰'
[  149.621471][   T57] usb 6-1: USB disconnect, device number 7
[  149.625309][ T1142] vhci_hcd: stop threads
[  149.627141][ T1142] vhci_hcd: release socket
[  149.629803][ T1142] vhci_hcd: disconnect device
[  149.975401][ T8690] netlink: 28 bytes leftover after parsing attributes in process `syz.0.737'.
[  149.984863][ T8692] FAULT_INJECTION: forcing a failure.
[  149.984863][ T8692] name failslab, interval 1, probability 0, space 0, times 0
[  149.988168][ T8692] CPU: 1 UID: 0 PID: 8692 Comm: syz.3.738 Not tainted 6.13.0-rc4-syzkaller #0
[  149.990425][ T8692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.994099][ T8692] Call Trace:
[  149.995329][ T8692]  <TASK>
[  149.996315][ T8692]  dump_stack_lvl+0x16c/0x1f0
[  149.997541][ T8692]  should_fail_ex+0x497/0x5b0
[  149.998788][ T8692]  should_failslab+0xc2/0x120
[  150.000018][ T8692]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  150.001450][ T8692]  ? skb_clone+0x190/0x3f0
[  150.002648][ T8692]  skb_clone+0x190/0x3f0
[  150.003764][ T8692]  netlink_deliver_tap+0xafd/0xca0
[  150.005115][ T8692]  netlink_unicast+0x5e1/0x7f0
[  150.006401][ T8692]  ? __pfx_netlink_unicast+0x10/0x10
[  150.008087][ T8692]  ? __phys_addr_symbol+0x30/0x80
[  150.009401][ T8692]  ? __check_object_size+0x488/0x710
[  150.010765][ T8692]  netlink_sendmsg+0x8b8/0xd70
[  150.012032][ T8692]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.013953][ T8692]  ____sys_sendmsg+0x9ae/0xb40
[  150.015721][ T8692]  ? __pfx_____sys_sendmsg+0x10/0x10
[  150.017602][ T8692]  ? get_compat_msghdr+0x11b/0x170
[  150.018948][ T8692]  ___sys_sendmsg+0x135/0x1e0
[  150.020184][ T8692]  ? __pfx____sys_sendmsg+0x10/0x10
[  150.021528][ T8692]  ? __pfx_lock_release+0x10/0x10
[  150.022894][ T8692]  ? trace_lock_acquire+0x14e/0x1f0
[  150.024265][ T8692]  ? __fget_files+0x206/0x3a0
[  150.025501][ T8692]  __sys_sendmsg+0x16e/0x220
[  150.026720][ T8692]  ? __pfx___sys_sendmsg+0x10/0x10
[  150.028089][ T8692]  __do_fast_syscall_32+0x73/0x120
[  150.029425][ T8692]  do_fast_syscall_32+0x32/0x80
[  150.030682][ T8692]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  150.032323][ T8692] RIP: 0023:0xf7fb3579
[  150.033393][ T8692] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  150.039900][ T8692] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  150.042040][ T8692] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004340
[  150.044082][ T8692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  150.046175][ T8692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  150.048221][ T8692] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  150.050248][ T8692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.052140][ T8692]  </TASK>
[  150.052997][    C1] vkms_vblank_simulate: vblank timer overrun
[  150.172174][ T8709] FAULT_INJECTION: forcing a failure.
[  150.172174][ T8709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.175477][ T8709] CPU: 0 UID: 0 PID: 8709 Comm: syz.1.743 Not tainted 6.13.0-rc4-syzkaller #0
[  150.177638][ T8709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.180187][ T8709] Call Trace:
[  150.181006][ T8709]  <TASK>
[  150.181781][ T8709]  dump_stack_lvl+0x16c/0x1f0
[  150.182951][ T8709]  should_fail_ex+0x497/0x5b0
[  150.184121][ T8709]  _copy_to_user+0x32/0xd0
[  150.185225][ T8709]  simple_read_from_buffer+0xd0/0x160
[  150.186585][ T8709]  proc_fail_nth_read+0x198/0x270
[  150.187838][ T8709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.189178][ T8709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.190687][ T8709]  vfs_read+0x1df/0xbe0
[  150.191744][ T8709]  ? __fget_files+0x1fc/0x3a0
[  150.193009][ T8709]  ? __pfx___mutex_lock+0x10/0x10
[  150.194328][ T8709]  ? __pfx_vfs_read+0x10/0x10
[  150.195642][ T8709]  ? __fget_files+0x206/0x3a0
[  150.196878][ T8709]  ksys_read+0x12b/0x250
[  150.197970][ T8709]  ? __pfx_ksys_read+0x10/0x10
[  150.199217][ T8709]  __do_fast_syscall_32+0x73/0x120
[  150.200567][ T8709]  do_fast_syscall_32+0x32/0x80
[  150.201856][ T8709]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  150.203603][ T8709] RIP: 0023:0xf707e579
[  150.204671][ T8709] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  150.209492][ T8709] RSP: 002b:00000000f5070590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  150.211598][ T8709] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5070620
[  150.213753][ T8709] RDX: 000000000000000f RSI: 00000000f73b3ff4 RDI: 0000000000000000
[  150.215808][ T8709] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  150.217849][ T8709] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  150.219895][ T8709] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.222103][ T8709]  </TASK>
[  150.442935][ T8725] futex_wake_op: syz.1.747 tries to shift op by -1; fix this program
[  150.467910][   T39] kauditd_printk_skb: 116 callbacks suppressed
[  150.467925][   T39] audit: type=1326 audit(1734955432.340:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.482092][   T39] audit: type=1326 audit(1734955432.350:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.492782][   T39] audit: type=1326 audit(1734955432.360:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.503320][   T39] audit: type=1326 audit(1734955432.360:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.510302][   T39] audit: type=1326 audit(1734955432.360:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.520353][   T39] audit: type=1326 audit(1734955432.360:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.528282][   T39] audit: type=1326 audit(1734955432.360:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.538809][   T39] audit: type=1326 audit(1734955432.360:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.546356][   T39] audit: type=1326 audit(1734955432.360:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf707e579 code=0x7ffc0000
[  150.564740][ T8725] futex_wake_op: syz.1.747 tries to shift op by -1; fix this program
[  150.567026][   T39] audit: type=1326 audit(1734955432.360:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.1.747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  151.276289][ T8746] rdma_rxe: rxe_newlink: failed to add bond0
[  151.483848][ T8762] __nla_validate_parse: 1 callbacks suppressed
[  151.483858][ T8762] netlink: 32 bytes leftover after parsing attributes in process `syz.3.757'.
[  151.509558][ T8762] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  151.509558][ T8762]    program syz.3.757 not setting count and/or reply_len properly
[  153.325337][ T8813] FAULT_INJECTION: forcing a failure.
[  153.325337][ T8813] name failslab, interval 1, probability 0, space 0, times 0
[  153.328807][ T8813] CPU: 2 UID: 0 PID: 8813 Comm: syz.2.770 Not tainted 6.13.0-rc4-syzkaller #0
[  153.331089][ T8813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.333819][ T8813] Call Trace:
[  153.334709][ T8813]  <TASK>
[  153.335499][ T8813]  dump_stack_lvl+0x16c/0x1f0
[  153.336739][ T8813]  should_fail_ex+0x497/0x5b0
[  153.337980][ T8813]  ? fs_reclaim_acquire+0xae/0x150
[  153.339361][ T8813]  should_failslab+0xc2/0x120
[  153.340605][ T8813]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  153.342092][ T8813]  ? delete_node+0x207/0x8e0
[  153.343335][ T8813]  ? __d_alloc+0x35/0x8c0
[  153.344479][ T8813]  __d_alloc+0x35/0x8c0
[  153.345595][ T8813]  d_alloc_pseudo+0x1c/0xc0
[  153.346792][ T8813]  alloc_file_pseudo+0xd2/0x200
[  153.348091][ T8813]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  153.349522][ T8813]  ? __pfx_idr_alloc_u32+0x10/0x10
[  153.350862][ T8813]  ? find_held_lock+0x2d/0x110
[  153.352106][ T8813]  ? find_held_lock+0x2d/0x110
[  153.353361][ T8813]  __anon_inode_getfile+0x136/0x3c0
[  153.354722][ T8813]  ? __pfx___anon_inode_getfile+0x10/0x10
[  153.356157][ T8813]  ? __local_bh_enable_ip+0xa4/0x120
[  153.357512][ T8813]  bpf_link_prime+0x202/0x4d0
[  153.358751][ T8813]  tcx_link_attach+0x21a/0x9f0
[  153.360029][ T8813]  ? __pfx_tcx_link_attach+0x10/0x10
[  153.361425][ T8813]  ? __fget_files+0x206/0x3a0
[  153.362684][ T8813]  ? fput+0x67/0x440
[  153.363728][ T8813]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  153.365309][ T8813]  __sys_bpf+0x4b77/0x57a0
[  153.366492][ T8813]  ? __pfx_lock_release+0x10/0x10
[  153.367818][ T8813]  ? __pfx___sys_bpf+0x10/0x10
[  153.369096][ T8813]  ? vfs_write+0x306/0x1150
[  153.370301][ T8813]  ? __mutex_unlock_slowpath+0x164/0x690
[  153.371788][ T8813]  ? fput+0x67/0x440
[  153.372825][ T8813]  ? ksys_write+0x1ba/0x250
[  153.374026][ T8813]  ? __pfx_ksys_write+0x10/0x10
[  153.375322][ T8813]  __ia32_sys_bpf+0x76/0xe0
[  153.376522][ T8813]  __do_fast_syscall_32+0x73/0x120
[  153.377871][ T8813]  do_fast_syscall_32+0x32/0x80
[  153.379174][ T8813]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.380840][ T8813] RIP: 0023:0xf7f27579
[  153.381923][ T8813] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.386890][ T8813] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  153.389067][ T8813] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 0000000020000140
[  153.391120][ T8813] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  153.393183][ T8813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.395238][ T8813] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.397211][ T8813] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.399129][ T8813]  </TASK>
[  154.375354][ T5943] vhci_hcd: vhci_device speed not set
[  154.544271][ T8839] FAULT_INJECTION: forcing a failure.
