last executing test programs:

7.596873946s ago: executing program 0 (id=1276):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0700000004000000200000000100000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r1, 0x0, 0x0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000008936c0cd2a652b4d055a180227d300735a475d58a4910804003fb0a10de122b030ddf1361000000000000000cad4bb2adc4e8c1a3bfb5beed8a31ae14fc39213295ec0566631302e6d0f75e88ef61de02113663a6af9c08000000cc4c1ddf00781405254539f06e77f75693982bdc285cdcad49874872e978dff56ba141c61ee7864ad539d309e04e9c3de59287c93b6af44d2eff32212e1b3c054dac03967c32d701d339165755891ba7e35d", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000240)='pmap_register\x00', r3, 0x0, 0xf69}, 0x18)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

7.349280948s ago: executing program 0 (id=1281):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x680040, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x1, @empty}}, 0x0, 0x0, 0x3fb, 0x0, 0x32, 0xfffffffd}, 0x9c)
sendmmsg$inet6(r1, 0x0, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
mmap(&(0x7f000057d000/0x1000)=nil, 0x1000, 0xc, 0x110, r0, 0x1facf000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$getown(r2, 0x9)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000580)='1\x00', 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0x60, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2a, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @val, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x60}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r9, @ANYBLOB="0500130092848b000a00060008021100000100000600100080050000060012"], 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

6.234966371s ago: executing program 2 (id=1285):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (rerun: 32)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socket$igmp6(0xa, 0x3, 0x2) (rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
unshare(0x44040000) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async, rerun: 32)
recvmmsg(r1, &(0x7f00000000c0), 0x0, 0x10021, 0x0) (rerun: 32)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r5, &(0x7f0000000700)=ANY=[@ANYBLOB="a80200007d0000000567010000000000000000000000000000000000000000002000000000000000000000000000000000001300206e6f6465767b6300000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f700000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e19400cfc700000000e55d8df8d55bbf4cce2ca4a795d34f083844ca642b73fcb82dcf8ef0cb5eeafb1a316d19ed02bd94f11cabe8e5985238289d56918fc7a6d93166a5ed2f4f5353402018acbd56c7212c11b8cd000007797be00aaeba27870fa673db1c84c254111b9436e884dc833e42ee53bb3554f6863018b74aa01882edad8cd21c431e447efe5a3d19636d2877bd50f75a442b5500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20fa000000000000000c280e8d489da649a37008bff6f6465762d6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f65b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff00"/668, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x2a8)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
unlink(0x0) (async)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udplite(0x2, 0x2, 0x88)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async, rerun: 32)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58) (rerun: 32)

5.669179835s ago: executing program 2 (id=1287):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0700000004000000200000000100000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r1, 0x0, 0x0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000240)='pmap_register\x00', r3, 0x0, 0xf69}, 0x18)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

4.874611231s ago: executing program 0 (id=1289):
sched_setaffinity(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x8c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@deltaction={0x1e0, 0x31, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x88, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x14, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2d2082d4}}, {0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @TCA_ACT_TAB={0x5c, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xcae}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffe01}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffff9}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x400}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x8c, 0x1, [{0xc, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3de}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xd}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff6ea8}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$dsp1(0xffffff9c, &(0x7f00000001c0), 0x24003, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fanotify_init(0x4c, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
ioctl$SOUND_OLD_MIXER_INFO(r0, 0x80304d65, &(0x7f0000000280))
shutdown(0xffffffffffffffff, 0x1)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0xd4, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c})
fspick(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
socket$inet6(0xa, 0x5, 0x6)
r5 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0xffffffffffffffff)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r5)

4.775523369s ago: executing program 2 (id=1291):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0xb001, 0x4, 0x3bc, 0x1c4, 0x1c4, 0x0, 0x2b0, 0x2b0, 0x2b0, 0x7fffffe, 0x0, {[{{@uncond, 0xbc, 0x10c}, @unspec=@AUDIT={0x0, 'AUDIT\x00', 0x0, {0x1}}}, {{@uncond, 0xbc, 0xe4, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@arp={@broadcast, @empty, 0xffffffff, 0xff000000, 0x9, 0xb, {@mac=@multicast, {[0x0, 0xff, 0x0, 0xff, 0xff]}}, {@mac, {[0x0, 0xff, 0x0, 0x0, 0x0, 0xff]}}, 0x200, 0x9, 0x2, 0x9289, 0x401, 0x218, 'veth1_vlan\x00', 'veth0_macvtap\x00', {0xff}, {}, 0x0, 0x80}, 0xbc, 0xec}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0xffffffff}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x1bf)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3, &(0x7f0000000180)=0x3, 0x4)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2ee, 0x282)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000380), 0x80000)
r5 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r6, &(0x7f0000000280)=""/239, 0xef)
writev(r6, &(0x7f0000000100)=[{&(0x7f0000000180)="b6", 0x1}], 0x1)
syz_usb_disconnect(r5)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f00000001c0)={{0xf}, 0x0, 0x0, 0x5, {0x4}, 0x0, 0x1})
ioctl$VIDIOC_SUBDEV_G_FMT(r3, 0xc0085666, &(0x7f0000000100)={0x4b8c76c522e9be76, 0x0, {0xaca2a353, 0x8000000, 0x1016, 0x2, 0xa, 0x0, 0x1, 0x5}})
ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r3, 0xc0305616, &(0x7f0000000080)={0x0, {0xff, 0xa}})
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)

4.349800137s ago: executing program 1 (id=1292):
socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xffffff3e, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x17, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0xfffffffffffffdb1}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioperm(0x524, 0xab49, 0x9)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x38416761, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
syz_emit_ethernet(0x6b, &(0x7f0000000300)={@local, @local, @void, {@x25={0x805, {0x1, 0x6, 0xf1, "03729c1cabb46bf6c5c019df11bd100578f2b1f60d801ea6ed12f4cb12b682b6f233770234209ab8e2e3ea7524d41ca7eeb3501938ad8df03f5a259bbdad0460e33d1fa6a41a443c003f6df230315c3721c0d60b4bbce5bb8755"}}}}, 0x0)

3.416900583s ago: executing program 3 (id=1295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000500ffff"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x401, 0xffffffff, 0x8, 0x3, {0x0, 0xfffd, 0x40, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xeca5, 0x0, 0xac, "d20bddfd7d0eb9342251560ed1000000000000000000000688ba0c0cfae89a8c"}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000009, 0x114}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc1105518, &(0x7f0000000040)={{0x0, 0x5, 0x2, 0x0, 'syz0\x00'}, 0x1, [0x327cf3e4, 0xffeffffc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x4, 0x6, 0xfffffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x52e9, 0xad, 0x3, 0x0, 0x0, 0x1c00000, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7ff, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x4000, 0x2, 0x7fffffffffffffff, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xba, 0xffffffff, 0x0, 0x5, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x200, 0x0, 0x7, 0x0, 0x1]})
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(des3_ede-generic)\x00'}, 0x58)
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket(0x840000000002, 0x3, 0x6)
connect$inet(r5, &(0x7f0000000540)={0x2, 0x4e22, @remote}, 0x10)
sendmmsg$inet(r5, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

3.400717681s ago: executing program 1 (id=1296):
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES64, @ANYBLOB="44a837b4012918a47d0187", @ANYRES16, @ANYRESDEC], 0x0, 0xa, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x4c)
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/dev\x00')
preadv(r3, &(0x7f0000000a40)=[{&(0x7f00000000c0)=""/57, 0x39}], 0x1, 0x200, 0x2)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r4, 0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)

3.336898766s ago: executing program 2 (id=1297):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x680040, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x1, @empty}}, 0x0, 0x0, 0x3fb, 0x0, 0x32, 0xfffffffd}, 0x9c)
sendmmsg$inet6(r1, 0x0, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
mmap(&(0x7f000057d000/0x1000)=nil, 0x1000, 0xc, 0x110, r0, 0x1facf000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$getown(r2, 0x9)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000580)='1\x00', 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0x60, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2a, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @val, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x60}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r9, @ANYBLOB="0500130092848b000a00060008021100000100000600100080050000060012"], 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1.816947848s ago: executing program 1 (id=1298):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)={0xb, {'syz0\x00', 'syz0\x00', 'syz1\x00', 0x1000, 0x2, 0x7bc, 0x0, 0xffffa2e9, 0x2, "c4e982b5e1bfe7d6d76157e3bccdb852eff14e68ab798595aca5a44ee9445a140fc35b1a993c59befcaf025ddfc9ccfa1be094c8a2af01d817a559215829baf81f6f43b2c4cd3d75a41ca0d00aec34af63c0f930b547efa9765b6f0db430cc057ec463421a5088e0803b035da6dda29fe40e1c9a72d28692dd6ea8031502ed5ef5bfc48aa4aee35d47cfc58bf07bc3924b489222f0821d85fba5c29a1ad7aecb24d4cbfe99f9fa4e8e1aedea534f2360441da0bb281b4aa17a17502fc2692e0422ed2a920743f8f03a61da30164ccceae7371f611d24f719d1bd7de64b32e84039fe4b78a84d0847d17fabe8570041c6c30cbe0be778ccbbec472f4325533def4c976a6f74b766ef4fabc113e8bb9daff36f437833835d665ddc575dd4bf41cdc72c035573531cb05f736914aad308f23b989a9e143d867e0f60c5d50af7232d20dc0f19f9f95b46318396b7889442a9c0695fb84aef93c9c909840f812b8723780e9559624679d53926d4e1983645f98d459ce39ad355a60a1459d890da4c818835f993bc177d1f7bc6e022fa07c0e13839ebbe0a4b5c1b6487c842ae91e7bf0dce2b7a5ba0be1e1d15e7e018186e3428022a9cc9541fda08176c622215564811536d03172d5f4b5748df9aa938e9864ce40ffdcd9eaac203d4909f4d4b62446de55a2f1a26bdfb7dd300f64e9edf384c12a5b46b89d696095726bba8be4deb42bdae6852e956ccf2954d71ecdd34c7c6b8191b1d03d3357c2d6fd8b26d4289e69d8e770bf70eb2219e3bb051b9959c6d00ffca50cc62ac6f101335790e1f52e91b06b4642b5f1fff8880b5c5fedae7477c6b41ecd0ff780e916fd78cdfb60692431e407732c66b2b20ed41dd3a7e7614c67740d3e8dc267bde75be25f24a55bde960361ff39151550d7239a15cd567611cfd9c43bdef95c4d4e7384cb500df517cecaf8c48c101370557d22fe2404b7f07fee1c24b49357a8c239b10e41eecf98c4544ed52349f150b741240c5b43b562eeedfd59ec03cb9ff4cf59c9696de46106fb4abb1fcf292c95f811a10dead8cff074bb238acb9a03f6e1acdfd69040c17103fae65d765b0f742790acb1f9108e279d6839c8ad0e442c410db1ae157b4f04b205e16f30e96565e85247f582ac005feac9c0311df6f9f8486e339f9ce9bb979a7175913332c1bf96a35bbd5e25fa727ed2c30e74c662ecca50802ed277eb1ebdff853c04f24cfa45792298faa76d6bb51c4d5982347827dc2001e0846a3181beb94f0983c99e4f31f922ee586ee58877473a672a1b11be37c30c58af6447036f6959e0421185b8c70cd8f5ec048b034369f1f118a0abc15d9feb605b859156161283b21835c4e6ebbd156deac32966fdf1742f83fb46ee405ed8c463d7050c1aaf752be3b02992246fc5c78cf1831cf7aff07cc61795a0b0e1202d0eb7bb87a63eb7056c9ce872086333c32910636b4da94cd3fe07d1d59648f611330e576e59004e3e7e119c4dc6d48c4a02e3cc4ed18bf09d9f7e327f5abd186c3c50f1b3419d259fe8eb37095d324c27146e0416ee430eeef1d8b52d6a12883a617a00d1079d783fdd9e1b3a0b8833dcab4df98cd09e2cc883c7c93a857c5d5b27547054ec649d287bac18233cf7b95bb7546a2e36cb7f79d084cac1a6c2eb181cea2f40cec9fd2c5722932d0a87b0badd272afb223c7951612b3873318508496f00367f1ac69668a3daaf8fdf2137c2d1a7fd156344904619c61d10d94ad1cac9c9592cc8fd3a9944d4d26a78662c3f3a75a6dec0468e6e88210ead26efcfc3cc94b04e15bc2c0080366d02d3bf0534d50f37a993caf34a6d056f122306b52292b1d4b7ba22cc86d54ebf2309a2a449c695ed456bb2fc41fa1e165b97904dfa3e73eab7898c9bbfb6cc042a80fbcaf3450c51766e6517f129fce218b62d08dc67e5ef1811c4a0853a014cecce16c4715affa19e394166153e21ba6c37cd265947ea52ab92c20d6da1e92da19cdd61dff737a46b1eac95ab2f75a460816087564572fc04afac5cb2bc924461750270394e075c9e2391d871e2ba0f6d8d8ab68322c845e8eaa7687e43ae257dfc542df2e0cc7bfb9b581028ad1c028bafd111bc2d0339bbcea25e240fb8154f09fc392a39af41c073f35454b466930a3d84cecb93718906481a26d0800de9c5aa0fe5abd857a7f3b817bd44b13bf7ba92bf1f60ba76554dbc278d0b7021fc4adf48749fe5bc18d2a93e5240821c2cff71d2670810db91f7f4d0eed00223b03abb6d67dafbc180e2578a0961c74c6cc51ba118d9bb008407a5157a848e127eea8be9e021fccb413cc15ea89e8d1bd6e325b428078fb25dfaae777fe436ca7f8140c417393d04393437835f9cebd458786eb539ae30f8eaf5f8443c8e86667ef1a2dd87abc45989da47ae9b5e8b71bfae740d3ce1b35ed8643babc1b6000df41ae5b15751d12c451687177fec361ce8aafa49bf55575121585028709bd4c54f3f73693cc910972160773e1c2ea8da89bc11f514460458f0009a712fbb7757839d91ee4f9be2ce6cab32b17b97fbb8812b5ab24944bc1ec6b2ba5e70511f60cbd6ebda71f118a78bb8825c6da6c19d32c595a1033e593ee8d1cfd3d797255476a5659e01918db7ba624e734f670100d0d72a8b31246fac1fa6ae739a9998244f307420d5fdd8e2aa27d2986fd789ed34a1f1410c72e3d182fb5f8de57ded4c3ed085d9fdfe9d6cf7c9bd9ac979f25d2607119ece55ad27cbc2b0d3330658f00ee97439b88eaa926f596b1035667b788f252eabb9ef81b371abaef833d55fd85e8dc5488e97e154fd11a591c10fd7ca7a3be80c0aaf4c23d7d7d8848521d553be85785c29b69d0bbc4ff4f5c3a0017925d0900acf723c0c9bc11cd3f0c8b0ed3c0ece823e625d60e7239262e3126586b501184871725428b75752ab2fbf4611367d8f88a53a11280a520ada772d7d11ec7ba7fd96aef442635a6ae0706d5ed6dc4cc1cedb3ced9b0f6cd524388bfdb86eb42a2459a51316ce027c6543cf74fad67ae70027097c07afc7ce5bc84bd59feee1ef938190742e30664f5fa3dff9863803ea65d0f23efca42c39a1ce678a1a4ba0a2ece21eca3f54ec9a9c7acb9da287d1747969ba173e0a134cca34fa52c5b52a9a9d03638f2e9a046ed594c378fa530b1f1edda6bad2e032fa4796c0e126bb8431ed400e4a4f5f9b991575f7da574bbb0fff3537a375580f6b382171063ddc2d3ab1fa5aaf77f1b49431745a06807ac8ae27b693dbc5e6e37fa8227c4a709ba00bfb73e1b135c512cf5418e32069a19ab27faa429ea94f3e7ed28765cc2ecc20c73ede0c9b32805a8a8b664be2cc416fe4e4b6a74625a2da98870f2937d892ee41e614ef95ddab99ddf4dfafe38145f09269b04c637fb200b3e80d4f87f616312d3044e31842ca6a263ebcd7ac9176dacc61849a47ffe6c2b2bcf6657d3c5bcdb4fda43a2127ce74000148f3cc00bfa13eb48e6fd68491a36fd9f37bdc6e89b25ca5adc96626d4b896e763dd2ea206394b708adc5639567caccebd2eb0bd9c444c2b91b1783dce4fb0dfb5740d1ff7315e3febed6b32090d36528f7844f06e6d49ce44e26f7f3818d2ae3e7a6115175056e33094ed0ec16cc4d997ffc285b59974581738474d7185dbb37d724498fe50f89a935546be477ab48053f0ad9a9589a6cd1ee676768127c303f46cc98aa4447ce0e57b08578275505e3b77c5089ce17ab456f2b3e1f6cfbe895fb01673e75170704862407d013dfcb117452698826e4903dc14751ad714abe3a74360be7395c9d26a561b22a4d5349d6c29f9991d2ec8531078ecab5a51a3332a554c49891d9c803a81d53084a398388d46ac2ab4e9c59869917694871e08a3996866b2e960b283bf29d105fe93046f23397d1d83f5dcdd010f0a969fa5cc50aeb6a4e8b176ba2d1dd0be2c6a07f18f473f9e48b0aa2e304eb61cc01e9399a12e2d2adcd1d2e6a3885c10799284e317a88140263fb1ed6a56cfc387133042699d10fa2590d4b851fec21b37706bcd72745e99001d204e4898dd949649e0803a882e47f9559578ebf4c26bde75ec5fe4750a9aa5b7def6773b94e30a1c16a6d4a841f83fd13b09214832c89ac57667d0f59a30a223e35cf4620998159fc09215a437aed83344ede3567abdc45955e7235963622cdf3ac4a7ef05989b8d2f609ae94ee64b08f2038efa66ae8f85e2d8a26c623def37cb03a16fc06f80da52a867e870c7f22b474385e4cd1138954b0615f3116e7cf416910766d76cab7014d1c146dfdae3e840675177590ee1595252c2b61bf300b666746e674ef88c906a094a8313305df9ff6ebc90153abe638e6d9d1d0a9ba48f2e88947cee82f522296c46e4c723466f8b227836bcf929f3c00eff984dce8679ecf04a13770fe987314b72e6717e90416b602a26040fad9380331fa2dd1ea6669f63bdce6431a3f7588a9e6ee61fb1f61ec2371c28a3b466e0e04ed47ac7bdc9559310699f703a20a129e5534a232f031c8de049a8b7ef804450f60641d24451ea01fcd9dce13eec1c59db8012fe16715c2bba12e75d2b10dd7d9c02ae47833c83a66a81be48955f346c386272d61530b84b4c13b04d60ced713bfbd1f195a60645b2f9a59e7e85d312ead5953dfd202bdf90b6d81fa0170a4b23dfb3068e802b0a377da54045942fc957d2802657c2e52e6aee04c8f8d2028a296812f4df537bf97c84e16a9b1cc7c2206f583bd751541b237be5df4719836989f8051e4b73c3c583377414398cfc010adb64d36700d241a1e2ac19369e188c092b284ca3f3a6f9baed032d42e313d31613cddb9e0895d42ec19eeddc438da60232faf0c5f63d37918f6efafb6f4b94a8d5fcea0688281a781e274d6f0a5ee139e43fc4a305f415526bdee3f01c0107ed9145e4b27d9cac606cf35ab672b4bf0dee62ab8a5f577d3575f05f16931b7a225de0ade28be35a4fe9d4a590e0bb71561c29314fa089dacad45bbc5dd3150ecb7f75be74caf4e57b19a481e313e34647810cb70af1cd755d801061d7720d14f9b8ce18b71ea063f9dee78e38a3c1baef1df55e1ad3721f4567f5fcd59dfc8908b074921693c8b457c855f5f4efcc282252853f0a19bb649290f1af9649679f7df6f5b45cd07a38dcf8c76329cfb1282d6c9a94dece67192816d134e23d3eac343a5f2d2b43ea91c3bc41af137ac9eca5e6bc882391f01e1cfcaacd3fffda52154fa52e56bda864bbfc5f0099376f3b8d2cb1e451a4582dbbb08e25e6e21f1610a1fc28c8babbf7b8b2acd8bd282032021a63304b1c74d88947b00d9a2bfa5da5fb4f5ecbeb4b7aeff8ff2ba684a22068690a5b8a77e41561e8e0d8479bf35ac78abf5c21806867df6560d9b56218246f309c9a03926b14b218e8b870a4d981ff49b1ee1e20b389178cf6e212e449e7d5249d464b7f59070b15c271e32ce98540164a56b2255726e1806bcc08c20e3884daa10a381dd97aadfd66d47ac702b7feb78f836036f94c1b6aaf92c7a1948b7e30fd843487dab1b681380cf7589808fbae93f156c3fcd2082cdec906e5c86714472f3e81a73c6616a527ddcbdb3dea5cfd2194d977ad139901dcf1e7c268634a1a6df0a21a822c9c2f10988c95397a16f1ff19e424e6fa0f67c9c5c3fe6f284238ed9f1c6fb376e5bbdfefbbd0fc3646cff50238e0f0a29a27348d5128d2fd8fa0eb14540822dd0a5df2fb9af1194af5645410e4b2915d33893650e2a67c2c3f064f63611696bad3bd4950f6"}}, 0x1118)
ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000040)={0x0, 0x2000, 0x80, 0x3231564e, 0x2, [0x2], [0x2020, 0x0, 0x0, 0x3], [0x6, 0x0, 0x1, 0xffff], [0x400000000000001, 0x0, 0x0, 0x70c0]})
ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0xffffffff)

