last executing test programs:

4m34.770072023s ago: executing program 1 (id=565):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67910ca9b1a85784175dbb07fa0b616f75705f69643d85eb71026add6085df561a69446b4ba9c21ca16d584b1180e5f7b10ec736e9e17b676a1180099b02216cff361a93572002652cc3edbb44", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
write$FUSE_NOTIFY_DELETE(r2, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x200000000004, 0x1, 0x2, '\x00', 0x8}}, 0x2a)
r6 = socket(0x2b, 0x80801, 0x1)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r7, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0xfffffffd, @mcast2}, {0xa, 0x0, 0x7, @remote}, r8}}, 0x48)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r8}}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000011c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x140, 0x5c, 0x160, 0x0, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@uncond, 0x5002, 0xa8, 0xf0, 0x52020000, {0x0, 0x6802000000000000}}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x7fff, 0x9, 0x7, 'syz0\x00', {0x719}}}}, {{@ipv6={@private0, @private2, [0xff, 0x0, 0xffffff00, 0xff], [0xff, 0xffffff00, 0xffffff00, 0xffffff00], 'tunl0\x00', 'pimreg0\x00', {0xff}, {0xff}, 0x33, 0x4, 0x9456fff08070a538, 0x70}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x82b, 0x0, 0x0, 'syz0\x00', 'syz0\x00', {0x8000800000000000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

4m33.233319118s ago: executing program 1 (id=575):
prctl$PR_SVE_SET_VL(0x32, 0x3cf06) (async)
prctl$PR_SVE_SET_VL(0x32, 0x25624) (async)
prctl$PR_SVE_SET_VL(0x32, 0x4fb2)
prctl$PR_SVE_SET_VL(0x32, 0x20de3) (async, rerun: 32)
prctl$PR_SVE_SET_VL(0x32, 0x2a762) (rerun: 32)
prctl$PR_SVE_SET_VL(0x32, 0x26c56) (async)
prctl$PR_SVE_SET_VL(0x32, 0xf9de)
prctl$PR_SVE_SET_VL(0x32, 0x3f2ab)
prctl$PR_SVE_SET_VL(0x32, 0x301a7)
prctl$PR_SVE_SET_VL(0x32, 0x154ef) (async)
prctl$PR_SVE_SET_VL(0x32, 0x11c15) (async)
prctl$PR_SVE_SET_VL(0x32, 0x267fd) (async, rerun: 64)
prctl$PR_SVE_SET_VL(0x32, 0xf531) (async, rerun: 64)
prctl$PR_SVE_SET_VL(0x32, 0x3beda)
prctl$PR_SVE_SET_VL(0x32, 0x35012)
prctl$PR_SVE_SET_VL(0x32, 0x3b4ca) (async)
prctl$PR_SVE_SET_VL(0x32, 0x1d952) (async)
prctl$PR_SVE_SET_VL(0x32, 0x187bc) (async)
prctl$PR_SVE_SET_VL(0x32, 0x317f2) (async)
prctl$PR_SVE_SET_VL(0x32, 0x6b72) (async, rerun: 64)
prctl$PR_SVE_SET_VL(0x32, 0x9) (async, rerun: 64)
prctl$PR_SVE_SET_VL(0x32, 0x25f3) (async, rerun: 64)
prctl$PR_SVE_SET_VL(0x32, 0x36b9a) (rerun: 64)
prctl$PR_SVE_SET_VL(0x32, 0x7cad) (async)
prctl$PR_SVE_SET_VL(0x32, 0x698a)
prctl$PR_SVE_SET_VL(0x32, 0x3a91) (async)
prctl$PR_SVE_SET_VL(0x32, 0x390a)
prctl$PR_SVE_SET_VL(0x32, 0xd847) (async)
prctl$PR_SVE_SET_VL(0x32, 0x1f877) (async)
prctl$PR_SVE_SET_VL(0x32, 0x27039)

4m33.161171057s ago: executing program 1 (id=577):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x10, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x66, 0x0, 0x0, 0x2000000}}, [@call={0x85, 0x0, 0x0, 0x17}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xecb0}, 0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x47f5, 0x0, 0x0, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x50009405, &(0x7f0000000180))
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
unshare(0x6a040000)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r7)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$kcm(0x29, 0x5, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x701f, 0x0, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0c0000071001000001000000"], 0xc, 0xe000}, 0x5}], 0x1, 0x0)

4m31.082115222s ago: executing program 1 (id=585):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@volatile}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000004c0)={'#! ', './file0'}, 0xb)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
ptrace$getregset(0x4204, 0x0, 0x202, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
r2 = syz_clone3(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd733, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000340)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xa4}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYRESHEX=r2, @ANYRES64=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
msgsnd(0x0, 0x0, 0x0, 0x0)
io_uring_enter(r3, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x44, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c4}, 0xc000)

4m31.010327243s ago: executing program 1 (id=586):
r0 = syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x20400)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$cdc_ecm(0x5, 0x77, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x65, 0x1, 0x1, 0x2, 0xe0, 0xc, [{{0x9, 0x4, 0x0, 0xff, 0x3, 0x2, 0x6, 0x0, 0x5, {{0xb, 0x24, 0x6, 0x0, 0x0, "86757f6d2038"}, {0x5, 0x24, 0x0, 0x7f}, {0xd, 0x24, 0xf, 0x1, 0x41b, 0x20, 0x9, 0xb}, [@country_functional={0xc, 0x24, 0x7, 0x3, 0x1, [0xa, 0x0, 0x1]}, @mbim_extended={0x8, 0x24, 0x1c, 0x5, 0x2, 0x59f6}, @dmm={0x7, 0x24, 0x14, 0x40, 0xd74}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0x9, 0x8, 0x7d}}], {{0x9, 0x5, 0x82, 0x2, 0x10, 0x1, 0xff, 0xf7}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0xa, 0x7, 0xff}}}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x4, 0x10, 0xe1, 0x20, 0x3}, 0xc0, &(0x7f00000002c0)={0x5, 0xf, 0xc0, 0x5, [@wireless={0xb, 0x10, 0x1, 0xe, 0x42, 0xff, 0x2, 0xf, 0xff}, @wireless={0xb, 0x10, 0x1, 0xc, 0x14, 0x8, 0x3, 0x40, 0x9}, @wireless={0xb, 0x10, 0x1, 0xc, 0x40, 0x5, 0x7, 0x8, 0xff}, @ptm_cap={0x3}, @generic={0x97, 0x10, 0x2, "5ab6e12df4854c572eab9491dd69c5ca1e28f412d31fd7e05de5f466093c8553ade4580bfa111079c15107d1f722a66ef1ae6fcca319fd55c0dc369f453b637663f52f9b20add3bbc770c15a0c1de9a21b74434075b9b05a7596d9481a0c6311b12c12f811241d70aa303b6dc9919e75a9722e39062b414e499919e63142aded4c2df5fa83c66ef5567f021666f4d12c7fc09351"}]}, 0x2, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xf4ff}}, {0x5d, &(0x7f00000003c0)=@string={0x5d, 0x3, "9f44084f3ee25230fad4795f0ef95b7e983fa13c850de680a9bad0d6587ee9d4309eee46436ad6fed6eb68864bdb6d30cf9ce7c6c68d6c2b8d938944e6a2c141e283d341724a07e348eef02d0c1ed685a604835093a762320b8fbb"}}]})
syz_usb_ep_write(r0, 0x40, 0xfd, &(0x7f00000004c0)="1ff9baebde7b8c2cf4ac8b638d3d2e311a2382987937af8bf0eaa6704a967ea0b958092226ed084d93ebb4949e5b7394bb9e13f84a0347e373efe39995e27691a5990be362c7bba112d7938e8f33a64e350910eb2761622f32cb9fdebedcd4d4096f29a00611421eaee732cc56a38bd0e4c5b089942be61d31c5fd64d987621eb5e882eb0d6b5e75b90c95d4ce4f3e404cc34c49b2b1a65039a66e0b9a9e875844255f09e14e29b2a420b8cc9abadbe48ea354e14e85298a6e9ec37343d77de59004db0e4bd237016e2af99bee50c06dfec63d218b1eeb094237f0918fe04b289e5e1bf1837d5d80d92813138daaa2d70bec72e0f315032ac09b364203")
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='bridge0\x00', 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185)

4m30.940828254s ago: executing program 1 (id=587):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r3=>0x0}, &(0x7f0000000280)=0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b080000002b24c33a0d4e4bfd50a29ceafa37b421faa6f5d3122a0053f38b5793e0dee4a325b2f7cdda4d998208d9763e37874ef75712c9f7d1424aa3cc9e96fd2b8253c70ced4137085fbd434eeba189d4e63b1b39290a619ae01e5ee365a7040f1e564d5e8b45f6a789c2eef36bf46c45858b7853765062794ea8fcc6e5dc0d0be37745ce4d74f27c", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r3, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x401, r4, 0x0, 0xa002a0}, 0x38)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500"], 0x74}}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r5}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x7b3a}, &(0x7f00000002c0), &(0x7f0000000000))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000001000000000000000000000850000001700000018010000207834b000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a00ef00850000009b0000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0xf0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000))

4m30.850414781s ago: executing program 32 (id=587):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r3=>0x0}, &(0x7f0000000280)=0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b080000002b24c33a0d4e4bfd50a29ceafa37b421faa6f5d3122a0053f38b5793e0dee4a325b2f7cdda4d998208d9763e37874ef75712c9f7d1424aa3cc9e96fd2b8253c70ced4137085fbd434eeba189d4e63b1b39290a619ae01e5ee365a7040f1e564d5e8b45f6a789c2eef36bf46c45858b7853765062794ea8fcc6e5dc0d0be37745ce4d74f27c", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r3, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x401, r4, 0x0, 0xa002a0}, 0x38)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500"], 0x74}}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r5}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x7b3a}, &(0x7f00000002c0), &(0x7f0000000000))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000001000000000000000000000850000001700000018010000207834b000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a00ef00850000009b0000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0xf0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000))

5.653483487s ago: executing program 2 (id=2194):
r0 = socket$kcm(0x10, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e24, 0x4, @loopback, 0x7}, 0x1c)
sendmsg$inet(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="2326006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af39dfbfbfb495a327d8b71c26504010000000070cae47065fbc65440a00522f04fb70f13697158fe52f16af82fab47d11ea2d29957134d7716717f14d53926b33304169809b7a8733c83699f1beb1a6277b93fb428571e3a9623e896b0cd281fde8716cfb4ee1284129f6a5df1749aff628f6c6be684c30c82aad8f6590502c049b8c81c4c713fe72402b9b50632a41b5a64ff01ed93d8fc2b5cce13f8c4eb3c17c4a4ea97c562", 0xc2}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)

5.539763744s ago: executing program 2 (id=2195):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8fb, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa0f, 0xffffffff}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xe)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r0, 0xf7)
io_uring_enter(0xffffffffffffffff, 0x7737, 0xa3b3, 0x30, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8004)
r3 = socket$alg(0x26, 0x5, 0x0)
setrlimit(0x7, &(0x7f0000000380)={0x1, 0x9})
r4 = accept4(r3, 0x0, 0x0, 0x800)
io_setup(0x4, 0x0)
fanotify_init(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
sendmsg$AUDIT_USER_AVC(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000005304000127bd7000fddbdf252016dc904f177a5db8aa9e432cdb2587242954d3b6b42e52a5cac6ca1e57444a5517cefd8da671b350378fd2565dda386f1fbb7aa21061b69b69f4b6486a8d59ddc9401813d7a40c001b0d03bfd5c475f20c625f0ed1d8fc"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x20004485)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
syslog(0x3, &(0x7f00000004c0)=""/164, 0xa4)

4.759560908s ago: executing program 0 (id=2201):
syz_emit_ethernet(0x46, &(0x7f0000000800)={@multicast, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x4, 0x38, 0x66, 0x0, 0x7, 0x2, 0x0, @private=0xa010102, @local}, {0x11, 0x1, 0x0, @empty, "000300064a6d1d131addd543a476d4606e3a6d88642d5a0cd41a1bd7"}}}}}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000440)=0xc)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000bc0)=ANY=[@ANYBLOB="12010000ffd26f10cb060600eb9a0102030109022400010000000009040001020a16d10009050700000000000009"], 0x0)
syz_usb_disconnect(r1) (async)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
syz_open_dev$sg(0x0, 0x5, 0x484ec1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
syz_open_procfs$pagemap(0x0, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'vxcan1\x00'}}, 0x1e) (async)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8)
socket$nl_route(0x10, 0x3, 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) (async)
chdir(&(0x7f0000000100)='./file0\x00')
r3 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0) (async)
sendfile(r3, r3, &(0x7f0000000080), 0x7f04) (async)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
mprotect(&(0x7f0000166000/0x2000)=nil, 0x2000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.658232293s ago: executing program 2 (id=2202):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3c)
r2 = eventfd(0x8c66)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0x27800000000, 0x0, 0x1, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x27800000000, 0x0, 0x1, r2, 0x5})

4.657918855s ago: executing program 2 (id=2203):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000200)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", "05150171", "d5a1d50399459b68"}, 0x28)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x2000009, 0x8c4b815a5465c2b1, r0, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x110, 0xffffffffffffffff, 0x8000000)
syz_io_uring_setup(0x1eb2, &(0x7f0000000080)={0x0, 0x5d80, 0x10000, 0x9, 0xf1}, &(0x7f0000000180), &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_ACCEPT={0xd, 0x51, 0x2, r0, &(0x7f0000000300), 0x0, 0x0, 0x80000, 0x0, {0x0, r3}})

4.655398931s ago: executing program 0 (id=2204):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xfd, 0x3, 0x7ffcfffb}]})
openat$sndseq(0xffffffffffffff9c, 0x0, 0x202)
fanotify_init(0x200, 0x40000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x64}}, 0xc000)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x7, 0xd, 0x5, 0x1, 0x6}, 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000200)='.\x00', 0x10000a0)
getuid()
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6, 0x0, r3}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
execve(&(0x7f0000000200)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000780)={[0x0, &(0x7f00000000c0)='$\x00', &(0x7f0000000600)='wlan0\x00', 0x0, &(0x7f0000000740)='\x00']})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x2a020480)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = socket(0x11, 0xa, 0x5)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4e20, @loopback}})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendto$inet(r9, &(0x7f0000000180)="cf3a19d02404e49cf90a0a4363d1", 0xe, 0x40800, &(0x7f0000000040)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r10 = eventfd(0x5)
ioctl$KVM_HYPERV_EVENTFD(r8, 0x4018aebd, &(0x7f0000000040)={0x3, r10})
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x47f6, 0x0, 0x4, 0x0, 0x0)