[  154.544271][ T8839] name failslab, interval 1, probability 0, space 0, times 0
[  154.547794][ T8839] CPU: 2 UID: 0 PID: 8839 Comm: syz.2.778 Not tainted 6.13.0-rc4-syzkaller #0
[  154.550048][ T8839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.552714][ T8839] Call Trace:
[  154.553559][ T8839]  <TASK>
[  154.554332][ T8839]  dump_stack_lvl+0x16c/0x1f0
[  154.555578][ T8839]  should_fail_ex+0x497/0x5b0
[  154.556784][ T8839]  should_failslab+0xc2/0x120
[  154.557969][ T8839]  __kmalloc_cache_noprof+0x68/0x420
[  154.559285][ T8839]  ? do_raw_spin_lock+0x12d/0x2c0
[  154.560581][ T8839]  tipc_group_create_member+0x57/0x640
[  154.562047][ T8839]  tipc_nametbl_build_group+0x21a/0x400
[  154.563402][ T8839]  tipc_setsockopt+0x9a4/0xe80
[  154.564617][ T8839]  ? __pfx_tipc_setsockopt+0x10/0x10
[  154.565933][ T8839]  ? ksys_write+0x191/0x250
[  154.567199][ T8839]  ? __pfx_tipc_setsockopt+0x10/0x10
[  154.568538][ T8839]  do_sock_setsockopt+0x222/0x480
[  154.569771][ T8839]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  154.571104][ T8839]  ? lock_acquire+0x2f/0xb0
[  154.572288][ T8839]  __sys_setsockopt+0x1a0/0x230
[  154.573500][ T8839]  __ia32_sys_setsockopt+0xbc/0x160
[  154.574772][ T8839]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.576056][ T8839]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  154.577702][ T8839]  __do_fast_syscall_32+0x73/0x120
[  154.578962][ T8839]  do_fast_syscall_32+0x32/0x80
[  154.580196][ T8839]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.581775][ T8839] RIP: 0023:0xf7f27579
[  154.582782][ T8839] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  154.587428][ T8839] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  154.589577][ T8839] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000010f
[  154.591512][ T8839] RDX: 0000000000000087 RSI: 00000000200000c0 RDI: 000000000000001c
[  154.593425][ T8839] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.595320][ T8839] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  154.597176][ T8839] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.599086][ T8839]  </TASK>
[  154.712595][ T8846] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  155.308980][ T8857] delete_channel: no stack
[  155.487964][ T8875] netlink: 32 bytes leftover after parsing attributes in process `syz.1.789'.
[  155.873211][ T8884] netlink: 44 bytes leftover after parsing attributes in process `syz.3.791'.
[  155.875912][ T8884] openvswitch: netlink: Flow key attr not present in new flow.
[  156.419697][ T8896] netlink: 'syz.3.795': attribute type 4 has an invalid length.
[  156.720440][ T8902] FAULT_INJECTION: forcing a failure.
[  156.720440][ T8902] name failslab, interval 1, probability 0, space 0, times 0
[  156.723839][ T8902] CPU: 1 UID: 0 PID: 8902 Comm: syz.0.797 Not tainted 6.13.0-rc4-syzkaller #0
[  156.726283][ T8902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.730117][ T8902] Call Trace:
[  156.731369][ T8902]  <TASK>
[  156.732473][ T8902]  dump_stack_lvl+0x16c/0x1f0
[  156.734228][ T8902]  should_fail_ex+0x497/0x5b0
[  156.736007][ T8902]  ? fs_reclaim_acquire+0xae/0x150
[  156.737843][ T8902]  should_failslab+0xc2/0x120
[  156.739607][ T8902]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  156.741680][ T8902]  ? find_held_lock+0x2d/0x110
[  156.743418][ T8902]  ? __d_alloc+0x35/0x8c0
[  156.744960][ T8902]  __d_alloc+0x35/0x8c0
[  156.746576][ T8902]  d_alloc_pseudo+0x1c/0xc0
[  156.748252][ T8902]  alloc_file_pseudo+0xd2/0x200
[  156.750033][ T8902]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  156.752020][ T8902]  ? alloc_fd+0x41f/0x760
[  156.753593][ T8902]  sock_alloc_file+0x50/0x1d0
[  156.755322][ T8902]  __sys_socket+0x1c2/0x260
[  156.756969][ T8902]  ? __pfx___sys_socket+0x10/0x10
[  156.758802][ T8902]  ? ksys_write+0x1ba/0x250
[  156.760461][ T8902]  ? __pfx_ksys_write+0x10/0x10
[  156.762251][ T8902]  __ia32_sys_socket+0x72/0xb0
[  156.763993][ T8902]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  156.766461][ T8902]  __do_fast_syscall_32+0x73/0x120
[  156.768345][ T8902]  do_fast_syscall_32+0x32/0x80
[  156.770103][ T8902]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.772363][ T8902] RIP: 0023:0xf7fa8579
[  156.773832][ T8902] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.780668][ T8902] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000167
[  156.783610][ T8902] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000001
[  156.786278][ T8902] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  156.788962][ T8902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.791661][ T8902] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.793588][ T8902] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.795475][ T8902]  </TASK>
[  157.818339][ T8917] netlink: 44 bytes leftover after parsing attributes in process `syz.2.803'.
[  157.824132][ T8917] openvswitch: netlink: Flow key attr not present in new flow.
[  158.066116][ T8925] syz0: rxe_newlink: already configured on bond0
[  158.170922][ T5322] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  158.335303][ T5322] usb 5-1: Using ep0 maxpacket: 8
[  158.338089][ T5322] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  158.340846][ T5322] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  158.343207][ T5322] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  158.346230][ T5322] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  158.350304][ T5322] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  158.354537][ T5322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.360603][ T5322] hub 5-1:1.0: bad descriptor, ignoring hub
[  158.363715][ T5322] hub 5-1:1.0: probe with driver hub failed with error -5
[  158.367675][ T5322] cdc_wdm 5-1:1.0: skipping garbage
[  158.370272][ T5322] cdc_wdm 5-1:1.0: skipping garbage
[  158.373469][ T5322] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  158.376731][ T5322] cdc_wdm 5-1:1.0: Unknown control protocol
[  158.690776][ T1335] usb 5-1: USB disconnect, device number 3
[  159.589104][ T8944] delete_channel: no stack
[  159.620592][ T8934] delete_channel: no stack
[  159.699479][ T8961] netlink: 44 bytes leftover after parsing attributes in process `syz.2.812'.
[  159.699494][ T8961] openvswitch: netlink: Flow key attr not present in new flow.
[  159.826643][ T5937] Bluetooth: hci1: command 0x0406 tx timeout
[  159.829715][ T5937] Bluetooth: hci2: command 0x0406 tx timeout
[  159.829788][ T5937] Bluetooth: hci0: command 0x0c20 tx timeout
[  160.646268][ T8973] rdma_rxe: rxe_newlink: failed to add bond0
[  160.860453][ T8979] netlink: 'syz.2.817': attribute type 13 has an invalid length.
[  160.869078][ T8979] gretap0: refused to change device tx_queue_len
[  160.870750][ T8979] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  161.182132][ T8991] FAULT_INJECTION: forcing a failure.
[  161.182132][ T8991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.185714][ T8991] CPU: 0 UID: 0 PID: 8991 Comm: syz.2.819 Not tainted 6.13.0-rc4-syzkaller #0
[  161.188022][ T8991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.190809][ T8991] Call Trace:
[  161.191698][ T8991]  <TASK>
[  161.192477][ T8991]  dump_stack_lvl+0x16c/0x1f0
[  161.193713][ T8991]  should_fail_ex+0x497/0x5b0
[  161.194948][ T8991]  _copy_to_user+0x32/0xd0
[  161.196140][ T8991]  simple_read_from_buffer+0xd0/0x160
[  161.197530][ T8991]  proc_fail_nth_read+0x198/0x270
[  161.198843][ T8991]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  161.200292][ T8991]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  161.201738][ T8991]  vfs_read+0x1df/0xbe0
[  161.202827][ T8991]  ? __fget_files+0x1fc/0x3a0
[  161.204086][ T8991]  ? __pfx___mutex_lock+0x10/0x10
[  161.205424][ T8991]  ? __pfx_vfs_read+0x10/0x10
[  161.206621][ T8991]  ? __fget_files+0x206/0x3a0
[  161.207862][ T8991]  ksys_read+0x12b/0x250
[  161.208977][ T8991]  ? __pfx_ksys_read+0x10/0x10
[  161.210227][ T8991]  __do_fast_syscall_32+0x73/0x120
[  161.211564][ T8991]  do_fast_syscall_32+0x32/0x80
[  161.212836][ T8991]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  161.214476][ T8991] RIP: 0023:0xf7f27579
[  161.215551][ T8991] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  161.220485][ T8991] RSP: 002b:00000000f5055590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  161.222637][ T8991] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5055620
[  161.224681][ T8991] RDX: 000000000000000f RSI: 00000000f73b3ff4 RDI: 0000000000000000
[  161.226743][ T8991] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  161.228824][ T8991] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  161.230860][ T8991] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  161.232924][ T8991]  </TASK>
[  161.752290][ T8999] netlink: 44 bytes leftover after parsing attributes in process `syz.3.822'.
[  161.754612][ T8999] openvswitch: netlink: Flow key attr not present in new flow.