1.757116057s ago: executing program 0 (id=1299):
syz_open_dev$tty1(0xc, 0x4, 0x2)
syz_io_uring_setup(0x755f, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340), &(0x7f0000000280))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000880)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0xb8, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xa1, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_vlan={0x0, 0xf, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x0, 0x6, 0x4}, @TCA_VLAN_PARMS={0x0, 0x2, {{0x4, 0x3ca, 0x3, 0xa, 0x79}, 0x1}}, @TCA_VLAN_PUSH_VLAN_ID={0x0, 0x3, 0xcff}]}, {0x0, 0x6, "b0db6569c7ee778f8e40f4dd0bdaeca38830d840c0b39921611551d0bd02f68175f47d589ff3"}, {0x0, 0x7, {0x0, 0x1}}, {0x0, 0x8, {0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4884}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f00000001c0)='proc\x00', 0x1) (async)
r3 = fsopen(&(0x7f00000001c0)='proc\x00', 0x1)
write$proc_mixer(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="414c5450434d0a50484f4e45495220274d69632043617074757265272030303030303030303030303030303030303030300a50484f4e45494e20274d617374657230506c61796261636b20566f6c756d65272030303030303030303030303030303030303030300a4449474954414c33202743442730303030303030303030300a535045414b4552202743442720303030e125714606a90c4630303030303000000000"], 0xe6) (async)
write$proc_mixer(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="414c5450434d0a50484f4e45495220274d69632043617074757265272030303030303030303030303030303030303030300a50484f4e45494e20274d617374657230506c61796261636b20566f6c756d65272030303030303030303030303030303030303030300a4449474954414c33202743442730303030303030303030300a535045414b4552202743442720303030e125714606a90c4630303030303000000000"], 0xe6)
mq_notify(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x3d, 0x4, @thr={&(0x7f0000000380)="7bf0fba1401f725bed901f5357649df15c194655af22c428087725f3593f759efbe924856ade3b96e5e73b7f7930a8eb6d859a15ccad1e27fe557823d9aff85d0ccb869a9c0282d0555d3f033ef526367c4ccf4ae977a660ee3e67a550de89807a508eb743bc685606a60e6d", &(0x7f00000006c0)="734e6012ae166642ec8cc42eefacbb3a9a5503aad1f1a43d7e9ef95f1991fc2b5d482bca535cf37bec5ef21d492e0d1780e61706549abaeef9b7fe671f74b58756ac7cd289c6a381eb3ea6888fc3d6293e0682aa936130a1e07d961d0598c0d03a0cd24cd50c5cd9c9b5f392d86de1ab614528f9d74ab53b218a1e0d7d18e6eee11451c700c6eb87765727724e14e9e95d46a814cdac6f68e6132ea674c272e02e885d7966dcca07bda6fb799e05c6c45eb17c4a4470027a43e4303b9ed14b"}}) (async)
mq_notify(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x3d, 0x4, @thr={&(0x7f0000000380)="7bf0fba1401f725bed901f5357649df15c194655af22c428087725f3593f759efbe924856ade3b96e5e73b7f7930a8eb6d859a15ccad1e27fe557823d9aff85d0ccb869a9c0282d0555d3f033ef526367c4ccf4ae977a660ee3e67a550de89807a508eb743bc685606a60e6d", &(0x7f00000006c0)="734e6012ae166642ec8cc42eefacbb3a9a5503aad1f1a43d7e9ef95f1991fc2b5d482bca535cf37bec5ef21d492e0d1780e61706549abaeef9b7fe671f74b58756ac7cd289c6a381eb3ea6888fc3d6293e0682aa936130a1e07d961d0598c0d03a0cd24cd50c5cd9c9b5f392d86de1ab614528f9d74ab53b218a1e0d7d18e6eee11451c700c6eb87765727724e14e9e95d46a814cdac6f68e6132ea674c272e02e885d7966dcca07bda6fb799e05c6c45eb17c4a4470027a43e4303b9ed14b"}})
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = eventfd2(0x0, 0x80000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x800448f0, &(0x7f00000000c0)={0x0, 0x0, "a4cd91", 0x9, 0xfc})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x5002, 0x3000, 0x8, r5})

1.622214671s ago: executing program 2 (id=1300):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
ioperm(0x0, 0x33, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="080100002d0001000000000000600000f60000800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81ad43bb635034b6c31e923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5060000"], 0x108}], 0x1}, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000180), 0x3ff, 0x2000)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
ioperm(0x0, 0x9, 0x5)
inotify_init1(0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x3, "ee0700000000000000000200"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_io_uring_setup(0x4d7, &(0x7f0000000200)={0x0, 0x7a7b, 0x10000, 0x3, 0x8f}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
ioctl$TCSETAF(r2, 0x5408, &(0x7f00000000c0)={0x1, 0xff, 0x5, 0xfffc, 0x0, "f682756c98cc948c"})
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r7, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @remote}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
ioctl$VIDIOC_STREAMOFF(r1, 0x40045613, &(0x7f0000000200)=0x1)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000070701010000000000000000000000000500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x22004080}, 0x24044894)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES64=r4], 0x6c}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

1.351060151s ago: executing program 3 (id=1301):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x2b}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000020301040000000000000000000040200800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000140)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000c80), r3)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000cc0)={'wpan0\x00', <r5=>0x0})
sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000d00)={0x2c, r4, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_ENABLED={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008011}, 0x40)
close(r2)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r6, 0x0)
syz_extract_tcp_res(&(0x7f0000000000)={0x41424344, <r7=>0x41424344}, 0x7, 0x8)
syz_extract_tcp_res(&(0x7f00000000c0)={0x41424344, <r8=>0x41424344}, 0x5, 0x1)
syz_emit_ethernet(0x4e, &(0x7f0000000300)={@local, @empty, @val={@void, {0x8100, 0x2, 0x0, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x4e22, 0x41424344, r8, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x136f, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "708d66", 0x1339, 0x6, 0xff, @mcast2, @loopback, {[@hopopts={0x3a, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x5}, @pad1]}, @srh={0x1d, 0xe, 0x4, 0x7, 0xe, 0x50, 0x7718, [@empty, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, @private2, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @mcast1]}, @hopopts={0x29, 0x21a, '\x00', [@ra={0x5, 0x2, 0x5}, @calipso={0x7, 0x38, {0x0, 0xc, 0x9, 0x4, [0x5, 0x6, 0x8, 0x5, 0x0, 0x5]}}, @enc_lim={0x4, 0x1, 0x92}, @enc_lim={0x4, 0x1, 0x7}, @generic={0x9, 0x86, "c294a5bdc21a9c2db7a5a7685e4ad644f4c44b2d07e54cf104bcb643125a426c58fff8bf4481899dff152e3748194457bce188af0d8997fa43151559d7cb841b7cd39af50fe63276c50127ceb919e4a6fc3444ae53dd0b7b95c6cd22271fc22b8e287192c4d5588e0d660bf3701722a57775a6f62cdc59ddd69cf84762e764fcda24422ae65f"}, @generic={0x0, 0x1000, "88d9f271640e11f8513e42bf5e219b10fea6f77ce974992958cf8f71b332f9a971d84e66864ab8951c14a30a3ca77a2e1b3de2a2dd3a240faeb6fefb141873ef225bc67404f6582dd467afba33a3bbce32a20338819b96228480708d9638c40b58daaad9b15b26cc44c510f2e7745988b41b0c6d7d8009dde71ebeff05b6969f9eba0972d503b0e96a941b53a593a9b7390c73628b4247736c82ac9ee2b50412d3e6ebb125c2a198ecce27adea1fe1de1b09a39f5b544f826de982d1ad766240dd50e44f83a1b6776b95185ccadc96c9d7ef029bb524e2d82f9c9244c43d035c7f6886be1126b4a4a412d13f0cf434585a047dca472c2790d33a736566bfc11b10d98819e1488055d956074f413f59397dbdc117e788d4d104b33aa7906d9e5210a075fce92212eca66d76db777b40e7e41539aa1825b2bf06aa7ab3eb1c61f4feb72db82a326c93f4fb6e4289e3d58ce4c603945bfe16aacdb21445b3ef749be5ad58a84194523f2d6e541a04a7373ca2c74275d40b5be0503a7504da4d6f8c76e14279946aa42e1f9cbd8cf93d533e52bffd20c17b92e88c96ac333df5be62d42995ae88e98598a54a02e8aa39d25575f3d0edd132e656d4d41f2cafa2396a06e370ab06fb780ba9357db21ae7a7cf41631279f54164d113994dbe03333ae1a01ce4c6e6e32bc72421a04ffa084f5d9eebc086b7d16a362e4211e66d433d4d9cb2c15e53f639b128ce7d897bbf978ca02b565cb3d7586688501b08760ff8731d23b9f65c95dbb1dd7f480174b395be153b2f9e6d7ce6e744347adce66beb57098a8daf510e528f18e38117ac327f4858fa9151fb5518cb6bcb67257b211c5d66d73868a36cf767e9107173674f007341dd29411ddabeaa0fbcdf074dfe51a814f12ec8bf8ca177f5f345b1ab547b8bc959831fb4b87953e51e98d2a56d2c759a1934021719a8674f3c51e0d7f9c4f005d762174a1e0c0a1915d798216f452a2f20cd8249f8ff2b1ce5c707a1082aee851350ee2c0fd9602a68348368b186468a4ad6e87ca52bcf652eecf251adea74ed147f6f082d56984ad0bf8305ff1a22438a9de5495869560455f0fc054e21585740511db2a279a79aaa9f2a00ddff75dc847bdafd6a4ec3fca1ade5e50dd9d06220be6f1a3e6d0b4e70c30d3e770f14269cfa40c421208bfa157486d11ac3455c8655d4db799e25c98c49e7d66d4e8f22e113729a7baaf222721aa964d45a991a28ef20f0783efc1b23b702e005a11013b7d912642fc76417859857838de535bd4e9b47ee724ca7226fa730cd0c487942f712ad51204b6e4f536022b57afa113c9ead8f012dc47519648205d04c95aa9e5d80a3ac9c5e39796e30dc3f59abe7f27195a18da4d84f6591e9a1541095a1cfc88ce558d13ef9fde7f52ec0bcf0d905886b97630f8db86612622ae71010be9e83c307588ec6fbe24cb96abdd754901614786e1830af3e2b24829f9e3fb8273cc7ec58192bae22dd185dba11a7ad40d9effd701c623b615c495fb11820ee79ec47e6a4534606922defbfbe158dd5ae00e622b1112e574ece0bfce1ca0e6860f71de4a8ca152ac7f34716c4a76dfaeeba793dc74af2e233433d7b91b85c4878bcd41e4bb6cc2a1b7b64242bb575c3b74c4255478e4a170b9992617fc26ee5eec04bfded554002658aa38653634c55a174d4480d026aecb739b779dc43d1d760e8750651fcf895ad858bd7e954d0bfd787c79f9d7e6a476df658767dda9001c0d82139552e2e1ccd43ab4395f6d09b5efb52e8409ed225241796ba9a9bed328af23a8a83b10b76ddf4b8f23a23ab011596019a0d266599df11bae4dbd9020283b0e396c167175bcc23f22b23a8c92d3e3a8cb51868f28cd88a119cc66b98ee378bafd87a154731a190493bb15e0394dc8e6cb6efd2aadf5063ec73c5be30b018389ecc6c0a7b855ca3be070230ec67bfa0493b974b43bcc572937117a2a6e2d77336533b3298b6ded4f023609f912cab987b44398a23d8798c3f7162a3c48ae95346831a68afd611210d19329a85b44275161fd966f465ccf1d48a5dc1b1dc78828847e388ad5c0e2a5460ddb09e6af289d796f7ca3af4b0d03d8db8eff6e0d38e61da04cd45cf5ef28fb0f90ac0c6bf0f746827c87ad63e3deadc11a23f4ade550d003a61ea41757778b86f1495fe6f28a0c98bb175818f4276bdc286b9569f7316a447a9849f124d4196233484eaf5f5468524653f67c15e0d947f333d6afc06c7710eeaa6eb8ac07f405d825b72f4bff7473c89a3ff97b3f37423c16ec2335f51730f7e98a6c29c1c56309c13c0c62db00de49cbab9b080265ea641e913a3868da154c3f9669addcf4d83be4fe7bbc771a66f9d6df9122834a13c808e0b19f27f20978090b605694cfd87f078738bd076f89549bffda41d1eefe34102e6ac6059bfeaee91bb5913089831cabca097f1c05091d56be09f4ca5e5183af91627c6a7234cc4f4567014f568432db3ad2d16e4a8694fe45168f1540e7267f0af870a0c61be67cadf61e1c43d3f5ef7e0beb39e1a02a44da17b2cf054fb40ecf6e7e42ff2c6844623071b196012924590dd6613b423b2f0f1966bc3be71b33644c3162e9bb353820daa6ca2a28a4fcf9c664fee0810e10fca03207a19db4ab4e6642e4a7af948ff80f44fa62d97cfc2845834fa5f99741777b77c80f830339f9771a9c47274fbf886dda2ab49076f6e284e303ca509474fd2f0ab7995b91cad86736ba0ebbbb7ce0f8a5c63e5ff40156a9985a86ff2425fe119f2dc11bcb7a091ab299ce20210ce1ca162252020cfa8c187f59bf10a2dab562ded851f3ad8ad9314cd44fb82298b4ab58f6f0685aa67a4afa20ae1ad709c6ee3af86580b08b89d017399ff111825f673760a86a9f81c32249d2ae6c8b2cd96d1356c21fff13a6f6347fa81a3b0005ccbcf8cce059aabde7fbe7b27bc0179f7f444a9d14f0973191f3f40178169814fe4251bbcc9317af654377f56632e29c04b9548b344c999aef2734f2869fa2384427cd8ea2e7149230f05f7d52b6fc98fc26a0d69b3502562f76fd941081e1329c4f813a32cb41d948cb72fe8d8b462b9e5eb362b7d45da6b2e16a24b90b033d99270ecd617158ea1466ab3dc755fb666c37dd086a76e0249c9ebf9b7ed8ae8227d35490caecf7866be5c37807fbcca7e9cc7c0cb6109e34c481496f0b403944533fd3b08de8ac0695b8673b498f0239e72e931ac8713b681962fc2a2613e26a2d72fad0d48837b436d786b2e48d015c9139165eec8abdec8927e5c14d5596d27aadace9eecbb92d16023978c570e90a0a871b5a509feb0d2a527e2c7ebb058e90ce9adecff02b7a02f04e7aa6666baea4138348e24b9e0010160993dbe2e0e8ba20fd388123caa5861918d51ccb79b9eb133d1d42a1a6831083ff7be5a7293d1abdccb1ffbf9e102c80a24fcf4f910aa9487b7845763f9e1abbb52e23c5ac10d26878ec17b4de140ba1d1eb22da07a36f90d8ac721ccfbf2cf90e5ad2575dfaab569aa68556af25b7dc34a932c05019f9ffd2d793f4d67e91082ceab7c7743a8214811c73ad031317c85baa03703d684f1ac92f4248b1133d4fb722f6b66ffaefad5ce30ec9c7d50063f9eb4e4c11f3f95b34069c5e915266d095a6e3f16edb72c38b185bd716d66bd2e6f674280af9b142ffa0977994ea69ea51f19b5e258452f18773a5070a36074af088f37881e3b999342b8f4b79fb814c903f8c28c5c2d614cbfdd8640ec059f2b4762ef8cc5dfc00e31d2794dac0d9f5b133102cd13666e3d01d66ed5f9e7ef8366b3bfd36a871554ae1a286f1200410922a5667649f4d0af4480b6d2594d192b12b611661a0da36e3bd38a14fbd4b30a4688ac5025bdb3d2f7b8396aef0af7c766101dee04a215c3d35eb97bcce9ca570553b1402ec698b2a15a2e5de2f4a03f6ba75fdf30289458748e0c153c60471ed04a506add68f5dd83aa09b22d579d88d8e78e21cdc22bcb5c769eefe6463b00f78c3fcce39c75dec0ef393d50d383a58ad92b0a95897eed04138fa1bdb67a541e236ad6c6e2984f38d8933703aa2c125ab70ad980cb2f61c4fe4d06f13a8f37526ace5e2bf66a46a08b3c6ffb0d3080f84bc9d8556fbfc63a878965087f83fb3f1cbb5db36fba8fad1d8d0c1e0d3137e76a40936dbbd723e30ad51fa89e0ed24a526418bd7671c241ae1ddf0f420429b3890c20608a2d053d683a97d35baeb268d0e51ff1bd1d76f74d0f356d5c65415c123f47eed6f084a622d3a19bf749ef85c083b0c0b07fe0e2cf589a7d95f4ef54f94dc2eac34e4f37f9be283e8eaff322a80121ec56b02219efdbee55f77e66d0fdeacba1d7767fa5a47605a5fce88236fd5c6ecc822cd633b2e1914a630a86932391416c839aa358003ca0266056525006516eb3b7d290b43fe4c1d3393b34f45527405bb88f2a445c64a56ad8a69f41c51e09877ba0fe91b19bcb56f8792eeb362cee9ec0a9abaf6674519669168bee3762b68f82a8704cf8f9f7cbc6adf262819d6bf9c89fb49824b7dcb2bdb250519d4c99d99dd44f5e337b797f1c4e176182db83535609b37b3566bc98240b07217615684ec1d6ece2c4a8279c7286f515585daaffb2cc4e49719abb430cb778725ee053ae5c14f25b15f7cd898b7bb0a24593ed37d5042dfb0b3e6b9abf9e1794ba7096b6ba7392cfeecb177657b9c2aa340e1c2f8fc5ebf6a403d7c20901c4ee7c4e0f8854a96d38df0e650f9dc34e9353ec6110e2450035ed2dad7a15ba10d94563c00704353cfe865d1f94c7a0c2f9b0e58197470f461ec15421221b570c7f44c005a9509612d54e0f92fd07607f86cfe7ebccb346fd7430a0811192f970bb2b03108a139f699ae9a3c425190ea0651942f7400d6fac84db99b6ad451acc16cd58634e9118d78d2c5cba87dfcf0c085b76cd6408fe984eab396db30f53a18230e10779be9caa3fb8a561c9c8a40453eb4e6bd80d8811746c29b1a6206ec612d0b6111ab942796cd67db9c875439fe2b2f14d0e8680f7fd3134a06b975dc603065d5164a89746db18eb4ead9ee852a0a1dbd121e3bfb1fb0a859f73250a22928f5300d94c06bc3805da7033284a5dd62ec43ce679d950900b80aa5d598c490f1603ac1190c228cf8d87ab426f040e0927074d8356546d35bcaf9cae44bbc36afad2d2d847692935fab0aa18a081280a690f61dc20d03bb74b53b58ee58a977de33eb46ef98a7ab055c1eae51c188d934d6c6f9325b7f76ad789ca257c6b5fa7b688f5af129e24ec689d6cefe97a0f213e0eb31cdebc5c34f1d1c6922d7e11d22764fe480506904aea7690652c3d3fd7af1e7fc723694c10b3093bcbe054933bb5a2dded807ed4096d63f5785412d148af3cafd9ba6dda9e24b330777bc5943d2f4bcaebe3d5de2b78aab3bcbaafbf49df8ab0a76e5c127b41d48372b9a60ac8b6092a93f8d0a275a4312212fa1a1f7bf03a52b2a59b4f2ed3c11d7deba0bdbbb7817299fa6b356588d90a36d90a2f8fa3043b8216bdbd330df9226ae18699c97abdbe08f6e8245b01d425f4670665f7781601629d3260ce39d173b31a6470a5587998b6868e081bc6b1625252341dea69444e96b4f9c068dd033cffa02cf2d2f70d7474c961b57dc7f71e91c63e65108c371f3cbf59bde54089bf8747f5f954e143b804b2f191ab4383cecef3ad05e1b91231b28f027ac1ea6b88225f9df96adbbfa993668c0435b4782f55da81b9ac7eade2eb5c2d03b0a323113b9220"}, @pad1, @enc_lim={0x4, 0x1, 0x9}]}, @routing={0x3c, 0x14, 0x1, 0x4, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @rand_addr=' \x01\x00', @local, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, @empty, @ipv4={'\x00', '\xff\xff', @remote}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}, @dstopts={0x2b, 0x2, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x3}, @pad1, @jumbo={0xc2, 0x4, 0x3370}]}, @srh={0x161, 0xc, 0x4, 0x6, 0xff, 0x0, 0xfffa, [@ipv4={'\x00', '\xff\xff', @multicast2}, @mcast1, @loopback, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast1, @private1]}, @fragment={0x1c1018042b95c51c, 0x0, 0x9, 0x1, 0x0, 0x0, 0x64}, @fragment={0x9, 0x0, 0xe, 0x1, 0x0, 0x2, 0x65}, @hopopts={0xc, 0x1, '\x00', [@jumbo={0xc2, 0x4, 0x1ff}, @ra={0x5, 0x2, 0x7e1f}]}], {{0x4e22, 0x4e21, r7, r8, 0x1, 0x0, 0xc, 0x2, 0x5, 0x0, 0xfff8, {[@generic={0xd5, 0x10, "dbde74f97dd0b567edfee322e9e2"}, @window={0x3, 0x3, 0xa}, @exp_smc={0xfe, 0x6}]}}, {"01c21b223ef83d4b9fef3661add8267e208d4c565d6ef56e152588a91a36a0c36ca1bae7ed6b095efad6fe7093ad51d679fed95a1b712eea4991e749ea942b4f66500007298ea65937"}}}}}}}, 0x0)
socket$netlink(0x10, 0x3, 0x6)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\n\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, r7, 0x0, 0x2, 0x5, 0xc2}}}}}}}, 0x0)