4.15352429s ago: executing program 3 (id=2205):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x4000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002d00)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000140)={0x3, 0x980001, 0x2})
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000000140)={0x0, 0xea60}, 0x10)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeec, 0x29031, 0xffffffffffffffff, 0x4f8d1000)
setpgid(r3, r3)
setpgid(0x0, r3)
wait4(r3, 0x0, 0x2, 0x0)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r4, r4)
setpgid(0x0, r4)
openat$btrfs_control(0xffffff9c, &(0x7f00000000c0), 0x80840, 0x0)
recvmsg$can_bcm(r0, &(0x7f00000004c0)={&(0x7f0000000000)=@xdp, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000080)=""/7, 0x7}, {&(0x7f0000000180)=""/223, 0xdf}, {&(0x7f0000000400)=""/12, 0xc}, {&(0x7f0000000280)=""/115, 0x73}, {&(0x7f0000000300)=""/238, 0xee}, {&(0x7f0000000100)=""/21, 0x15}, {&(0x7f0000000500)=""/176, 0xb0}], 0x7, &(0x7f0000000440)=""/107, 0x6b}, 0x2)

3.739450754s ago: executing program 2 (id=2206):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xcf7, 0x3}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000092c000000000000000008500000053000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8dfffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0xf5, r7, {0xc, 0xc}, {}, {0xe, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x14, 0x2, [@TCA_BPF_FD={0x8, 0x6, r4}, @TCA_BPF_CLASSID={0x8, 0x3, {0x3, 0xffff}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)

3.738913345s ago: executing program 0 (id=2207):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3b, 0x400, 0x70bd2a, 0x25dfdbfe, {0xc}, [@typed={0xc, 0xda, 0x0, 0x0, @u64=0x12000000}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4008000)
socket$netlink(0x10, 0x3, 0x5)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0x20)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f0000000140))
r2 = getpgid(0xffffffffffffffff)
sched_setaffinity(r2, 0x8, &(0x7f0000000180)=0x7)
recvmmsg(r1, &(0x7f0000003340)=[{{&(0x7f00000001c0)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000240)=""/101, 0x65}, {&(0x7f00000002c0)=""/79, 0x4f}, {&(0x7f0000000340)=""/193, 0xc1}], 0x3, &(0x7f0000000480)=""/116, 0x74}, 0x9}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)=""/204, 0xcc}, {&(0x7f0000000600)=""/198, 0xc6}], 0x2, &(0x7f0000000740)=""/102, 0x66}, 0x3}, {{&(0x7f00000007c0)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/140, 0x8c}, {&(0x7f0000001900)=""/171, 0xab}, {&(0x7f00000019c0)=""/7, 0x7}], 0x4}, 0x6}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001a40)=""/239, 0xef}, {&(0x7f0000001b40)}, {&(0x7f0000001b80)=""/244, 0xf4}, {&(0x7f0000001c80)=""/231, 0xe7}, {&(0x7f0000001d80)=""/4096, 0x1000}, {&(0x7f0000002d80)=""/239, 0xef}, {&(0x7f0000002e80)=""/116, 0x74}], 0x7, &(0x7f0000002f40)=""/191, 0xbf}, 0x7}, {{&(0x7f0000003000)=@qipcrtr, 0x80, &(0x7f0000003200)=[{&(0x7f0000003080)=""/14, 0xe}, {&(0x7f00000030c0)=""/47, 0x2f}, {&(0x7f0000003100)=""/175, 0xaf}, {&(0x7f00000031c0)=""/29, 0x1d}], 0x4, &(0x7f0000003240)=""/234, 0xea}, 0x2}], 0x5, 0x20000040, &(0x7f0000003400)={0x0, 0x3938700})
ptrace$poke(0x4, r2, &(0x7f0000003440), 0x0)
r3 = syz_clone(0x200100, &(0x7f0000003480)="abbd4165e873882f59caae2e504d544e9ea0c9f12adce5248c54ff9ce92eab72f6d397cbd22cb4cb11c83c496e8826fd75ecdada64a464eac0114763b2c5eaa0073357d0fc787bb5064affeb2f9a71fb9dddb41b5c4a73e01f16dc29310c190a9cbd3c866ef9", 0x66, &(0x7f0000003500), &(0x7f0000003540), &(0x7f0000003580)="7dc2d1bd11c3d0bcb02a9df99044328854c6067867cf0c6df9016bf8f3070e4afd9ef1d571919cdcb87e29827b9c5581aa66d52d3e2950d0a86983b564eed24c0fcadb8776f0ab6e1d8bc3ddea8f6b01564c1f47cb00f23c294021f04b264029f6aaa2691e41618a7afed86029fcf4cbcc9ac09cafaae5146ff2347d6cb6369d26bd89935c075ac7ba73ceec7671b843d6602e1f5ba81fbf7500d4e2eedf66426b0fc73e8b48b8f500df1604c0ff3a7dbffe01470d5f520ea63df5a9f967bc2ab423b72c022f24555f43d634252e4ca55603e8059924d3ea")
wait4(r3, &(0x7f0000003680), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, &(0x7f00000036c0))
ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000003700))
ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r0, 0x4068aea3, &(0x7f0000003b00))
ioctl$CDROMREADMODE1(r1, 0x530d, &(0x7f0000003b80)={0x0, 0x33, 0x4, 0x2, 0x6, 0x40})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000004600)={[{0x6, 0x11c, 0xff, 0x8, 0x4, 0x6e, 0x1, 0x0, 0x8c, 0x0, 0x9, 0x7f, 0xd9}, {0x8001, 0x9, 0x8, 0xa, 0xf8, 0x7, 0xff, 0x3, 0x9, 0x69, 0x3, 0xe, 0x9}, {0x8, 0x0, 0xa, 0x1, 0x5, 0x0, 0x6, 0xa, 0x1, 0x2, 0x9, 0x4, 0x100}]})
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000004680)={0x1, 0x0, [{0x0, 0x103553a4, 0x2, 0x8, 0x4, 0x3, 0x5}]})
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f00000046c0)={0x2, 0x2, 0xd9})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000004700)={0x1, 0x2, 0x1, 'queue0\x00', 0x4})
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000047c0)=0x1, 0x4)
lsetxattr$security_ima(&(0x7f0000004800)='./file0\x00', &(0x7f0000004840), &(0x7f0000004880)=@sha1={0x1, "422b8f057c67e19f8fd3f0ba421aa1fed8a87b4c"}, 0x15, 0x1)
write$vga_arbiter(r1, &(0x7f00000048c0)=@target={'target ', {'PCI:', '12', ':', '1c', ':', '4', '.', '1f'}}, 0x16)
rt_sigqueueinfo(r3, 0x18, &(0x7f0000004900)={0x35, 0x9, 0x3})
fcntl$setflags(r1, 0x2, 0x1)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000004a40)={r0, 0x58, &(0x7f00000049c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000004b00)={&(0x7f0000004980)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000004ac0)={&(0x7f0000004a80)=@ipv4_newaddr={0x38, 0x14, 0x800, 0x70bd26, 0x25dfdbfb, {0x2, 0x47, 0x20, 0xfe, r5}, [@IFA_FLAGS={0x8, 0x8, 0x2}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x3}, @IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x30}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x8081)
openat$procfs(0xffffff9c, &(0x7f0000004b40)='/proc/asound/seq/timer\x00', 0x0, 0x0)
socket$kcm(0x29, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000004b80)={{0x1, 0x1, 0x18, r1}, './file0\x00'})

3.738728212s ago: executing program 2 (id=2208):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_setup(0x643e, &(0x7f0000000280)={0x0, 0x2, 0x10100, 0x3, 0x1}, &(0x7f0000000040), &(0x7f0000000140))
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x111, 0x2}}, 0x20)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r3 = io_uring_setup(0xabd, &(0x7f0000000ac0)={0x0, 0x84a0, 0x100, 0x3, 0x4800020, 0x0, r2})
r4 = syz_open_dev$video(&(0x7f0000000b40), 0x7, 0x28000)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x200000, @empty, 0x1}, 0x1c)
listen(r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB="120000000208038000bfab61a70a000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x10)
preadv(r4, &(0x7f0000001200)=[{&(0x7f0000000c00)=""/113, 0x71}], 0x1, 0x4, 0xb)
ioctl$VIDIOC_LOG_STATUS(r4, 0x5646, 0x0)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)
sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x6}}, 0x20)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x1b}, 0x9c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})

3.649938336s ago: executing program 3 (id=2209):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
sendmmsg$inet(r0, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000002640)="ef0ba606342672dabc", 0x9}], 0x1}}], 0x1, 0x20000010)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e24, @loopback}, 0x10)
recvmmsg(r0, &(0x7f0000002300)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000003bc0)=""/4096, 0x1000}], 0x1}, 0x200001}], 0x4000000000000c3, 0x40, 0x0)

3.649722715s ago: executing program 3 (id=2210):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8fb, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa0f, 0xffffffff}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xe)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r0, 0xf7)
io_uring_enter(0xffffffffffffffff, 0x7737, 0xa3b3, 0x30, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8004)
r3 = socket$alg(0x26, 0x5, 0x0)
setrlimit(0x7, &(0x7f0000000380)={0x1, 0x9})
r4 = accept4(r3, 0x0, 0x0, 0x800)
io_setup(0x4, 0x0)
fanotify_init(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
sendmsg$AUDIT_USER_AVC(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000005304000127bd7000fddbdf252016dc904f177a5db8aa9e432cdb2587242954d3b6b42e52a5cac6ca1e57444a5517cefd8da671b350378fd2565dda386f1fbb7aa21061b69b69f4b6486a8d59ddc9401813d7a40c001b0d03bfd5c475f20c625f0ed1d8fc"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x20004485)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
syslog(0x3, &(0x7f00000004c0)=""/164, 0xa4)

3.599229735s ago: executing program 0 (id=2212):
unshare(0x6a040000)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=@getchain={0x4c, 0x66, 0x400, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x7, 0xfff8}, {0x7, 0x9}, {0xa, 0x9}}, [{0x8, 0xb, 0x101}, {0x8, 0xb, 0x4cb9}, {0x8, 0xb, 0x1b2}, {0x8, 0xb, 0xd}, {0x8, 0xb, 0xffff}]}, 0x4c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x3}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x8)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x0)
recvmmsg(r3, &(0x7f0000000100), 0x0, 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x300, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a30000000005c000000060a010400000000000000000100000008000b40000000000900010073797a300000000034000480300001800a0001"], 0xd0}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380), 0x4)
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x2, @tick, {0xfd, 0xce}, {0x0, 0x1}, @raw32={[0x2600, 0x0, 0x2000]}}], 0x1c)
socket$rxrpc(0x21, 0x2, 0x2)
r6 = socket(0x2, 0x3, 0xff)
setsockopt$inet_int(r6, 0x0, 0x3, 0x0, 0x0)

2.70959245s ago: executing program 0 (id=2214):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
pipe(&(0x7f00000000c0)={<r2=>0xffffffffffffffff})
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)
getsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, 0x0, &(0x7f0000000040))
mkdir(0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r3, 0x4b3d, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebdbe429d"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xcc, "00a3ed4b160be2174d13232781e52694a51b91eb05770d98e146c3aeadf6710ab3bb85b81c5f5e3e3886bb2f4f906336e67f5395ed557f4ed1370caa4f698a9ce5a865537d11885ec5fc87c702f4ef4ccb8830277bc975b5ddd6c7d0266456652614479f0f922d50de052594835033c04e3422b34cd0dc72fbd89184e5e845c942897c85a3b4a2912d3d9be3f13b41345f4038cbf199823cb5b7a6be0923953d26db29042c7c238e97de648fb370c9df8ac1eff10b70dad57960ae951cf55d2a5d2a90d1880bda8033fa395e"}, &(0x7f0000000100)=0xd4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{}, &(0x7f00000001c0), &(0x7f0000000200)='%pK    \x00'}, 0x1c)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000192c0)=@newtaction={0x60, 0x30, 0xcac229faa96ee7df, 0xffffffff, 0xfffffffd, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8ba, 0x2}}}]}, {0x4}, {0xc, 0x4}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x60}}, 0x0)

1.988971s ago: executing program 4 (id=2217):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r0, &(0x7f0000000080)='\x00\x00', 0xfdef, 0x8080, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
sendmmsg$inet(r0, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="67aac43d1e4c9dde5dbaadeb07311df9c64ad5f83f40e5c39e4f4794a41cd3f21d310bd22191847ce08eb942d1c2c1b011b3606c18c8cfa803b2b623c9e235a103d6c86448a7f4c434514dcbb1b2b153d10eff412ab8aebe7de132ca4671c3585f2cd8dc20f2", 0x66}, {&(0x7f00000001c0)="33d20a4219a33330bdb4f9a07acc546c276a307378d7583875cc65efdd32d0a0d1885fb3ef8b3974c88d40b25bb6e2968ff735b22e3da2b82ead94adf61f9a820d496fa697a7168c88248aefd2e7a7fd77193e3d5a58e35b4618b42090ffb557801c2a259112f7b3e6af98bfac2dcd741a56e4651f4e5788d9d3c151", 0x7c}], 0x2}, 0x6000}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000480)="91c79f9aafdafb920a185871d37e3d1aa99595c290c0ab5673dd162623e66dae07bf0a252ed51cf0735e4618e4bb059411e5aea3526b09a8abf1c7896f7e912b91c6c5053d9a4ea3346d943ecb3bad24a863ffe285ccc678ae3c7a34", 0x5c}, {&(0x7f0000000500)="8368274e97c1328457808691c6c8b9db8b883940c1e58fa9def3b05d87aae92b550b610790da259218b5f51f998066ddc3bd9598c67f4e253e1386055100a28a8c8e4b66913ebea5de227f4eb1bdfecf43a624c285929e38598cd55711ab77fb5ad78b2b1b702df6fac1f5eee1489a95e7850e5a7695e384", 0x78}], 0x2}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000600)="5a00cbcf377f9f4cdc8522f3bc240730fa49ac780b67a3c2021633b6a22fe1b238ffdda9eb00a856b5971f4df516cf3578955d283a45b0762848eadf0262a0", 0x3f}], 0x1}}], 0x3, 0x48042)

1.988641972s ago: executing program 4 (id=2218):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x1, 0x800, 0x6, 0x13, 0x602, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r2, 0x200, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40800}, 0x200008c1)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x38, r2, 0x5, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0x34}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0x4a}, @NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8, 0xb, 0x2}]}]}, 0x38}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
setresuid(0x0, 0xee01, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$setown(r7, 0x8, r5)
unshare(0x6a040000)
socket(0x8, 0x3, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt(r9, 0xeb, 0x10, &(0x7f0000000340)=""/45, &(0x7f0000000400)=0x2d)
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}], {0x14}}, 0xe8}}, 0x0)
sendmmsg$unix(r6, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="11", 0x1}], 0x1}}], 0x1, 0x40015)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c0000000300000000000000000000000a0000070900010073797a31000000000900030073797a32000000001400000011919ca332cb8554bdf9c379dc3ab8be212551ce7343cba58498584ab3d57dc6894b58a13592a0b75040f4472367468f3dfa044c7bde3d3730935a67101b340c712c3d1fcc462b0ada20da9b0824c4513b9121beed"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d1}, 0x4000010)
syz_emit_ethernet(0x46, &(0x7f0000000680)=ANY=[@ANYBLOB="bbbbbbbbbbbbbbbbbbbbbbbb86dd606e000000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa02000001000000002100000000000000"], 0x0)