[  162.505309][   T57] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  162.655528][   T57] usb 6-1: Using ep0 maxpacket: 8
[  162.659517][   T57] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.662057][   T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  162.664385][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  162.667530][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  162.670515][   T57] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  162.672931][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.679285][   T57] hub 6-1:1.0: bad descriptor, ignoring hub
[  162.680914][   T57] hub 6-1:1.0: probe with driver hub failed with error -5
[  162.684882][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  162.686378][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  162.689797][   T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  162.691433][   T57] cdc_wdm 6-1:1.0: Unknown control protocol
[  162.695335][   T56] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  162.745609][ T9018] FAULT_INJECTION: forcing a failure.
[  162.745609][ T9018] name failslab, interval 1, probability 0, space 0, times 0
[  162.750113][ T9018] CPU: 3 UID: 0 PID: 9018 Comm: syz.2.829 Not tainted 6.13.0-rc4-syzkaller #0
[  162.753266][ T9018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.757085][ T9018] Call Trace:
[  162.758328][ T9018]  <TASK>
[  162.759424][ T9018]  dump_stack_lvl+0x16c/0x1f0
[  162.760828][ T9018]  should_fail_ex+0x497/0x5b0
[  162.762076][ T9018]  ? fs_reclaim_acquire+0xae/0x150
[  162.763426][ T9018]  should_failslab+0xc2/0x120
[  162.764983][ T9018]  __kmalloc_noprof+0xce/0x4f0
[  162.766739][ T9018]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  162.768644][ T9018]  ? ip_options_get+0xa7/0x440
[  162.769884][ T9018]  ip_options_get+0xa7/0x440
[  162.771077][ T9018]  ? __pfx_ip_options_get+0x10/0x10
[  162.772570][ T9018]  ? __pfx_snprintf+0x10/0x10
[  162.773736][ T9018]  ip_cmsg_send+0x953/0xba0
[  162.775010][ T9018]  ? tomoyo_audit_inet_log+0x235/0x330
[  162.776430][ T9018]  raw_sendmsg+0xde4/0x3870
[  162.777617][ T9018]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  162.779004][ T9018]  ? tomoyo_check_acl+0x1f7/0x410
[  162.780307][ T9018]  ? __pfx_raw_sendmsg+0x10/0x10
[  162.781597][ T9018]  ? __pfx_tomoyo_check_inet_address+0x10/0x10
[  162.783682][ T9018]  ? __pfx___might_resched+0x10/0x10
[  162.785573][ T9018]  ? aa_sk_perm+0x2f5/0xb20
[  162.787241][ T9018]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  162.789658][ T9018]  ? __pfx_raw_sendmsg+0x10/0x10
[  162.791450][ T9018]  inet_sendmsg+0x119/0x140
[  162.793110][ T9018]  ____sys_sendmsg+0x907/0xb40
[  162.794847][ T9018]  ? __pfx_____sys_sendmsg+0x10/0x10
[  162.796741][ T9018]  ? get_compat_msghdr+0x11b/0x170
[  162.798569][ T9018]  ___sys_sendmsg+0x135/0x1e0
[  162.799920][ T9018]  ? __pfx____sys_sendmsg+0x10/0x10
[  162.801274][ T9018]  ? trace_lock_acquire+0x14e/0x1f0
[  162.802642][ T9018]  __sys_sendmmsg+0x2fa/0x420
[  162.803901][ T9018]  ? __pfx___sys_sendmmsg+0x10/0x10
[  162.805756][ T9018]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  162.807734][ T9018]  ? fput+0x67/0x440
[  162.809123][ T9018]  ? ksys_write+0x1ba/0x250
[  162.810780][ T9018]  ? __pfx_ksys_write+0x10/0x10
[  162.812111][ T9018]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  162.813561][ T9018]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  162.815793][ T9018]  __do_fast_syscall_32+0x73/0x120
[  162.817315][ T9018]  do_fast_syscall_32+0x32/0x80
[  162.818571][ T9018]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.820215][ T9018] RIP: 0023:0xf7f27579
[  162.821277][ T9018] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  162.827345][ T9018] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  162.829527][ T9018] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000b80
[  162.831563][ T9018] RDX: 0000000000000001 RSI: 0000000000008804 RDI: 0000000000000000
[  162.833687][ T9018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.836395][ T9018] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  162.838787][ T9018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.840835][ T9018]  </TASK>
[  162.925301][   T56] usb 5-1: Using ep0 maxpacket: 8
[  162.928258][   T56] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.931719][   T56] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  162.934557][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  162.938377][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  162.941870][   T56] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  162.944779][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.950589][   T56] hub 5-1:1.0: bad descriptor, ignoring hub
[  162.952172][   T56] hub 5-1:1.0: probe with driver hub failed with error -5
[  162.954246][   T56] cdc_wdm 5-1:1.0: skipping garbage
[  162.955678][   T56] cdc_wdm 5-1:1.0: skipping garbage
[  162.958334][   T56] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  162.959975][   T56] cdc_wdm 5-1:1.0: Unknown control protocol
[  162.976115][ T9022] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  162.986113][   T57] usb 6-1: USB disconnect, device number 8
[  163.256114][   T56] usb 5-1: USB disconnect, device number 4
[  163.335354][   T57] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  163.495335][   T57] usb 6-1: Using ep0 maxpacket: 8
[  163.497963][   T57] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.500664][   T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  163.503051][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  163.506295][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  163.509264][   T57] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  163.511641][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.515654][   T57] hub 6-1:1.0: bad descriptor, ignoring hub
[  163.517266][   T57] hub 6-1:1.0: probe with driver hub failed with error -5
[  163.519273][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  163.520690][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  163.523549][   T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  163.525126][   T57] cdc_wdm 6-1:1.0: Unknown control protocol
[  163.598132][   T56] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  163.738600][ T9024] netlink: 44 bytes leftover after parsing attributes in process `syz.2.831'.
[  163.741693][ T9024] openvswitch: netlink: Flow key attr not present in new flow.
[  163.745615][   T56] usb 5-1: Using ep0 maxpacket: 8
[  163.749228][   T56] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.752528][   T56] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  163.756343][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  163.756367][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  163.756395][   T56] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  163.756411][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.759329][   T56] hub 5-1:1.0: bad descriptor, ignoring hub
[  163.772401][   T56] hub 5-1:1.0: probe with driver hub failed with error -5
[  163.772597][   T56] cdc_wdm 5-1:1.0: skipping garbage
[  163.778591][   T56] cdc_wdm 5-1:1.0: skipping garbage
[  163.781826][   T56] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  163.784081][   T56] cdc_wdm 5-1:1.0: Unknown control protocol
[  163.979143][ T9028] lo speed is unknown, defaulting to 1000
[  164.731356][   T65] block nbd2: Receive control failed (result -107)
[  164.830964][ T9035] F2FS-fs (nbd2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  164.833682][ T9035] F2FS-fs (nbd2): Can't find valid F2FS filesystem in 1th superblock
[  164.837271][ T9035] F2FS-fs (nbd2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  164.839883][ T9035] F2FS-fs (nbd2): Can't find valid F2FS filesystem in 2th superblock
[  164.855444][ T9036] nbd2: detected capacity change from 0 to 67108884
[  164.860783][ T9034] block nbd2: shutting down sockets
[  164.885575][ T9038] loop6: detected capacity change from 0 to 524287999
[  164.891194][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  164.894584][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.897126][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  164.900720][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.903447][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  165.217401][   T73] usb 6-1: USB disconnect, device number 9
[  165.525996][ T5322] usb 5-1: USB disconnect, device number 5
[  165.974382][ T9057] netlink: 44 bytes leftover after parsing attributes in process `syz.0.840'.
[  165.976766][ T9057] openvswitch: netlink: Flow key attr not present in new flow.
[  166.055172][ T9063] FAULT_INJECTION: forcing a failure.
[  166.055172][ T9063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.059760][ T9063] CPU: 3 UID: 0 PID: 9063 Comm: syz.1.844 Not tainted 6.13.0-rc4-syzkaller #0
[  166.062714][ T9063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.066268][ T9063] Call Trace:
[  166.067394][ T9063]  <TASK>
[  166.068406][ T9063]  dump_stack_lvl+0x16c/0x1f0
[  166.070015][ T9063]  should_fail_ex+0x497/0x5b0
[  166.071646][ T9063]  _copy_to_user+0x32/0xd0
[  166.073192][ T9063]  simple_read_from_buffer+0xd0/0x160
[  166.075032][ T9063]  proc_fail_nth_read+0x198/0x270
[  166.076760][ T9063]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.078646][ T9063]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.080535][ T9063]  vfs_read+0x1df/0xbe0
[  166.081985][ T9063]  ? __fget_files+0x1fc/0x3a0
[  166.083603][ T9063]  ? __pfx___mutex_lock+0x10/0x10
[  166.085323][ T9063]  ? __pfx_vfs_read+0x10/0x10
[  166.086945][ T9063]  ? __fget_files+0x206/0x3a0
[  166.088570][ T9063]  ksys_read+0x12b/0x250
[  166.090018][ T9063]  ? __pfx_ksys_read+0x10/0x10
[  166.091666][ T9063]  __do_fast_syscall_32+0x73/0x120
[  166.093409][ T9063]  do_fast_syscall_32+0x32/0x80
[  166.095073][ T9063]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  166.097225][ T9063] RIP: 0023:0xf707e579
[  166.098639][ T9063] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  166.103657][ T9063] RSP: 002b:00000000f5070590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  166.105803][ T9063] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5070620
[  166.107854][ T9063] RDX: 000000000000000f RSI: 00000000f73b3ff4 RDI: 0000000000000000
[  166.109920][ T9063] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  166.111962][ T9063] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  166.113997][ T9063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  166.116088][ T9063]  </TASK>
[  166.177238][ T9069] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  166.227930][ T9071] netlink: 32 bytes leftover after parsing attributes in process `syz.1.845'.