1.199854162s ago: executing program 3 (id=1302):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xffffff3e, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x17, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0xfffffffffffffdb1}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioperm(0x524, 0xab49, 0x9)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r6, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x38416761, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
syz_emit_ethernet(0x6b, &(0x7f0000000300)={@local, @local, @void, {@x25={0x805, {0x1, 0x6, 0xf1, "03729c1cabb46bf6c5c019df11bd100578f2b1f60d801ea6ed12f4cb12b682b6f233770234209ab8e2e3ea7524d41ca7eeb3501938ad8df03f5a259bbdad0460e33d1fa6a41a443c003f6df230315c3721c0d60b4bbce5bb8755"}}}}, 0x0)

887.160147ms ago: executing program 1 (id=1303):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
listen(r0, 0x1) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000180)='%pi6   \x00'}, 0x1c) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) (async)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7, 0x0, 0x0, 0x0, 0x3, [<r8=>0x0, <r9=>0x0, 0x0, <r10=>0x0], [0x800000], [0x0, 0x1001000], [0x0, 0x0, 0xe8a6]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x400, 0x34325241, 0x0, [r8, 0x0, r9, r10], [0x2b8, 0x0, 0x20000000]}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000500)={&(0x7f0000000400)=[0x0], 0x0, 0x0, 0x0, 0x1}) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0xc, 0x3fa, 0x3, 0x380, r2, 0xfffffffe, '\x00', r3, r4, 0x0, 0x1, 0x3, 0xa, @void, @value, @void, @value}, 0x50) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
setsockopt$bt_BT_VOICE(r0, 0x112, 0x13, 0x0, 0x0)
r11 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/clear_refs\x00', 0x1, 0x0)
write$sysctl(r11, &(0x7f0000000140)='2\x00', 0x2)

787.241395ms ago: executing program 0 (id=1304):
openat$tun(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = eventfd2(0x0, 0x0)
read$eventfd(r1, &(0x7f0000000040), 0x8) (fail_nth: 11)

721.403044ms ago: executing program 2 (id=1305):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000042000000b700000000000010950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836801ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d09a0a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a504a0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffaf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r1, 0x0, 0xe, 0x0, &(0x7f00000002c0)="69d387051eaf71a0486e5c660000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
semget$private(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioprio_set$uid(0x3, 0x0, 0x6007)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r4, r4, 0x0, 0x40008)
remap_file_pages(&(0x7f00003ec000/0x4000)=nil, 0x4000, 0x3, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r5 = socket$inet6(0xa, 0x3, 0x7)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x4044845)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x4, 0x7ffc1ffd}]})
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x138, 0x10, 0x633, 0x0, 0x80000000, {{@in=@multicast2, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@private2, 0x4d2, 0x32}, @in=@local, {}, {0x5, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)

670.172734ms ago: executing program 0 (id=1306):
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
socket$kcm(0x10, 0x3, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x8200, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000080)={0x4, "d2c4924f5689213dc64c3b6e6ff82a75e5318fca4288c20600000072020bcd2c"})
r3 = openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000100)={0x4, <r4=>0xffffffffffffffff})
ioctl$DMA_BUF_SET_NAME_A(r4, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r4, 0x40086200, 0x0)
close_range(r1, r4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000008008000730000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_GET_MSRS(r8, 0xc048aeca, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000540)=[{{&(0x7f0000000140)=@phonet, 0x80, 0x0, 0x0, &(0x7f0000000440)=""/231, 0xe7}, 0x3da}], 0x1, 0xa0, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r9, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0) (fail_nth: 10)

669.185356ms ago: executing program 1 (id=1307):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70400002800004baf155b009500000095000000000000003f46922890b3c5af85eff568e253543fcc65142e6824ff94e501685ff217d03d8cbf7535be3ce76b25df82a0cdc48d9eadabf92ce2c1c894fe7bdb1b695d2dba0187b60eb67a2f536e9bccc8757ddf882680edabc26c27bb91e3de8d854fcf95e50347b591fd03444e59b9a0ffab89ca46e01035a724104b2d9fc03c2a59ed9ab5213848943bc217d9443ed3968a92fc4f1b418c0ee8de0442e3"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) (async)
r2 = socket(0x10, 0x3, 0x0) (async, rerun: 32)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vlan1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0xf0b, 0xfffffffe, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x200480c4}, 0x0) (async)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x45) (async)
r8 = fcntl$dupfd(r6, 0x0, r6)
write$RDMA_USER_CM_CMD_LISTEN(r8, &(0x7f0000000140)={0x7, 0x8, 0xfa00, {r7, 0x4}}, 0x10) (async)
close_range(r5, 0xffffffffffffffff, 0x0)

610.29203ms ago: executing program 1 (id=1308):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/oss_mixer\x00', 0x6002, 0x0)
write$proc_mixer(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONIT'], 0x86)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xff2e)
rt_sigaction(0xe, 0x0, 0x0, 0x8, &(0x7f0000000100))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = fcntl$getown(r2, 0x9)
syz_open_procfs(r4, &(0x7f0000000080)='net/icmp6\x00')
r5 = dup(r3)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
write(r6, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r6, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card1/oss_mixer\x00', 0x103802, 0x0)
dup3(r7, r2, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="603d1aee952fef6116cc6bc97b1b32a471126a99718943c592ee069f75116c03c71e6bae578a99cda3f73ad202db8325da3e5ee4c5d64350b3792e54a1e88e752f6c097ead8fdb012a985e89027047f65f635dba4f8554516e5e6f1e49edc479511d22b21e663224b59828cb4159b9752f81d5515a6b78fbaaa88c0452d4e7f0301356753b048e9f24170c3d7f024092576f3163115ab6bae9c7d65550493d25a101", @ANYRES32=r1, @ANYBLOB="f8ff5d800c000100fcff62bd150500000000000000ff0800020000809751aef3333dce051d"], 0x34}}, 0x1)
r9 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f00004c8000/0x4000)=nil, 0x4000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
connect$unix(r10, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r11, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r9, 0x0, 0x0)
recvmmsg(r10, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

258.276979ms ago: executing program 3 (id=1309):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x75}], 0x1}, 0x0)
r1 = eventfd(0x0)
read$eventfd(r1, &(0x7f0000000240), 0x8)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000001100)="02965d1f5ec3de3d", 0x8}, {&(0x7f0000002180)="27a8104ce45cd4d5", 0x8}], 0x8)
creat(&(0x7f0000000000)='./file0\x00', 0x200)
socket$kcm(0x10, 0x2, 0x0) (async)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x75}], 0x1}, 0x0) (async)
eventfd(0x0) (async)
read$eventfd(r1, &(0x7f0000000240), 0x8) (async)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000001100)="02965d1f5ec3de3d", 0x8}, {&(0x7f0000002180)="27a8104ce45cd4d5", 0x8}], 0x8) (async)
creat(&(0x7f0000000000)='./file0\x00', 0x200) (async)

49.231631ms ago: executing program 3 (id=1310):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6000000002"], 0x60}, 0x1, 0x0, 0x0, 0x20000851}, 0x4004c004)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f", @ANYRES32=r2, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)

0s ago: executing program 3 (id=1311):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0700000004000000200000000100000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000240)='pmap_register\x00', r2, 0x0, 0xf69}, 0x18)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

kernel console output (not intermixed with test programs):