1.877880509s ago: executing program 4 (id=2219):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_setup(0x643e, &(0x7f0000000280)={0x0, 0x2, 0x10100, 0x3, 0x1}, &(0x7f0000000040), &(0x7f0000000140))
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x111, 0x2}}, 0x20)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r3 = io_uring_setup(0xabd, &(0x7f0000000ac0)={0x0, 0x84a0, 0x100, 0x3, 0x4800020, 0x0, r2})
r4 = syz_open_dev$video(&(0x7f0000000b40), 0x7, 0x28000)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x200000, @empty, 0x1}, 0x1c)
listen(r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB="120000000208038000bfab61a70a000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x10)
preadv(r4, &(0x7f0000001200)=[{&(0x7f0000000c00)=""/113, 0x71}], 0x1, 0x4, 0xb)
ioctl$VIDIOC_LOG_STATUS(r4, 0x5646, 0x0)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)
sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x6}}, 0x20)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x1b}, 0x9c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})

1.871563133s ago: executing program 0 (id=2220):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r4 = mq_open(&(0x7f0000000000)='b\x04\x00\x00\x00v\xa7\x00\x00\x00\x00\x00\x00\x00\x00', 0x40, 0x31, 0x0)
mq_getsetattr(r4, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0x8, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r5, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

1.356346416s ago: executing program 3 (id=2221):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x202) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 32)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = inotify_init1(0x0)
lsetxattr$security_capability(&(0x7f0000000c00)='./file0/file0\x00', 0x0, &(0x7f0000000c80)=@v2={0x2000000, [{0x67, 0x3}, {0x7, 0x6}]}, 0x14, 0x1) (async, rerun: 64)
r4 = inotify_add_watch(r3, &(0x7f0000000200)='.\x00', 0x10000a0) (rerun: 64)
fcntl$getownex(r0, 0x10, &(0x7f0000000d80)={0x0, <r5=>0x0}) (async)
r6 = getuid()
sendmsg$unix(r1, &(0x7f0000000e40)={&(0x7f00000007c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000b40)=[{&(0x7f0000000840)}, {&(0x7f00000009c0)="1a64201dcb7091dba0970cff518c4c979e70eea61a6e4d741d80130869875c190a34a447744ae4d1c0895765b0885c12b8c9c46ee4a2e267fd69b719358501ff76571c987c5a55eab074644d6e54653e067940201c58f402aa04153d89b856e6fa6ffe94d361313f6d3e7947f7850337f25f2ed030d8b055df48209adba518edc98de19fe6c323a4df9b85fe17a60b80c4e881c34647bad642", 0x99}, {&(0x7f0000000ac0)="33d2f8e1e1b18f6d04b56c7ba6bdcff73ea7d31475470ce99cf0641e456c1ed1d24c2860f907aa956a79cb3e5bfd281bcfa8d3fc7805eec35dd5626ae944b6dac79d5c417446b742887076afced6875a6d76699327b02ff417c1", 0x5a}], 0x3, &(0x7f0000000dc0)=[@rights={{0x10, 0x1, 0x1, [r2]}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @cred={{0x18, 0x1, 0x2, {r5, r6, 0xee01}}}], 0x54, 0x20000040}, 0x4000880) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_rm_watch(r3, r4)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)) (async)
r8 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r9 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6, 0x0, r8}, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
execve(&(0x7f0000000200)='./file0\x00', &(0x7f0000000500)={[&(0x7f0000000240)='%*.(\x00', &(0x7f0000000300)='batadv0\x00', &(0x7f0000000340)='/dev/snd/seq\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='&\x00', &(0x7f0000000440)='/[\x00', &(0x7f0000000480)=']:+)\x00', &(0x7f00000004c0)='!-\x00']}, &(0x7f0000000780)={[&(0x7f0000000540)='/dev/snd/seq\x00', &(0x7f0000000580)='\x00', &(0x7f00000005c0)='$\x00', &(0x7f0000000600)='wlan0\x00', &(0x7f0000000640)='/dev/snd/seq\x00', 0x0, &(0x7f00000006c0)='\\,\x00', &(0x7f0000000700)='%&\x00', 0x0]}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4) (async, rerun: 32)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) (async, rerun: 32)
io_uring_enter(r9, 0x47f6, 0x0, 0x4, 0x0, 0x0) (async, rerun: 32)
mount$nfs(&(0x7f0000000680)='/[\x00', &(0x7f0000000740)='./file0\x00', &(0x7f0000000840), 0x8, &(0x7f0000000880)={[{'/[\x00'}, {'!-\x00'}, {'\\,\x00'}, {'@*'}, {'@^:)\':!)^(\x96}.$'}, {'$\x00'}, {}, {}, {'&-J[]}${)'}], [{@obj_user={'obj_user', 0x3d, '%*.(\x00'}}, {@smackfsfloor}, {@smackfsfloor={'smackfsfloor', 0x3d, '\x00'}}]}) (rerun: 32)

885.805593ms ago: executing program 3 (id=2222):
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
socket$inet6(0xa, 0x805, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40046f41, &(0x7f0000000440)=0x1f)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20181, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r6, 0xae44, 0x2)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
r8 = syz_io_uring_setup(0xa39, &(0x7f00000000c0)={0x0, 0xfdc8, 0x10100}, &(0x7f0000000180)=<r9=>0x0, &(0x7f0000000340)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r8, 0x2df0, 0x4000, 0x0, 0x0, 0x0)
write(r7, &(0x7f00000000c0), 0x0)
ioctl$VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000080)={0xf0f046, 0xfffffffd})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000300), 0xce4}, 0x38)

884.528559ms ago: executing program 4 (id=2223):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008200000018080000", @ANYRES32], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x40)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
setrlimit(0x6, &(0x7f0000000080)={0x4, 0x9})
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r3 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = socket$kcm(0x2, 0x1000000000000005, 0x0)
sendmsg$inet(r4, &(0x7f0000000000)={&(0x7f0000000100)={0x2, 0x20, @rand_addr=0xa9fe0000}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)='r', 0x1}], 0x1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x55af)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
prctl$PR_SET_TSC(0x41555856, 0x1)

137.765446ms ago: executing program 4 (id=2224):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$tun(r0, &(0x7f0000000000)=ANY=[], 0x38)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x8, 0x13, r0, 0x539ad000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={0x0, 0x145, 0x9}, 0xc)

62.186258ms ago: executing program 3 (id=2225):
io_uring_setup(0x47bb, &(0x7f00000000c0)={0x0, 0xeebd, 0x3000, 0x0, 0x336})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
fgetxattr(r3, &(0x7f0000000000)=@known='system.sockprotoname\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000e40)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="cf0524bd5000fedbdf251200000008000300a823480040ca7bc326bc6af6954f0c822bea9d16fa038321ea6a1297a2b1a044601fb1f2fa305e278a8190897fa6ef33e46b4ee7c1c058ef145e3954ec5892adafe360fb97c44a5f2a7887db90016627675e9b9a6150942020721a8ef7578f94964800c9639c0164434c8b5b6e7a06c67b71b6451f039e161d1fd714b334c8a2c76ab1fbcfe4fb881eb8aa88e55f", @ANYRES32=r2, @ANYBLOB="0a000600080211000001000008001400", @ANYRES32=r6, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r9=>0x0})
r10 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r10, &(0x7f0000000080)={0x1d, r9, 0x4, {}, 0xfd}, 0x18)
sendmsg$can_j1939(r10, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x1f}, 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000480)={0x10, 0x0, &(0x7f0000000000)=[@request_death], 0x0, 0x1000000, 0x0})
exit(0xffff)
r11 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r11, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
pselect6(0x40, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x2, 0x0, 0x7, 0x40, 0x4}, &(0x7f0000000280), 0x0)

0s ago: executing program 4 (id=2226):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
read$FUSE(r0, &(0x7f0000008340)={0x2020, 0x0, <r1=>0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
r3 = socket$inet6(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x5}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4814)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)
r6 = syz_io_uring_setup(0x498, &(0x7f0000000f80)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
write$FUSE_LK(r0, &(0x7f00000003c0)={0x28, 0xffffffffffffffda, r1, {{0xb78f, 0x14, 0x1, r2}}}, 0x28)
r9 = eventfd(0x401)
io_uring_register$IORING_REGISTER_EVENTFD(r6, 0x4, &(0x7f0000000040)=r9, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x8, 0x2000, @fd=r6, 0x4, 0x6, 0xe, 0x14, 0x0, {0x1}})
io_uring_enter(r6, 0x627, 0x4c1, 0x43, 0x0, 0x0)
shutdown(r3, 0x0)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(r3, &(0x7f00000001c0)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)

kernel console output (not intermixed with test programs):