[  166.238683][ T9071] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  166.238683][ T9071]    program syz.1.845 not setting count and/or reply_len properly
[  166.929774][ T9085] netlink: 20 bytes leftover after parsing attributes in process `syz.2.848'.
[  166.932419][ T9085] netlink: 112 bytes leftover after parsing attributes in process `syz.2.848'.
[  166.934983][ T9085] netlink: 20 bytes leftover after parsing attributes in process `syz.2.848'.
[  166.935304][ T5322] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  166.942110][ T9085] FAULT_INJECTION: forcing a failure.
[  166.942110][ T9085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.945728][ T9085] CPU: 2 UID: 0 PID: 9085 Comm: syz.2.848 Not tainted 6.13.0-rc4-syzkaller #0
[  166.948040][ T9085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.950796][ T9085] Call Trace:
[  166.951977][ T9085]  <TASK>
[  166.953052][ T9085]  dump_stack_lvl+0x16c/0x1f0
[  166.954752][ T9085]  should_fail_ex+0x497/0x5b0
[  166.956004][ T9085]  _copy_from_user+0x2e/0xd0
[  166.957206][ T9085]  get_compat_msghdr+0xa8/0x170
[  166.958477][ T9085]  ? __pfx_get_compat_msghdr+0x10/0x10
[  166.959909][ T9085]  ___sys_sendmsg+0x1b0/0x1e0
[  166.961140][ T9085]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.962499][ T9085]  ? __pfx_lock_release+0x10/0x10
[  166.963807][ T9085]  ? trace_lock_acquire+0x14e/0x1f0
[  166.965198][ T9085]  ? __fget_files+0x206/0x3a0
[  166.966426][ T9085]  __sys_sendmsg+0x16e/0x220
[  166.967658][ T9085]  ? __pfx___sys_sendmsg+0x10/0x10
[  166.969005][ T9085]  __do_fast_syscall_32+0x73/0x120
[  166.970346][ T9085]  do_fast_syscall_32+0x32/0x80
[  166.971947][ T9085]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  166.974070][ T9085] RIP: 0023:0xf7f27579
[  166.975192][ T9085] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  166.980220][ T9085] RSP: 002b:00000000f505555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  166.982388][ T9085] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000000
[  166.984429][ T9085] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  166.986510][ T9085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  166.988570][ T9085] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  166.990592][ T9085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  166.993352][ T9085]  </TASK>
[  167.106405][ T5322] usb 5-1: Using ep0 maxpacket: 8
[  167.109519][ T5322] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.112249][ T5322] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  167.114570][ T5322] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  167.117690][ T5322] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  167.121013][ T5322] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  167.125773][ T5322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.130734][ T5322] hub 5-1:1.0: bad descriptor, ignoring hub
[  167.133689][ T5322] hub 5-1:1.0: probe with driver hub failed with error -5
[  167.137312][ T5322] cdc_wdm 5-1:1.0: skipping garbage
[  167.140528][ T5322] cdc_wdm 5-1:1.0: skipping garbage
[  167.143956][ T5322] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  167.146999][ T5322] cdc_wdm 5-1:1.0: Unknown control protocol
[  167.210105][   T39] kauditd_printk_skb: 30 callbacks suppressed
[  167.210119][   T39] audit: type=1326 audit(1734955449.080:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.850" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707e579 code=0x0
[  167.310634][ T9103] netlink: 112 bytes leftover after parsing attributes in process `syz.2.851'.
[  167.437798][ T5322] usb 5-1: USB disconnect, device number 6
[  167.775427][ T5322] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  167.945519][ T5322] usb 5-1: Using ep0 maxpacket: 8
[  167.949769][ T5322] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.952551][ T5322] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  167.955175][ T5322] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  167.958548][ T5322] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  167.961851][ T5322] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  167.964358][ T5322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.973785][ T5322] hub 5-1:1.0: bad descriptor, ignoring hub
[  167.975479][ T5322] hub 5-1:1.0: probe with driver hub failed with error -5
[  167.977994][ T5322] cdc_wdm 5-1:1.0: skipping garbage
[  167.979437][ T5322] cdc_wdm 5-1:1.0: skipping garbage
[  167.983034][ T5322] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  167.984642][ T5322] cdc_wdm 5-1:1.0: Unknown control protocol
[  168.402593][ T9128] netlink: 32 bytes leftover after parsing attributes in process `syz.3.858'.
[  168.412610][ T9128] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  168.412610][ T9128]    program syz.3.858 not setting count and/or reply_len properly
[  168.450109][ T9123] FAULT_INJECTION: forcing a failure.
[  168.450109][ T9123] name failslab, interval 1, probability 0, space 0, times 0
[  168.453342][ T9123] CPU: 1 UID: 0 PID: 9123 Comm: syz.1.857 Not tainted 6.13.0-rc4-syzkaller #0
[  168.455629][ T9123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.458414][ T9123] Call Trace:
[  168.459301][ T9123]  <TASK>
[  168.460076][ T9123]  dump_stack_lvl+0x16c/0x1f0
[  168.461303][ T9123]  should_fail_ex+0x497/0x5b0
[  168.462542][ T9123]  ? fs_reclaim_acquire+0xae/0x150
[  168.463885][ T9123]  should_failslab+0xc2/0x120
[  168.465114][ T9123]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  168.466497][ T9123]  ? getname_flags.part.0+0x4c/0x550
[  168.467921][ T9123]  ? vfs_write+0x306/0x1150
[  168.469132][ T9123]  getname_flags.part.0+0x4c/0x550
[  168.470465][ T9123]  getname+0x8d/0xe0
[  168.471506][ T9123]  do_sys_openat2+0x104/0x1e0
[  168.472738][ T9123]  ? __pfx_do_sys_openat2+0x10/0x10
[  168.474092][ T9123]  ? __fget_files+0x206/0x3a0
[  168.475332][ T9123]  __ia32_compat_sys_openat+0x16e/0x210
[  168.476781][ T9123]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  168.478378][ T9123]  ? syscall_user_dispatch+0x77/0x140
[  168.479785][ T9123]  __do_fast_syscall_32+0x73/0x120
[  168.481114][ T9123]  do_fast_syscall_32+0x32/0x80
[  168.482407][ T9123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.484106][ T9123] RIP: 0023:0xf707e579
[  168.485171][ T9123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  168.490101][ T9123] RSP: 002b:00000000f507055c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  168.492249][ T9123] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000000000000
[  168.494281][ T9123] RDX: 000000000001a902 RSI: 0000000000000000 RDI: 0000000000000000
[  168.496302][ T9123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.498347][ T9123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  168.500392][ T9123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.502430][ T9123]  </TASK>
[  168.598143][ T9139] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  168.606780][ T9135] [U] ¢
[  168.746543][ T9143] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  168.751450][ T9143] FAULT_INJECTION: forcing a failure.
[  168.751450][ T9143] name failslab, interval 1, probability 0, space 0, times 0
[  168.755727][ T9143] CPU: 0 UID: 0 PID: 9143 Comm: syz.1.861 Not tainted 6.13.0-rc4-syzkaller #0
[  168.758456][ T9143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.762146][ T9143] Call Trace:
[  168.763369][ T9143]  <TASK>
[  168.764455][ T9143]  dump_stack_lvl+0x16c/0x1f0
[  168.766165][ T9143]  should_fail_ex+0x497/0x5b0
[  168.767686][ T9143]  ? fs_reclaim_acquire+0xae/0x150
[  168.769051][ T9143]  should_failslab+0xc2/0x120
[  168.770293][ T9143]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  168.771698][ T9143]  ? getname_flags.part.0+0x4c/0x550
[  168.773081][ T9143]  ? vfs_write+0x306/0x1150
[  168.774284][ T9143]  getname_flags.part.0+0x4c/0x550
[  168.775632][ T9143]  getname+0x8d/0xe0
[  168.776723][ T9143]  do_sys_openat2+0x104/0x1e0
[  168.777970][ T9143]  ? __pfx_do_sys_openat2+0x10/0x10
[  168.779344][ T9143]  ? __fget_files+0x206/0x3a0
[  168.780582][ T9143]  __ia32_compat_sys_openat+0x16e/0x210
[  168.782038][ T9143]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  168.783627][ T9143]  ? ksys_write+0x1ba/0x250
[  168.784824][ T9143]  __do_fast_syscall_32+0x73/0x120
[  168.786167][ T9143]  do_fast_syscall_32+0x32/0x80
[  168.787460][ T9143]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.789097][ T9143] RIP: 0023:0xf707e579
[  168.790165][ T9143] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  168.795160][ T9143] RSP: 002b:00000000f504f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  168.797307][ T9143] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000100
[  168.799387][ T9143] RDX: 0000000000000000 RSI: 0000000000000063 RDI: 0000000000000000
[  168.801431][ T9143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.803494][ T9143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  168.805550][ T9143] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.807618][ T9143]  </TASK>
[  168.808485][    C0] vkms_vblank_simulate: vblank timer overrun
[  168.811349][ T9141] [U] ¢
[  168.928115][ T9147] netlink: 32 bytes leftover after parsing attributes in process `syz.1.863'.
[  169.499343][ T9155] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  169.507859][ T9155] fuse: Bad value for 'fd'
[  169.532024][ T9163] FAULT_INJECTION: forcing a failure.