e number 15
[  269.213713][ T9945] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  270.255124][ T1334] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  270.406743][ T1334] usb 8-1: Using ep0 maxpacket: 8
[  270.410716][ T1334] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  270.413913][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  270.418481][ T1334] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  270.423126][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  270.429527][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  270.435341][ T1334] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  270.438248][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  270.442634][ T1334] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  270.447434][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  270.451718][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  270.457569][ T1334] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  270.460579][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  270.465410][ T1334] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  270.470031][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  270.474584][ T1334] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  270.482994][ T1334] usb 8-1: string descriptor 0 read error: -22
[  270.487132][ T1334] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  270.490562][ T1334] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.502946][ T1334] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  270.647819][ T9977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.976'.
[  270.981493][   T59] usb 8-1: USB disconnect, device number 21
[  270.981587][ T9980] usb 8-1: Couldn't submit interrupt_out_urb -19
[  271.201536][ T9976] syz.0.977: attempt to access beyond end of device
[  271.201536][ T9976] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  271.218956][ T9976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.977'.
[  274.244916][ T1334] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  274.416771][ T1334] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  274.420948][ T1334] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  274.429082][ T1334] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  274.436715][ T1334] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  274.440084][ T1334] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  274.442658][ T1334] usb 8-1: Product: syz
[  274.444016][ T1334] usb 8-1: Manufacturer: syz
[  274.445859][ T1334] usb 8-1: SerialNumber: syz
[  274.514868][T10033] input: syz1 as /devices/virtual/input/input9
[  274.739094][ T1334] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  275.369121][T10025] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.466744][T10043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.528117][ T1334] usb 8-1: USB disconnect, device number 22
[  275.532605][ T1334] usblp0: removed
[  275.604463][T10030] syz.2.988: vmalloc error: size 67112960, failed to allocated page array size 131080, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  275.612325][T10030] CPU: 1 UID: 0 PID: 10030 Comm: syz.2.988 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  275.612343][T10030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  275.612351][T10030] Call Trace:
[  275.612356][T10030]  <TASK>
[  275.612362][T10030]  dump_stack_lvl+0x16c/0x1f0
[  275.612384][T10030]  warn_alloc+0x248/0x3a0
[  275.612399][T10030]  ? __pfx_warn_alloc+0x10/0x10
[  275.612417][T10030]  ? nf_tables_newset+0x24f2/0x4310
[  275.612429][T10030]  ? __vmalloc_node_noprof+0xad/0xf0
[  275.612450][T10030]  __vmalloc_node_range_noprof+0x10f4/0x1520
[  275.612473][T10030]  ? nf_tables_newset+0x24f2/0x4310
[  275.612491][T10030]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  275.612510][T10030]  ? __alloc_pages_noprof+0xb/0x1b0
[  275.612522][T10030]  ? ___kmalloc_large_node+0x84/0x1e0
[  275.612542][T10030]  __kvmalloc_node_noprof+0x308/0x620
[  275.612554][T10030]  ? nf_tables_newset+0x24f2/0x4310
[  275.612566][T10030]  ? nf_tables_newset+0x24f2/0x4310
[  275.612577][T10030]  ? nft_pipapo_estimate+0x17f/0x3b0
[  275.612595][T10030]  ? nf_tables_newset+0x24f2/0x4310
[  275.612605][T10030]  nf_tables_newset+0x24f2/0x4310
[  275.612622][T10030]  ? __pfx_nf_tables_newset+0x10/0x10
[  275.612635][T10030]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  275.612652][T10030]  ? __nla_validate_parse+0x600/0x2880
[  275.612679][T10030]  ? __nla_parse+0x40/0x60
[  275.612695][T10030]  nfnetlink_rcv_batch+0x190b/0x2350
[  275.612719][T10030]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  275.612736][T10030]  ? preempt_schedule_common+0x44/0xc0
[  275.612754][T10030]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  275.612778][T10030]  ? __pfx___dev_queue_xmit+0x10/0x10
[  275.612803][T10030]  ? __nla_parse+0x40/0x60
[  275.612820][T10030]  nfnetlink_rcv+0x3c1/0x430
[  275.612836][T10030]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  275.612856][T10030]  netlink_unicast+0x53d/0x7f0
[  275.612878][T10030]  ? __pfx_netlink_unicast+0x10/0x10
[  275.612908][T10030]  netlink_sendmsg+0x8d1/0xdd0
[  275.612945][T10030]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.612975][T10030]  ? __import_iovec+0x1dd/0x650
[  275.613002][T10030]  ____sys_sendmsg+0xa98/0xc70
[  275.613034][T10030]  ? __pfx_____sys_sendmsg+0x10/0x10
[  275.613060][T10030]  ? get_compat_msghdr+0x11a/0x170
[  275.613078][T10030]  ? try_to_wake_up+0xa2f/0x1680
[  275.613098][T10030]  ___sys_sendmsg+0x134/0x1d0
[  275.613113][T10030]  ? __pfx____sys_sendmsg+0x10/0x10
[  275.613125][T10030]  ? __lock_acquire+0x622/0x1c90
[  275.613157][T10030]  __sys_sendmsg+0x16d/0x220
[  275.613171][T10030]  ? __pfx___sys_sendmsg+0x10/0x10
[  275.613184][T10030]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  275.613203][T10030]  ? rcu_is_watching+0x12/0xc0
[  275.613222][T10030]  __do_fast_syscall_32+0x73/0x120
[  275.613240][T10030]  do_fast_syscall_32+0x32/0x80
[  275.613257][T10030]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  275.613271][T10030] RIP: 0023:0xf7fb7579
[  275.613281][T10030] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  275.613293][T10030] RSP: 002b:00000000f4c7155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  275.613304][T10030] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800000c0
[  275.613311][T10030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  275.613318][T10030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  275.613329][T10030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  275.613336][T10030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  275.613350][T10030]  </TASK>
[  275.613354][T10030] Mem-Info:
[  275.735148][T10030] active_anon:11667 inactive_anon:82 isolated_anon:0
[  275.735148][T10030]  active_file:3216 inactive_file:23751 isolated_file:0
[  275.735148][T10030]  unevictable:1768 dirty:322 writeback:0
[  275.735148][T10030]  slab_reclaimable:6644 slab_unreclaimable:69771
[  275.735148][T10030]  mapped:28603 shmem:7686 pagetables:884
[  275.735148][T10030]  sec_pagetables:321 bounce:0
[  275.735148][T10030]  kernel_misc_reclaimable:0
[  275.735148][T10030]  free:51103 free_pcp:878 free_cma:0
[  275.749818][T10030] Node 0 active_anon:24kB inactive_anon:180kB active_file:0kB inactive_file:28kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:160kB dirty:0kB writeback:0kB shmem:3800kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8020kB pagetables:1168kB sec_pagetables:1108kB all_unreclaimable? no Balloon:0kB
[  275.760841][T10030] Node 1 active_anon:46644kB inactive_anon:148kB active_file:12912kB inactive_file:94976kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:114252kB dirty:1288kB writeback:0kB shmem:26944kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4504kB pagetables:2368kB sec_pagetables:176kB all_unreclaimable? no Balloon:0kB
[  275.784898][T10030] Node 0 DMA free:2088kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:16kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:236kB local_pcp:208kB free_cma:0kB
[  275.799307][T10030] lowmem_reserve[]: 0 290 290 290 290
[  275.801061][T10030] Node 0 DMA32 free:19744kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB active_anon:40kB inactive_anon:1284kB active_file:0kB inactive_file:272kB unevictable:3536kB writepending:0kB present:1032196kB managed:297436kB mlocked:0kB bounce:0kB free_pcp:744kB local_pcp:96kB free_cma:0kB
[  275.812756][T10030] lowmem_reserve[]: 0 0 0 0 0
[  275.824944][T10030] Node 1 DMA32 free:182580kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:46548kB inactive_anon:148kB active_file:12912kB inactive_file:94976kB unevictable:3536kB writepending:1316kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:2108kB local_pcp:12kB free_cma:0kB
[  275.855189][T10030] lowmem_reserve[]: 0 0 0 0 0
[  275.857216][T10030] Node 0 DMA: 27*4kB (UM) 20*8kB (UM) 9*16kB (UM) 3*32kB (M) 3*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2108kB
[  275.869099][T10030] Node 0 DMA32: 25*4kB (UMEH) 140*8kB (UMEH) 96*16kB (UMEH) 108*32kB (UMEH) 49*64kB (MEH) 29*128kB (UME) 6*256kB (UMH) 5*512kB (M) 3*1024kB (M) 0*2048kB 0*4096kB = 20228kB
[  275.900724][T10030] Node 1 DMA32: 609*4kB (UME) 443*8kB (UME) 577*16kB (UME) 708*32kB (UME) 338*64kB (UME) 110*128kB (UME) 50*256kB (UME) 24*512kB (UME) 16*1024kB (UM) 15*2048kB (UM) 9*4096kB (UM) = 182636kB
[  275.908151][T10030] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  275.911216][T10030] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  275.914505][T10030] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  275.928903][T10030] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  275.931993][T10030] 34874 total pagecache pages
[  275.933582][T10030] 154 pages in swap cache
[  275.936284][T10030] Free swap  = 120112kB
[  275.937743][T10030] Total swap = 124996kB
[  275.939068][T10030] 524155 pages RAM
[  275.940292][T10030] 0 pages HighMem/MovableOnly
[  275.942144][T10030] 208885 pages reserved
[  275.943537][T10030] 0 pages cma reserved
[  276.641711][T10061] netlink: 56 bytes leftover after parsing attributes in process `syz.1.994'.
[  276.646018][T10061] (unnamed net_device) (uninitialized): (slave gre0): Device is not bonding slave
[  276.649846][T10061] (unnamed net_device) (uninitialized): option active_slave: invalid value (gre0)
[  276.995562][T10072] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  276.998230][T10072] CPU: 1 UID: 0 PID: 10072 Comm: syz.1.994 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  276.998247][T10072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.998257][T10072] Call Trace:
[  276.998261][T10072]  <TASK>
[  276.998277][T10072]  dump_stack_lvl+0x16c/0x1f0
[  276.998299][T10072]  sysfs_warn_dup+0x7f/0xa0
[  276.998319][T10072]  sysfs_do_create_link_sd+0x124/0x140
[  276.998332][T10072]  sysfs_create_link+0x61/0xc0
[  276.998344][T10072]  device_add+0x62c/0x1a70
[  276.998360][T10072]  ? __pfx_device_add+0x10/0x10
[  276.998372][T10072]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  276.998390][T10072]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  276.998411][T10072]  wiphy_register+0x1c9c/0x2850
[  276.998423][T10072]  ? netdev_run_todo+0x864/0x1320
[  276.998442][T10072]  ? __pfx_wiphy_register+0x10/0x10
[  276.998459][T10072]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  276.998479][T10072]  ieee80211_register_hw+0x24ac/0x4140
[  276.998496][T10072]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  276.998510][T10072]  ? find_held_lock+0x2b/0x80
[  276.998526][T10072]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  276.998541][T10072]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  276.998553][T10072]  ? __hrtimer_setup+0x176/0x280
[  276.998569][T10072]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  276.998599][T10072]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  276.998621][T10072]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  276.998648][T10072]  ? __asan_memcpy+0x3c/0x60
[  276.998672][T10072]  hwsim_new_radio_nl+0xb51/0x12c0
[  276.998698][T10072]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  276.998727][T10072]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  276.998751][T10072]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  276.998782][T10072]  genl_family_rcv_msg_doit+0x209/0x2f0
[  276.998809][T10072]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  276.998836][T10072]  ? trace_cap_capable+0x18d/0x200
[  276.998862][T10072]  ? bpf_lsm_capable+0x9/0x10
[  276.998880][T10072]  ? security_capable+0x7e/0x260
[  276.998899][T10072]  ? ns_capable+0xd7/0x110
[  276.998918][T10072]  genl_rcv_msg+0x55c/0x800
[  276.998935][T10072]  ? __pfx_genl_rcv_msg+0x10/0x10
[  276.998951][T10072]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  276.998968][T10072]  ? __lock_acquire+0xb8a/0x1c90
[  276.998983][T10072]  netlink_rcv_skb+0x16a/0x440
[  276.998997][T10072]  ? __pfx_genl_rcv_msg+0x10/0x10
[  276.999013][T10072]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  276.999035][T10072]  ? __pfx_down_read+0x10/0x10
[  276.999046][T10072]  ? netlink_deliver_tap+0x1ae/0xd30
[  276.999059][T10072]  ? is_vmalloc_addr+0x86/0xa0
[  276.999073][T10072]  genl_rcv+0x28/0x40
[  276.999087][T10072]  netlink_unicast+0x53d/0x7f0
[  276.999102][T10072]  ? __pfx_netlink_unicast+0x10/0x10
[  276.999121][T10072]  netlink_sendmsg+0x8d1/0xdd0
[  276.999147][T10072]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.999163][T10072]  ? __import_iovec+0x1dd/0x650
[  276.999181][T10072]  ____sys_sendmsg+0xa98/0xc70
[  276.999200][T10072]  ? __pfx_____sys_sendmsg+0x10/0x10
[  276.999216][T10072]  ? get_compat_msghdr+0x11a/0x170
[  276.999234][T10072]  ? __pfx_futex_wake_mark+0x10/0x10
[  276.999252][T10072]  ___sys_sendmsg+0x134/0x1d0
[  276.999267][T10072]  ? __pfx____sys_sendmsg+0x10/0x10
[  276.999279][T10072]  ? __lock_acquire+0x622/0x1c90
[  276.999310][T10072]  __sys_sendmsg+0x16d/0x220
[  276.999324][T10072]  ? __pfx___sys_sendmsg+0x10/0x10
[  276.999337][T10072]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  276.999356][T10072]  ? rcu_is_watching+0x12/0xc0
[  276.999375][T10072]  __do_fast_syscall_32+0x73/0x120
[  276.999394][T10072]  do_fast_syscall_32+0x32/0x80
[  276.999411][T10072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  276.999425][T10072] RIP: 0023:0xf7f28579
[  276.999436][T10072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  276.999448][T10072] RSP: 002b:00000000f4be155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  276.999459][T10072] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  276.999466][T10072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  276.999473][T10072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  276.999479][T10072] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  276.999485][T10072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.999500][T10072]  </TASK>
[  279.348725][T10112] netlink: 'syz.0.1007': attribute type 1 has an invalid length.
[  279.351946][T10112] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1007'.
[  280.700031][T10123] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1009'.
[  280.702911][T10123] (unnamed net_device) (uninitialized): (slave gre0): Device is not bonding slave
[  280.705956][T10123] (unnamed net_device) (uninitialized): option active_slave: invalid value (gre0)
[  281.101270][T10132] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  281.103882][T10132] CPU: 1 UID: 0 PID: 10132 Comm: syz.2.1009 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  281.103911][T10132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.103919][T10132] Call Trace:
[  281.103926][T10132]  <TASK>
[  281.103931][T10132]  dump_stack_lvl+0x16c/0x1f0
[  281.103952][T10132]  sysfs_warn_dup+0x7f/0xa0
[  281.103971][T10132]  sysfs_do_create_link_sd+0x124/0x140
[  281.103984][T10132]  sysfs_create_link+0x61/0xc0
[  281.103996][T10132]  device_add+0x62c/0x1a70
[  281.104011][T10132]  ? __pfx_device_add+0x10/0x10
[  281.104027][T10132]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  281.104043][T10132]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  281.104063][T10132]  wiphy_register+0x1c9c/0x2850
[  281.104075][T10132]  ? netdev_run_todo+0x864/0x1320
[  281.104095][T10132]  ? __pfx_wiphy_register+0x10/0x10
[  281.104113][T10132]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  281.104134][T10132]  ieee80211_register_hw+0x24ac/0x4140
[  281.104152][T10132]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  281.104165][T10132]  ? __hrtimer_setup+0x1cd/0x280
[  281.104180][T10132]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  281.104195][T10132]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  281.104207][T10132]  ? __hrtimer_setup+0x176/0x280
[  281.104222][T10132]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  281.104246][T10132]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  281.104261][T10132]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  281.104278][T10132]  ? __asan_memcpy+0x3c/0x60
[  281.104290][T10132]  hwsim_new_radio_nl+0xb51/0x12c0
[  281.104307][T10132]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  281.104328][T10132]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  281.104346][T10132]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  281.104366][T10132]  genl_family_rcv_msg_doit+0x209/0x2f0
[  281.104383][T10132]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  281.104399][T10132]  ? trace_cap_capable+0x18d/0x200
[  281.104417][T10132]  ? bpf_lsm_capable+0x9/0x10
[  281.104427][T10132]  ? security_capable+0x7e/0x260
[  281.104441][T10132]  ? ns_capable+0xd7/0x110
[  281.104459][T10132]  genl_rcv_msg+0x55c/0x800
[  281.104477][T10132]  ? __pfx_genl_rcv_msg+0x10/0x10
[  281.104493][T10132]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  281.104510][T10132]  ? __lock_acquire+0xb8a/0x1c90
[  281.104525][T10132]  netlink_rcv_skb+0x16a/0x440
[  281.104539][T10132]  ? __pfx_genl_rcv_msg+0x10/0x10
[  281.104556][T10132]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  281.104577][T10132]  ? __pfx_down_read+0x10/0x10
[  281.104588][T10132]  ? netlink_deliver_tap+0x1ae/0xd30
[  281.104601][T10132]  ? is_vmalloc_addr+0x86/0xa0
[  281.104615][T10132]  genl_rcv+0x28/0x40
[  281.104629][T10132]  netlink_unicast+0x53d/0x7f0
[  281.104645][T10132]  ? __pfx_netlink_unicast+0x10/0x10
[  281.104663][T10132]  netlink_sendmsg+0x8d1/0xdd0
[  281.104680][T10132]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.104696][T10132]  ? __import_iovec+0x1dd/0x650
[  281.104713][T10132]  ____sys_sendmsg+0xa98/0xc70
[  281.104731][T10132]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.104745][T10132]  ? get_compat_msghdr+0x11a/0x170
[  281.104781][T10132]  ? __pfx_futex_wake_mark+0x10/0x10
[  281.104799][T10132]  ___sys_sendmsg+0x134/0x1d0
[  281.104813][T10132]  ? __pfx____sys_sendmsg+0x10/0x10
[  281.104826][T10132]  ? __lock_acquire+0x622/0x1c90
[  281.104858][T10132]  __sys_sendmsg+0x16d/0x220
[  281.104872][T10132]  ? __pfx___sys_sendmsg+0x10/0x10
[  281.104886][T10132]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  281.104906][T10132]  ? rcu_is_watching+0x12/0xc0
[  281.104925][T10132]  __do_fast_syscall_32+0x73/0x120
[  281.104944][T10132]  do_fast_syscall_32+0x32/0x80
[  281.104960][T10132]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  281.104975][T10132] RIP: 0023:0xf7fb7579
[  281.104984][T10132] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  281.104995][T10132] RSP: 002b:00000000f4c7155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  281.105006][T10132] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  281.105013][T10132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  281.105023][T10132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.105030][T10132] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  281.105036][T10132] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.105050][T10132]  </TASK>
[  281.561395][T10134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1012'.
[  281.564261][T10134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.598451][T10134] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.626692][T10134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.665576][T10134] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.773904][T10134] batman_adv: batadv0: Removing interface: gretap1
[  282.211168][T10134] : (slave batadv0): Releasing backup interface
[  282.336741][T10133] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  282.346698][T10133] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  282.348953][T10133] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  282.403562][T10133] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  282.406325][T10133] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  282.420521][T10133] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  282.432465][T10133] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  282.858236][ T5982] hid-generic 00A0:0008:0003.0003: unknown main item tag 0x0
[  282.860694][ T5982] hid-generic 00A0:0008:0003.0003: unknown main item tag 0x0
[  282.863040][ T5982] hid-generic 00A0:0008:0003.0003: unknown main item tag 0x0
[  282.866059][ T5982] hid-generic 00A0:0008:0003.0003: unknown main item tag 0x0
[  282.868293][ T5982] hid-generic 00A0:0008:0003.0003: item fetching failed at offset 13/15
[  282.871125][ T5982] hid-generic 00A0:0008:0003.0003: probe with driver hid-generic failed with error -22
[  282.885691][ T5950] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  282.962022][T10147] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1015'.
[  283.764281][T10172] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1022'.
[  283.770055][T10172] batadv0: entered promiscuous mode
[  283.773885][T10172] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  283.777408][T10172] batadv0: left promiscuous mode
[  283.992068][T10179] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  283.992080][T10179] CPU: 1 UID: 0 PID: 10179 Comm: syz.2.1021 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  283.992100][T10179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.992109][T10179] Call Trace:
[  283.992113][T10179]  <TASK>
[  283.992118][T10179]  dump_stack_lvl+0x16c/0x1f0
[  283.992138][T10179]  sysfs_warn_dup+0x7f/0xa0
[  283.992158][T10179]  sysfs_do_create_link_sd+0x124/0x140
[  283.992171][T10179]  sysfs_create_link+0x61/0xc0
[  283.992182][T10179]  device_add+0x62c/0x1a70
[  283.992199][T10179]  ? __pfx_device_add+0x10/0x10
[  283.992212][T10179]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  283.992228][T10179]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  283.992250][T10179]  wiphy_register+0x1c9c/0x2850
[  283.992262][T10179]  ? netdev_run_todo+0x864/0x1320
[  283.992281][T10179]  ? __pfx_wiphy_register+0x10/0x10
[  283.992298][T10179]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  283.992318][T10179]  ieee80211_register_hw+0x24ac/0x4140
[  283.992335][T10179]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  283.992351][T10179]  ? find_held_lock+0x2b/0x80
[  283.992367][T10179]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  283.992382][T10179]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  283.992395][T10179]  ? __hrtimer_setup+0x176/0x280
[  283.992411][T10179]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  283.992434][T10179]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  283.992452][T10179]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  283.992470][T10179]  ? __asan_memcpy+0x3c/0x60
[  283.992482][T10179]  hwsim_new_radio_nl+0xb51/0x12c0
[  283.992499][T10179]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  283.992520][T10179]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  283.992537][T10179]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  283.992558][T10179]  genl_family_rcv_msg_doit+0x209/0x2f0
[  283.992575][T10179]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  283.992592][T10179]  ? trace_cap_capable+0x18d/0x200
[  283.992609][T10179]  ? bpf_lsm_capable+0x9/0x10
[  283.992620][T10179]  ? security_capable+0x7e/0x260
[  283.992634][T10179]  ? ns_capable+0xd7/0x110
[  283.992652][T10179]  genl_rcv_msg+0x55c/0x800
[  283.992670][T10179]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.992686][T10179]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  283.992703][T10179]  ? __lock_acquire+0xb8a/0x1c90
[  283.992718][T10179]  netlink_rcv_skb+0x16a/0x440
[  283.992732][T10179]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.992749][T10179]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  283.992770][T10179]  ? __pfx_down_read+0x10/0x10
[  283.992781][T10179]  ? netlink_deliver_tap+0x1ae/0xd30
[  283.992794][T10179]  ? is_vmalloc_addr+0x86/0xa0
[  283.992808][T10179]  genl_rcv+0x28/0x40
[  283.992822][T10179]  netlink_unicast+0x53d/0x7f0
[  283.992838][T10179]  ? __pfx_netlink_unicast+0x10/0x10
[  283.992856][T10179]  netlink_sendmsg+0x8d1/0xdd0
[  283.992886][T10179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.992902][T10179]  ? __import_iovec+0x1dd/0x650
[  283.992920][T10179]  ____sys_sendmsg+0xa98/0xc70
[  283.992940][T10179]  ? __pfx_____sys_sendmsg+0x10/0x10
[  283.992956][T10179]  ? get_compat_msghdr+0x11a/0x170
[  283.992974][T10179]  ? __pfx_futex_wake_mark+0x10/0x10
[  283.992991][T10179]  ___sys_sendmsg+0x134/0x1d0
[  283.993006][T10179]  ? __pfx____sys_sendmsg+0x10/0x10
[  283.993018][T10179]  ? __lock_acquire+0x622/0x1c90
[  283.993048][T10179]  __sys_sendmsg+0x16d/0x220
[  283.993061][T10179]  ? __pfx___sys_sendmsg+0x10/0x10
[  283.993074][T10179]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  283.993093][T10179]  ? rcu_is_watching+0x12/0xc0
[  283.993116][T10179]  __do_fast_syscall_32+0x73/0x120
[  283.993134][T10179]  do_fast_syscall_32+0x32/0x80
[  283.993151][T10179]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  283.993166][T10179] RIP: 0023:0xf7fb7579
[  283.993176][T10179] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  283.993187][T10179] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  283.993198][T10179] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  283.993205][T10179] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  283.993212][T10179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  283.993218][T10179] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  283.993224][T10179] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  283.993238][T10179]  </TASK>
[  284.418912][ T5950] Bluetooth: hci2: command 0x0406 tx timeout
[  284.422683][ T5950] Bluetooth: hci1: command 0x0406 tx timeout
[  284.504868][ T5950] Bluetooth: hci3: command 0x0406 tx timeout
[  285.312166][T10198] usb usb6: usbfs: interface 0 claimed by hub while 'syz.2.1030' resets device
[  285.317936][T10198] netlink: 'syz.2.1030': attribute type 10 has an invalid length.
[  285.321257][T10198] openvswitch: netlink: Flow actions attr not present in new flow.
[  286.486058][T10211] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1034'.
[  286.491665][T10211] unsupported nla_type 52263
[  286.503134][ T5950] Bluetooth: hci1: command 0x0406 tx timeout
[  286.505829][ T5950] Bluetooth: hci2: command 0x0406 tx timeout
[  286.585722][ T5945] Bluetooth: hci3: command 0x0406 tx timeout
[  287.900339][T10234] evm: overlay not supported
[  288.458637][T10242] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  288.466565][T10242] CPU: 1 UID: 0 PID: 10242 Comm: syz.0.1038 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  288.466595][T10242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  288.466603][T10242] Call Trace:
[  288.466608][T10242]  <TASK>
[  288.466613][T10242]  dump_stack_lvl+0x16c/0x1f0
[  288.466634][T10242]  sysfs_warn_dup+0x7f/0xa0
[  288.466656][T10242]  sysfs_do_create_link_sd+0x124/0x140
[  288.466669][T10242]  sysfs_create_link+0x61/0xc0
[  288.466681][T10242]  device_add+0x62c/0x1a70
[  288.466696][T10242]  ? __pfx_device_add+0x10/0x10
[  288.466709][T10242]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  288.466726][T10242]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  288.466757][T10242]  wiphy_register+0x1c9c/0x2850
[  288.466771][T10242]  ? netdev_run_todo+0x864/0x1320
[  288.466791][T10242]  ? __pfx_wiphy_register+0x10/0x10
[  288.466807][T10242]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  288.466827][T10242]  ieee80211_register_hw+0x24ac/0x4140
[  288.466844][T10242]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  288.466858][T10242]  ? find_held_lock+0x2b/0x80
[  288.466875][T10242]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  288.466889][T10242]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  288.466901][T10242]  ? __hrtimer_setup+0x176/0x280
[  288.466917][T10242]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  288.466941][T10242]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  288.466956][T10242]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  288.466973][T10242]  ? __asan_memcpy+0x3c/0x60
[  288.466985][T10242]  hwsim_new_radio_nl+0xb51/0x12c0
[  288.467002][T10242]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  288.467027][T10242]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  288.467046][T10242]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  288.467067][T10242]  genl_family_rcv_msg_doit+0x209/0x2f0
[  288.467086][T10242]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  288.467103][T10242]  ? trace_cap_capable+0x18d/0x200
[  288.467122][T10242]  ? bpf_lsm_capable+0x9/0x10
[  288.467134][T10242]  ? security_capable+0x7e/0x260
[  288.467148][T10242]  ? ns_capable+0xd7/0x110
[  288.467167][T10242]  genl_rcv_msg+0x55c/0x800
[  288.467185][T10242]  ? __pfx_genl_rcv_msg+0x10/0x10
[  288.467201][T10242]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  288.467218][T10242]  ? __lock_acquire+0xb8a/0x1c90
[  288.467233][T10242]  netlink_rcv_skb+0x16a/0x440
[  288.467247][T10242]  ? __pfx_genl_rcv_msg+0x10/0x10
[  288.467264][T10242]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  288.467285][T10242]  ? __pfx_down_read+0x10/0x10