600
[  253.136830][T10638]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  253.136843][T10638]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  253.136859][T10638]  ? find_held_lock+0x2b/0x80
[  253.136876][T10638]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  253.136891][T10638]  __vmalloc_node_noprof+0xad/0xf0
[  253.136906][T10638]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  253.136922][T10638]  bpf_prog_alloc_no_stats+0x58/0x600
[  253.136936][T10638]  ? security_capable+0x7e/0x260
[  253.136954][T10638]  bpf_prog_alloc+0x3b/0x230
[  253.136968][T10638]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  253.136980][T10638]  bpf_prog_load+0x1905/0x2850
[  253.137000][T10638]  ? __pfx_bpf_prog_load+0x10/0x10
[  253.137010][T10638]  ? __lock_acquire+0xb97/0x1ce0
[  253.137039][T10638]  __sys_bpf+0x3e6d/0x4980
[  253.137053][T10638]  ? __pfx___sys_bpf+0x10/0x10
[  253.137063][T10638]  ? find_held_lock+0x2b/0x80
[  253.137078][T10638]  ? find_held_lock+0x2b/0x80
[  253.137093][T10638]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  253.137111][T10638]  ? fput+0x9b/0xd0
[  253.137124][T10638]  ? ksys_write+0x1ac/0x250
[  253.137134][T10638]  ? __pfx_ksys_write+0x10/0x10
[  253.137147][T10638]  __ia32_sys_bpf+0x76/0xe0
[  253.137159][T10638]  __do_fast_syscall_32+0x7c/0x300
[  253.137172][T10638]  do_fast_syscall_32+0x32/0x80
[  253.137183][T10638]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.137197][T10638] RIP: 0023:0xf709e579
[  253.137205][T10638] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.137217][T10638] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  253.137227][T10638] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000140
[  253.137234][T10638] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  253.137241][T10638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.137247][T10638] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  253.137253][T10638] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.137266][T10638]  </TASK>
[  253.137270][T10638] Mem-Info:
[  253.229783][T10638] active_anon:17602 inactive_anon:141 isolated_anon:0
[  253.229783][T10638]  active_file:7485 inactive_file:33177 isolated_file:0
[  253.229783][T10638]  unevictable:1768 dirty:46 writeback:0
[  253.229783][T10638]  slab_reclaimable:7972 slab_unreclaimable:59044
[  253.229783][T10638]  mapped:31301 shmem:13630 pagetables:1190
[  253.229783][T10638]  sec_pagetables:323 bounce:0
[  253.229783][T10638]  kernel_misc_reclaimable:0
[  253.229783][T10638]  free:41857 free_pcp:10304 free_cma:0
[  253.244561][T10638] Node 0 active_anon:128kB inactive_anon:312kB active_file:4kB inactive_file:560kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:884kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8352kB pagetables:1340kB sec_pagetables:1160kB all_unreclaimable? no Balloon:0kB
[  253.254562][T10638] Node 1 active_anon:65088kB inactive_anon:252kB active_file:29936kB inactive_file:132148kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:124376kB dirty:180kB writeback:0kB shmem:45920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5276kB pagetables:3452kB sec_pagetables:132kB all_unreclaimable? no Balloon:0kB
[  253.266379][T10638] Node 0 DMA free:2208kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:0kB free_cma:0kB
[  253.280188][T10638] lowmem_reserve[]: 0 295 295 295 295
[  253.282749][T10638] Node 0 DMA32 free:22152kB boost:0kB min:13564kB low:16952kB high:20340kB reserved_highatomic:2048KB free_highatomic:1008KB active_anon:156kB inactive_anon:248kB active_file:4kB inactive_file:560kB unevictable:3536kB writepending:8kB present:1032196kB managed:302248kB mlocked:0kB bounce:0kB free_pcp:7528kB local_pcp:360kB free_cma:0kB
[  253.293013][T10638] lowmem_reserve[]: 0 0 0 0 0
[  253.296460][T10638] Node 1 DMA32 free:143256kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:6144KB free_highatomic:6144KB active_anon:64088kB inactive_anon:252kB active_file:29936kB inactive_file:132148kB unevictable:3536kB writepending:180kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:39404kB local_pcp:24908kB free_cma:0kB
[  253.312893][T10638] lowmem_reserve[]: 0 0 0 0 0
[  253.315519][T10638] Node 0 DMA: 73*4kB (UM) 24*8kB (UM) 12*16kB (UM) 4*32kB (UM) 0*64kB 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2212kB
[  253.320910][T10638] Node 0 DMA32: 736*4kB (UME) 405*8kB (UME) 154*16kB (UMEH) 143*32kB (UMEH) 67*64kB (UMEH) 13*128kB (UMEH) 6*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 21224kB
[  253.328885][T10638] Node 1 DMA32: 9*4kB (ME) 207*8kB (UME) 557*16kB (UME) 42*32kB (E) 172*64kB (UME) 136*128kB (UME) 133*256kB (UME) 38*512kB (UM) 16*1024kB (UM) 8*2048kB (UMH) 4*4096kB (MH) = 143020kB
[  253.336719][T10638] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  253.340921][T10638] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  253.344987][T10638] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  253.349939][T10638] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  253.353301][T10638] 50177 total pagecache pages
[  253.354999][T10638] 253 pages in swap cache
[  253.356796][T10638] Free swap  = 122296kB
[  253.358691][T10638] Total swap = 124996kB
[  253.360308][T10638] 524155 pages RAM
[  253.361646][T10638] 0 pages HighMem/MovableOnly
[  253.363336][T10638] 207698 pages reserved
[  253.364956][T10638] 0 pages cma reserved
[  253.552228][T10663] lo speed is unknown, defaulting to 1000
[  253.662845][T10663] lo speed is unknown, defaulting to 1000
[  253.750667][T10676] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1379'.
[  254.195540][T10708] 9pnet_fd: Insufficient options for proto=fd
[  254.254533][T10713] netlink: 'syz.0.1388': attribute type 1 has an invalid length.
[  254.290316][T10713] bond4: entered promiscuous mode
[  254.292824][T10713] 8021q: adding VLAN 0 to HW filter on device bond4
[  254.311392][T10715] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  254.313731][T10715] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  254.317898][T10715] vhci_hcd vhci_hcd.0: Device attached
[  254.347188][T10713] 8021q: adding VLAN 0 to HW filter on device bond4
[  254.356007][T10713] bond4: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  254.370048][T10713] bond4: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  254.380952][T10713] bond4: (slave ip6gre1): making interface the new active one
[  254.383989][T10713] ip6gre1: entered promiscuous mode
[  254.387972][T10713] bond4: (slave ip6gre1): Enslaving as an active interface with an up link
[  254.585552][ T1342] usb 44-1: SetAddress Request (34) to port 0
[  254.587891][ T1342] usb 44-1: new SuperSpeed USB device number 34 using vhci_hcd
[  255.255576][ T1020] usb 9-1: USB disconnect, device number 13
[  255.264075][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  255.264092][   T40] audit: type=1326 audit(1759432837.133:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.274728][   T40] audit: type=1326 audit(1759432837.133:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.285064][   T40] audit: type=1326 audit(1759432837.143:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.294530][   T40] audit: type=1326 audit(1759432837.143:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.304077][   T40] audit: type=1326 audit(1759432837.143:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.312755][   T40] audit: type=1326 audit(1759432837.143:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.322228][   T40] audit: type=1326 audit(1759432837.143:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.329686][   T40] audit: type=1326 audit(1759432837.143:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.338736][   T40] audit: type=1326 audit(1759432837.143:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.348587][   T40] audit: type=1326 audit(1759432837.143:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10730 comm="syz.0.1393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  255.399113][T10716] vhci_hcd: connection reset by peer
[  255.401541][ T1039] vhci_hcd: stop threads
[  255.403191][ T1039] vhci_hcd: release socket
[  255.408063][ T1039] vhci_hcd: disconnect device
[  257.300628][T10765] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  257.303078][T10765] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  257.306465][T10765] vhci_hcd vhci_hcd.0: Device attached
[  257.708302][T10774] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1404'.
[  257.770664][T10776] tc_dump_action: action bad kind
[  257.932159][T10766] vhci_hcd: connection closed
[  257.932408][ T1140] vhci_hcd: stop threads
[  257.936576][ T1140] vhci_hcd: release socket
[  257.945335][ T1140] vhci_hcd: disconnect device
[  258.850678][T10801] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1414'.
[  258.951170][T10803] lo speed is unknown, defaulting to 1000
[  259.047628][T10803] lo speed is unknown, defaulting to 1000
[  259.174297][T10809] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1417'.
[  259.660459][ T1342] usb 44-1: device descriptor read/8, error -110
[  259.675456][    T9] usb 8-1: new full-speed USB device number 15 using dummy_hcd
[  259.847978][    T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.851963][    T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  259.863120][    T9] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  259.870200][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.878995][    T9] usb 8-1: config 0 descriptor??
[  259.888614][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  259.893806][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  259.905672][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  259.913201][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  259.921469][    T9] usb 8-1: media controller created
[  259.928457][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  259.942823][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  259.945745][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  259.950790][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input28
[  259.958207][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  259.961378][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  260.055967][ T1342] usb usb44-port1: attempt power cycle
[  260.090806][T10817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.095021][T10817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.125301][T10829] lo speed is unknown, defaulting to 1000
[  260.125656][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  260.135523][    T9] dvb-usb: error while querying for an remote control event.
[  260.226394][ T6018] usb 8-1: USB disconnect, device number 15
[  260.241807][ T6018] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  260.276491][T10829] lo speed is unknown, defaulting to 1000
[  260.437225][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  260.440310][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  260.567854][T10851] overlayfs: failed to clone upperpath
[  260.606406][T10853] netlink: 'syz.2.1434': attribute type 2 has an invalid length.
[  260.628870][ T1342] usb usb44-port1: unable to enumerate USB device
[  260.635987][T10855] lo speed is unknown, defaulting to 1000
[  260.711851][   T40] kauditd_printk_skb: 46 callbacks suppressed
[  260.711868][   T40] audit: type=1326 audit(1759432842.583:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10859 comm="syz.2.1437" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702e579 code=0x0
[  260.843925][T10855] lo speed is unknown, defaulting to 1000
[  260.958882][T10869] netlink: 'syz.4.1440': attribute type 2 has an invalid length.
[  260.961456][T10869] netlink: 137592 bytes leftover after parsing attributes in process `syz.4.1440'.
[  261.188623][T10879] ubi31: attaching mtd0
[  261.196627][T10879] ubi31: scanning is finished
[  261.198344][T10879] ubi31: empty MTD device detected
[  261.335443][T10879] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  261.343435][T10879] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  261.347359][T10879] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  261.352594][T10879] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  261.356931][T10879] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  261.362597][T10879] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  261.365822][T10879] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2563332472
[  261.370295][T10879] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  261.377760][T10881] ubi31: background thread "ubi_bgt31d" started, PID 10881
[  262.008389][T10890] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  262.350297][T10897] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1447'.
[  262.707555][T10903] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1448'.
[  262.781181][T10905] netlink: 'syz.2.1449': attribute type 1 has an invalid length.
[  262.851261][T10905] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  262.856820][T10905] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  262.908748][T10911] bond1: (slave bridge1): Enslaving as an active interface with a down link
[  262.930178][T10905] bond1: (slave gretap1): making interface the new active one
[  262.934935][T10905] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  262.944834][T10905] macvlan3: entered promiscuous mode
[  262.947681][T10905] macvlan3: entered allmulticast mode
[  262.950581][T10905] bond1: entered promiscuous mode
[  262.952272][T10905] gretap1: entered promiscuous mode
[  262.954555][T10905] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  262.963022][T10905] bond1: (slave macvlan3): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  262.969365][T10905] bond1: left promiscuous mode
[  262.971502][T10905] gretap1: left promiscuous mode
[  263.357282][   T46] Bluetooth: hci4: Frame reassembly failed (-84)
[  263.504213][T10940] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  263.507869][T10940] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  263.513673][T10940] vhci_hcd vhci_hcd.0: Device attached
[  263.775281][ T1020] usb 44-1: SetAddress Request (38) to port 0
[  263.778079][ T1020] usb 44-1: new SuperSpeed USB device number 38 using vhci_hcd
[  264.518941][T10941] vhci_hcd: connection reset by peer
[  264.521966][ T1039] vhci_hcd: stop threads
[  264.527728][ T1039] vhci_hcd: release socket
[  264.529699][ T1039] vhci_hcd: disconnect device
[  265.245192][   T53] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[  265.395359][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  265.395654][ T5966] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  265.408210][   T53] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  265.412430][   T53] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  265.453317][   T53] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  265.457205][   T53] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.466697][   T53] usb 8-1: config 0 descriptor??
[  265.472747][   T53] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  265.477328][   T53] dvb-usb: bulk message failed: -22 (3/0)
[  265.482990][   T53] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  265.489987][   T53] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  265.493439][   T53] usb 8-1: media controller created
[  265.496373][   T53] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  265.504855][   T53] dvb-usb: bulk message failed: -22 (6/0)
[  265.507849][   T53] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  265.507879][T10962] lo speed is unknown, defaulting to 1000
[  265.514082][   T53] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input29
[  265.520007][   T53] dvb-usb: schedule remote query interval to 150 msecs.
[  265.522298][   T53] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  265.678510][T10959] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.684682][T10959] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.685281][   T53] dvb-usb: bulk message failed: -22 (1/0)
[  265.696246][   T53] dvb-usb: error while querying for an remote control event.
[  265.769049][T10962] lo speed is unknown, defaulting to 1000
[  265.841530][   T53] usb 8-1: USB disconnect, device number 16
[  265.860367][   T53] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  266.792847][T10983] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1476'.
[  267.291982][T10979] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  267.297630][T10979] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  267.300397][T10979] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  267.305563][T10979] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  267.317231][T10979] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  267.756516][T11009] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1482'.
[  268.543666][T11023] ptrace attach of "/syz-executor exec"[11024] was attempted by "/syz-executor exec"[11023]
[  268.835308][ T1020] usb 44-1: device descriptor read/8, error -110
[  268.849897][ T5966] Bluetooth: hci1: command 0x0c1a tx timeout
[  269.001152][T11032] lo speed is unknown, defaulting to 1000
[  269.228506][ T1020] usb usb44-port1: attempt power cycle
[  269.244966][T11032] lo speed is unknown, defaulting to 1000
[  269.325254][ T5966] Bluetooth: hci3: command 0x0405 tx timeout
[  269.326504][   T63] Bluetooth: hci2: command 0x0c1a tx timeout
[  269.857945][ T1020] usb usb44-port1: unable to enumerate USB device
[  270.320348][T11067] lo speed is unknown, defaulting to 1000
[  270.434037][T11067] lo speed is unknown, defaulting to 1000
[  271.137065][T11082] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  271.395547][   T63] Bluetooth: hci3: command 0x0405 tx timeout
[  271.715451][    T9] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  271.774163][T11095] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  271.777233][T11095] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  271.866798][    T9] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[  271.869900][    T9] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  271.873177][    T9] usb 9-1: config 0 interface 0 has no altsetting 0
[  271.877257][    T9] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  271.880213][    T9] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  271.882947][    T9] usb 9-1: Product: syz
[  271.884417][    T9] usb 9-1: Manufacturer: syz
[  271.886366][    T9] usb 9-1: SerialNumber: syz
[  271.889339][    T9] usb 9-1: config 0 descriptor??
[  271.895980][    T9] hub 9-1:0.0: bad descriptor, ignoring hub
[  271.897923][    T9] hub 9-1:0.0: probe with driver hub failed with error -5
[  271.901581][    T9] usb 9-1: selecting invalid altsetting 0
[  272.337479][T11103] comedi comedi0: Minor 1073741825 is invalid!