[  169.532024][ T9163] name failslab, interval 1, probability 0, space 0, times 0
[  169.535716][ T9163] CPU: 3 UID: 0 PID: 9163 Comm: syz.0.868 Not tainted 6.13.0-rc4-syzkaller #0
[  169.537997][ T9163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.540770][ T9163] Call Trace:
[  169.541650][ T9163]  <TASK>
[  169.542428][ T9163]  dump_stack_lvl+0x16c/0x1f0
[  169.543685][ T9163]  should_fail_ex+0x497/0x5b0
[  169.544910][ T9163]  ? fs_reclaim_acquire+0xae/0x150
[  169.546251][ T9163]  should_failslab+0xc2/0x120
[  169.547498][ T9163]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  169.549032][ T9163]  ? __alloc_skb+0x2b3/0x380
[  169.550249][ T9163]  __alloc_skb+0x2b3/0x380
[  169.551423][ T9163]  ? __pfx___alloc_skb+0x10/0x10
[  169.552710][ T9163]  ? inet_diag_handler_cmd+0x1c0/0x2e0
[  169.554132][ T9163]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  169.555650][ T9163]  ? trace_lock_acquire+0x14e/0x1f0
[  169.557008][ T9163]  netlink_ack+0x164/0xb20
[  169.558200][ T9163]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  169.559728][ T9163]  netlink_rcv_skb+0x327/0x410
[  169.560981][ T9163]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  169.562406][ T9163]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  169.563791][ T9163]  ? netlink_deliver_tap+0x1ae/0xca0
[  169.565164][ T9163]  netlink_unicast+0x53c/0x7f0
[  169.566530][ T9163]  ? __pfx_netlink_unicast+0x10/0x10
[  169.567977][ T9163]  ? __phys_addr_symbol+0x30/0x80
[  169.569298][ T9163]  ? __check_object_size+0x488/0x710
[  169.570671][ T9163]  netlink_sendmsg+0x8b8/0xd70
[  169.571938][ T9163]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.573315][ T9163]  ? trace_lock_acquire+0x14e/0x1f0
[  169.574674][ T9163]  sock_write_iter+0x4fe/0x5b0
[  169.575938][ T9163]  ? __pfx_sock_write_iter+0x10/0x10
[  169.577318][ T9163]  do_iter_readv_writev+0x532/0x7f0
[  169.578669][ T9163]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  169.580159][ T9163]  ? bpf_lsm_file_permission+0x9/0x10
[  169.581561][ T9163]  ? security_file_permission+0x71/0x210
[  169.583015][ T9163]  vfs_writev+0x363/0xdd0
[  169.584152][ T9163]  ? find_held_lock+0x2d/0x110
[  169.585411][ T9163]  ? __pfx_vfs_writev+0x10/0x10
[  169.586673][ T9163]  ? find_held_lock+0x2d/0x110
[  169.587944][ T9163]  ? __pfx_lock_release+0x10/0x10
[  169.589275][ T9163]  ? trace_lock_acquire+0x14e/0x1f0
[  169.590634][ T9163]  ? __fget_files+0x206/0x3a0
[  169.591882][ T9163]  ? do_writev+0x297/0x340
[  169.593058][ T9163]  do_writev+0x297/0x340
[  169.594171][ T9163]  ? __pfx_do_writev+0x10/0x10
[  169.595435][ T9163]  __do_fast_syscall_32+0x73/0x120
[  169.596564][ T6028] usb 5-1: USB disconnect, device number 7
[  169.596764][ T9163]  do_fast_syscall_32+0x32/0x80
[  169.600039][ T9163]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  169.601684][ T9163] RIP: 0023:0xf7fa8579
[  169.602756][ T9163] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  169.607710][ T9163] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  169.609887][ T9163] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  169.611939][ T9163] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  169.613989][ T9163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  169.616117][ T9163] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  169.618171][ T9163] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  169.620238][ T9163]  </TASK>
[  170.201340][ T9172] mmap: syz.1.870 (9172) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  170.329471][ T9177] netlink: 32 bytes leftover after parsing attributes in process `syz.3.872'.
[  170.349185][ T9177] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  170.349185][ T9177]    program syz.3.872 not setting count and/or reply_len properly
[  171.397706][   T35] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  171.545358][   T35] usb 6-1: Using ep0 maxpacket: 8
[  171.550097][   T35] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  171.553766][   T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  171.557981][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  171.561947][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  171.565958][   T35] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  171.571504][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.580044][   T35] hub 6-1:1.0: bad descriptor, ignoring hub
[  171.581893][   T35] hub 6-1:1.0: probe with driver hub failed with error -5
[  171.583991][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  171.585485][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  171.587388][   T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  171.590913][   T35] cdc_wdm 6-1:1.0: Unknown control protocol
[  171.610601][ T9211] usb 2-1: USB disconnect, device number 2
[  171.648221][ T9211] hub 2-0:1.0: USB hub found
[  171.651191][ T9211] hub 2-0:1.0: 6 ports detected
[  171.656573][   T65] Bluetooth: hci3: unexpected event for opcode 0x0c20
[  171.818712][ T6546] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  171.869495][ T9216] netlink: 'syz.2.884': attribute type 39 has an invalid length.
[  171.887281][   T35] usb 6-1: USB disconnect, device number 10
[  171.997542][ T6546] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  172.000110][ T6546] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  172.002695][ T6546] usb 2-1: Product: QEMU USB Tablet
[  172.004262][ T6546] usb 2-1: Manufacturer: QEMU
[  172.006692][ T6546] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  172.026769][ T6546] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0005/input/input13
[  172.034521][ T6546] hid-generic 0003:0627:0001.0005: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  172.215766][   T35] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  172.365350][   T35] usb 6-1: Using ep0 maxpacket: 8
[  172.368754][   T35] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  172.371387][   T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  172.373616][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  172.376508][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  172.379348][   T35] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  172.385307][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.389402][   T35] hub 6-1:1.0: bad descriptor, ignoring hub
[  172.390998][   T35] hub 6-1:1.0: probe with driver hub failed with error -5
[  172.392983][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  172.394310][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  172.396192][   T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  172.397721][   T35] cdc_wdm 6-1:1.0: Unknown control protocol
[  172.436914][ T9227] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  172.448408][ T9227] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  172.532448][ T9230] random: crng reseeded on system resumption
[  172.760680][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.888'.
[  172.765182][ T9232] bridge_slave_1: left allmulticast mode
[  172.767924][ T9232] bridge_slave_1: left promiscuous mode
[  172.771638][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.788324][ T9232] bridge_slave_0: left allmulticast mode
[  172.788338][ T9232] bridge_slave_0: left promiscuous mode
[  172.788413][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.228522][ T9245] FAULT_INJECTION: forcing a failure.
[  173.228522][ T9245] name failslab, interval 1, probability 0, space 0, times 0
[  173.232596][ T9245] CPU: 3 UID: 0 PID: 9245 Comm: syz.2.892 Not tainted 6.13.0-rc4-syzkaller #0
[  173.234809][ T9245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.237478][ T9245] Call Trace:
[  173.238310][ T9245]  <TASK>
[  173.239148][ T9245]  dump_stack_lvl+0x16c/0x1f0
[  173.240361][ T9245]  should_fail_ex+0x497/0x5b0
[  173.241580][ T9245]  ? fs_reclaim_acquire+0xae/0x150
[  173.242942][ T9245]  should_failslab+0xc2/0x120
[  173.244168][ T9245]  __kmalloc_noprof+0xce/0x4f0
[  173.245405][ T9245]  ? input_ff_create+0x84/0x320
[  173.246683][ T9245]  input_ff_create+0x84/0x320
[  173.247908][ T9245]  uinput_ioctl_handler.isra.0+0x113e/0x1d70
[  173.249724][ T9245]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  173.251980][ T9245]  ? __pfx_lock_release+0x10/0x10
[  173.253753][ T9245]  ? trace_lock_acquire+0x14e/0x1f0
[  173.255113][ T9245]  ? __fget_files+0x206/0x3a0
[  173.256330][ T9245]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  173.257839][ T9245]  ? __pfx_uinput_compat_ioctl+0x10/0x10
[  173.259337][ T9245]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  173.260701][ T9245]  __do_fast_syscall_32+0x73/0x120
[  173.262045][ T9245]  do_fast_syscall_32+0x32/0x80
[  173.263313][ T9245]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  173.265157][ T9245] RIP: 0023:0xf7f27579
[  173.266603][ T9245] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  173.273070][ T9245] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  173.275635][ T9245] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005501
[  173.277661][ T9245] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  173.279939][ T9245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  173.282296][ T9245] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  173.284422][ T9245] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  173.286506][ T9245]  </TASK>
[  173.927928][ T9253] netlink: 32 bytes leftover after parsing attributes in process `syz.0.894'.
[  174.237771][ T5979] usb 6-1: USB disconnect, device number 11
[  175.046310][ T9285] input: syz0 as /devices/virtual/input/input15
[  175.073382][ T9289] netlink: 32 bytes leftover after parsing attributes in process `syz.0.902'.
[  175.090290][ T9289] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  175.090290][ T9289]    program syz.0.902 not setting count and/or reply_len properly
[  175.554324][   T57] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  175.705379][   T57] usb 7-1: Using ep0 maxpacket: 8
[  175.709188][   T57] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  175.712630][   T57] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  175.716065][   T57] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  175.720267][   T57] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  175.724060][   T57] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  175.727627][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.749340][   T57] hub 7-1:1.0: bad descriptor, ignoring hub
[  175.751646][   T57] hub 7-1:1.0: probe with driver hub failed with error -5
[  175.754392][   T57] cdc_wdm 7-1:1.0: skipping garbage
[  175.756541][   T57] cdc_wdm 7-1:1.0: skipping garbage
[  175.759149][   T57] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  175.761130][   T57] cdc_wdm 7-1:1.0: Unknown control protocol
[  176.056475][   T57] usb 7-1: USB disconnect, device number 5
[  176.150944][ T9308] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[  176.395485][ T6028] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  176.555342][ T6028] usb 7-1: Using ep0 maxpacket: 8
[  176.559968][ T6028] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.575396][ T6028] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  176.578507][ T6028] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  176.581511][ T6028] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  176.584367][ T6028] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  176.595392][ T6028] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.607521][ T6028] hub 7-1:1.0: bad descriptor, ignoring hub
[  176.609620][ T6028] hub 7-1:1.0: probe with driver hub failed with error -5
[  176.612365][ T6028] cdc_wdm 7-1:1.0: skipping garbage
[  176.614224][ T6028] cdc_wdm 7-1:1.0: skipping garbage
[  176.625760][ T6028] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  176.627335][ T6028] cdc_wdm 7-1:1.0: Unknown control protocol
[  176.940548][ T9318] 9pnet_virtio: no channels available for device syz
[  176.962341][ T9322] netlink: 32 bytes leftover after parsing attributes in process `syz.1.910'.