[  288.467296][T10242]  ? netlink_deliver_tap+0x1ae/0xd30
[  288.467310][T10242]  ? netlink_skb_set_owner_r+0x24/0x200
[  288.467323][T10242]  genl_rcv+0x28/0x40
[  288.467336][T10242]  netlink_unicast+0x53d/0x7f0
[  288.467352][T10242]  ? __pfx_netlink_unicast+0x10/0x10
[  288.467371][T10242]  netlink_sendmsg+0x8d1/0xdd0
[  288.467387][T10242]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.467403][T10242]  ? __import_iovec+0x1dd/0x650
[  288.467420][T10242]  ____sys_sendmsg+0xa98/0xc70
[  288.467438][T10242]  ? __pfx_____sys_sendmsg+0x10/0x10
[  288.467454][T10242]  ? get_compat_msghdr+0x11a/0x170
[  288.467469][T10242]  ? __pfx_futex_wake_mark+0x10/0x10
[  288.467485][T10242]  ___sys_sendmsg+0x134/0x1d0
[  288.467500][T10242]  ? __pfx____sys_sendmsg+0x10/0x10
[  288.467511][T10242]  ? __lock_acquire+0x622/0x1c90
[  288.467541][T10242]  __sys_sendmsg+0x16d/0x220
[  288.467555][T10242]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.467567][T10242]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  288.467586][T10242]  ? rcu_is_watching+0x12/0xc0
[  288.467605][T10242]  __do_fast_syscall_32+0x73/0x120
[  288.467622][T10242]  do_fast_syscall_32+0x32/0x80
[  288.467638][T10242]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  288.467653][T10242] RIP: 0023:0xf7fd4579
[  288.467663][T10242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  288.467673][T10242] RSP: 002b:00000000f4c9155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  288.467685][T10242] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  288.467692][T10242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  288.467698][T10242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  288.467704][T10242] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  288.467711][T10242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  288.467725][T10242]  </TASK>
[  288.977962][T10247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1043'.
[  288.989560][T10247] binder_alloc: binder_alloc_mmap_handler: 10246 80ffc000-80ffd000 already mapped failed -16
[  289.244703][T10254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1046'.
[  289.254857][T10254] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1046'.
[  290.404875][ T5980] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  290.554815][ T5980] usb 5-1: Using ep0 maxpacket: 8
[  290.558748][ T5980] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  290.561041][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  290.564436][ T5980] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  290.568623][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  290.571970][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  290.581408][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1050'.
[  290.585558][ T5980] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  290.586351][T10271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1050'.
[  290.587743][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  290.594727][ T5980] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  290.598373][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  290.601707][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  290.606328][ T5980] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  290.608634][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  290.611959][ T5980] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  290.616675][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  290.620046][ T5980] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  290.627330][ T5980] usb 5-1: string descriptor 0 read error: -22
[  290.629607][ T5980] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  290.632303][ T5980] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.642217][ T5980] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  290.834888][ T6100] usb 6-1: new low-speed USB device number 14 using dummy_hcd
[  290.947871][   T34] usb 5-1: USB disconnect, device number 14
[  290.948163][T10263] usb 5-1: Couldn't submit interrupt_out_urb -19
[  290.999112][ T6100] usb 6-1: config 32 has 1 interface, different from the descriptor's value: 2
[  291.002089][ T6100] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 30768, setting to 8
[  291.007539][ T6100] usb 6-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  291.010358][ T6100] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.020063][T10271] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  291.258696][ T6100] usb 6-1: string descriptor 0 read error: -71
[  291.283996][ T6100] usb 6-1: USB disconnect, device number 14
[  292.019597][T10295] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  292.021638][T10295] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  292.032200][T10295] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  292.034064][T10295] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  292.038400][T10295] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  292.040442][T10295] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  292.043494][T10295] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  292.046694][T10295] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  292.076782][T10292] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  292.084697][T10292] CPU: 0 UID: 0 PID: 10292 Comm: syz.2.1054 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  292.084715][T10292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  292.084723][T10292] Call Trace:
[  292.084729][T10292]  <TASK>
[  292.084734][T10292]  dump_stack_lvl+0x16c/0x1f0
[  292.084769][T10292]  sysfs_warn_dup+0x7f/0xa0
[  292.084789][T10292]  sysfs_do_create_link_sd+0x124/0x140
[  292.084802][T10292]  sysfs_create_link+0x61/0xc0
[  292.084813][T10292]  device_add+0x62c/0x1a70
[  292.084828][T10292]  ? __pfx_device_add+0x10/0x10
[  292.084841][T10292]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  292.084856][T10292]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  292.084888][T10292]  wiphy_register+0x1c9c/0x2850
[  292.084901][T10292]  ? netdev_run_todo+0x864/0x1320
[  292.084922][T10292]  ? __pfx_wiphy_register+0x10/0x10
[  292.084938][T10292]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  292.084958][T10292]  ieee80211_register_hw+0x24ac/0x4140
[  292.084976][T10292]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  292.084989][T10292]  ? find_held_lock+0x2b/0x80
[  292.085005][T10292]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  292.085020][T10292]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  292.085032][T10292]  ? __hrtimer_setup+0x176/0x280
[  292.085047][T10292]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  292.085071][T10292]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  292.085086][T10292]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  292.085103][T10292]  ? __asan_memcpy+0x3c/0x60
[  292.085115][T10292]  hwsim_new_radio_nl+0xb51/0x12c0
[  292.085133][T10292]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  292.085153][T10292]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  292.085171][T10292]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  292.085191][T10292]  genl_family_rcv_msg_doit+0x209/0x2f0
[  292.085216][T10292]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  292.085232][T10292]  ? trace_cap_capable+0x18d/0x200
[  292.085252][T10292]  ? bpf_lsm_capable+0x9/0x10
[  292.085263][T10292]  ? security_capable+0x7e/0x260
[  292.085277][T10292]  ? ns_capable+0xd7/0x110
[  292.085297][T10292]  genl_rcv_msg+0x55c/0x800
[  292.085316][T10292]  ? __pfx_genl_rcv_msg+0x10/0x10
[  292.085332][T10292]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  292.085350][T10292]  ? __lock_acquire+0xb8a/0x1c90
[  292.085364][T10292]  netlink_rcv_skb+0x16a/0x440
[  292.085378][T10292]  ? __pfx_genl_rcv_msg+0x10/0x10
[  292.085395][T10292]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  292.085417][T10292]  ? __pfx_down_read+0x10/0x10
[  292.085428][T10292]  ? netlink_deliver_tap+0x1ae/0xd30
[  292.085441][T10292]  ? is_vmalloc_addr+0x86/0xa0
[  292.085456][T10292]  genl_rcv+0x28/0x40
[  292.085469][T10292]  netlink_unicast+0x53d/0x7f0
[  292.085485][T10292]  ? __pfx_netlink_unicast+0x10/0x10
[  292.085504][T10292]  netlink_sendmsg+0x8d1/0xdd0
[  292.085521][T10292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  292.085536][T10292]  ? __import_iovec+0x1dd/0x650
[  292.085553][T10292]  ____sys_sendmsg+0xa98/0xc70
[  292.085571][T10292]  ? __pfx_____sys_sendmsg+0x10/0x10
[  292.085586][T10292]  ? get_compat_msghdr+0x11a/0x170
[  292.085602][T10292]  ? __pfx_futex_wake_mark+0x10/0x10
[  292.085618][T10292]  ___sys_sendmsg+0x134/0x1d0
[  292.085632][T10292]  ? __pfx____sys_sendmsg+0x10/0x10
[  292.085643][T10292]  ? __lock_acquire+0x622/0x1c90
[  292.085674][T10292]  __sys_sendmsg+0x16d/0x220
[  292.085687][T10292]  ? __pfx___sys_sendmsg+0x10/0x10
[  292.085700][T10292]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  292.085719][T10292]  ? rcu_is_watching+0x12/0xc0
[  292.085737][T10292]  __do_fast_syscall_32+0x73/0x120
[  292.085754][T10292]  do_fast_syscall_32+0x32/0x80
[  292.085771][T10292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  292.085785][T10292] RIP: 0023:0xf7fb7579
[  292.085795][T10292] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  292.085806][T10292] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  292.085817][T10292] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  292.085824][T10292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  292.085830][T10292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  292.085837][T10292] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  292.085843][T10292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  292.085857][T10292]  </TASK>
[  292.415951][T10311] netlink: 'syz.3.1059': attribute type 1 has an invalid length.
[  292.422477][T10311] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1059'.
[  293.088785][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  293.088797][   T40] audit: type=1326 audit(1748386376.882:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10342 comm="syz.3.1066" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd4579 code=0x0
[  293.248558][T10335] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  293.915057][T10335] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.919407][T10335] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  294.010444][T10335] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.019579][T10335] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  294.140925][T10335] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.144518][T10335] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  294.252983][T10335] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.257210][T10335] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  294.348756][T10335] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  294.353387][T10335] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  294.367648][T10335] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  294.370292][T10335] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  294.414100][T10335] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  294.423613][T10335] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  294.436128][T10335] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  294.438625][T10335] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  295.213833][T10414] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1073'.
[  296.525124][T10474] input: syz1 as /devices/virtual/input/input10
[  297.550097][T10497] netlink: 'syz.2.1082': attribute type 1 has an invalid length.
[  297.552964][T10497] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1082'.
[  297.558767][T10494] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  297.561485][T10494] CPU: 1 UID: 0 PID: 10494 Comm: syz.3.1077 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  297.561503][T10494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.561510][T10494] Call Trace:
[  297.561515][T10494]  <TASK>
[  297.561521][T10494]  dump_stack_lvl+0x16c/0x1f0
[  297.561541][T10494]  sysfs_warn_dup+0x7f/0xa0
[  297.561562][T10494]  sysfs_do_create_link_sd+0x124/0x140
[  297.561576][T10494]  sysfs_create_link+0x61/0xc0
[  297.561588][T10494]  device_add+0x62c/0x1a70
[  297.561604][T10494]  ? __pfx_device_add+0x10/0x10
[  297.561616][T10494]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  297.561632][T10494]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  297.561653][T10494]  wiphy_register+0x1c9c/0x2850
[  297.561664][T10494]  ? netdev_run_todo+0x864/0x1320
[  297.561684][T10494]  ? __pfx_wiphy_register+0x10/0x10
[  297.561700][T10494]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  297.561720][T10494]  ieee80211_register_hw+0x24ac/0x4140
[  297.561737][T10494]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  297.561751][T10494]  ? find_held_lock+0x2b/0x80
[  297.561767][T10494]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  297.561782][T10494]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  297.561794][T10494]  ? __hrtimer_setup+0x176/0x280
[  297.561810][T10494]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  297.561833][T10494]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  297.561848][T10494]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  297.561865][T10494]  ? __asan_memcpy+0x3c/0x60
[  297.561878][T10494]  hwsim_new_radio_nl+0xb51/0x12c0
[  297.561896][T10494]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  297.561919][T10494]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  297.561937][T10494]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  297.561957][T10494]  genl_family_rcv_msg_doit+0x209/0x2f0
[  297.561975][T10494]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  297.561997][T10494]  ? trace_cap_capable+0x18d/0x200
[  297.562024][T10494]  ? bpf_lsm_capable+0x9/0x10
[  297.562042][T10494]  ? security_capable+0x7e/0x260
[  297.562064][T10494]  ? ns_capable+0xd7/0x110
[  297.562095][T10494]  genl_rcv_msg+0x55c/0x800
[  297.562119][T10494]  ? __pfx_genl_rcv_msg+0x10/0x10
[  297.562136][T10494]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  297.562153][T10494]  ? __lock_acquire+0xb8a/0x1c90
[  297.562173][T10494]  netlink_rcv_skb+0x16a/0x440
[  297.562187][T10494]  ? __pfx_genl_rcv_msg+0x10/0x10
[  297.562205][T10494]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  297.562228][T10494]  ? __pfx_down_read+0x10/0x10
[  297.562239][T10494]  ? netlink_deliver_tap+0x1ae/0xd30
[  297.562253][T10494]  ? is_vmalloc_addr+0x86/0xa0
[  297.562268][T10494]  genl_rcv+0x28/0x40
[  297.562282][T10494]  netlink_unicast+0x53d/0x7f0
[  297.562299][T10494]  ? __pfx_netlink_unicast+0x10/0x10
[  297.562319][T10494]  netlink_sendmsg+0x8d1/0xdd0
[  297.562336][T10494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.562351][T10494]  ? __import_iovec+0x1dd/0x650
[  297.562368][T10494]  ____sys_sendmsg+0xa98/0xc70
[  297.562388][T10494]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.562403][T10494]  ? get_compat_msghdr+0x11a/0x170
[  297.562419][T10494]  ? __pfx_futex_wake_mark+0x10/0x10
[  297.562435][T10494]  ___sys_sendmsg+0x134/0x1d0
[  297.562449][T10494]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.562460][T10494]  ? __lock_acquire+0x622/0x1c90
[  297.562490][T10494]  __sys_sendmsg+0x16d/0x220
[  297.562503][T10494]  ? __pfx___sys_sendmsg+0x10/0x10
[  297.562515][T10494]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  297.562534][T10494]  ? rcu_is_watching+0x12/0xc0
[  297.562552][T10494]  __do_fast_syscall_32+0x73/0x120
[  297.562570][T10494]  do_fast_syscall_32+0x32/0x80
[  297.562586][T10494]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  297.562614][T10494] RIP: 0023:0xf7fd4579
[  297.562625][T10494] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  297.562637][T10494] RSP: 002b:00000000f50b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  297.562649][T10494] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  297.562656][T10494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.562663][T10494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  297.562671][T10494] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  297.562678][T10494] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  297.562694][T10494]  </TASK>
[  297.634955][ T6103] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  298.334935][ T6103] usb 5-1: Using ep0 maxpacket: 8
[  298.337925][ T6103] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  298.340301][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  298.343960][ T6103] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  298.347635][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  298.351057][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  298.356824][ T6103] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  298.359750][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  298.363745][ T6103] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  298.367549][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  298.371536][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  298.376097][ T6103] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  298.378440][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  298.382029][ T6103] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  298.385756][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  298.389116][ T6103] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  298.395214][ T6103] usb 5-1: string descriptor 0 read error: -22
[  298.397206][ T6103] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  298.399981][ T6103] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.410584][ T6103] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  298.710150][ T6103] usb 5-1: USB disconnect, device number 15
[  298.711534][T10538] usb 5-1: Couldn't submit interrupt_out_urb -19
[  298.901609][T10556] lo speed is unknown, defaulting to 1000
[  298.903696][T10556] lo speed is unknown, defaulting to 1000
[  298.907033][T10556] lo speed is unknown, defaulting to 1000
[  298.914987][T10556] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  298.927788][T10556] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  298.978839][T10556] lo speed is unknown, defaulting to 1000
[  298.984675][T10556] lo speed is unknown, defaulting to 1000
[  298.990808][T10556] lo speed is unknown, defaulting to 1000
[  298.997197][T10556] lo speed is unknown, defaulting to 1000
[  299.672390][T10594] block device autoloading is deprecated and will be removed.
[  300.378120][T10619] input: syz1 as /devices/virtual/input/input11
[  300.416816][T10616] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1091'.
[  301.025984][T10636] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  301.028654][T10636] CPU: 1 UID: 0 PID: 10636 Comm: syz.2.1093 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  301.028670][T10636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  301.028678][T10636] Call Trace:
[  301.028683][T10636]  <TASK>
[  301.028689][T10636]  dump_stack_lvl+0x16c/0x1f0
[  301.028709][T10636]  sysfs_warn_dup+0x7f/0xa0
[  301.028729][T10636]  sysfs_do_create_link_sd+0x124/0x140
[  301.028742][T10636]  sysfs_create_link+0x61/0xc0
[  301.028754][T10636]  device_add+0x62c/0x1a70
[  301.028769][T10636]  ? __pfx_device_add+0x10/0x10
[  301.028781][T10636]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  301.028798][T10636]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  301.028819][T10636]  wiphy_register+0x1c9c/0x2850
[  301.028830][T10636]  ? netdev_run_todo+0x864/0x1320
[  301.028854][T10636]  ? __pfx_wiphy_register+0x10/0x10
[  301.028870][T10636]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  301.028890][T10636]  ieee80211_register_hw+0x24ac/0x4140
[  301.028909][T10636]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  301.028924][T10636]  ? find_held_lock+0x2b/0x80
[  301.028942][T10636]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  301.028957][T10636]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  301.028971][T10636]  ? __hrtimer_setup+0x176/0x280
[  301.028987][T10636]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  301.029011][T10636]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  301.029026][T10636]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  301.029043][T10636]  ? __asan_memcpy+0x3c/0x60
[  301.029055][T10636]  hwsim_new_radio_nl+0xb51/0x12c0
[  301.029072][T10636]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  301.029093][T10636]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  301.029113][T10636]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  301.029133][T10636]  genl_family_rcv_msg_doit+0x209/0x2f0
[  301.029151][T10636]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  301.029167][T10636]  ? trace_cap_capable+0x18d/0x200
[  301.029185][T10636]  ? bpf_lsm_capable+0x9/0x10
[  301.029195][T10636]  ? security_capable+0x7e/0x260
[  301.029209][T10636]  ? ns_capable+0xd7/0x110
[  301.029231][T10636]  genl_rcv_msg+0x55c/0x800
[  301.029256][T10636]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.029281][T10636]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  301.029307][T10636]  ? irqentry_exit+0x3b/0x90
[  301.029332][T10636]  ? lockdep_hardirqs_on+0x7c/0x110
[  301.029361][T10636]  netlink_rcv_skb+0x16a/0x440
[  301.029377][T10636]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.029394][T10636]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  301.029416][T10636]  ? __pfx_down_read+0x10/0x10
[  301.029426][T10636]  ? netlink_deliver_tap+0x1ae/0xd30
[  301.029439][T10636]  ? is_vmalloc_addr+0x86/0xa0
[  301.029453][T10636]  genl_rcv+0x28/0x40
[  301.029467][T10636]  netlink_unicast+0x53d/0x7f0
[  301.029483][T10636]  ? __pfx_netlink_unicast+0x10/0x10
[  301.029502][T10636]  netlink_sendmsg+0x8d1/0xdd0
[  301.029518][T10636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.029534][T10636]  ? __import_iovec+0x1dd/0x650
[  301.029550][T10636]  ____sys_sendmsg+0xa98/0xc70
[  301.029568][T10636]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.029583][T10636]  ? get_compat_msghdr+0x11a/0x170
[  301.029598][T10636]  ? try_to_wake_up+0xa2f/0x1680
[  301.029617][T10636]  ___sys_sendmsg+0x134/0x1d0
[  301.029631][T10636]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.029643][T10636]  ? __lock_acquire+0x622/0x1c90
[  301.029674][T10636]  __sys_sendmsg+0x16d/0x220
[  301.029687][T10636]  ? __pfx___sys_sendmsg+0x10/0x10
[  301.029699][T10636]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  301.029719][T10636]  ? rcu_is_watching+0x12/0xc0
[  301.029737][T10636]  __do_fast_syscall_32+0x73/0x120
[  301.029755][T10636]  do_fast_syscall_32+0x32/0x80
[  301.029771][T10636]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  301.029785][T10636] RIP: 0023:0xf7fb7579
[  301.029795][T10636] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  301.029806][T10636] RSP: 002b:00000000f4c7155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  301.029817][T10636] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  301.029824][T10636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  301.029830][T10636] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  301.029836][T10636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  301.029843][T10636] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  301.029864][T10636]  </TASK>
[  301.824963][   T59] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  301.974977][   T59] usb 5-1: Using ep0 maxpacket: 8
[  301.980928][   T59] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  301.984007][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  301.989083][   T59] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  301.993957][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  302.000255][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  302.007687][   T59] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  302.010810][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  302.016671][   T59] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  302.021344][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  302.026318][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  302.032393][   T59] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  302.036423][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  302.041023][   T59] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  302.046320][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  302.050869][   T59] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  302.058863][   T59] usb 5-1: string descriptor 0 read error: -22
[  302.061583][   T59] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  302.065884][   T59] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.090469][   T59] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  302.387407][ T1334] usb 5-1: USB disconnect, device number 16
[  302.387596][T10643] usb 5-1: Couldn't submit interrupt_out_urb -19
[  302.652198][T10646] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1098'.
[  302.656924][T10646] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1098'.
[  302.868197][T10656] netlink: 'syz.2.1102': attribute type 1 has an invalid length.
[  302.881287][T10656] 8021q: adding VLAN 0 to HW filter on device bond1
[  302.887624][T10656] erspan0: entered allmulticast mode
[  302.898516][T10656] bond1: (slave erspan0): making interface the new active one
[  302.901935][T10656] bond1: (slave erspan0): Enslaving as an active interface with an up link
[  302.949437][T10661] input: syz1 as /devices/virtual/input/input12
[  302.959297][T10661] vxcan1: entered allmulticast mode
[  304.748756][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1109'.
[  304.753265][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1109'.
[  305.308636][T10700] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  305.311321][T10700] CPU: 1 UID: 0 PID: 10700 Comm: syz.2.1107 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  305.311349][T10700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  305.311357][T10700] Call Trace:
[  305.311367][T10700]  <TASK>
[  305.311373][T10700]  dump_stack_lvl+0x16c/0x1f0
[  305.311406][T10700]  sysfs_warn_dup+0x7f/0xa0
[  305.311427][T10700]  sysfs_do_create_link_sd+0x124/0x140
[  305.311440][T10700]  sysfs_create_link+0x61/0xc0
[  305.311452][T10700]  device_add+0x62c/0x1a70
[  305.311472][T10700]  ? __pfx_device_add+0x10/0x10
[  305.311484][T10700]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  305.311499][T10700]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  305.311521][T10700]  wiphy_register+0x1c9c/0x2850
[  305.311533][T10700]  ? netdev_run_todo+0x864/0x1320
[  305.311554][T10700]  ? __pfx_wiphy_register+0x10/0x10
[  305.311571][T10700]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  305.311592][T10700]  ieee80211_register_hw+0x24ac/0x4140
[  305.311608][T10700]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  305.311643][T10700]  ? find_held_lock+0x2b/0x80
[  305.311661][T10700]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  305.311676][T10700]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  305.311689][T10700]  ? __hrtimer_setup+0x176/0x280
[  305.311706][T10700]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  305.311731][T10700]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  305.311746][T10700]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  305.311763][T10700]  ? __asan_memcpy+0x3c/0x60
[  305.311775][T10700]  hwsim_new_radio_nl+0xb51/0x12c0
[  305.311793][T10700]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  305.311813][T10700]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  305.311831][T10700]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  305.311851][T10700]  genl_family_rcv_msg_doit+0x209/0x2f0
[  305.311868][T10700]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  305.311884][T10700]  ? trace_cap_capable+0x18d/0x200
[  305.311906][T10700]  ? bpf_lsm_capable+0x9/0x10
[  305.311917][T10700]  ? security_capable+0x7e/0x260
[  305.311932][T10700]  ? ns_capable+0xd7/0x110
[  305.311952][T10700]  genl_rcv_msg+0x55c/0x800
[  305.311971][T10700]  ? __pfx_genl_rcv_msg+0x10/0x10
[  305.311988][T10700]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  305.312006][T10700]  ? __lock_acquire+0xb8a/0x1c90
[  305.312022][T10700]  netlink_rcv_skb+0x16a/0x440
[  305.312036][T10700]  ? __pfx_genl_rcv_msg+0x10/0x10
[  305.312053][T10700]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  305.312075][T10700]  ? __pfx_down_read+0x10/0x10
[  305.312086][T10700]  ? netlink_deliver_tap+0x1ae/0xd30
[  305.312098][T10700]  ? is_vmalloc_addr+0x86/0xa0
[  305.312113][T10700]  genl_rcv+0x28/0x40
[  305.312126][T10700]  netlink_unicast+0x53d/0x7f0
[  305.312142][T10700]  ? __pfx_netlink_unicast+0x10/0x10
[  305.312160][T10700]  netlink_sendmsg+0x8d1/0xdd0
[  305.312177][T10700]  ? __pfx_netlink_sendmsg+0x10/0x10
[  305.312192][T10700]  ? __import_iovec+0x1dd/0x650
[  305.312208][T10700]  ____sys_sendmsg+0xa98/0xc70
[  305.312226][T10700]  ? __pfx_____sys_sendmsg+0x10/0x10
[  305.312241][T10700]  ? get_compat_msghdr+0x11a/0x170
[  305.312257][T10700]  ? __pfx_futex_wake_mark+0x10/0x10
[  305.312273][T10700]  ___sys_sendmsg+0x134/0x1d0
[  305.312300][T10700]  ? __pfx____sys_sendmsg+0x10/0x10
[  305.312312][T10700]  ? __lock_acquire+0x622/0x1c90
[  305.312344][T10700]  __sys_sendmsg+0x16d/0x220
[  305.312358][T10700]  ? __pfx___sys_sendmsg+0x10/0x10
[  305.312372][T10700]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  305.312392][T10700]  ? rcu_is_watching+0x12/0xc0
[  305.312411][T10700]  __do_fast_syscall_32+0x73/0x120
[  305.312431][T10700]  do_fast_syscall_32+0x32/0x80
[  305.312447][T10700]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.312462][T10700] RIP: 0023:0xf7fb7579