[  273.461769][T11121] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1516'.
[  273.475370][   T63] Bluetooth: hci3: command 0x0405 tx timeout
[  274.525689][ T6110] usb 9-1: USB disconnect, device number 14
[  275.080490][ T6110] usb 9-1: new full-speed USB device number 15 using dummy_hcd
[  275.170168][T11136] bond0: entered promiscuous mode
[  275.172373][T11136] bond0: entered allmulticast mode
[  275.175582][T11136] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.335031][ T6110] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  275.338982][ T6110] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  275.342290][ T6110] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  275.345813][ T6110] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.349457][ T6110] usb 9-1: config 0 descriptor??
[  275.356340][ T6110] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  275.358865][ T6110] dvb-usb: bulk message failed: -22 (3/0)
[  275.370135][ T6110] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  275.375291][ T6110] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  275.377212][T11148] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1526'.
[  275.377835][ T6110] usb 9-1: media controller created
[  275.386307][ T6110] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  275.404956][ T6110] dvb-usb: bulk message failed: -22 (6/0)
[  275.411829][ T6110] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  275.419858][ T6110] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input30
[  275.438104][ T6110] dvb-usb: schedule remote query interval to 150 msecs.
[  275.440284][ T6110] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  275.558647][T11146] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.563781][T11146] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.605148][ T6110] dvb-usb: bulk message failed: -22 (1/0)
[  275.607134][ T6110] dvb-usb: error while querying for an remote control event.
[  275.615884][  T838] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  275.687208][   T55] usb 9-1: USB disconnect, device number 15
[  275.714762][   T55] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  275.765178][  T838] usb 8-1: Using ep0 maxpacket: 8
[  275.773997][  T838] usb 8-1: config 0 has an invalid interface number: 31 but max is 0
[  275.776866][  T838] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  275.781307][  T838] usb 8-1: config 0 has no interface number 0
[  275.787257][  T838] usb 8-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  275.791452][  T838] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.794312][  T838] usb 8-1: Product: syz
[  275.796370][  T838] usb 8-1: Manufacturer: syz
[  275.798072][  T838] usb 8-1: SerialNumber: syz
[  275.806044][  T838] usb 8-1: config 0 descriptor??
[  276.019949][  T838] usb 8-1: Found UVC 0.04 device syz (046d:08c3)
[  276.022356][  T838] usb 8-1: No valid video chain found.
[  276.357595][T11168] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  278.397466][    T9] usb 8-1: USB disconnect, device number 17
[  278.961876][T11206] netlink: 120 bytes leftover after parsing attributes in process `syz.2.1543'.
[  279.419666][T11216] veth1_to_bond: mtu less than device minimum
[  279.474923][T11227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1550'.
[  279.636257][T11242] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  279.638452][T11242] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  279.641845][T11242] vhci_hcd vhci_hcd.0: Device attached
[  279.647480][   T40] audit: type=1326 audit(1759432861.513:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11237 comm="syz.3.1554" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709e579 code=0x0
[  279.935273][   T54] usb 46-1: SetAddress Request (18) to port 0
[  279.937952][   T54] usb 46-1: new SuperSpeed USB device number 18 using vhci_hcd
[  280.106492][T11244] vhci_hcd: connection reset by peer
[  280.108666][ T1140] vhci_hcd: stop threads
[  280.110391][ T1140] vhci_hcd: release socket
[  280.112379][ T1140] vhci_hcd: disconnect device
[  280.498531][T11264] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.1561'.
[  280.530478][T11266] netlink: 1076 bytes leftover after parsing attributes in process `syz.2.1562'.
[  280.535695][   T40] audit: type=1326 audit(1759432862.413:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.536482][T11268] FAULT_INJECTION: forcing a failure.
[  280.536482][T11268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.543819][   T40] audit: type=1326 audit(1759432862.413:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.548063][T11266] netlink: 'syz.2.1562': attribute type 1 has an invalid length.
[  280.548356][T11268] CPU: 0 UID: 0 PID: 11268 Comm: syz.3.1563 Not tainted syzkaller #0 PREEMPT(full) 
[  280.548380][T11268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  280.548391][T11268] Call Trace:
[  280.548396][T11268]  <TASK>
[  280.548402][T11268]  dump_stack_lvl+0x16c/0x1f0
[  280.548451][T11268]  should_fail_ex+0x512/0x640
[  280.548488][T11268]  _copy_from_user+0x2e/0xd0
[  280.548506][T11268]  copy_from_sockptr_offset+0x15c/0x1b0
[  280.548529][T11268]  ? __pfx_copy_from_sockptr_offset+0x10/0x10
[  280.548550][T11268]  ? find_held_lock+0x2b/0x80
[  280.548574][T11268]  do_tcp_getsockopt+0x108d/0x25d0
[  280.548599][T11268]  ? __lock_acquire+0x62e/0x1ce0
[  280.548627][T11268]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  280.548662][T11268]  ? __lock_acquire+0xb97/0x1ce0
[  280.548687][T11268]  ? aa_label_sk_perm+0x195/0x600
[  280.548717][T11268]  ? _kstrtoull+0x145/0x200
[  280.548733][T11268]  ? __pfx__kstrtoull+0x10/0x10
[  280.548753][T11268]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  280.548773][T11268]  ? __lock_acquire+0x62e/0x1ce0
[  280.548806][T11268]  ? __pfx___might_resched+0x10/0x10
[  280.548823][T11268]  ? get_pid_task+0xfc/0x250
[  280.548847][T11268]  ? aa_sk_perm+0x2f4/0xb10
[  280.548867][T11268]  ? __lock_acquire+0x62e/0x1ce0
[  280.548892][T11268]  tcp_getsockopt+0xdf/0x100
[  280.548916][T11268]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  280.548935][T11268]  do_sock_getsockopt+0x34a/0x440
[  280.548953][T11268]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  280.548969][T11268]  ? __fget_files+0x204/0x3c0
[  280.549003][T11268]  __sys_getsockopt+0x123/0x1b0
[  280.549034][T11268]  __ia32_sys_getsockopt+0xbc/0x160
[  280.549047][T11268]  ? lockdep_hardirqs_on+0x7c/0x110
[  280.549061][T11268]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  280.549076][T11268]  __do_fast_syscall_32+0x7c/0x300
[  280.549093][T11268]  do_fast_syscall_32+0x32/0x80
[  280.549109][T11268]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.549127][T11268] RIP: 0023:0xf709e579
[  280.549139][T11268] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  280.549154][T11268] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  280.549169][T11268] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000006
[  280.549178][T11268] RDX: 0000000000000023 RSI: 0000000080000080 RDI: 0000000080000040
[  280.549213][T11268] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  280.549223][T11268] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  280.549231][T11268] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  280.549251][T11268]  </TASK>
[  280.573589][T11266] bond2: (slave gretap2): making interface the new active one
[  280.583842][   T40] audit: type=1326 audit(1759432862.423:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.586767][T11266] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  280.588394][   T40] audit: type=1326 audit(1759432862.423:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.599756][T11266] vlan2: entered allmulticast mode
[  280.601586][   T40] audit: type=1326 audit(1759432862.423:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.603362][T11266] bond2: entered allmulticast mode
[  280.605666][   T40] audit: type=1326 audit(1759432862.423:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.606903][T11266] gretap2: entered allmulticast mode
[  280.608572][   T40] audit: type=1326 audit(1759432862.423:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=378 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.611641][T11266] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  280.626181][   T40] audit: type=1326 audit(1759432862.423:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.748069][   T40] audit: type=1326 audit(1759432862.423:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11265 comm="syz.2.1562" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  281.088376][T11290] input: syz1 as /devices/virtual/input/input31
[  281.205529][T11295] 9pnet_fd: Insufficient options for proto=fd
[  281.246590][T11297] netlink: 'syz.4.1573': attribute type 11 has an invalid length.
[  284.995468][   T54] usb 46-1: device descriptor read/8, error -110
[  285.408339][   T54] usb usb46-port1: attempt power cycle
[  285.866584][T11393] openvswitch: netlink: Key type 233 is out of range max 32
[  286.004334][   T54] usb usb46-port1: unable to enumerate USB device
[  288.615256][ T6018] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  288.766980][ T6018] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  288.772270][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.776861][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.781495][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.789580][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.793233][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.797799][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.801862][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.805818][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.811163][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.815420][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.819187][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.823841][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.830027][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.833675][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.838212][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.842157][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.849207][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.853349][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.856575][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.859931][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.863591][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.866571][ T6018] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  288.869483][ T6018] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  288.873307][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  288.878693][ T6018] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  288.881768][ T6018] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  288.884861][ T6018] usb 9-1: Product: syz
[  288.887825][ T6018] usb 9-1: Manufacturer: syz
[  288.890134][ T6018] usb 9-1: SerialNumber: syz
[  288.894571][ T6018] usb 9-1: config 0 descriptor??
[  288.906227][ T6018] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  289.322244][T11453] FAT-fs (loop1): unable to read boot sector
[  289.409163][T11457] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1622'.
[  289.593742][T11458] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1625'.
[  289.783807][   T63] Bluetooth: hci2: unexpected event for opcode 0x200a
[  290.310308][T11485] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1634'.
[  291.156933][    C3] usb 9-1: yurex_control_callback - control failed: -2
[  291.817294][T11505] FAULT_INJECTION: forcing a failure.
[  291.817294][T11505] name failslab, interval 1, probability 0, space 0, times 0
[  291.822078][T11505] CPU: 0 UID: 3327 PID: 11505 Comm: syz.3.1642 Not tainted syzkaller #0 PREEMPT(full) 
[  291.822096][T11505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.822104][T11505] Call Trace:
[  291.822110][T11505]  <TASK>
[  291.822116][T11505]  dump_stack_lvl+0x16c/0x1f0
[  291.822134][T11505]  should_fail_ex+0x512/0x640
[  291.822155][T11505]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  291.822176][T11505]  should_failslab+0xc2/0x120
[  291.822191][T11505]  __kmalloc_cache_noprof+0x6a/0x3e0
[  291.822209][T11505]  ? kfree+0x24f/0x4d0
[  291.822225][T11505]  ? find_held_lock+0x2b/0x80
[  291.822238][T11505]  ? alloc_mnt_ns+0xce/0x380
[  291.822259][T11505]  alloc_mnt_ns+0xce/0x380
[  291.822277][T11505]  __do_sys_fsmount+0x590/0x940
[  291.822290][T11505]  ? __pfx___do_sys_fsmount+0x10/0x10
[  291.822302][T11505]  ? ksys_write+0x1ac/0x250
[  291.822316][T11505]  ? rcu_is_watching+0x12/0xc0
[  291.822333][T11505]  __do_fast_syscall_32+0x7c/0x300
[  291.822349][T11505]  do_fast_syscall_32+0x32/0x80
[  291.822362][T11505]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.822378][T11505] RIP: 0023:0xf709e579
[  291.822388][T11505] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  291.822401][T11505] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 00000000000001b0
[  291.822414][T11505] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  291.822421][T11505] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  291.822428][T11505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  291.822435][T11505] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  291.822442][T11505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  291.822457][T11505]  </TASK>
[  292.202412][T11512] overlayfs: failed to clone upperpath
[  292.203726][ T6018] usb 9-1: USB disconnect, device number 16
[  292.215916][ T6018] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  292.347092][T11530] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1652'.
[  292.352620][T11530] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1652'.
[  292.975926][T11562] FAULT_INJECTION: forcing a failure.
[  292.975926][T11562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.981863][T11562] CPU: 0 UID: 0 PID: 11562 Comm: syz.4.1663 Not tainted syzkaller #0 PREEMPT(full) 
[  292.981879][T11562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  292.981887][T11562] Call Trace:
[  292.981892][T11562]  <TASK>
[  292.981898][T11562]  dump_stack_lvl+0x16c/0x1f0
[  292.981914][T11562]  should_fail_ex+0x512/0x640
[  292.981934][T11562]  _copy_from_user+0x2e/0xd0
[  292.981945][T11562]  copy_mount_options+0x76/0x190
[  292.981961][T11562]  __ia32_sys_mount+0x1ac/0x310
[  292.981975][T11562]  ? __pfx___ia32_sys_mount+0x10/0x10
[  292.981995][T11562]  ? rcu_is_watching+0x12/0xc0
[  292.982012][T11562]  __do_fast_syscall_32+0x7c/0x300
[  292.982026][T11562]  do_fast_syscall_32+0x32/0x80
[  292.982037][T11562]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  292.982051][T11562] RIP: 0023:0xf708e579
[  292.982061][T11562] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  292.982072][T11562] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  292.982083][T11562] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000300
[  292.982089][T11562] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 00000000800001c0
[  292.982096][T11562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  292.982102][T11562] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  292.982108][T11562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  292.982121][T11562]  </TASK>
[  293.447759][T11575] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1668'.
[  293.450672][T11575] openvswitch: netlink: Flow actions attr not present in new flow.
[  293.471418][   T40] kauditd_printk_skb: 43 callbacks suppressed
[  293.471433][   T40] audit: type=1326 audit(1759432875.343:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.487402][   T40] audit: type=1326 audit(1759432875.343:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.498829][   T40] audit: type=1326 audit(1759432875.353:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.508251][   T40] audit: type=1326 audit(1759432875.353:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.515876][   T40] audit: type=1326 audit(1759432875.353:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=338 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.523019][   T40] audit: type=1326 audit(1759432875.353:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.532756][   T40] audit: type=1326 audit(1759432875.353:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.539687][   T40] audit: type=1326 audit(1759432875.353:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.546994][   T40] audit: type=1326 audit(1759432875.353:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.554295][   T40] audit: type=1326 audit(1759432875.353:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11576 comm="syz.0.1669" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  293.602099][T11581] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  294.355329][ T5966] Bluetooth: hci4: command 0x1003 tx timeout
[  294.355552][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  294.417890][T11596] overlayfs: failed to clone upperpath
[  294.579642][T11606] netlink: 696 bytes leftover after parsing attributes in process `syz.2.1680'.
[  294.734360][T11612] FAULT_INJECTION: forcing a failure.
[  294.734360][T11612] name failslab, interval 1, probability 0, space 0, times 0
[  294.741376][T11612] CPU: 2 UID: 0 PID: 11612 Comm: syz.4.1682 Not tainted syzkaller #0 PREEMPT(full) 
[  294.741416][T11612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  294.741430][T11612] Call Trace:
[  294.741437][T11612]  <TASK>
[  294.741444][T11612]  dump_stack_lvl+0x16c/0x1f0
[  294.741469][T11612]  should_fail_ex+0x512/0x640
[  294.741496][T11612]  ? __kvmalloc_node_noprof+0x124/0x620
[  294.741528][T11612]  should_failslab+0xc2/0x120
[  294.741549][T11612]  __kvmalloc_node_noprof+0x137/0x620
[  294.741584][T11612]  ? nf_tables_addchain.constprop.0+0x601/0x1c90
[  294.741611][T11612]  ? nf_tables_addchain.constprop.0+0x601/0x1c90
[  294.741630][T11612]  nf_tables_addchain.constprop.0+0x601/0x1c90
[  294.741676][T11612]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[  294.741700][T11612]  ? __lock_acquire+0x62e/0x1ce0
[  294.741747][T11612]  ? nla_strcmp+0xff/0x130
[  294.741769][T11612]  ? nft_table_lookup.part.0+0x1e3/0x230
[  294.741791][T11612]  nf_tables_newchain+0x2072/0x2da0
[  294.741808][T11612]  ? __print_lock_name+0x75/0xe0
[  294.741829][T11612]  ? net_generic+0xea/0x2a0
[  294.741849][T11612]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  294.741873][T11612]  ? __nla_validate_parse+0x600/0x2880
[  294.741896][T11612]  ? __pfx_nf_tables_newchain+0x10/0x10
[  294.741916][T11612]  ? __pfx___nla_validate_parse+0x10/0x10
[  294.741948][T11612]  ? __nla_parse+0x40/0x60