[  176.975808][ T9322] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  176.975808][ T9322]    program syz.1.910 not setting count and/or reply_len properly
[  176.981786][ T9325] FAULT_INJECTION: forcing a failure.
[  176.981786][ T9325] name failslab, interval 1, probability 0, space 0, times 0
[  176.986005][ T9325] CPU: 0 UID: 0 PID: 9325 Comm: syz.0.912 Not tainted 6.13.0-rc4-syzkaller #0
[  176.988976][ T9325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.992549][ T9325] Call Trace:
[  176.993687][ T9325]  <TASK>
[  176.994685][ T9325]  dump_stack_lvl+0x16c/0x1f0
[  176.996281][ T9325]  should_fail_ex+0x497/0x5b0
[  176.997891][ T9325]  should_failslab+0xc2/0x120
[  176.999508][ T9325]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  177.001331][ T9325]  ? skb_clone+0x190/0x3f0
[  177.002862][ T9325]  skb_clone+0x190/0x3f0
[  177.004319][ T9325]  netlink_deliver_tap+0xafd/0xca0
[  177.006025][ T9325]  netlink_unicast+0x5e1/0x7f0
[  177.007507][ T9325]  ? __pfx_netlink_unicast+0x10/0x10
[  177.009163][ T9325]  ? __phys_addr_symbol+0x30/0x80
[  177.010738][ T9325]  ? __check_object_size+0x488/0x710
[  177.012372][ T9325]  netlink_sendmsg+0x8b8/0xd70
[  177.013977][ T9325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.015822][ T9325]  ____sys_sendmsg+0x9ae/0xb40
[  177.017332][ T9325]  ? __pfx_____sys_sendmsg+0x10/0x10
[  177.018986][ T9325]  ? get_compat_msghdr+0x11b/0x170
[  177.020588][ T9325]  ___sys_sendmsg+0x135/0x1e0
[  177.022208][ T9325]  ? __pfx____sys_sendmsg+0x10/0x10
[  177.023994][ T9325]  ? __pfx_lock_release+0x10/0x10
[  177.025690][ T9325]  ? trace_lock_acquire+0x14e/0x1f0
[  177.027431][ T9325]  ? __fget_files+0x206/0x3a0
[  177.029031][ T9325]  __sys_sendmsg+0x16e/0x220
[  177.030613][ T9325]  ? __pfx___sys_sendmsg+0x10/0x10
[  177.032342][ T9325]  __do_fast_syscall_32+0x73/0x120
[  177.034059][ T9325]  do_fast_syscall_32+0x32/0x80
[  177.035693][ T9325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  177.037735][ T9325] RIP: 0023:0xf7fa8579
[  177.039102][ T9325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  177.045121][ T9325] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  177.047724][ T9325] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  177.050167][ T9325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  177.052777][ T9325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  177.055299][ T9325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  177.057872][ T9325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  177.060749][ T9325]  </TASK>
[  177.123027][ T9329] FAULT_INJECTION: forcing a failure.
[  177.123027][ T9329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.127253][ T9329] CPU: 0 UID: 0 PID: 9329 Comm: syz.0.913 Not tainted 6.13.0-rc4-syzkaller #0
[  177.129461][ T9329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  177.132151][ T9329] Call Trace:
[  177.133050][ T9329]  <TASK>
[  177.133819][ T9329]  dump_stack_lvl+0x16c/0x1f0
[  177.135071][ T9329]  should_fail_ex+0x497/0x5b0
[  177.136500][ T9329]  __kvm_read_guest_page+0x16b/0x210
[  177.137982][ T9329]  kvm_fetch_guest_virt+0x128/0x1a0
[  177.139341][ T9329]  __do_insn_fetch_bytes+0x506/0x730
[  177.140707][ T9329]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  177.142261][ T9329]  ? kvm_tdp_page_fault+0x295/0x3d0
[  177.143643][ T9329]  x86_decode_insn+0x1888/0x55d0
[  177.144943][ T9329]  ? hlock_class+0x4e/0x130
[  177.146144][ T9329]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  177.147717][ T9329]  ? __pfx_x86_decode_insn+0x10/0x10
[  177.149146][ T9329]  ? init_decode_cache+0xd/0x210
[  177.150473][ T9329]  ? kvm_vm_ioctl_set_msr_filter+0x2c0/0x990
[  177.152115][ T9329]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  177.153560][ T9329]  ? mark_lock+0xb5/0xc60
[  177.154723][ T9329]  x86_emulate_instruction+0x975/0x1a50
[  177.156179][ T9329]  handle_ud+0x104/0x2c0
[  177.157269][ T9329]  ? __pfx_handle_ud+0x10/0x10
[  177.158543][ T9329]  handle_exception_nmi+0x83e/0x1410
[  177.159949][ T9329]  ? trace_lock_acquire+0x14e/0x1f0
[  177.161328][ T9329]  ? __pfx_handle_exception_nmi+0x10/0x10
[  177.162891][ T9329]  vmx_handle_exit+0x733/0x1f70
[  177.164153][ T9329]  vcpu_run+0x2aaf/0x4c00
[  177.165274][ T9329]  ? __pfx_vcpu_run+0x10/0x10
[  177.166532][ T9329]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  177.168101][ T9329]  ? rcu_is_watching+0x12/0xc0
[  177.169342][ T9329]  ? trace_lock_acquire+0x14e/0x1f0
[  177.170704][ T9329]  ? __local_bh_enable_ip+0xa4/0x120
[  177.172175][ T9329]  ? lockdep_hardirqs_on+0x7c/0x110
[  177.173559][ T9329]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  177.174974][ T9329]  ? lock_acquire+0x2f/0xb0
[  177.176156][ T9329]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  177.177648][ T9329]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  177.179190][ T9329]  kvm_vcpu_ioctl+0x6ce/0x1520
[  177.180435][ T9329]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  177.182000][ T9329]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  177.183427][ T9329]  ? tomoyo_path_number_perm+0x190/0x5b0
[  177.184982][ T9329]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  177.186576][ T9329]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  177.188192][ T9329]  ? do_vfs_ioctl+0x513/0x1950
[  177.189471][ T9329]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  177.190829][ T9329]  ? __pfx_lock_release+0x10/0x10
[  177.192222][ T9329]  ? trace_lock_acquire+0x14e/0x1f0
[  177.193606][ T9329]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  177.195125][ T9329]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  177.196696][ T9329]  ? __fget_files+0x206/0x3a0
[  177.198192][ T9329]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  177.200092][ T9329]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  177.201543][ T9329]  __do_fast_syscall_32+0x73/0x120
[  177.202919][ T9329]  do_fast_syscall_32+0x32/0x80
[  177.204250][ T9329]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  177.205934][ T9329] RIP: 0023:0xf7fa8579
[  177.207021][ T9329] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  177.212226][ T9329] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  177.214445][ T9329] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  177.216544][ T9329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  177.218660][ T9329] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  177.220959][ T9329] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  177.223185][ T9329] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  177.225474][ T9329]  </TASK>
[  177.397457][ T9334] netlink: 32 bytes leftover after parsing attributes in process `syz.0.914'.
[  177.426689][ T9334] sg_write: data in/out 1828745297/60 bytes for SCSI command 0x0-- guessing data in;
[  177.426689][ T9334]    program syz.0.914 not setting count and/or reply_len properly
[  177.759607][ T9341] netlink: 44 bytes leftover after parsing attributes in process `syz.3.916'.
[  177.762472][ T9341] openvswitch: netlink: Flow key attr not present in new flow.
[  178.356997][ T6028] usb 7-1: USB disconnect, device number 6
[  179.132286][ T9362] input: syz0 as /devices/virtual/input/input16
[  179.177548][ T9366] FAULT_INJECTION: forcing a failure.