[  305.312472][T10700] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  305.312483][T10700] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  305.312494][T10700] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  305.312501][T10700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  305.312507][T10700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.312514][T10700] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  305.312520][T10700] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.312534][T10700]  </TASK>
[  305.449099][   T34] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  305.604926][   T34] usb 8-1: Using ep0 maxpacket: 8
[  305.608196][   T34] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  305.610762][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  305.614336][   T34] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  305.618267][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  305.621827][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  305.626277][   T34] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  305.628709][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  305.632643][   T34] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  305.636209][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  305.639604][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  305.643871][   T34] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  305.646200][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  305.649578][   T34] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  305.653406][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  305.657043][   T34] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  305.664040][   T34] usb 8-1: string descriptor 0 read error: -22
[  305.666143][   T34] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  305.668916][   T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.687511][   T34] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  305.994667][   T24] usb 8-1: USB disconnect, device number 23
[  305.994880][T10712] usb 8-1: Couldn't submit interrupt_out_urb -19
[  306.227981][T10721] syz.0.1117 (10721): drop_caches: 2
[  306.229998][T10721] syz.0.1117 (10721): drop_caches: 2
[  306.386231][T10726] netlink: 'syz.0.1119': attribute type 1 has an invalid length.
[  306.388823][T10726] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1119'.
[  307.124947][ T6100] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  307.217875][T10741] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  307.220688][T10741] CPU: 1 UID: 0 PID: 10741 Comm: syz.2.1122 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  307.220716][T10741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  307.220724][T10741] Call Trace:
[  307.220730][T10741]  <TASK>
[  307.220735][T10741]  dump_stack_lvl+0x16c/0x1f0
[  307.220755][T10741]  sysfs_warn_dup+0x7f/0xa0
[  307.220776][T10741]  sysfs_do_create_link_sd+0x124/0x140
[  307.220788][T10741]  sysfs_create_link+0x61/0xc0
[  307.220800][T10741]  device_add+0x62c/0x1a70
[  307.220816][T10741]  ? __pfx_device_add+0x10/0x10
[  307.220828][T10741]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  307.220846][T10741]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  307.220866][T10741]  wiphy_register+0x1c9c/0x2850
[  307.220878][T10741]  ? netdev_run_todo+0x864/0x1320
[  307.220897][T10741]  ? __pfx_wiphy_register+0x10/0x10
[  307.220914][T10741]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  307.220933][T10741]  ieee80211_register_hw+0x24ac/0x4140
[  307.220950][T10741]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  307.220963][T10741]  ? find_held_lock+0x2b/0x80
[  307.220980][T10741]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  307.220994][T10741]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  307.221006][T10741]  ? __hrtimer_setup+0x176/0x280
[  307.221022][T10741]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  307.221046][T10741]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  307.221060][T10741]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  307.221077][T10741]  ? __asan_memcpy+0x3c/0x60
[  307.221090][T10741]  hwsim_new_radio_nl+0xb51/0x12c0
[  307.221107][T10741]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  307.221127][T10741]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  307.221150][T10741]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  307.221170][T10741]  genl_family_rcv_msg_doit+0x209/0x2f0
[  307.221187][T10741]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  307.221204][T10741]  ? trace_cap_capable+0x18d/0x200
[  307.221223][T10741]  ? bpf_lsm_capable+0x9/0x10
[  307.221235][T10741]  ? security_capable+0x7e/0x260
[  307.221249][T10741]  ? ns_capable+0xd7/0x110
[  307.221267][T10741]  genl_rcv_msg+0x55c/0x800
[  307.221285][T10741]  ? __pfx_genl_rcv_msg+0x10/0x10
[  307.221301][T10741]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  307.221319][T10741]  ? __lock_acquire+0xb8a/0x1c90
[  307.221333][T10741]  netlink_rcv_skb+0x16a/0x440
[  307.221347][T10741]  ? __pfx_genl_rcv_msg+0x10/0x10
[  307.221363][T10741]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  307.221385][T10741]  ? __pfx_down_read+0x10/0x10
[  307.221395][T10741]  ? netlink_deliver_tap+0x1ae/0xd30
[  307.221408][T10741]  ? is_vmalloc_addr+0x86/0xa0
[  307.221422][T10741]  genl_rcv+0x28/0x40
[  307.221436][T10741]  netlink_unicast+0x53d/0x7f0
[  307.221452][T10741]  ? __pfx_netlink_unicast+0x10/0x10
[  307.221470][T10741]  netlink_sendmsg+0x8d1/0xdd0
[  307.221487][T10741]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.221502][T10741]  ? __import_iovec+0x1dd/0x650
[  307.221519][T10741]  ____sys_sendmsg+0xa98/0xc70
[  307.221537][T10741]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.221552][T10741]  ? get_compat_msghdr+0x11a/0x170
[  307.221568][T10741]  ? __pfx_futex_wake_mark+0x10/0x10
[  307.221584][T10741]  ___sys_sendmsg+0x134/0x1d0
[  307.221597][T10741]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.221609][T10741]  ? __lock_acquire+0x622/0x1c90
[  307.221639][T10741]  __sys_sendmsg+0x16d/0x220
[  307.221653][T10741]  ? __pfx___sys_sendmsg+0x10/0x10
[  307.221683][T10741]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  307.221704][T10741]  ? rcu_is_watching+0x12/0xc0
[  307.221722][T10741]  __do_fast_syscall_32+0x73/0x120
[  307.221742][T10741]  do_fast_syscall_32+0x32/0x80
[  307.221759][T10741]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  307.221773][T10741] RIP: 0023:0xf7fb7579
[  307.221783][T10741] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  307.221795][T10741] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  307.221805][T10741] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  307.221813][T10741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  307.221819][T10741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  307.221825][T10741] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  307.221832][T10741] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.221846][T10741]  </TASK>
[  307.329456][ T6100] usb 8-1: Using ep0 maxpacket: 8
[  307.330451][    C1] vkms_vblank_simulate: vblank timer overrun
[  307.333287][ T6100] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  307.371258][ T6100] usb 8-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  307.378729][ T6100] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  307.533962][ T6100] usb 8-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  307.539532][ T6100] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  307.542736][ T6100] usb 8-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  307.548079][ T6100] usb 8-1: string descriptor 0 read error: -22
[  307.550085][ T6100] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  307.582124][ T6100] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.595767][ T6100] usb 8-1: rejected 3 configurations due to insufficient available bus power
[  307.598473][ T6100] usb 8-1: no configuration chosen from 3 choices
[  308.939146][T10758] usb 2-1: USB disconnect, device number 2
[  309.369613][T10763] netlink: 'syz.2.1129': attribute type 1 has an invalid length.
[  309.372277][T10763] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1129'.
[  309.817276][T10773] overlayfs: failed to resolve 'É': -2
[  309.863724][T10780] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1134'.
[  309.888234][   T24] usb 8-1: USB disconnect, device number 24
[  310.708484][T10789] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  310.711160][T10789] CPU: 1 UID: 0 PID: 10789 Comm: syz.2.1134 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  310.711177][T10789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  310.711184][T10789] Call Trace:
[  310.711190][T10789]  <TASK>
[  310.711194][T10789]  dump_stack_lvl+0x16c/0x1f0
[  310.711214][T10789]  sysfs_warn_dup+0x7f/0xa0
[  310.711234][T10789]  sysfs_do_create_link_sd+0x124/0x140
[  310.711246][T10789]  sysfs_create_link+0x61/0xc0
[  310.711257][T10789]  device_add+0x62c/0x1a70
[  310.711273][T10789]  ? __pfx_device_add+0x10/0x10
[  310.711285][T10789]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  310.711301][T10789]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  310.711322][T10789]  wiphy_register+0x1c9c/0x2850
[  310.711333][T10789]  ? netdev_run_todo+0x864/0x1320
[  310.711353][T10789]  ? __pfx_wiphy_register+0x10/0x10
[  310.711370][T10789]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  310.711390][T10789]  ieee80211_register_hw+0x24ac/0x4140
[  310.711406][T10789]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  310.711422][T10789]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  310.711436][T10789]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  310.711448][T10789]  ? __hrtimer_setup+0x176/0x280
[  310.711464][T10789]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  310.711489][T10789]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  310.711503][T10789]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  310.711521][T10789]  ? __asan_memcpy+0x3c/0x60
[  310.711533][T10789]  hwsim_new_radio_nl+0xb51/0x12c0
[  310.711550][T10789]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  310.711591][T10789]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  310.711612][T10789]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  310.711633][T10789]  genl_family_rcv_msg_doit+0x209/0x2f0
[  310.711652][T10789]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  310.711669][T10789]  ? trace_cap_capable+0x18d/0x200
[  310.711686][T10789]  ? bpf_lsm_capable+0x9/0x10
[  310.711697][T10789]  ? security_capable+0x7e/0x260
[  310.711711][T10789]  ? ns_capable+0xd7/0x110
[  310.711731][T10789]  genl_rcv_msg+0x55c/0x800
[  310.711748][T10789]  ? __pfx_genl_rcv_msg+0x10/0x10
[  310.711765][T10789]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  310.711782][T10789]  ? __lock_acquire+0xb8a/0x1c90
[  310.711797][T10789]  netlink_rcv_skb+0x16a/0x440
[  310.711811][T10789]  ? __pfx_genl_rcv_msg+0x10/0x10
[  310.711833][T10789]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  310.711855][T10789]  ? __pfx_down_read+0x10/0x10
[  310.711868][T10789]  ? netlink_deliver_tap+0x1ae/0xd30
[  310.711881][T10789]  ? netlink_unicast+0x163/0x7f0
[  310.711898][T10789]  genl_rcv+0x28/0x40
[  310.711913][T10789]  netlink_unicast+0x53d/0x7f0
[  310.711931][T10789]  ? __pfx_netlink_unicast+0x10/0x10
[  310.711950][T10789]  netlink_sendmsg+0x8d1/0xdd0
[  310.711967][T10789]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.711984][T10789]  ? __import_iovec+0x1dd/0x650
[  310.712000][T10789]  ____sys_sendmsg+0xa98/0xc70
[  310.712018][T10789]  ? __pfx_____sys_sendmsg+0x10/0x10
[  310.712033][T10789]  ? get_compat_msghdr+0x11a/0x170
[  310.712048][T10789]  ? __pfx_futex_wake_mark+0x10/0x10
[  310.712065][T10789]  ___sys_sendmsg+0x134/0x1d0
[  310.712078][T10789]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.712090][T10789]  ? __lock_acquire+0x622/0x1c90
[  310.712119][T10789]  __sys_sendmsg+0x16d/0x220
[  310.712132][T10789]  ? __pfx___sys_sendmsg+0x10/0x10
[  310.712145][T10789]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  310.712164][T10789]  ? rcu_is_watching+0x12/0xc0
[  310.712182][T10789]  __do_fast_syscall_32+0x73/0x120
[  310.712200][T10789]  do_fast_syscall_32+0x32/0x80
[  310.712216][T10789]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  310.712231][T10789] RIP: 0023:0xf7fb7579
[  310.712240][T10789] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  310.712252][T10789] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  310.712263][T10789] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040
[  310.712270][T10789] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.712277][T10789] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  310.712283][T10789] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  310.712289][T10789] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  310.712303][T10789]  </TASK>
[  310.843427][    C1] vkms_vblank_simulate: vblank timer overrun
[  311.482893][T10804] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1140'.
[  311.780931][T10811] overlayfs: failed to get inode (-116)
[  311.783292][T10811] FAULT_INJECTION: forcing a failure.
[  311.783292][T10811] name failslab, interval 1, probability 0, space 0, times 0
[  311.787526][T10811] CPU: 0 UID: 0 PID: 10811 Comm: syz.2.1142 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  311.787544][T10811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  311.787569][T10811] Call Trace:
[  311.787577][T10811]  <TASK>
[  311.787585][T10811]  dump_stack_lvl+0x16c/0x1f0
[  311.787606][T10811]  should_fail_ex+0x512/0x640
[  311.787618][T10811]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  311.787633][T10811]  should_failslab+0xc2/0x120
[  311.787647][T10811]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  311.787659][T10811]  ? rcu_is_watching+0x12/0xc0
[  311.787676][T10811]  ? __d_alloc+0x31/0xaa0
[  311.787688][T10811]  ? map_id_range_up+0x2ce/0x3b0
[  311.787704][T10811]  __d_alloc+0x31/0xaa0
[  311.787717][T10811]  d_alloc+0x4a/0x1e0
[  311.787730][T10811]  d_alloc_parallel+0xe3/0x12e0
[  311.787748][T10811]  ? find_held_lock+0x2b/0x80
[  311.787766][T10811]  ? __pfx_d_alloc_parallel+0x10/0x10
[  311.787782][T10811]  ? __d_lookup+0x266/0x4a0
[  311.787800][T10811]  lookup_open.isra.0+0x665/0x1580
[  311.787820][T10811]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  311.787850][T10811]  ? __pfx_down_write+0x10/0x10
[  311.787866][T10811]  ? mnt_get_write_access+0x20c/0x300
[  311.787896][T10811]  path_openat+0x893/0x2cb0
[  311.787911][T10811]  ? __pfx_path_openat+0x10/0x10
[  311.787926][T10811]  do_filp_open+0x3ef/0x470
[  311.787937][T10811]  ? __pfx_do_filp_open+0x10/0x10
[  311.787958][T10811]  ? _raw_spin_unlock+0x28/0x50
[  311.787971][T10811]  ? alloc_fd+0x471/0x7d0
[  311.787992][T10811]  do_sys_openat2+0x11b/0x1d0
[  311.788006][T10811]  ? __pfx_do_sys_openat2+0x10/0x10
[  311.788022][T10811]  ? __fget_files+0x20e/0x3c0
[  311.788035][T10811]  __ia32_compat_sys_open+0x146/0x1e0
[  311.788050][T10811]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  311.788069][T10811]  ? rcu_is_watching+0x12/0xc0
[  311.788084][T10811]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  311.788104][T10811]  __do_fast_syscall_32+0x73/0x120
[  311.788121][T10811]  do_fast_syscall_32+0x32/0x80
[  311.788137][T10811]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  311.788151][T10811] RIP: 0023:0xf7fb7579
[  311.788160][T10811] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  311.788171][T10811] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  311.788182][T10811] RAX: ffffffffffffffda RBX: 0000000080000200 RCX: 0000000000000040
[  311.788189][T10811] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  311.788196][T10811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  311.788202][T10811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  311.788209][T10811] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  311.788222][T10811]  </TASK>
[  312.076217][T10815] ufs: You didn't specify the type of your ufs filesystem
[  312.076217][T10815] 
[  312.076217][T10815] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  312.076217][T10815] 
[  312.076217][T10815] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  312.088652][T10815] ufs: ufs_fill_super(): bad magic number
[  312.111078][T10815] syz.3.1144 (10815): drop_caches: 2
[  312.114274][T10815] syz.3.1144 (10815): drop_caches: 2
[  312.185123][ T5980] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  312.385095][ T5980] usb 7-1: Using ep0 maxpacket: 8
[  312.391703][ T5980] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  312.396647][ T5980] usb 7-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  312.401580][ T5980] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  312.406559][ T5980] usb 7-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  312.411677][ T5980] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  312.416822][ T5980] usb 7-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  312.518405][ T5980] usb 7-1: string descriptor 0 read error: -22
[  312.521063][ T5980] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  312.524340][ T5980] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.541654][ T5980] usb 7-1: rejected 3 configurations due to insufficient available bus power
[  312.548068][ T5980] usb 7-1: no configuration chosen from 3 choices
[  313.192103][T10831] xt_ecn: cannot match TCP bits for non-tcp packets
[  314.692913][T10852] IPv6: NLM_F_CREATE should be specified when creating new route
[  314.932255][   T24] usb 7-1: USB disconnect, device number 16
[  315.885228][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'.
[  316.309137][T10875] binder: Bad value for 'max'
[  316.660248][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  317.034838][   T10] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  317.195624][   T10] usb 5-1: Using ep0 maxpacket: 8
[  317.198741][   T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  317.202092][   T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  317.207073][   T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  317.210493][   T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  317.217271][   T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  317.220706][   T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  317.227362][   T10] usb 5-1: string descriptor 0 read error: -22
[  317.229405][   T10] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  317.232229][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.239928][   T10] adutux 5-1:168.0: interrupt endpoints not found
[  317.448183][   T10] usb 5-1: USB disconnect, device number 17
[  318.625611][T10910] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1172'.
[  318.939644][   T10] Process accounting resumed
[  320.098466][T10942] random: crng reseeded on system resumption
[  320.580847][   T40] audit: type=1800 audit(1748386404.372:197): pid=10947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1183" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  320.837254][   T40] audit: type=1326 audit(1748386404.632:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.3.1186" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x0
[  320.917724][T10962] dlm: no local IP address has been set
[  320.920554][T10962] dlm: cannot start dlm midcomms -107
[  321.272721][ T1143] Bluetooth: Error in BCSP hdr checksum
[  321.462516][T10970] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1189'.
[  321.525729][ T1143] Bluetooth: Error in BCSP hdr checksum
[  322.044871][   T59] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  322.204930][   T59] usb 6-1: Using ep0 maxpacket: 8
[  322.209073][   T59] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  322.212379][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  322.217207][   T59] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  322.222024][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  322.226747][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  322.232685][   T59] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  322.235948][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  322.240648][   T59] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  322.245617][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  322.250155][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  322.256333][   T59] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  322.259517][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  322.264112][   T59] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  322.269214][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  322.273793][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  322.281628][   T59] usb 6-1: string descriptor 0 read error: -22
[  322.284389][   T59] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  322.288645][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.301534][   T59] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  322.609270][   T59] usb 6-1: USB disconnect, device number 15
[  322.609499][T10987] usb 6-1: Couldn't submit interrupt_out_urb -19
[  322.974936][ T5945] Bluetooth: hci4: command 0x1003 tx timeout
[  322.975449][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  323.157520][T10998] sp0: Synchronizing with TNC
[  323.552979][T11004] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1198'.
[  324.436952][T11036] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1208'.
[  324.441076][T11036] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1208'.
[  324.912689][T11048] FAULT_INJECTION: forcing a failure.
[  324.912689][T11048] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  324.917113][T11048] CPU: 1 UID: 0 PID: 11048 Comm: syz.3.1211 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  324.917140][T11048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  324.917149][T11048] Call Trace:
[  324.917153][T11048]  <TASK>
[  324.917158][T11048]  dump_stack_lvl+0x16c/0x1f0
[  324.917178][T11048]  should_fail_ex+0x512/0x640
[  324.917192][T11048]  should_fail_alloc_page+0xe7/0x130
[  324.917207][T11048]  prepare_alloc_pages+0x3c2/0x610
[  324.917226][T11048]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  324.917240][T11048]  ? is_bpf_text_address+0x94/0x1a0
[  324.917253][T11048]  ? kernel_text_address+0x8d/0x100
[  324.917268][T11048]  ? __kernel_text_address+0xd/0x40
[  324.917282][T11048]  ? unwind_get_return_address+0x59/0xa0
[  324.917298][T11048]  ? arch_stack_walk+0xa6/0x100
[  324.917315][T11048]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  324.917332][T11048]  ? stack_depot_save_flags+0x28/0xa40
[  324.917345][T11048]  ? __lock_acquire+0xb8a/0x1c90
[  324.917358][T11048]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  324.917374][T11048]  ? policy_nodemask+0xea/0x4e0
[  324.917389][T11048]  alloc_pages_mpol+0x1fb/0x550
[  324.917403][T11048]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  324.917420][T11048]  folio_alloc_mpol_noprof+0x36/0x2f0
[  324.917436][T11048]  vma_alloc_folio_noprof+0xed/0x1e0
[  324.917451][T11048]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  324.917465][T11048]  ? find_held_lock+0x2b/0x80
[  324.917481][T11048]  ? __handle_mm_fault+0x1092/0x5450
[  324.917494][T11048]  __handle_mm_fault+0x2fac/0x5450
[  324.917509][T11048]  ? __pfx___handle_mm_fault+0x10/0x10
[  324.917519][T11048]  ? lock_vma_under_rcu+0x47d/0x970
[  324.917534][T11048]  ? lock_vma_under_rcu+0x47d/0x970
[  324.917556][T11048]  ? __pfx___schedule+0x10/0x10
[  324.917573][T11048]  handle_mm_fault+0x3fe/0xad0
[  324.917586][T11048]  do_user_addr_fault+0x60c/0x1370
[  324.917601][T11048]  ? rcu_is_watching+0x12/0xc0
[  324.917618][T11048]  exc_page_fault+0x5c/0xb0
[  324.917633][T11048]  asm_exc_page_fault+0x26/0x30
[  324.917644][T11048] RIP: 0023:0xf712f107
[  324.917652][T11048] Code: 10 83 c4 10 85 c0 0f 88 b7 07 00 00 83 3c 24 1d 0f 8f cc 08 00 00 8d 85 bc 2c e6 ff 83 ec 0c 50 e8 be fb fe ff b8 01 00 00 00 <f0> 0f c1 85 ec d2 15 00 83 c4 10 83 f8 05 7f 09 8b 5c 24 04 83 fb
[  324.917663][T11048] RSP: 002b:00000000f50b24a0 EFLAGS: 00010282
[  324.917672][T11048] RAX: 0000000000000001 RBX: 00000000f7462ff4 RCX: 0000000000000000
[  324.917679][T11048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000800000c0
[  324.917685][T11048] RBP: 00000000f7462ff4 R08: 0000000000000000 R09: 0000000000000000
[  324.917692][T11048] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  324.917698][T11048] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  324.917712][T11048]  </TASK>
[  324.917912][T11048] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  325.334901][ T5980] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  325.505337][ T5980] usb 8-1: Using ep0 maxpacket: 8
[  325.515298][ T5980] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  325.518923][ T5980] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  325.522553][ T5980] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  325.526568][ T5980] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  325.530768][ T5980] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  325.534122][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.750363][ T5980] usb 8-1: GET_CAPABILITIES returned 0
[  325.755082][ T5980] usbtmc 8-1:16.0: can't read capabilities
[  327.237782][T11080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1224'.
[  327.241126][T11080] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1224'.
[  327.361374][T11084] fuse: Bad value for 'fd'
[  327.632345][   T29] usb 8-1: USB disconnect, device number 25
[  327.699492][T11086] bridge_slave_0: left allmulticast mode
[  327.701463][T11086] bridge_slave_0: left promiscuous mode
[  327.703493][T11086] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.708739][T11086] bridge_slave_1: left allmulticast mode
[  327.710618][T11086] bridge_slave_1: left promiscuous mode
[  327.717586][T11086] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.723103][T11086] bond0: (slave bond_slave_0): Releasing backup interface
[  327.726427][T11086] bond0: (slave bond_slave_1): Releasing backup interface
[  327.732301][T11086] team0: Port device team_slave_0 removed
[  327.740641][T11086] team0: Port device team_slave_1 removed
[  327.746068][T11086] batman_adv: batadv0: Removing interface: batadv_slave_0
[  327.751163][T11086] batman_adv: batadv0: Removing interface: batadv_slave_1
[  329.431034][T11116] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  329.489927][   T40] audit: type=1326 audit(1748386413.282:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11121 comm="syz.3.1235" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd4579 code=0x0
[  329.945477][T11130] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1237'.
[  329.948506][T11130] FAULT_INJECTION: forcing a failure.
[  329.948506][T11130] name failslab, interval 1, probability 0, space 0, times 0
[  329.952514][T11130] CPU: 0 UID: 0 PID: 11130 Comm: syz.2.1237 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  329.952535][T11130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  329.952545][T11130] Call Trace:
[  329.952551][T11130]  <TASK>
[  329.952558][T11130]  dump_stack_lvl+0x16c/0x1f0
[  329.952589][T11130]  should_fail_ex+0x512/0x640
[  329.952606][T11130]  ? __kvmalloc_node_noprof+0x122/0x620
[  329.952634][T11130]  should_failslab+0xc2/0x120
[  329.952655][T11130]  __kvmalloc_node_noprof+0x135/0x620
[  329.952675][T11130]  ? lockdep_init_map_type+0x5c/0x280
[  329.952698][T11130]  ? alloc_netdev_mqs+0xcf8/0x1570
[  329.952720][T11130]  ? alloc_netdev_mqs+0xcf8/0x1570
[  329.952733][T11130]  alloc_netdev_mqs+0xcf8/0x1570
[  329.952750][T11130]  rtnl_create_link+0xc10/0xfa0
[  329.952766][T11130]  rtnl_newlink+0xb69/0x2000
[  329.952783][T11130]  ? __pfx_rtnl_newlink+0x10/0x10
[  329.952803][T11130]  ? kfree_skbmem+0x1a4/0x1f0
[  329.952824][T11130]  ? rcu_is_watching+0x12/0xc0
[  329.952841][T11130]  ? trace_cap_capable+0x18d/0x200
[  329.952857][T11130]  ? find_held_lock+0x2b/0x80
[  329.952873][T11130]  ? __pfx_rtnl_newlink+0x10/0x10
[  329.952885][T11130]  ? __pfx_rtnl_newlink+0x10/0x10
[  329.952897][T11130]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  329.952911][T11130]  ? __pfx_rtnl_newlink+0x10/0x10
[  329.952925][T11130]  rtnetlink_rcv_msg+0x95b/0xe90
[  329.952939][T11130]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  329.952960][T11130]  netlink_rcv_skb+0x16a/0x440
[  329.952975][T11130]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  329.952989][T11130]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  329.953011][T11130]  ? netlink_deliver_tap+0x1ae/0xd30
[  329.953028][T11130]  netlink_unicast+0x53d/0x7f0
[  329.953043][T11130]  ? __pfx_netlink_unicast+0x10/0x10
[  329.953061][T11130]  netlink_sendmsg+0x8d1/0xdd0
[  329.953077][T11130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.953092][T11130]  ? __import_iovec+0x1dd/0x650
[  329.953108][T11130]  ____sys_sendmsg+0xa98/0xc70
[  329.953126][T11130]  ? __pfx_____sys_sendmsg+0x10/0x10
[  329.953141][T11130]  ? get_compat_msghdr+0x11a/0x170
[  329.953160][T11130]  ___sys_sendmsg+0x134/0x1d0
[  329.953174][T11130]  ? __pfx____sys_sendmsg+0x10/0x10
[  329.953185][T11130]  ? __lock_acquire+0x622/0x1c90
[  329.953215][T11130]  __sys_sendmsg+0x16d/0x220
[  329.953228][T11130]  ? __pfx___sys_sendmsg+0x10/0x10
[  329.953247][T11130]  ? rcu_is_watching+0x12/0xc0
[  329.953265][T11130]  __do_fast_syscall_32+0x73/0x120
[  329.953282][T11130]  do_fast_syscall_32+0x32/0x80
[  329.953298][T11130]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  329.953312][T11130] RIP: 0023:0xf7fb7579
[  329.953322][T11130] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  329.953333][T11130] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  329.953343][T11130] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  329.953350][T11130] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  329.953356][T11130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  329.953362][T11130] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  329.953369][T11130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  329.953382][T11130]  </TASK>