[  294.741971][T11612]  nfnetlink_rcv_batch+0x18e9/0x2330
[  294.742010][T11612]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  294.742039][T11612]  ? __local_bh_enable_ip+0xa4/0x120
[  294.742062][T11612]  ? __dev_queue_xmit+0xaf1/0x4490
[  294.742084][T11612]  ? __dev_queue_xmit+0xb12/0x4490
[  294.742117][T11612]  ? __pfx___dev_queue_xmit+0x10/0x10
[  294.742161][T11612]  ? __nla_parse+0x40/0x60
[  294.742185][T11612]  nfnetlink_rcv+0x3c1/0x430
[  294.742208][T11612]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  294.742237][T11612]  netlink_unicast+0x5a7/0x870
[  294.742257][T11612]  ? __pfx_netlink_unicast+0x10/0x10
[  294.742273][T11612]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  294.742296][T11612]  netlink_sendmsg+0x8d1/0xdd0
[  294.742318][T11612]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.742338][T11612]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  294.742372][T11612]  ____sys_sendmsg+0xa95/0xc70
[  294.742398][T11612]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.742420][T11612]  ? get_compat_msghdr+0x11a/0x170
[  294.742459][T11612]  ___sys_sendmsg+0x134/0x1d0
[  294.742477][T11612]  ? __pfx____sys_sendmsg+0x10/0x10
[  294.742506][T11612]  ? find_held_lock+0x2b/0x80
[  294.742540][T11612]  __sys_sendmsg+0x16d/0x220
[  294.742555][T11612]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.742589][T11612]  ? rcu_is_watching+0x12/0xc0
[  294.742613][T11612]  __do_fast_syscall_32+0x7c/0x300
[  294.742634][T11612]  do_fast_syscall_32+0x32/0x80
[  294.742650][T11612]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  294.742671][T11612] RIP: 0023:0xf708e579
[  294.742685][T11612] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  294.742702][T11612] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  294.742721][T11612] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008000c2c0
[  294.742733][T11612] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  294.742743][T11612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  294.742753][T11612] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  294.742764][T11612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  294.742789][T11612]  </TASK>
[  294.959015][T11618] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  295.466280][T11631] ip6_vti0: mtu greater than device maximum
[  295.470766][T11631] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  295.696303][T11637] bridge2: entered allmulticast mode
[  295.734322][T11641] FAULT_INJECTION: forcing a failure.
[  295.734322][T11641] name failslab, interval 1, probability 0, space 0, times 0
[  295.739254][T11641] CPU: 1 UID: 0 PID: 11641 Comm: syz.3.1691 Not tainted syzkaller #0 PREEMPT(full) 
[  295.739277][T11641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.739288][T11641] Call Trace:
[  295.739295][T11641]  <TASK>
[  295.739302][T11641]  dump_stack_lvl+0x16c/0x1f0
[  295.739325][T11641]  should_fail_ex+0x512/0x640
[  295.739357][T11641]  should_failslab+0xc2/0x120
[  295.739378][T11641]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  295.739396][T11641]  ? skb_clone+0x190/0x3f0
[  295.739417][T11641]  skb_clone+0x190/0x3f0
[  295.739435][T11641]  netlink_deliver_tap+0xabd/0xd30
[  295.739459][T11641]  netlink_unicast+0x64c/0x870
[  295.739480][T11641]  ? __pfx_netlink_unicast+0x10/0x10
[  295.739499][T11641]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  295.739525][T11641]  netlink_sendmsg+0x8d1/0xdd0
[  295.739549][T11641]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.739571][T11641]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  295.739610][T11641]  ____sys_sendmsg+0xa95/0xc70
[  295.739635][T11641]  ? __pfx_____sys_sendmsg+0x10/0x10
[  295.739656][T11641]  ? get_compat_msghdr+0x11a/0x170
[  295.739695][T11641]  ___sys_sendmsg+0x134/0x1d0
[  295.739714][T11641]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.739745][T11641]  ? find_held_lock+0x2b/0x80
[  295.739783][T11641]  __sys_sendmsg+0x16d/0x220
[  295.739801][T11641]  ? __pfx___sys_sendmsg+0x10/0x10
[  295.739830][T11641]  ? rcu_is_watching+0x12/0xc0
[  295.739854][T11641]  __do_fast_syscall_32+0x7c/0x300
[  295.739875][T11641]  do_fast_syscall_32+0x32/0x80
[  295.739894][T11641]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  295.739916][T11641] RIP: 0023:0xf709e579
[  295.739929][T11641] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  295.739946][T11641] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  295.739964][T11641] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  295.739976][T11641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  295.739986][T11641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  295.739996][T11641] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  295.740006][T11641] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  295.740030][T11641]  </TASK>
[  295.803955][T11644] FAULT_INJECTION: forcing a failure.
[  295.803955][T11644] name failslab, interval 1, probability 0, space 0, times 0
[  295.831949][T11644] CPU: 2 UID: 0 PID: 11644 Comm: syz.4.1692 Not tainted syzkaller #0 PREEMPT(full) 
[  295.831974][T11644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.831986][T11644] Call Trace:
[  295.831992][T11644]  <TASK>
[  295.831999][T11644]  dump_stack_lvl+0x16c/0x1f0
[  295.832024][T11644]  should_fail_ex+0x512/0x640
[  295.832057][T11644]  should_failslab+0xc2/0x120
[  295.832079][T11644]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  295.832101][T11644]  ? skb_clone+0x190/0x3f0
[  295.832121][T11644]  skb_clone+0x190/0x3f0
[  295.832142][T11644]  netlink_deliver_tap+0xabd/0xd30
[  295.832166][T11644]  netlink_unicast+0x64c/0x870
[  295.832190][T11644]  ? __pfx_netlink_unicast+0x10/0x10
[  295.832209][T11644]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  295.832236][T11644]  netlink_sendmsg+0x8d1/0xdd0
[  295.832260][T11644]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.832282][T11644]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  295.832315][T11644]  ____sys_sendmsg+0xa95/0xc70
[  295.832341][T11644]  ? __pfx_____sys_sendmsg+0x10/0x10
[  295.832363][T11644]  ? get_compat_msghdr+0x11a/0x170
[  295.832401][T11644]  ___sys_sendmsg+0x134/0x1d0
[  295.832422][T11644]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.832452][T11644]  ? find_held_lock+0x2b/0x80
[  295.832491][T11644]  __sys_sendmsg+0x16d/0x220
[  295.832509][T11644]  ? __pfx___sys_sendmsg+0x10/0x10
[  295.832537][T11644]  ? rcu_is_watching+0x12/0xc0
[  295.832560][T11644]  __do_fast_syscall_32+0x7c/0x300
[  295.832584][T11644]  do_fast_syscall_32+0x32/0x80
[  295.832605][T11644]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  295.832625][T11644] RIP: 0023:0xf708e579
[  295.832640][T11644] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  295.832656][T11644] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  295.832672][T11644] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000940
[  295.832682][T11644] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  295.832691][T11644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  295.832700][T11644] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  295.832709][T11644] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  295.832723][T11644]  </TASK>
[  295.832855][T11644] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1692'.
[  295.916137][T11644] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  295.931060][T11650] lo speed is unknown, defaulting to 1000
[  295.952312][T11652] FAULT_INJECTION: forcing a failure.
[  295.952312][T11652] name failslab, interval 1, probability 0, space 0, times 0
[  295.959026][T11652] CPU: 3 UID: 0 PID: 11652 Comm: syz.4.1696 Not tainted syzkaller #0 PREEMPT(full) 
[  295.959043][T11652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.959051][T11652] Call Trace:
[  295.959055][T11652]  <TASK>
[  295.959061][T11652]  dump_stack_lvl+0x16c/0x1f0
[  295.959078][T11652]  should_fail_ex+0x512/0x640
[  295.959097][T11652]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  295.959112][T11652]  should_failslab+0xc2/0x120
[  295.959126][T11652]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  295.959140][T11652]  ? __kthread_create_on_node+0x186/0x3f0
[  295.959159][T11652]  kvasprintf+0xbc/0x160
[  295.959170][T11652]  ? __pfx_kvasprintf+0x10/0x10
[  295.959187][T11652]  ? __pfx_rescuer_thread+0x10/0x10
[  295.959198][T11652]  __kthread_create_on_node+0x186/0x3f0
[  295.959215][T11652]  ? __pfx___kthread_create_on_node+0x10/0x10
[  295.959235][T11652]  ? __pfx_vsnprintf+0x10/0x10
[  295.959256][T11652]  ? __pfx_rescuer_thread+0x10/0x10
[  295.959268][T11652]  kthread_create_on_node+0xc7/0x100
[  295.959284][T11652]  ? __pfx_kthread_create_on_node+0x10/0x10
[  295.959299][T11652]  ? __pfx_scnprintf+0x10/0x10
[  295.959316][T11652]  init_rescuer+0x320/0x640
[  295.959335][T11652]  ? __pfx_init_rescuer+0x10/0x10
[  295.959356][T11652]  ? wq_adjust_max_active+0x39d/0x4a0
[  295.959377][T11652]  __alloc_workqueue+0xda1/0x1810
[  295.959398][T11652]  alloc_workqueue_noprof+0xd2/0x200
[  295.959414][T11652]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  295.959431][T11652]  ? bpf_lsm_inode_need_killpriv+0x9/0x10
[  295.959446][T11652]  ? security_inode_need_killpriv+0x6c/0x1e0
[  295.959460][T11652]  ? file_remove_privs_flags+0x185/0x580
[  295.959475][T11652]  ? __pfx_file_remove_privs_flags+0x10/0x10
[  295.959490][T11652]  sb_init_dio_done_wq+0x83/0x140
[  295.959507][T11652]  ? __pfx_sb_init_dio_done_wq+0x10/0x10
[  295.959527][T11652]  backing_file_write_iter+0x600/0x8f0
[  295.959543][T11652]  ovl_write_iter+0x35b/0x430
[  295.959558][T11652]  ? __pfx_ovl_write_iter+0x10/0x10
[  295.959571][T11652]  ? __pfx_ovl_file_end_write+0x10/0x10
[  295.959582][T11652]  ? find_held_lock+0x2b/0x80
[  295.959596][T11652]  ? aio_write+0x6f7/0x910
[  295.959615][T11652]  aio_write+0x3b9/0x910
[  295.959635][T11652]  ? __pfx_aio_write+0x10/0x10
[  295.959653][T11652]  ? __lock_acquire+0xb97/0x1ce0
[  295.959678][T11652]  ? __might_fault+0xe3/0x190
[  295.959689][T11652]  ? __might_fault+0x13b/0x190
[  295.959702][T11652]  ? io_submit_one+0x1243/0x1df0
[  295.959713][T11652]  io_submit_one+0x1243/0x1df0
[  295.959725][T11652]  ? __lock_acquire+0xb97/0x1ce0
[  295.959744][T11652]  ? __pfx_io_submit_one+0x10/0x10
[  295.959760][T11652]  ? __might_fault+0xe3/0x190
[  295.959770][T11652]  ? __might_fault+0x13b/0x190
[  295.959783][T11652]  ? __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  295.959795][T11652]  __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  295.959810][T11652]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  295.959822][T11652]  ? fput+0x9b/0xd0
[  295.959839][T11652]  ? rcu_is_watching+0x12/0xc0
[  295.959852][T11652]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  295.959867][T11652]  __do_fast_syscall_32+0x7c/0x300
[  295.959881][T11652]  do_fast_syscall_32+0x32/0x80
[  295.959894][T11652]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  295.959913][T11652] RIP: 0023:0xf708e579
[  295.959922][T11652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  295.959933][T11652] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  295.959945][T11652] RAX: ffffffffffffffda RBX: 00000000f742f000 RCX: 0000000000000001
[  295.959953][T11652] RDX: 0000000080000740 RSI: 0000000000000000 RDI: 0000000000000000
[  295.959959][T11652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  295.959966][T11652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  295.959972][T11652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  295.959986][T11652]  </TASK>
[  295.960033][T11652] workqueue: Failed to create a rescuer kthread for wq "dio/overlay": -ENOMEM
[  296.199856][T11650] lo speed is unknown, defaulting to 1000
[  296.523813][ T1039] Bluetooth: hci4: Frame reassembly failed (-84)
[  297.493688][T11682] overlayfs: failed to clone upperpath
[  297.497108][T11682] openvswitch: netlink: IP tunnel dst address not specified
[  297.636305][T11688] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1707'.
[  297.693318][T11689] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1707'.
[  298.525278][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  298.784843][T11728] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1722'.
[  298.815240][    T9] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  298.839956][T11729] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1722'.
[  298.977995][    T9] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  298.980761][    T9] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  298.984141][    T9] usb 8-1: config 0 interface 0 has no altsetting 0
[  298.988135][    T9] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  298.991065][    T9] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  298.993718][    T9] usb 8-1: Product: syz
[  298.995244][    T9] usb 8-1: Manufacturer: syz
[  298.997183][    T9] usb 8-1: SerialNumber: syz
[  299.001560][    T9] usb 8-1: config 0 descriptor??
[  299.005395][    T9] hub 8-1:0.0: bad descriptor, ignoring hub
[  299.007616][    T9] hub 8-1:0.0: probe with driver hub failed with error -5
[  299.011324][    T9] usb 8-1: selecting invalid altsetting 0
[  299.698969][T11743] bpf: Bad value for 'gid'
[  301.314210][T11772] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1733'.
[  301.370872][T11775] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1733'.
[  301.607248][ T1020] usb 8-1: USB disconnect, device number 18
[  301.731927][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  301.731939][   T40] audit: type=1326 audit(1759432883.603:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11789 comm="syz.3.1740" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709e579 code=0x0
[  302.589822][T11812] netlink: 'syz.4.1746': attribute type 13 has an invalid length.
[  302.625824][T11812] bridge0: port 3(syz_tun) entered disabled state
[  302.668922][T11812] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.671285][T11812] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.724628][T11812] bond_slave_0: left promiscuous mode
[  302.728997][T11812] bond_slave_1: left promiscuous mode
[  302.738799][T11815] overlayfs: failed to resolve './file0': -2
[  302.860061][T11812] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.868632][T11812] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.116891][T11824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1746'.
[  303.259113][T11812] batman_adv: batadv0: Interface deactivated: gretap1
[  303.425263][ T1176] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.430567][ T1176] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.434600][ T1176] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.438979][ T1176] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.693936][T11836] overlayfs: failed to clone upperpath
[  303.785274][    T9] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  303.944116][    T9] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  303.946841][    T9] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  303.952792][    T9] usb 8-1: config 0 interface 0 has no altsetting 0
[  303.970548][    T9] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  303.974098][    T9] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  303.976819][    T9] usb 8-1: Product: syz
[  303.978162][    T9] usb 8-1: Manufacturer: syz
[  303.979724][    T9] usb 8-1: SerialNumber: syz
[  303.996126][    T9] usb 8-1: config 0 descriptor??
[  304.017344][    T9] hub 8-1:0.0: bad descriptor, ignoring hub
[  304.019917][    T9] hub 8-1:0.0: probe with driver hub failed with error -5
[  304.027369][    T9] usb 8-1: selecting invalid altsetting 0
[  304.165404][T11854] lo speed is unknown, defaulting to 1000
[  304.259865][T11854] lo speed is unknown, defaulting to 1000
[  306.635702][ T6019] usb 8-1: USB disconnect, device number 19
[  307.482577][T11892] pim6reg: entered allmulticast mode
[  307.623431][T11906] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1771'.
[  308.035512][ T6019] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  308.196967][ T6019] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  308.200184][ T6019] usb 8-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config
[  308.203403][ T6019] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  308.206843][ T6019] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 109, changing to 10
[  308.211197][ T6019] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10100, setting to 1024
[  308.216242][ T6019] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  308.219168][ T6019] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  308.221697][ T6019] usb 8-1: Product: syz
[  308.222950][ T6019] usb 8-1: Manufacturer: syz
[  308.226820][T11911] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  308.230059][ T6019] cdc_wdm 8-1:1.0: skipping garbage
[  308.231767][ T6019] cdc_wdm 8-1:1.0: skipping garbage
[  308.236776][ T6019] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  308.239132][ T6019] cdc_wdm 8-1:1.0: Unknown control protocol
[  308.432235][    C2] cdc_wdm 8-1:1.0: nonzero urb status received: -71
[  308.435849][    C2] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes
[  308.438274][    C2] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  308.443276][ T6019] usb 8-1: USB disconnect, device number 20
[  308.592501][T11916] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  308.992714][T11933] lo speed is unknown, defaulting to 1000
[  309.055284][ T6019] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  309.245526][ T6019] usb 9-1: Using ep0 maxpacket: 32
[  309.257189][ T6019] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.264437][ T6019] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.268448][ T6019] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  309.272313][ T6019] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.304921][ T6019] usb 9-1: config 0 descriptor??
[  309.374281][T11933] lo speed is unknown, defaulting to 1000
[  309.795448][   T54] usb 8-1: new full-speed USB device number 21 using dummy_hcd
[  309.947275][   T54] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.951075][   T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  309.953934][   T54] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  309.957183][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.962798][   T54] usb 8-1: config 0 descriptor??
[  309.971411][   T54] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  309.974086][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  309.984265][   T54] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  309.991236][   T54] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  309.993946][   T54] usb 8-1: media controller created