[  179.177548][ T9366] name failslab, interval 1, probability 0, space 0, times 0
[  179.181056][ T9366] CPU: 3 UID: 0 PID: 9366 Comm: syz.2.924 Not tainted 6.13.0-rc4-syzkaller #0
[  179.183447][ T9366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  179.186395][ T9366] Call Trace:
[  179.186413][ T9366]  <TASK>
[  179.186418][ T9366]  dump_stack_lvl+0x16c/0x1f0
[  179.186435][ T9366]  should_fail_ex+0x497/0x5b0
[  179.190789][ T9366]  ? fs_reclaim_acquire+0xae/0x150
[  179.192231][ T9366]  should_failslab+0xc2/0x120
[  179.193454][ T9366]  __kmalloc_cache_noprof+0x68/0x420
[  179.194883][ T9366]  ? __pfx___folio_start_writeback+0x10/0x10
[  179.196392][ T9366]  ? do_raw_spin_lock+0x12d/0x2c0
[  179.197770][ T9366]  netfs_buffer_make_space+0x432/0x6b0
[  179.199216][ T9366]  netfs_buffer_append_folio+0x298/0x360
[  179.200781][ T9366]  netfs_write_folio+0x540/0x1930
[  179.202135][ T9366]  netfs_writepages+0x29a/0x8f0
[  179.203495][ T9366]  ? __pfx_netfs_writepages+0x10/0x10
[  179.204891][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.206419][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.207789][ T9366]  ? __pfx_netfs_writepages+0x10/0x10
[  179.209287][ T9366]  do_writepages+0x1b3/0x820
[  179.210487][ T9366]  ? find_held_lock+0x2d/0x110
[  179.211814][ T9366]  ? __pfx_do_writepages+0x10/0x10
[  179.213185][ T9366]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  179.214735][ T9366]  ? __pfx_lock_release+0x10/0x10
[  179.216157][ T9366]  ? do_raw_spin_lock+0x12d/0x2c0
[  179.217471][ T9366]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.218997][ T9366]  ? lock_acquire+0x2f/0xb0
[  179.220197][ T9366]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  179.221831][ T9366]  ? do_raw_spin_unlock+0x172/0x230
[  179.223181][ T9366]  ? _raw_spin_unlock+0x28/0x50
[  179.224513][ T9366]  filemap_fdatawrite_wbc+0x104/0x160
[  179.225900][ T9366]  __filemap_fdatawrite_range+0xb3/0xf0
[  179.227414][ T9366]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  179.229073][ T9366]  file_write_and_wait_range+0xca/0x140
[  179.230595][ T9366]  v9fs_file_fsync+0xdb/0x1c0
[  179.231855][ T9366]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  179.234056][ T9366]  ? __up_read+0x1fb/0x760
[  179.235900][ T9366]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  179.237462][ T9366]  vfs_fsync_range+0x136/0x220
[  179.239591][ T9366]  netfs_file_write_iter+0x3dd/0x4f0
[  179.241481][ T9366]  v9fs_file_write_iter+0x9b/0x100
[  179.242904][ T9366]  vfs_write+0x5ae/0x1150
[  179.244624][ T9366]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  179.246268][ T9366]  ? __pfx___mutex_lock+0x10/0x10
[  179.247601][ T9366]  ? __pfx_vfs_write+0x10/0x10
[  179.248864][ T9366]  ksys_write+0x12b/0x250
[  179.249376][ T9369] netlink: 44 bytes leftover after parsing attributes in process `syz.3.925'.
[  179.249982][ T9366]  ? __pfx_ksys_write+0x10/0x10
[  179.252512][ T9369] openvswitch: netlink: Flow key attr not present in new flow.
[  179.254049][ T9366]  __do_fast_syscall_32+0x73/0x120
[  179.257347][ T9366]  do_fast_syscall_32+0x32/0x80
[  179.258625][ T9366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  179.260267][ T9366] RIP: 0023:0xf7f27579
[  179.261363][ T9366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  179.266289][ T9366] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  179.268465][ T9366] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000300
[  179.270516][ T9366] RDX: 0000000000000fec RSI: 0000000000000000 RDI: 0000000000000000
[  179.272651][ T9366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  179.274701][ T9366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  179.276755][ T9366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  179.278833][ T9366]  </TASK>
[  179.281703][ T9366] ------------[ cut here ]------------
[  179.283161][ T9366] WARNING: CPU: 0 PID: 9366 at lib/iov_iter.c:255 _copy_from_iter+0x39b/0x1400
[  179.285706][ T9366] Modules linked in:
[  179.286852][ T9366] CPU: 0 UID: 0 PID: 9366 Comm: syz.2.924 Not tainted 6.13.0-rc4-syzkaller #0
[  179.289787][ T9366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  179.293189][ T9366] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  179.293209][ T9366] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 46 5e 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 38 5e 02 fd 89 de bf 01 00 00 00 e8 0c
[  179.293219][ T9366] RSP: 0018:ffffc9000706ef50 EFLAGS: 00010293
[  179.293229][ T9366] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8496ee28
[  179.293236][ T9366] RDX: ffff888021330000 RSI: ffffffff8496f10a RDI: 0000000000000001
[  179.306325][ T9366] RBP: 0000000000000fec R08: 0000000000000001 R09: 0000000000000000
[  179.306335][ T9366] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880762feba0
[  179.306342][ T9366] R13: ffff888069af3380 R14: ffff8880762feba0 R15: 0000000000000fec
[  179.306349][ T9366] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5076b40
[  179.306369][ T9366] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  179.306379][ T9366] CR2: 000000000c2641db CR3: 0000000023f9c000 CR4: 0000000000352ef0
[  179.306386][ T9366] Call Trace:
[  179.306390][ T9366]  <TASK>
[  179.306395][ T9366]  ? __warn+0xea/0x3c0
[  179.306411][ T9366]  ? _copy_from_iter+0x39b/0x1400
[  179.306425][ T9366]  ? report_bug+0x3c0/0x580
[  179.325075][ T9366]  ? handle_bug+0x54/0xa0
[  179.325095][ T9366]  ? exc_invalid_op+0x17/0x50
[  179.327586][ T9366]  ? asm_exc_invalid_op+0x1a/0x20
[  179.328922][ T9366]  ? _copy_from_iter+0xb8/0x1400
[  179.330224][ T9366]  ? _copy_from_iter+0x39a/0x1400
[  179.331716][ T9366]  ? _copy_from_iter+0x39b/0x1400
[  179.333034][ T9366]  ? __pfx_lock_release+0x10/0x10
[  179.334336][ T9366]  ? trace_lock_acquire+0x14e/0x1f0
[  179.335751][ T9366]  ? __pfx__copy_from_iter+0x10/0x10
[  179.337126][ T9366]  ? __virt_addr_valid+0x1a4/0x590
[  179.338484][ T9366]  ? __virt_addr_valid+0x5e/0x590
[  179.339827][ T9366]  ? __phys_addr_symbol+0x30/0x80
[  179.341132][ T9366]  ? __check_object_size+0x488/0x710
[  179.342655][ T9366]  p9pdu_vwritef+0x2cb/0x21d0
[  179.343903][ T9366]  ? p9pdu_writef+0xc4/0x100
[  179.345127][ T9366]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  179.346517][ T9366]  ? __pfx_p9_tag_alloc+0x10/0x10
[  179.347843][ T9366]  ? arch_stack_walk+0xa7/0x100
[  179.349126][ T9366]  p9_client_prepare_req+0x244/0x4d0
[  179.350488][ T9366]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  179.351991][ T9366]  ? stack_trace_save+0x95/0xd0
[  179.353187][ T9366]  ? __pfx_stack_trace_save+0x10/0x10
[  179.354521][ T9366]  p9_client_rpc+0x1c3/0xc10
[  179.355719][ T9366]  ? add_lock_to_list+0x17d/0x390
[  179.356946][ T9366]  ? __pfx_p9_client_rpc+0x10/0x10
[  179.358254][ T9366]  ? lockdep_unlock+0x11a/0x290
[  179.359514][ T9366]  ? __lock_acquire+0x2077/0x3c40
[  179.360814][ T9366]  ? hlock_class+0x4e/0x130
[  179.362101][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.363395][ T9366]  p9_client_write+0x31f/0x680
[  179.364611][ T9366]  ? __pfx_p9_client_write+0x10/0x10
[  179.366040][ T9366]  v9fs_issue_write+0xe2/0x180
[  179.367292][ T9366]  ? __pfx_v9fs_issue_write+0x10/0x10
[  179.368693][ T9366]  ? __local_bh_enable_ip+0xa4/0x120
[  179.370051][ T9366]  ? rcu_is_watching+0x12/0xc0
[  179.371329][ T9366]  ? trace_netfs_sreq+0x198/0x220
[  179.372658][ T9366]  netfs_do_issue_write+0x92/0x110
[  179.373983][ T9366]  netfs_write_folio+0x82f/0x1930
[  179.375330][ T9366]  netfs_writepages+0x29a/0x8f0
[  179.376526][ T9366]  ? __pfx_netfs_writepages+0x10/0x10
[  179.377849][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.379180][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.380502][ T9366]  ? __pfx_netfs_writepages+0x10/0x10
[  179.382064][ T9366]  do_writepages+0x1b3/0x820
[  179.383315][ T9366]  ? find_held_lock+0x2d/0x110
[  179.384546][ T9366]  ? __pfx_do_writepages+0x10/0x10
[  179.385902][ T9366]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  179.387474][ T9366]  ? __pfx_lock_release+0x10/0x10
[  179.388832][ T9366]  ? do_raw_spin_lock+0x12d/0x2c0
[  179.390144][ T9366]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.391591][ T9366]  ? lock_acquire+0x2f/0xb0
[  179.392766][ T9366]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  179.394291][ T9366]  ? do_raw_spin_unlock+0x172/0x230
[  179.395697][ T9366]  ? _raw_spin_unlock+0x28/0x50
[  179.396959][ T9366]  filemap_fdatawrite_wbc+0x104/0x160
[  179.398357][ T9366]  __filemap_fdatawrite_range+0xb3/0xf0
[  179.399803][ T9366]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  179.401460][ T9366]  file_write_and_wait_range+0xca/0x140
[  179.402887][ T9366]  v9fs_file_fsync+0xdb/0x1c0
[  179.404113][ T9366]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  179.405542][ T9366]  ? __up_read+0x1fb/0x760
[  179.406706][ T9366]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  179.408093][ T9366]  vfs_fsync_range+0x136/0x220
[  179.409406][ T9366]  netfs_file_write_iter+0x3dd/0x4f0
[  179.410762][ T9366]  v9fs_file_write_iter+0x9b/0x100
[  179.412189][ T9366]  vfs_write+0x5ae/0x1150
[  179.413302][ T9366]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  179.414751][ T9366]  ? __pfx___mutex_lock+0x10/0x10