[  330.092704][T11131] netlink: 'syz.1.1236': attribute type 1 has an invalid length.
[  330.095357][T11131] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1236'.
[  331.025440][T11146] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1241'.
[  331.029775][T11147] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1241'.
[  332.423140][T11172] FAULT_INJECTION: forcing a failure.
[  332.423140][T11172] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  332.429085][T11172] CPU: 0 UID: 0 PID: 11172 Comm: syz.2.1247 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  332.429110][T11172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  332.429119][T11172] Call Trace:
[  332.429125][T11172]  <TASK>
[  332.429132][T11172]  dump_stack_lvl+0x16c/0x1f0
[  332.429163][T11172]  should_fail_ex+0x512/0x640
[  332.429186][T11172]  should_fail_alloc_page+0xe7/0x130
[  332.429206][T11172]  prepare_alloc_pages+0x3c2/0x610
[  332.429231][T11172]  ? rcu_is_watching+0x12/0xc0
[  332.429260][T11172]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  332.429284][T11172]  ? find_held_lock+0x2b/0x80
[  332.429316][T11172]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  332.429348][T11172]  ? __lock_acquire+0x622/0x1c90
[  332.429368][T11172]  ? __lock_acquire+0x622/0x1c90
[  332.429386][T11172]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  332.429410][T11172]  ? policy_nodemask+0xea/0x4e0
[  332.429435][T11172]  alloc_pages_mpol+0x1fb/0x550
[  332.429455][T11172]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  332.429483][T11172]  folio_alloc_mpol_noprof+0x36/0x2f0
[  332.429510][T11172]  vma_alloc_folio_noprof+0xed/0x1e0
[  332.429531][T11172]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  332.429554][T11172]  ? find_held_lock+0x2b/0x80
[  332.429576][T11172]  ? __handle_mm_fault+0x1092/0x5450
[  332.429606][T11172]  __handle_mm_fault+0x2fac/0x5450
[  332.429633][T11172]  ? __pfx___handle_mm_fault+0x10/0x10
[  332.429667][T11172]  ? find_vma+0xbf/0x140
[  332.429689][T11172]  ? __pfx_find_vma+0x10/0x10
[  332.429716][T11172]  handle_mm_fault+0x3fe/0xad0
[  332.429740][T11172]  do_user_addr_fault+0x7a6/0x1370
[  332.429765][T11172]  ? rcu_is_watching+0x12/0xc0
[  332.429794][T11172]  exc_page_fault+0x5c/0xb0
[  332.429818][T11172]  asm_exc_page_fault+0x26/0x30
[  332.429836][T11172] RIP: 0010:rep_stos_alternative+0x40/0x80
[  332.429856][T11172] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  332.429871][T11172] RSP: 0018:ffffc90004f4fcc0 EFLAGS: 00050246
[  332.429883][T11172] RAX: 0000000000000000 RBX: 000000007fff5000 RCX: 0000000000000040
[  332.429893][T11172] RDX: ffff888022d60000 RSI: ffffffff8556c126 RDI: 000000008000b000
[  332.429906][T11172] RBP: 0000000000001000 R08: 24349432358cc39f R09: 0000000000000000
[  332.429917][T11172] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888022d60000
[  332.429925][T11172] R13: 00007ffffffff000 R14: ffffed10045ac000 R15: 000000008000a040
[  332.429944][T11172]  ? read_zero+0xc6/0x250
[  332.429967][T11172]  read_zero+0xd6/0x250
[  332.429987][T11172]  ? __pfx_read_zero+0x10/0x10
[  332.430004][T11172]  vfs_read+0x1e1/0xc60
[  332.430026][T11172]  ? __pfx_vfs_read+0x10/0x10
[  332.430043][T11172]  ? find_held_lock+0x2b/0x80
[  332.430064][T11172]  ? __fget_files+0x204/0x3c0
[  332.430085][T11172]  ? __fget_files+0x20e/0x3c0
[  332.430111][T11172]  ksys_read+0x12a/0x250
[  332.430127][T11172]  ? __pfx_ksys_read+0x10/0x10
[  332.430143][T11172]  ? rcu_is_watching+0x12/0xc0
[  332.430171][T11172]  __do_fast_syscall_32+0x73/0x120
[  332.430195][T11172]  do_fast_syscall_32+0x32/0x80
[  332.430222][T11172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  332.430254][T11172] RIP: 0023:0xf7fb7579
[  332.430269][T11172] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  332.430286][T11172] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  332.430302][T11172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  332.430311][T11172] RDX: 00000000ffffff96 RSI: 0000000000000000 RDI: 0000000000000000
[  332.430320][T11172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  332.430328][T11172] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  332.430337][T11172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  332.430360][T11172]  </TASK>
[  332.772052][T11174] tipc: Cannot configure node identity twice
[  332.901779][T11181] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1251'.
[  333.900084][T11192] overlayfs: missing 'lowerdir'
[  335.044867][ T5980] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  335.174879][ T5980] usb 8-1: device descriptor read/64, error -71
[  335.205590][   T61] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  335.354892][   T61] usb 5-1: Using ep0 maxpacket: 8
[  335.358983][   T61] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  335.363312][   T61] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  335.368290][   T61] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  335.384873][   T61] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  335.389155][   T61] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  335.393621][   T61] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  335.400178][   T61] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  335.404424][   T61] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  335.409424][   T61] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  335.418145][   T61] usb 5-1: string descriptor 0 read error: -22
[  335.420864][   T61] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  335.424440][   T61] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.425017][ T5980] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  335.434963][   T61] adutux 5-1:168.0: interrupt endpoints not found
[  335.555234][ T5980] usb 8-1: device descriptor read/64, error -71
[  335.637698][   T61] usb 5-1: USB disconnect, device number 18
[  335.957897][ T5980] usb usb8-port1: attempt power cycle
[  336.015576][T11224] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1263'.
[  336.018498][T11224] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1263'.
[  336.036018][T11224] veth3: entered promiscuous mode
[  336.037705][T11224] veth3: entered allmulticast mode
[  336.043605][T11224] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  336.046529][T11224] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  336.126498][T11226] tmpfs: Unknown parameter 'usrquotar'
[  336.225671][T11231] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1266'.
[  336.228338][T11231] netlink: 'syz.0.1266': attribute type 7 has an invalid length.
[  336.230860][T11231] netlink: 'syz.0.1266': attribute type 8 has an invalid length.
[  336.233245][T11231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1266'.
[  336.325092][ T5980] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  336.356236][ T5980] usb 8-1: device descriptor read/8, error -71
[  336.626323][ T5980] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  336.668503][ T5980] usb 8-1: device descriptor read/8, error -71
[  336.797321][ T5980] usb usb8-port1: unable to enumerate USB device
[  338.525052][   T10] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  338.675018][   T10] usb 6-1: Using ep0 maxpacket: 8
[  338.679025][   T10] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  338.683196][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  338.687868][   T10] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  338.694446][   T10] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  338.698865][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  338.703493][   T10] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  338.710265][   T10] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  338.714562][   T10] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  338.719297][   T10] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  338.727751][   T10] usb 6-1: string descriptor 0 read error: -22
[  338.730502][   T10] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  338.734251][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.742513][   T10] adutux 6-1:168.0: interrupt endpoints not found
[  338.943648][   T10] usb 6-1: USB disconnect, device number 16
[  341.944855][ T6103] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  341.949613][T11307] lo speed is unknown, defaulting to 1000
[  341.956629][T11307] lo speed is unknown, defaulting to 1000
[  341.959900][T11307] lo speed is unknown, defaulting to 1000
[  342.094922][   T10] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  342.127778][T11307] infiniband s
z1: set active
[  342.130617][ T5980] lo speed is unknown, defaulting to 1000
[  342.132727][T11307] infiniband s
z1: added lo
[  342.157754][T11307] RDS/IB: s
z1: added
[  342.159714][T11307] smc: adding ib device s
z1 with port count 1
[  342.161875][T11307] smc:    ib device s
z1 port 1 has pnetid 
[  342.165999][ T5980] lo speed is unknown, defaulting to 1000
[  342.169958][T11307] lo speed is unknown, defaulting to 1000
[  342.174955][ T6103] usb 8-1: Using ep0 maxpacket: 8
[  342.179514][ T6103] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  342.183343][ T6103] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  342.194938][ T6103] usb 8-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  342.202407][ T6103] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  342.205867][ T6103] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  342.209441][ T6103] usb 8-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  342.214447][ T6103] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  342.217932][ T6103] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  342.221709][ T6103] usb 8-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  342.229479][ T6103] usb 8-1: string descriptor 0 read error: -22
[  342.231945][ T6103] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  342.235007][ T6103] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.247046][ T6103] adutux 8-1:168.0: interrupt endpoints not found
[  342.254875][   T10] usb 7-1: Using ep0 maxpacket: 8
[  342.258341][   T10] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  342.261660][   T10] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  342.266537][   T10] usb 7-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  342.272264][   T10] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  342.275632][   T10] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  342.279207][   T10] usb 7-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  342.283959][   T10] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  342.286652][   T10] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  342.290108][   T10] usb 7-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  342.295896][   T10] usb 7-1: string descriptor 0 read error: -22
[  342.297891][   T10] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  342.300799][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.307820][   T10] adutux 7-1:168.0: interrupt endpoints not found
[  342.364845][ T5982] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  342.421150][T11307] lo speed is unknown, defaulting to 1000
[  342.450924][ T6100] usb 8-1: USB disconnect, device number 30
[  342.515860][   T10] usb 7-1: USB disconnect, device number 17
[  342.519238][ T5982] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  342.522739][ T5982] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  342.526301][ T5982] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  342.529243][ T5982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.549127][T11308] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  342.578814][ T5982] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  342.695552][T11307] lo speed is unknown, defaulting to 1000
[  342.779550][   T61] usb 5-1: USB disconnect, device number 19
[  342.806661][T11307] lo speed is unknown, defaulting to 1000
[  342.992074][T11317] FAULT_INJECTION: forcing a failure.
[  342.992074][T11317] name failslab, interval 1, probability 0, space 0, times 0
[  342.997476][T11317] CPU: 2 UID: 0 PID: 11317 Comm: syz.3.1293 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  342.997501][T11317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.997512][T11317] Call Trace:
[  342.997526][T11317]  <TASK>
[  342.997535][T11317]  dump_stack_lvl+0x16c/0x1f0
[  342.997566][T11317]  should_fail_ex+0x512/0x640
[  342.997587][T11317]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  342.997620][T11317]  should_failslab+0xc2/0x120
[  342.997643][T11317]  __kmalloc_cache_noprof+0x6a/0x3e0
[  342.997672][T11317]  ? __rhashtable_lookup.isra.0+0x2a1/0x6c0
[  342.997691][T11317]  ? nf_tables_addchain.constprop.0+0x2e0/0x1ab0
[  342.997718][T11317]  nf_tables_addchain.constprop.0+0x2e0/0x1ab0
[  342.997746][T11317]  ? nft_chain_lookup+0x204/0x3e0
[  342.997772][T11317]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[  342.997794][T11317]  ? __pfx_nft_chain_lookup+0x10/0x10
[  342.997838][T11317]  ? nla_strcmp+0xff/0x130
[  342.997863][T11317]  ? nft_table_lookup.part.0+0x1e3/0x230
[  342.997887][T11317]  nf_tables_newchain+0x1d03/0x2830
[  342.997915][T11317]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  342.997941][T11317]  ? __nla_validate_parse+0x531/0x2880
[  342.997967][T11317]  ? __pfx_nf_tables_newchain+0x10/0x10
[  342.997987][T11317]  ? __pfx___nla_validate_parse+0x10/0x10
[  342.998022][T11317]  ? __nla_parse+0x40/0x60
[  342.998049][T11317]  nfnetlink_rcv_batch+0x190b/0x2350
[  342.998089][T11317]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  342.998112][T11317]  ? stack_depot_save_flags+0x28/0xa40
[  342.998137][T11317]  ? kasan_save_stack+0x42/0x60
[  342.998156][T11317]  ? kasan_save_stack+0x33/0x60
[  342.998173][T11317]  ? kasan_save_track+0x14/0x30
[  342.998231][T11317]  ? __nla_parse+0x40/0x60
[  342.998259][T11317]  nfnetlink_rcv+0x3c1/0x430
[  342.998285][T11317]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  342.998312][T11317]  ? is_vmalloc_addr+0x86/0xa0
[  342.998337][T11317]  netlink_unicast+0x53d/0x7f0
[  342.998365][T11317]  ? __pfx_netlink_unicast+0x10/0x10
[  342.998396][T11317]  netlink_sendmsg+0x8d1/0xdd0
[  342.998424][T11317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.998450][T11317]  ? __import_iovec+0x1dd/0x650
[  342.998478][T11317]  ____sys_sendmsg+0xa98/0xc70
[  342.998507][T11317]  ? __pfx_____sys_sendmsg+0x10/0x10
[  342.998538][T11317]  ? get_compat_msghdr+0x11a/0x170
[  342.998571][T11317]  ___sys_sendmsg+0x134/0x1d0
[  342.998596][T11317]  ? __pfx____sys_sendmsg+0x10/0x10
[  342.998614][T11317]  ? __lock_acquire+0x622/0x1c90
[  342.998670][T11317]  __sys_sendmsg+0x16d/0x220
[  342.998692][T11317]  ? __pfx___sys_sendmsg+0x10/0x10
[  342.998726][T11317]  ? rcu_is_watching+0x12/0xc0
[  342.998757][T11317]  __do_fast_syscall_32+0x73/0x120
[  342.998786][T11317]  do_fast_syscall_32+0x32/0x80
[  342.998813][T11317]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.998836][T11317] RIP: 0023:0xf7fd4579
[  342.998851][T11317] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  342.998869][T11317] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  342.998886][T11317] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  342.998896][T11317] RDX: 0000000000040050 RSI: 0000000000000000 RDI: 0000000000000000
[  342.998908][T11317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  342.998916][T11317] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  342.998926][T11317] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  342.998951][T11317]  </TASK>
[  343.153484][T11319] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1294'.
[  345.814114][T11356] FAULT_INJECTION: forcing a failure.
[  345.814114][T11356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.819609][T11356] CPU: 2 UID: 0 PID: 11356 Comm: syz.0.1304 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  345.819627][T11356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.819635][T11356] Call Trace:
[  345.819639][T11356]  <TASK>
[  345.819644][T11356]  dump_stack_lvl+0x16c/0x1f0
[  345.819666][T11356]  should_fail_ex+0x512/0x640
[  345.819681][T11356]  _copy_from_user+0x2e/0xd0
[  345.819695][T11356]  do_compat_sigaltstack+0xf6/0x310
[  345.819710][T11356]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  345.819724][T11356]  ? ia32_restore_sigcontext+0x451/0x630
[  345.819739][T11356]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  345.819757][T11356]  ? rcu_is_watching+0x12/0xc0
[  345.819774][T11356]  ? _raw_spin_unlock_irq+0x23/0x50
[  345.819789][T11356]  ? lockdep_hardirqs_on+0x7c/0x110
[  345.819806][T11356]  compat_restore_altstack+0x17/0x40
[  345.819821][T11356]  __do_compat_sys_rt_sigreturn+0x195/0x1f0
[  345.819836][T11356]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  345.819852][T11356]  ? rcu_is_watching+0x12/0xc0
[  345.819870][T11356]  do_int80_emulation+0x104/0x200
[  345.819889][T11356]  asm_int80_emulation+0x1a/0x20
[  345.819900][T11356] RIP: 0023:0xf7fd4577
[  345.819909][T11356] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  345.819920][T11356] RSP: 002b:00000000f50f655c EFLAGS: 00000296
[  345.819931][T11356] RAX: 0000000000000003 RBX: 0000000000000003 RCX: 0000000080000040
[  345.819938][T11356] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  345.819944][T11356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  345.819951][T11356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  345.819958][T11356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.819972][T11356]  </TASK>
[  346.106361][   T40] audit: type=1326 audit(1748386429.902:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.114220][   T40] audit: type=1326 audit(1748386429.902:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.122481][   T40] audit: type=1326 audit(1748386429.912:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.129940][   T40] audit: type=1326 audit(1748386429.922:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.138330][   T40] audit: type=1326 audit(1748386429.922:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.152196][T11376] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1305'.
[  346.155174][   T40] audit: type=1326 audit(1748386429.932:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.164118][   T40] audit: type=1326 audit(1748386429.942:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.173779][   T40] audit: type=1326 audit(1748386429.942:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.181008][   T10] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  346.185149][   T40] audit: type=1326 audit(1748386429.942:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.196417][   T40] audit: type=1326 audit(1748386429.942:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.334879][   T10] usb 5-1: Using ep0 maxpacket: 16
[  346.344677][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.353388][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  346.359885][T11383] netlink: 'syz.3.1309': attribute type 10 has an invalid length.
[  346.360731][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  346.367984][   T10] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  346.371977][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.372729][T11383] batman_adv: batadv0: Adding interface: team0
[  346.377355][   T10] usb 5-1: config 0 descriptor??
[  346.379419][T11383] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.379876][T11383] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  346.478381][T11385] netlink: 'syz.3.1309': attribute type 10 has an invalid length.
[  346.540528][T11388] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1310'.
[  346.544240][T11388] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1310'.
[  346.856631][T11366] random: crng reseeded on system resumption
[  346.881248][T11366] FAULT_INJECTION: forcing a failure.
[  346.881248][T11366] name failslab, interval 1, probability 0, space 0, times 0
[  346.946643][T11366] CPU: 1 UID: 0 PID: 11366 Comm: syz.0.1306 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  346.946662][T11366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.946670][T11366] Call Trace:
[  346.946675][T11366]  <TASK>
[  346.946680][T11366]  dump_stack_lvl+0x16c/0x1f0
[  346.946700][T11366]  should_fail_ex+0x512/0x640
[  346.946712][T11366]  ? lockdep_hardirqs_on+0x7c/0x110
[  346.946729][T11366]  should_failslab+0xc2/0x120
[  346.946744][T11366]  __kmalloc_cache_noprof+0x6a/0x3e0
[  346.946767][T11366]  ? do_raw_spin_lock+0x12c/0x2b0
[  346.946781][T11366]  ? find_held_lock+0x2b/0x80
[  346.946797][T11366]  ? async_schedule_node_domain+0x54/0x120
[  346.946817][T11366]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  346.946833][T11366]  async_schedule_node_domain+0x54/0x120
[  346.946853][T11366]  dev_cache_fw_image+0x38e/0x490
[  346.946868][T11366]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  346.946911][T11366]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  346.946925][T11366]  dpm_for_each_dev+0x5a/0xb0
[  346.946939][T11366]  fw_pm_notify+0x81/0x150
[  346.946952][T11366]  notifier_call_chain+0xb9/0x410
[  346.946962][T11366]  ? __pfx_fw_pm_notify+0x10/0x10
[  346.946979][T11366]  blocking_notifier_call_chain_robust+0xc8/0x160
[  346.946992][T11366]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  346.947004][T11366]  ? __pfx_snapshot_open+0x10/0x10
[  346.947019][T11366]  pm_notifier_call_chain_robust+0x27/0x60
[  346.947032][T11366]  snapshot_open+0x218/0x2b0
[  346.947042][T11366]  ? __pfx_snapshot_open+0x10/0x10
[  346.947053][T11366]  misc_open+0x35d/0x420
[  346.947069][T11366]  ? __pfx_misc_open+0x10/0x10
[  346.947083][T11366]  chrdev_open+0x231/0x6a0
[  346.947095][T11366]  ? __pfx_apparmor_file_open+0x10/0x10
[  346.947112][T11366]  ? __pfx_chrdev_open+0x10/0x10
[  346.947125][T11366]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  346.947145][T11366]  do_dentry_open+0x741/0x1c10
[  346.947157][T11366]  ? __pfx_chrdev_open+0x10/0x10
[  346.947172][T11366]  vfs_open+0x82/0x3f0
[  346.947189][T11366]  path_openat+0x1de4/0x2cb0
[  346.947205][T11366]  ? __pfx_path_openat+0x10/0x10
[  346.947217][T11366]  ? __lock_acquire+0xb8a/0x1c90
[  346.947231][T11366]  do_filp_open+0x20b/0x470
[  346.947268][T11366]  ? __pfx_do_filp_open+0x10/0x10
[  346.947305][T11366]  ? alloc_fd+0x471/0x7d0
[  346.947328][T11366]  do_sys_openat2+0x11b/0x1d0
[  346.947343][T11366]  ? __pfx_do_sys_openat2+0x10/0x10
[  346.947359][T11366]  ? __fget_files+0x20e/0x3c0
[  346.947372][T11366]  __ia32_compat_sys_openat+0x16d/0x210
[  346.947389][T11366]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  346.947404][T11366]  ? ksys_write+0x1ac/0x250
[  346.947417][T11366]  ? rcu_is_watching+0x12/0xc0
[  346.947435][T11366]  __do_fast_syscall_32+0x73/0x120
[  346.947453][T11366]  do_fast_syscall_32+0x32/0x80
[  346.947469][T11366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.947483][T11366] RIP: 0023:0xf7fd4579
[  346.947492][T11366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  346.947503][T11366] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  346.947515][T11366] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800001c0
[  346.947522][T11366] RDX: 000000000000003f RSI: 0000000000000000 RDI: 0000000000000000
[  346.947528][T11366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.947535][T11366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  346.947541][T11366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.947556][T11366]  </TASK>
[  346.949959][T11366] 
[  347.075527][T11366] ============================================
[  347.077445][T11366] WARNING: possible recursive locking detected
[  347.079406][T11366] 6.15.0-syzkaller-01972-g914873bc7df9 #0 Not tainted
[  347.082189][T11366] --------------------------------------------
[  347.085378][T11366] syz.0.1306/11366 is trying to acquire lock:
[  347.087311][T11366] ffffffff8f303fc8 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640
[  347.089781][T11366] 
[  347.089781][T11366] but task is already holding lock:
[  347.092087][T11366] ffffffff8f303fc8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  347.094591][T11366] 
[  347.094591][T11366] other info that might help us debug this:
[  347.097052][T11366]  Possible unsafe locking scenario:
[  347.097052][T11366] 
[  347.099415][T11366]        CPU0
[  347.100477][T11366]        ----
[  347.101542][T11366]   lock(fw_lock);
[  347.102712][T11366]   lock(fw_lock);
[  347.103923][T11366] 
[  347.103923][T11366]  *** DEADLOCK ***
[  347.103923][T11366] 
[  347.106420][T11366]  May be due to missing lock nesting notation
[  347.106420][T11366] 
[  347.109023][T11366] 5 locks held by syz.0.1306/11366:
[  347.110649][T11366]  #0: ffffffff8f0f4748 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  347.113282][T11366]  #1: ffffffff8e285ea8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0
[  347.116493][T11366]  #2: ffffffff8e2c5f10 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160
[  347.120418][T11366]  #3: ffffffff8f303fc8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  347.123109][T11366]  #4: ffffffff8f2febe8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0
[  347.126006][T11366] 
[  347.126006][T11366] stack backtrace:
[  347.127873][T11366] CPU: 1 UID: 0 PID: 11366 Comm: syz.0.1306 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) 
[  347.127887][T11366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  347.127895][T11366] Call Trace:
[  347.127900][T11366]  <TASK>
[  347.127906][T11366]  dump_stack_lvl+0x116/0x1f0
[  347.127923][T11366]  print_deadlock_bug+0x1e9/0x240
[  347.127935][T11366]  __lock_acquire+0x1106/0x1c90
[  347.127948][T11366]  ? __kasan_slab_free+0x51/0x70
[  347.127962][T11366]  lock_acquire+0x179/0x350
[  347.127973][T11366]  ? assign_fw+0x4e/0x640
[  347.127986][T11366]  ? __pfx___might_resched+0x10/0x10
[  347.128003][T11366]  ? do_sys_openat2+0x11b/0x1d0
[  347.128017][T11366]  ? __ia32_compat_sys_openat+0x16d/0x210
[  347.128032][T11366]  ? __do_fast_syscall_32+0x73/0x120
[  347.128048][T11366]  __mutex_lock+0x199/0xb90
[  347.128063][T11366]  ? assign_fw+0x4e/0x640
[  347.128076][T11366]  ? assign_fw+0x4e/0x640
[  347.128089][T11366]  ? __pfx___mutex_lock+0x10/0x10
[  347.128107][T11366]  ? kasan_quarantine_put+0x10a/0x240
[  347.128117][T11366]  ? lockdep_hardirqs_on+0x7c/0x110
[  347.128132][T11366]  ? assign_fw+0x4e/0x640
[  347.128145][T11366]  assign_fw+0x4e/0x640
[  347.128157][T11366]  ? _request_firmware+0x957/0x1470
[  347.128172][T11366]  _request_firmware+0x988/0x1470
[  347.128188][T11366]  ? __pfx__request_firmware+0x10/0x10
[  347.128203][T11366]  ? dump_stack_lvl+0x185/0x1f0
[  347.128217][T11366]  ? lockdep_hardirqs_on+0x7c/0x110
[  347.128232][T11366]  __async_dev_cache_fw_image+0xb1/0x340
[  347.128248][T11366]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  347.128263][T11366]  ? mark_held_locks+0x49/0x80
[  347.128274][T11366]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  347.128288][T11366]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  347.128304][T11366]  async_schedule_node_domain+0xd1/0x120
[  347.128322][T11366]  dev_cache_fw_image+0x38e/0x490
[  347.128336][T11366]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  347.128350][T11366]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  347.128364][T11366]  dpm_for_each_dev+0x5a/0xb0
[  347.128376][T11366]  fw_pm_notify+0x81/0x150
[  347.128389][T11366]  notifier_call_chain+0xb9/0x410
[  347.128399][T11366]  ? __pfx_fw_pm_notify+0x10/0x10
[  347.128413][T11366]  blocking_notifier_call_chain_robust+0xc8/0x160
[  347.128425][T11366]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  347.128437][T11366]  ? __pfx_snapshot_open+0x10/0x10
[  347.128449][T11366]  pm_notifier_call_chain_robust+0x27/0x60
[  347.128462][T11366]  snapshot_open+0x218/0x2b0
[  347.128471][T11366]  ? __pfx_snapshot_open+0x10/0x10
[  347.128482][T11366]  misc_open+0x35d/0x420
[  347.128496][T11366]  ? __pfx_misc_open+0x10/0x10
[  347.128510][T11366]  chrdev_open+0x231/0x6a0
[  347.128521][T11366]  ? __pfx_apparmor_file_open+0x10/0x10
[  347.128537][T11366]  ? __pfx_chrdev_open+0x10/0x10
[  347.128549][T11366]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  347.128568][T11366]  do_dentry_open+0x741/0x1c10
[  347.128579][T11366]  ? __pfx_chrdev_open+0x10/0x10
[  347.128592][T11366]  vfs_open+0x82/0x3f0
[  347.128606][T11366]  path_openat+0x1de4/0x2cb0
[  347.128618][T11366]  ? __pfx_path_openat+0x10/0x10
[  347.128629][T11366]  ? __lock_acquire+0xb8a/0x1c90
[  347.128641][T11366]  do_filp_open+0x20b/0x470
[  347.128651][T11366]  ? __pfx_do_filp_open+0x10/0x10
[  347.128666][T11366]  ? alloc_fd+0x471/0x7d0
[  347.128684][T11366]  do_sys_openat2+0x11b/0x1d0
[  347.128698][T11366]  ? __pfx_do_sys_openat2+0x10/0x10
[  347.128713][T11366]  ? __fget_files+0x20e/0x3c0
[  347.128723][T11366]  __ia32_compat_sys_openat+0x16d/0x210
[  347.128739][T11366]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  347.128754][T11366]  ? ksys_write+0x1ac/0x250
[  347.128768][T11366]  ? rcu_is_watching+0x12/0xc0
[  347.128785][T11366]  __do_fast_syscall_32+0x73/0x120
[  347.128801][T11366]  do_fast_syscall_32+0x32/0x80
[  347.128817][T11366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  347.128831][T11366] RIP: 0023:0xf7fd4579
[  347.128840][T11366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  347.128851][T11366] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  347.128861][T11366] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800001c0
[  347.128868][T11366] RDX: 000000000000003f RSI: 0000000000000000 RDI: 0000000000000000
[  347.128874][T11366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  347.128881][T11366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  347.128887][T11366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  347.128896][T11366]  </TASK>
[  351.625514][   T10] usbhid 5-1:0.0: can't add hid device: -32
[  351.627533][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -32