[  310.037674][   T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  310.049971][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  310.052585][   T54] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  310.116948][   T54] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input32
[  310.121983][   T54] dvb-usb: schedule remote query interval to 150 msecs.
[  310.124468][   T54] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  310.179047][T11952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.183972][T11952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.285029][   T54] dvb-usb: bulk message failed: -22 (1/0)
[  310.287220][   T54] dvb-usb: error while querying for an remote control event.
[  310.317492][ T1020] usb 8-1: USB disconnect, device number 21
[  310.345001][ T1020] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  310.466847][T11969] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1788'.
[  310.572550][T11973] lo speed is unknown, defaulting to 1000
[  310.696680][T11973] lo speed is unknown, defaulting to 1000
[  311.024097][T11983] ubi: mtd0 is already attached to ubi31
[  311.585424][   T55] usb 8-1: new full-speed USB device number 22 using dummy_hcd
[  311.620746][ T6019] usbhid 9-1:0.0: can't add hid device: -71
[  311.623533][ T6019] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  311.645503][ T6019] usb 9-1: USB disconnect, device number 17
[  311.737815][   T55] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  311.742030][   T55] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  311.744816][   T55] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  311.747909][   T55] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.751786][   T55] usb 8-1: config 0 descriptor??
[  311.757560][   T55] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  311.760539][   T55] dvb-usb: bulk message failed: -22 (3/0)
[  311.763963][   T55] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  311.768345][   T55] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  311.770566][   T55] usb 8-1: media controller created
[  311.772920][   T55] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  311.777654][   T55] dvb-usb: bulk message failed: -22 (6/0)
[  311.780310][   T55] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  311.785530][   T55] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input33
[  311.789975][   T55] dvb-usb: schedule remote query interval to 150 msecs.
[  311.792090][   T55] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  311.945214][   T55] dvb-usb: bulk message failed: -22 (1/0)
[  311.948342][   T55] dvb-usb: error while querying for an remote control event.
[  311.966472][T12003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.970392][T12003] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.115995][ T1457] dvb-usb: bulk message failed: -22 (1/0)
[  312.117946][ T1457] dvb-usb: error while querying for an remote control event.
[  312.131180][   T40] audit: type=1326 audit(1759432894.003:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.142746][   T40] audit: type=1326 audit(1759432894.003:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.152110][   T54] usb 8-1: USB disconnect, device number 22
[  312.154753][   T40] audit: type=1326 audit(1759432894.003:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.165011][   T40] audit: type=1326 audit(1759432894.003:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.174994][   T40] audit: type=1326 audit(1759432894.003:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.186483][   T40] audit: type=1326 audit(1759432894.003:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.195238][   T40] audit: type=1326 audit(1759432894.003:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.200646][   T54] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  312.208345][   T40] audit: type=1326 audit(1759432894.003:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.217562][   T40] audit: type=1326 audit(1759432894.003:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  312.230341][   T40] audit: type=1326 audit(1759432894.003:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12016 comm="syz.0.1806" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  313.182915][T12063] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1821'.
[  313.240281][T12064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1821'.
[  314.463648][T12098] overlayfs: failed to clone upperpath
[  315.089801][T12113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1836'.
[  315.145978][T12115] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1836'.
[  315.968059][T12147] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  316.054140][T12149] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.151845][T12149] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.243418][T12149] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.318004][T12149] bridge0: port 1(netdevsim0) entered disabled state
[  316.330228][T12149] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode
[  316.333999][T12149] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[  316.339674][T12149] bridge0: port 1(netdevsim0) entered disabled state
[  316.350157][T12149] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.476612][   T46] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.484413][ T1141] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.498693][ T1141] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.501334][ T1141] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.775318][ T1342] usb 8-1: new full-speed USB device number 23 using dummy_hcd
[  316.936833][ T1342] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  316.941091][ T1342] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  316.946357][ T1342] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  316.950096][ T1342] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.956125][ T1342] usb 8-1: config 0 descriptor??
[  316.959936][ T1342] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  316.962446][ T1342] dvb-usb: bulk message failed: -22 (3/0)
[  316.971053][ T1342] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  316.976218][ T1342] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  316.979420][ T1342] usb 8-1: media controller created
[  316.982565][ T1342] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  316.990370][ T1342] dvb-usb: bulk message failed: -22 (6/0)
[  316.992932][ T1342] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  316.998569][ T1342] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input34
[  317.005551][ T1342] dvb-usb: schedule remote query interval to 150 msecs.
[  317.008660][ T1342] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  317.162300][T12176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.165311][ T1342] dvb-usb: bulk message failed: -22 (1/0)
[  317.166664][T12176] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.168743][ T1342] dvb-usb: error while querying for an remote control event.
[  317.287188][ T6110] usb 8-1: USB disconnect, device number 23
[  317.298313][ T6110] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  317.473645][T12192] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.550291][T12192] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.673442][T12192] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.811474][T12192] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.917705][T12205] FAULT_INJECTION: forcing a failure.
[  317.917705][T12205] name failslab, interval 1, probability 0, space 0, times 0
[  317.933252][ T1176] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.944292][ T1176] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.952866][ T1176] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.963737][T12205] CPU: 2 UID: 0 PID: 12205 Comm: syz.3.1866 Not tainted syzkaller #0 PREEMPT(full) 
[  317.963761][T12205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.963774][T12205] Call Trace:
[  317.963780][T12205]  <TASK>
[  317.963786][T12205]  dump_stack_lvl+0x16c/0x1f0
[  317.963803][T12205]  should_fail_ex+0x512/0x640
[  317.963821][T12205]  ? __kmalloc_noprof+0xbf/0x510
[  317.963833][T12205]  ? io_cache_alloc_new+0x45/0xf0
[  317.963849][T12205]  should_failslab+0xc2/0x120
[  317.963862][T12205]  __kmalloc_noprof+0xd2/0x510
[  317.963875][T12205]  io_cache_alloc_new+0x45/0xf0
[  317.963892][T12205]  __io_prep_rw+0x21d/0x1090
[  317.963905][T12205]  ? __pfx___io_prep_rw+0x10/0x10
[  317.963916][T12205]  ? mark_held_locks+0x49/0x80
[  317.963933][T12205]  ? __pfx___io_alloc_req_refill+0x10/0x10
[  317.963949][T12205]  io_prep_rw+0x24/0x220
[  317.963961][T12205]  io_prep_writev+0x23/0xa0
[  317.963974][T12205]  io_submit_sqes+0x853/0x25c0
[  317.963995][T12205]  __do_sys_io_uring_enter+0xd69/0x1630
[  317.964011][T12205]  ? __fget_files+0x20e/0x3c0
[  317.964028][T12205]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  317.964044][T12205]  ? fput+0x9b/0xd0
[  317.964057][T12205]  ? ksys_write+0x1ac/0x250
[  317.964067][T12205]  ? __pfx_ksys_write+0x10/0x10
[  317.964078][T12205]  ? rcu_is_watching+0x12/0xc0
[  317.964094][T12205]  __do_fast_syscall_32+0x7c/0x300
[  317.964107][T12205]  do_fast_syscall_32+0x32/0x80
[  317.964119][T12205]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.964133][T12205] RIP: 0023:0xf709e579
[  317.964142][T12205] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  317.964153][T12205] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  317.964164][T12205] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000026c8
[  317.964171][T12205] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  317.964177][T12205] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  317.964182][T12205] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  317.964189][T12205] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  317.964202][T12205]  </TASK>
[  317.964960][ T1176] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.117523][T12211] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1868'.
[  318.173777][T12214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1868'.
[  318.388474][T12209] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  318.391344][T12209] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  318.394830][T12209] vhci_hcd vhci_hcd.0: Device attached
[  318.578150][T12220] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  318.580886][T12220] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  318.600188][T12220] vhci_hcd vhci_hcd.0: Device attached
[  318.865274][ T6018] usb 46-1: SetAddress Request (22) to port 0
[  318.867922][ T6018] usb 46-1: new SuperSpeed USB device number 22 using vhci_hcd
[  318.906616][ T6110] usb 44-1: SetAddress Request (42) to port 0
[  318.913688][ T6110] usb 44-1: new SuperSpeed USB device number 42 using vhci_hcd
[  318.960271][T12218] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  318.968057][T12217] vhci_hcd: connection closed
[  318.968457][ T1141] vhci_hcd: stop threads
[  318.973570][ T1141] vhci_hcd: release socket
[  318.977813][ T1141] vhci_hcd: disconnect device
[  319.183223][T12221] vhci_hcd: connection reset by peer
[  319.183456][T12228] netlink: 'syz.2.1872': attribute type 10 has an invalid length.
[  319.188684][ T1141] vhci_hcd: stop threads
[  319.189048][T12228] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1872'.
[  319.190802][ T1141] vhci_hcd: release socket
[  319.193682][T12228] veth0_vlan: entered allmulticast mode
[  319.195015][ T1141] vhci_hcd: disconnect device
[  319.197509][T12228] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  319.200058][T12230] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  319.777103][T12242] FAULT_INJECTION: forcing a failure.
[  319.777103][T12242] name failslab, interval 1, probability 0, space 0, times 0
[  319.781541][T12242] CPU: 1 UID: 0 PID: 12242 Comm: syz.3.1876 Not tainted syzkaller #0 PREEMPT(full) 
[  319.781561][T12242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.781573][T12242] Call Trace:
[  319.781580][T12242]  <TASK>
[  319.781587][T12242]  dump_stack_lvl+0x16c/0x1f0
[  319.781609][T12242]  should_fail_ex+0x512/0x640
[  319.781634][T12242]  ? fs_reclaim_acquire+0xae/0x150
[  319.781655][T12242]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  319.781678][T12242]  should_failslab+0xc2/0x120
[  319.781695][T12242]  __kmalloc_noprof+0xd2/0x510
[  319.781718][T12242]  tomoyo_realpath_from_path+0xc2/0x6e0
[  319.781743][T12242]  ? tomoyo_profile+0x47/0x60
[  319.781771][T12242]  tomoyo_path_number_perm+0x245/0x580
[  319.781788][T12242]  ? tomoyo_path_number_perm+0x237/0x580
[  319.781805][T12242]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  319.781850][T12242]  ? find_held_lock+0x2b/0x80
[  319.781872][T12242]  ? hook_file_ioctl_common+0x145/0x410
[  319.781898][T12242]  ? __fget_files+0x20e/0x3c0
[  319.781930][T12242]  security_file_ioctl_compat+0x9b/0x240
[  319.781951][T12242]  __ia32_compat_sys_ioctl+0xc3/0x370
[  319.781980][T12242]  __do_fast_syscall_32+0x7c/0x300
[  319.782002][T12242]  do_fast_syscall_32+0x32/0x80
[  319.782019][T12242]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.782042][T12242] RIP: 0023:0xf709e579
[  319.782058][T12242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.782076][T12242] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  319.782094][T12242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72
[  319.782106][T12242] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  319.782116][T12242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.782126][T12242] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  319.782135][T12242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.782159][T12242]  </TASK>
[  319.782165][T12242] ERROR: Out of memory at tomoyo_realpath_from_path.
[  320.168062][T12249] lo speed is unknown, defaulting to 1000
[  320.237404][T12253] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  320.300770][T12254] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  320.384030][T12257] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1881'.
[  320.384565][T12249] lo speed is unknown, defaulting to 1000
[  320.552318][T12260] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  320.554893][T12260] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  320.558924][T12260] vhci_hcd vhci_hcd.0: Device attached
[  320.578763][T12260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1878'.
[  321.211573][T12273] 8021q: adding VLAN 0 to HW filter on device bond5
[  321.236769][T12273] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  321.244115][T12273] bond5: (slave macvlan2): Enslaving as a backup interface with a down link
[  321.254045][T12273] syz_tun: left allmulticast mode
[  321.256929][T12273] syz_tun: left promiscuous mode
[  321.259551][T12273] bridge0: port 1(syz_tun) entered disabled state
[  321.343334][T12273] bond4: (slave ip6gre1): Releasing backup interface
[  321.346017][T12273] ip6gre1: left promiscuous mode
[  321.352473][T12273] bond5: (slave macvlan2): Releasing backup interface
[  321.886996][T12261] vhci_hcd: connection closed
[  321.887254][ T1141] vhci_hcd: stop threads
[  321.891713][ T1141] vhci_hcd: release socket
[  321.893611][ T1141] vhci_hcd: disconnect device
[  321.895901][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  321.898380][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  322.610879][T12294] FAULT_INJECTION: forcing a failure.
[  322.610879][T12294] name failslab, interval 1, probability 0, space 0, times 0
[  322.635399][T12294] CPU: 1 UID: 0 PID: 12294 Comm: syz.4.1891 Not tainted syzkaller #0 PREEMPT(full) 
[  322.635418][T12294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.635425][T12294] Call Trace:
[  322.635429][T12294]  <TASK>
[  322.635433][T12294]  dump_stack_lvl+0x16c/0x1f0
[  322.635450][T12294]  should_fail_ex+0x512/0x640
[  322.635467][T12294]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  322.635480][T12294]  should_failslab+0xc2/0x120
[  322.635493][T12294]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  322.635504][T12294]  ? security_file_alloc+0x34/0x2b0
[  322.635519][T12294]  security_file_alloc+0x34/0x2b0
[  322.635533][T12294]  init_file+0x93/0x4c0
[  322.635550][T12294]  alloc_empty_file+0x73/0x1e0
[  322.635565][T12294]  alloc_file_pseudo+0x13a/0x230
[  322.635579][T12294]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  322.635600][T12294]  sock_alloc_file+0x50/0x210
[  322.635614][T12294]  do_accept+0x240/0x530
[  322.635629][T12294]  ? do_raw_spin_lock+0x12c/0x2b0
[  322.635641][T12294]  ? __pfx_do_accept+0x10/0x10
[  322.635665][T12294]  io_accept+0x259/0x950
[  322.635684][T12294]  ? __pfx_io_accept+0x10/0x10
[  322.635703][T12294]  __io_issue_sqe+0xe8/0x7c0
[  322.635723][T12294]  io_issue_sqe+0x86/0xe50
[  322.635737][T12294]  io_submit_sqes+0x94b/0x25c0
[  322.635758][T12294]  __do_sys_io_uring_enter+0xd69/0x1630
[  322.635774][T12294]  ? __fget_files+0x20e/0x3c0
[  322.635791][T12294]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  322.635807][T12294]  ? fput+0x9b/0xd0
[  322.635819][T12294]  ? ksys_write+0x1ac/0x250
[  322.635829][T12294]  ? __pfx_ksys_write+0x10/0x10
[  322.635841][T12294]  ? rcu_is_watching+0x12/0xc0
[  322.635856][T12294]  __do_fast_syscall_32+0x7c/0x300
[  322.635869][T12294]  do_fast_syscall_32+0x32/0x80
[  322.635881][T12294]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  322.635896][T12294] RIP: 0023:0xf708e579
[  322.635905][T12294] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  322.635916][T12294] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  322.635927][T12294] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000708
[  322.635934][T12294] RDX: 00000000000041e3 RSI: 0000000000000000 RDI: 0000000000000000
[  322.635940][T12294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  322.635946][T12294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  322.635952][T12294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  322.635969][T12294]  </TASK>
[  322.706051][T12292] lo speed is unknown, defaulting to 1000
[  322.766073][T12299] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1892'.
[  322.821923][T12302] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1892'.
[  322.858307][T12304] lo speed is unknown, defaulting to 1000
[  322.963858][T12292] lo speed is unknown, defaulting to 1000
[  323.050611][T12304] lo speed is unknown, defaulting to 1000
[  323.904778][T12344] lo speed is unknown, defaulting to 1000
[  323.955227][ T6018] usb 46-1: device descriptor read/8, error -110
[  323.955307][ T6110] usb 44-1: device descriptor read/8, error -110
[  324.001733][T12344] lo speed is unknown, defaulting to 1000