[  179.416149][ T9366]  ? __pfx_vfs_write+0x10/0x10
[  179.417397][ T9366]  ksys_write+0x12b/0x250
[  179.418626][ T9366]  ? __pfx_ksys_write+0x10/0x10
[  179.419907][ T9366]  __do_fast_syscall_32+0x73/0x120
[  179.421227][ T9366]  do_fast_syscall_32+0x32/0x80
[  179.422513][ T9366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  179.424159][ T9366] RIP: 0023:0xf7f27579
[  179.425265][ T9366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  179.430177][ T9366] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  179.432319][ T9366] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000300
[  179.434242][ T9366] RDX: 0000000000000fec RSI: 0000000000000000 RDI: 0000000000000000
[  179.436327][ T9366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  179.438380][ T9366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  179.440576][ T9366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  179.442625][ T9366]  </TASK>
[  179.443452][ T9366] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  179.445390][ T9366] CPU: 0 UID: 0 PID: 9366 Comm: syz.2.924 Not tainted 6.13.0-rc4-syzkaller #0
[  179.447709][ T9366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  179.450449][ T9366] Call Trace:
[  179.451331][ T9366]  <TASK>
[  179.452254][ T9366]  dump_stack_lvl+0x3d/0x1f0
[  179.453451][ T9366]  panic+0x71d/0x800
[  179.454465][ T9366]  ? __pfx_panic+0x10/0x10
[  179.455631][ T9366]  ? show_trace_log_lvl+0x29d/0x3d0
[  179.456967][ T9366]  ? check_panic_on_warn+0x1f/0xb0
[  179.458317][ T9366]  ? _copy_from_iter+0x39b/0x1400
[  179.459703][ T9366]  check_panic_on_warn+0xab/0xb0
[  179.460976][ T9366]  __warn+0xf6/0x3c0
[  179.462017][ T9366]  ? _copy_from_iter+0x39b/0x1400
[  179.463325][ T9366]  report_bug+0x3c0/0x580
[  179.464444][ T9366]  handle_bug+0x54/0xa0
[  179.465596][ T9366]  exc_invalid_op+0x17/0x50
[  179.466765][ T9366]  asm_exc_invalid_op+0x1a/0x20
[  179.468059][ T9366] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  179.469498][ T9366] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 46 5e 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 38 5e 02 fd 89 de bf 01 00 00 00 e8 0c
[  179.474526][ T9366] RSP: 0018:ffffc9000706ef50 EFLAGS: 00010293
[  179.476101][ T9366] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8496ee28
[  179.478145][ T9366] RDX: ffff888021330000 RSI: ffffffff8496f10a RDI: 0000000000000001
[  179.480192][ T9366] RBP: 0000000000000fec R08: 0000000000000001 R09: 0000000000000000
[  179.482240][ T9366] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880762feba0
[  179.484274][ T9366] R13: ffff888069af3380 R14: ffff8880762feba0 R15: 0000000000000fec
[  179.486379][ T9366]  ? _copy_from_iter+0xb8/0x1400
[  179.487785][ T9366]  ? _copy_from_iter+0x39a/0x1400
[  179.489115][ T9366]  ? __pfx_lock_release+0x10/0x10
[  179.490411][ T9366]  ? trace_lock_acquire+0x14e/0x1f0
[  179.491906][ T9366]  ? __pfx__copy_from_iter+0x10/0x10
[  179.493670][ T9366]  ? __virt_addr_valid+0x1a4/0x590
[  179.495134][ T9366]  ? __virt_addr_valid+0x5e/0x590
[  179.496425][ T9366]  ? __phys_addr_symbol+0x30/0x80
[  179.497853][ T9366]  ? __check_object_size+0x488/0x710
[  179.499253][ T9366]  p9pdu_vwritef+0x2cb/0x21d0
[  179.500476][ T9366]  ? p9pdu_writef+0xc4/0x100
[  179.501705][ T9366]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  179.503020][ T9366]  ? __pfx_p9_tag_alloc+0x10/0x10
[  179.504424][ T9366]  ? arch_stack_walk+0xa7/0x100
[  179.505678][ T9366]  p9_client_prepare_req+0x244/0x4d0
[  179.507134][ T9366]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  179.508658][ T9366]  ? stack_trace_save+0x95/0xd0
[  179.509927][ T9366]  ? __pfx_stack_trace_save+0x10/0x10
[  179.511265][ T9366]  p9_client_rpc+0x1c3/0xc10
[  179.512426][ T9366]  ? add_lock_to_list+0x17d/0x390
[  179.513656][ T9366]  ? __pfx_p9_client_rpc+0x10/0x10
[  179.514999][ T9366]  ? lockdep_unlock+0x11a/0x290
[  179.516217][ T9366]  ? __lock_acquire+0x2077/0x3c40
[  179.517551][ T9366]  ? hlock_class+0x4e/0x130
[  179.518704][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.520041][ T9366]  p9_client_write+0x31f/0x680
[  179.521488][ T9366]  ? __pfx_p9_client_write+0x10/0x10
[  179.522861][ T9366]  v9fs_issue_write+0xe2/0x180
[  179.524120][ T9366]  ? __pfx_v9fs_issue_write+0x10/0x10
[  179.525427][ T9366]  ? __local_bh_enable_ip+0xa4/0x120
[  179.526717][ T9366]  ? rcu_is_watching+0x12/0xc0
[  179.528021][ T9366]  ? trace_netfs_sreq+0x198/0x220
[  179.529271][ T9366]  netfs_do_issue_write+0x92/0x110
[  179.530547][ T9366]  netfs_write_folio+0x82f/0x1930
[  179.531899][ T9366]  netfs_writepages+0x29a/0x8f0
[  179.533126][ T9366]  ? __pfx_netfs_writepages+0x10/0x10
[  179.534531][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.535835][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  179.537176][ T9366]  ? __pfx_netfs_writepages+0x10/0x10
[  179.538544][ T9366]  do_writepages+0x1b3/0x820
[  179.539698][ T9366]  ? find_held_lock+0x2d/0x110
[  179.540984][ T9366]  ? __pfx_do_writepages+0x10/0x10
[  179.542391][ T9366]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  179.543987][ T9366]  ? __pfx_lock_release+0x10/0x10
[  179.545213][ T9366]  ? do_raw_spin_lock+0x12d/0x2c0
[  179.546538][ T9366]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.547874][ T9366]  ? lock_acquire+0x2f/0xb0
[  179.549020][ T9366]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  179.550566][ T9366]  ? do_raw_spin_unlock+0x172/0x230
[  179.551927][ T9366]  ? _raw_spin_unlock+0x28/0x50
[  179.553197][ T9366]  filemap_fdatawrite_wbc+0x104/0x160
[  179.554517][ T9366]  __filemap_fdatawrite_range+0xb3/0xf0
[  179.555970][ T9366]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  179.557507][ T9366]  file_write_and_wait_range+0xca/0x140
[  179.559054][ T9366]  v9fs_file_fsync+0xdb/0x1c0
[  179.560230][ T9366]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  179.561673][ T9366]  ? __up_read+0x1fb/0x760
[  179.562800][ T9366]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  179.564123][ T9366]  vfs_fsync_range+0x136/0x220
[  179.565337][ T9366]  netfs_file_write_iter+0x3dd/0x4f0
[  179.566666][ T9366]  v9fs_file_write_iter+0x9b/0x100
[  179.568112][ T9366]  vfs_write+0x5ae/0x1150
[  179.569216][ T9366]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  179.570614][ T9366]  ? __pfx___mutex_lock+0x10/0x10
[  179.572048][ T9366]  ? __pfx_vfs_write+0x10/0x10
[  179.573223][ T9366]  ksys_write+0x12b/0x250
[  179.574290][ T9366]  ? __pfx_ksys_write+0x10/0x10
[  179.575527][ T9366]  __do_fast_syscall_32+0x73/0x120
[  179.576777][ T9366]  do_fast_syscall_32+0x32/0x80
[  179.578030][ T9366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  179.579648][ T9366] RIP: 0023:0xf7f27579
[  179.580680][ T9366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  179.585620][ T9366] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  179.587826][ T9366] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000300
[  179.589923][ T9366] RDX: 0000000000000fec RSI: 0000000000000000 RDI: 0000000000000000
[  179.592209][ T9366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  179.594209][ T9366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  179.596234][ T9366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  179.598350][ T9366]  </TASK>
[  179.599700][ T9366] Kernel Offset: disabled
[  179.600860][ T9366] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:04:21  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142e65 RDI=ffffffff9a6672c0 RBP=ffffffff9a667280 RSP=ffffc9000706e8b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007
R12=0000000000000000 R13=0000000000000074 R14=ffffffff85142e00 R15=0000000000000000
RIP=ffffffff85142e8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2641db CR3=0000000023f9c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=4695e64a8a7a20eb RCX=ffffffff81761562 RDX=1ffff11004aec165
RSI=0000000000000008 RDI=00000000695e64a4 RBP=0000000000000000 RSP=ffffc90006ebf230
R8 =0000000000000000 R9 =fffffbfff2d36d98 R10=ffffffff969b6cc7 R11=ffffc90006ebf708
R12=0000000000000000 R13=ffff888025760000 R14=0000000000000080 R15=ffff888025760b08
RIP=ffffffff817612a3 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c385b86 CR3=00000000264d4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff00000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000039f1e9 RBX=0000000000000002 RCX=ffffffff8b1a3819 RDX=0000000000000000
RSI=ffffffff8b4cd260 RDI=ffffffff8bb17080 RBP=ffffed10039df000 RSP=ffffc9000048fe08
R8 =0000000000000001 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801cef8000 R14=ffffffff901ce510 R15=0000000000000000
RIP=ffffffff8b1a4bff RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000561ffcec82f8 CR3=000000004dde0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73e3ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000003db1f7 RBX=0000000000000003 RCX=ffffffff8b1a3819 RDX=0000000000000000
RSI=ffffffff8b4cd260 RDI=ffffffff8bb17080 RBP=ffffed10039df488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000000
R12=0000000000000003 R13=ffff88801cefa440 R14=ffffffff901ce510 R15=0000000000000000
RIP=ffffffff8b1a4bff RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f5075fac CR3=00000000218cc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000