VM DIAGNOSIS:
22:53:51  Registers:
info registers vcpu 0

CPU#0
RAX=000000000097d12c RBX=0000000000000000 RCX=ffffffff8b717649 RDX=ffffed100564663e
RSI=ffffffff8bf4f940 RDI=ffffffff81910f91 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007dd8
R8 =0000000000000000 R9 =ffffed100564663d R10=ffff88802b2331eb R11=ffffffff9ad57ba8
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90865450 R15=0000000000000000
RIP=ffffffff810014b0 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977b1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080d81000 CR3=00000000252fb000 CR4=00352ef0
DR0=0000000000000007 DR1=0000000000000002 DR2=0000000000000008 DR3=0000000000000006 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8552de05 RDI=ffffffff9ae1bc00 RBP=ffffffff9ae1bbc0 RSP=ffffc9000dab6d10
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae1bbc0 R15=ffffffff8552dda0
RIP=ffffffff8552de2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978b1000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080d69000 CR3=0000000053360000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff88802b3418a0 RCX=ffffffff81aec7bd RDX=ffff888026f8c880
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90006b2f8a0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=1ffffffff1c79a31
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed1005668315 R15=ffff88802b43b5c0
RIP=ffffffff81bac601 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979b1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080002580 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff88801c31c880 RCX=ffffffff81c2924f RDX=0000000000000000
RSI=ffffffff8bf4f940 RDI=ffffffff8188f711 RBP=ffffc90000ad7908 RSP=ffffc90000ad78c0
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff90865457 R11=0000000000000001
R12=ffff88802b53a300 R13=ffff888049d8c880 R14=ffff888020f4b5c0 R15=ffff88802b53b170
RIP=ffffffff8188f71a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ab1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080003000 CR3=00000000277ca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000000 Opmask02=00000000c0406000 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda7776f8b 00007ffda7776f8b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda7777490 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda7777490 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20676e6974746553 202e65636e616d72 6f66726570206568 7420746361706d00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2067646374746553 2024656364616772 6566726570206562 7420746361706700
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c31206c61767265 746e69202c62616c 736c69616620656d 616e205d36363331
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 206568742065766c 6f7320646c756f77 2030363531206f74 2055544d20656874
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e6d656c626f7270 206568742065766c 6f7320646c756f77 2030363531206f74
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2055544d20656874 20676e6974746553 202e65636e616d72 6f66726570206568
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420746361706d69 20646c756f632068 6369687720327265 79616c206e6f2064
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000