[  324.205381][ T6036] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  324.236077][T12358] !
: renamed from dummy0 (while UP)
[  324.305982][T12362] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1911'.
[  324.345499][ T6036] usb 8-1: device descriptor read/64, error -71
[  324.346181][ T6018] usb usb46-port1: attempt power cycle
[  324.361970][T12364] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1911'.
[  324.367009][ T6110] usb usb44-port1: attempt power cycle
[  324.394382][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  324.394395][   T40] audit: type=1326 audit(1759432906.263:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.404015][   T40] audit: type=1326 audit(1759432906.273:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.410807][   T40] audit: type=1326 audit(1759432906.273:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.417738][   T40] audit: type=1326 audit(1759432906.273:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.425564][   T40] audit: type=1326 audit(1759432906.273:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.432322][   T40] audit: type=1326 audit(1759432906.273:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.440671][   T40] audit: type=1326 audit(1759432906.273:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.450957][   T40] audit: type=1326 audit(1759432906.273:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.459980][   T40] audit: type=1326 audit(1759432906.273:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.470573][   T40] audit: type=1326 audit(1759432906.273:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12359 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  324.595185][ T6036] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  324.735407][ T6036] usb 8-1: device descriptor read/64, error -71
[  324.847297][ T6036] usb usb8-port1: attempt power cycle
[  324.916211][ T6018] usb usb46-port1: unable to enumerate USB device
[  324.945752][ T6110] usb usb44-port1: unable to enumerate USB device
[  325.185323][ T6036] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  325.206522][ T6036] usb 8-1: device descriptor read/8, error -71
[  325.364572][T12377] netlink: 'syz.2.1915': attribute type 72 has an invalid length.
[  325.446660][ T6036] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  325.466753][ T6036] usb 8-1: device descriptor read/8, error -71
[  325.484567][T12383] netlink: 'syz.4.1914': attribute type 2 has an invalid length.
[  325.492744][T12383] overlayfs: missing 'lowerdir'
[  325.575748][ T6036] usb usb8-port1: unable to enumerate USB device
[  326.369004][T12396] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  326.371327][T12398] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1921'.
[  326.376933][T12396] block device autoloading is deprecated and will be removed.
[  326.441340][T12400] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1921'.
[  327.910234][T12431] netlink: 'syz.3.1929': attribute type 10 has an invalid length.
[  327.918365][T12431] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  327.943447][T12431] 8021q: adding VLAN 0 to HW filter on device bond6
[  327.954226][T12431] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1929'.
[  327.957272][T12431] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1929'.
[  328.281144][T12452] macsec2: entered allmulticast mode
[  328.283430][T12452] macsec0: entered allmulticast mode
[  328.285769][T12452] veth1_macvtap: entered allmulticast mode
[  329.345248][T12465] overlay: Unknown parameter 'smackfstransmute'
[  329.476837][T12470] virtio-fs: tag </dev/md0> not found
[  329.591211][T12474] overlayfs: failed to clone upperpath
[  329.795488][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  330.258169][T12480] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1943'.
[  330.314165][T12481] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1943'.
[  332.643034][T12548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1966'.
[  335.475265][ T5966] Bluetooth: hci4: command 0x1003 tx timeout
[  335.475492][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  335.537277][T12598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1981'.
[  336.739129][T12618] vxcan1: entered allmulticast mode
[  337.946218][T12648] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  338.581535][T12659] vxcan1: entered allmulticast mode
[  339.155340][ T5966] Bluetooth: hci4: command 0x1003 tx timeout
[  339.155690][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  339.758468][T12680] binder: 12679:12680 ioctl c0306201 800003c0 returned -14
[  339.760570][ T6110] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  339.762425][T12680] binder: 12679:12680 ioctl 89e7 800000c0 returned -22
[  339.939345][ T6110] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  339.942425][ T6110] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  339.945882][ T6110] usb 8-1: config 0 interface 0 has no altsetting 0
[  339.954211][ T6110] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  339.958337][ T6110] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  339.961089][ T6110] usb 8-1: Product: syz
[  339.962561][ T6110] usb 8-1: Manufacturer: syz
[  339.964133][ T6110] usb 8-1: SerialNumber: syz
[  339.983310][ T6110] usb 8-1: config 0 descriptor??
[  340.006234][ T6110] hub 8-1:0.0: bad descriptor, ignoring hub
[  340.009275][ T6110] hub 8-1:0.0: probe with driver hub failed with error -5
[  340.022944][ T6110] usb 8-1: selecting invalid altsetting 0
[  342.032298][T12738] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  342.034394][T12738] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  342.037503][T12738] vhci_hcd vhci_hcd.0: Device attached
[  342.345176][   T54] usb 46-1: SetAddress Request (26) to port 0
[  342.347238][   T54] usb 46-1: new SuperSpeed USB device number 26 using vhci_hcd
[  342.646738][T12739] vhci_hcd: connection reset by peer
[  342.651119][ T1140] vhci_hcd: stop threads
[  342.652493][ T1140] vhci_hcd: release socket
[  342.654278][ T1140] vhci_hcd: disconnect device
[  342.726056][ T6110] usb 8-1: USB disconnect, device number 28
[  343.704924][T12769] tipc: Started in network mode
[  343.706943][T12769] tipc: Node identity c28bb17bec21, cluster identity 4711
[  343.709791][T12769] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  343.712877][T12769] syzkaller0: entered promiscuous mode
[  343.714731][T12769] syzkaller0: entered allmulticast mode
[  343.728937][T12769] syzkaller0: mtu less than device minimum
[  343.732350][T12768] tipc: Resetting bearer <eth:syzkaller0>
[  343.743758][T12768] tipc: Disabling bearer <eth:syzkaller0>
[  344.105287][ T6019] usb 9-1: new full-speed USB device number 18 using dummy_hcd
[  344.257182][ T6019] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  344.260545][ T6019] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  344.263425][ T6019] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  344.266684][ T6019] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.271629][ T6019] usb 9-1: config 0 descriptor??
[  344.275793][ T6019] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  344.278265][ T6019] dvb-usb: bulk message failed: -22 (3/0)
[  344.281506][ T6019] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  344.286010][ T6019] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  344.288300][ T6019] usb 9-1: media controller created
[  344.290801][ T6019] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  344.295528][ T6019] dvb-usb: bulk message failed: -22 (6/0)
[  344.297805][ T6019] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  344.302190][ T6019] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input35
[  344.307507][ T6019] dvb-usb: schedule remote query interval to 150 msecs.
[  344.310154][ T6019] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  344.475210][ T6019] dvb-usb: bulk message failed: -22 (1/0)
[  344.477980][ T6019] dvb-usb: error while querying for an remote control event.
[  344.483172][T12773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.488486][T12773] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.635246][ T6019] dvb-usb: bulk message failed: -22 (1/0)
[  344.637311][ T6019] dvb-usb: error while querying for an remote control event.
[  344.647370][ T6018] usb 9-1: USB disconnect, device number 18
[  344.671546][ T6018] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  345.075277][ T5966] Bluetooth: hci4: command 0x1003 tx timeout
[  345.075350][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  345.136948][T12796] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2039'.
[  347.107481][T12823] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2045'.
[  347.163243][T12828] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2045'.
[  347.395265][   T54] usb 46-1: device descriptor read/8, error -110
[  347.785953][   T54] usb usb46-port1: attempt power cycle
[  348.175874][T12855] FAULT_INJECTION: forcing a failure.
[  348.175874][T12855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.180162][T12855] CPU: 3 UID: 0 PID: 12855 Comm: syz.3.2055 Not tainted syzkaller #0 PREEMPT(full) 
[  348.180179][T12855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.180186][T12855] Call Trace:
[  348.180191][T12855]  <TASK>
[  348.180197][T12855]  dump_stack_lvl+0x16c/0x1f0
[  348.180213][T12855]  should_fail_ex+0x512/0x640
[  348.180234][T12855]  _copy_to_user+0x32/0xd0
[  348.180245][T12855]  simple_read_from_buffer+0xcb/0x170
[  348.180263][T12855]  proc_fail_nth_read+0x197/0x240
[  348.180281][T12855]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  348.180300][T12855]  ? rw_verify_area+0xcf/0x6c0
[  348.180316][T12855]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  348.180334][T12855]  vfs_read+0x1e4/0xcf0
[  348.180346][T12855]  ? __pfx_vfs_read+0x10/0x10
[  348.180355][T12855]  ? find_held_lock+0x2b/0x80
[  348.180372][T12855]  ? __fget_files+0x20e/0x3c0
[  348.180393][T12855]  ksys_read+0x12a/0x250
[  348.180403][T12855]  ? __pfx_ksys_read+0x10/0x10
[  348.180414][T12855]  ? rcu_is_watching+0x12/0xc0
[  348.180429][T12855]  __do_fast_syscall_32+0x7c/0x300
[  348.180442][T12855]  do_fast_syscall_32+0x32/0x80
[  348.180453][T12855]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  348.180468][T12855] RIP: 0023:0xf709e579
[  348.180477][T12855] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  348.180488][T12855] RSP: 002b:00000000f548e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  348.180499][T12855] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f548e620
[  348.180506][T12855] RDX: 000000000000000f RSI: 00000000f7435ff4 RDI: 0000000000000000
[  348.180512][T12855] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  348.180519][T12855] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  348.180525][T12855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.180538][T12855]  </TASK>
[  348.314404][T12861] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2058'.
[  348.345835][   T54] usb usb46-port1: unable to enumerate USB device
[  348.368812][T12865] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2058'.
[  350.579748][T12908] lo speed is unknown, defaulting to 1000
[  350.823543][T12908] lo speed is unknown, defaulting to 1000
[  350.892476][T12911] lo speed is unknown, defaulting to 1000
[  350.987730][T12911] lo speed is unknown, defaulting to 1000
[  351.475365][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  351.836563][    T9] usb 9-1: new full-speed USB device number 19 using dummy_hcd
[  351.997060][    T9] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  352.000691][    T9] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  352.004031][    T9] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  352.008311][    T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.013191][    T9] usb 9-1: config 0 descriptor??
[  352.017139][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  352.019500][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  352.022869][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  352.026107][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  352.028358][    T9] usb 9-1: media controller created
[  352.030760][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  352.038102][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  352.040180][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  352.046412][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input36
[  352.051398][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  352.054240][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  352.233104][T12930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  352.246340][T12930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  352.412578][ T6019] usb 9-1: USB disconnect, device number 19
[  352.537625][ T6019] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  352.998989][T12948] netlink: 'syz.3.2081': attribute type 10 has an invalid length.
[  353.002129][T12948] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2081'.
[  353.010427][T12948] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  353.216307][ T5966] Bluetooth: hci4: sending frame failed (-49)
[  353.221015][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  354.225336][T12971] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2087'.
[  354.262124][T12975] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2089'.
[  354.266915][T12976] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2089'.
[  354.566090][  T838] usb 9-1: new full-speed USB device number 20 using dummy_hcd
[  354.716982][  T838] usb 9-1: not running at top speed; connect to a high speed hub
[  354.720658][  T838] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  354.726168][  T838] usb 9-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.40
[  354.729244][  T838] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.732024][  T838] usb 9-1: Product: syz
[  354.733470][  T838] usb 9-1: Manufacturer: syz
[  354.735460][  T838] usb 9-1: SerialNumber: syz
[  354.746433][T12982] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  354.955642][T12982] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2092'.
[  355.001997][  T838] usbhid 9-1:1.0: can't add hid device: -71
[  355.004047][  T838] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[  355.010369][  T838] usb 9-1: USB disconnect, device number 20
[  355.232620][T12997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  356.167782][T13020] FAULT_INJECTION: forcing a failure.
[  356.167782][T13020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.172355][T13020] CPU: 2 UID: 0 PID: 13020 Comm: syz.3.2102 Not tainted syzkaller #0 PREEMPT(full) 
[  356.172371][T13020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  356.172378][T13020] Call Trace:
[  356.172383][T13020]  <TASK>
[  356.172387][T13020]  dump_stack_lvl+0x16c/0x1f0
[  356.172403][T13020]  should_fail_ex+0x512/0x640
[  356.172423][T13020]  _copy_from_iter+0x29f/0x1720
[  356.172443][T13020]  ? __alloc_skb+0x200/0x380
[  356.172461][T13020]  ? __pfx__copy_from_iter+0x10/0x10
[  356.172486][T13020]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  356.172512][T13020]  netlink_sendmsg+0x829/0xdd0
[  356.172536][T13020]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.172557][T13020]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  356.172588][T13020]  ____sys_sendmsg+0xa95/0xc70
[  356.172608][T13020]  ? btrfs_read_block_groups+0x2000/0x2c40
[  356.172652][T13020]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.172673][T13020]  ? get_compat_msghdr+0x11a/0x170
[  356.172709][T13020]  ___sys_sendmsg+0x134/0x1d0
[  356.172728][T13020]  ? __pfx____sys_sendmsg+0x10/0x10
[  356.172757][T13020]  ? find_held_lock+0x2b/0x80
[  356.172793][T13020]  __sys_sendmsg+0x16d/0x220
[  356.172812][T13020]  ? __pfx___sys_sendmsg+0x10/0x10
[  356.172840][T13020]  ? rcu_is_watching+0x12/0xc0
[  356.172864][T13020]  __do_fast_syscall_32+0x7c/0x300
[  356.172885][T13020]  do_fast_syscall_32+0x32/0x80
[  356.172903][T13020]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  356.172924][T13020] RIP: 0023:0xf709e579
[  356.172940][T13020] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  356.172955][T13020] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  356.172973][T13020] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  356.172996][T13020] RDX: 0000000004000010 RSI: 0000000000000000 RDI: 0000000000000000
[  356.173008][T13020] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  356.173019][T13020] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  356.173029][T13020] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  356.173051][T13020]  </TASK>
[  356.453228][T13034] lo speed is unknown, defaulting to 1000
[  356.583855][T13034] lo speed is unknown, defaulting to 1000
[  356.639046][T13034] fuse: Bad value for 'fd'
[  383.319095][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  383.321660][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  406.015354][T13084] vivid-000: =================  START STATUS  =================
[  406.018692][T13084] vivid-000: Test Pattern: 75% Colorbar
[  406.022052][T13084] vivid-000: Fill Percentage of Frame: 100
[  406.024084][T13084] vivid-000: Horizontal Movement: Move Left Fast
[  406.027914][T13084] vivid-000: Vertical Movement: No Movement
[  406.030290][T13084] vivid-000: OSD Text Mode: All
[  406.032250][T13084] vivid-000: Show Border: false
[  406.033946][T13084] vivid-000: Show Square: false
[  406.036860][T13084] vivid-000: Sensor Flipped Horizontally: false
[  406.038940][T13084] vivid-000: Sensor Flipped Vertically: false
[  406.040948][T13084] vivid-000: Insert SAV Code in Image: false
[  406.042882][T13084] vivid-000: Insert EAV Code in Image: false
[  406.044974][T13084] vivid-000: Insert Video Guard Band: false
[  406.049410][T13084] vivid-000: Reduced Framerate: false
[  406.051498][T13084] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  406.054300][T13084] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  406.057273][T13084] vivid-000: Enable Capture Cropping: true grabbed
[  406.059645][T13084] vivid-000: Enable Capture Composing: true grabbed
[  406.064249][T13084] vivid-000: Enable Capture Scaler: true grabbed
[  406.067303][T13084] vivid-000: Timestamp Source: End of Frame
[  406.072215][T13084] vivid-000: Colorspace: SMPTE 170M
[  406.074372][T13084] vivid-000: Transfer Function: Default
[  406.077040][T13084] vivid-000: Y'CbCr Encoding: Default
[  406.083762][T13084] vivid-000: HSV Encoding: Hue 0-179
[  406.085363][ T6019] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  406.085860][T13084] vivid-000: Quantization: Default
[  406.095381][T13084] vivid-000: Apply Alpha To Red Only: false
[  406.097739][T13084] vivid-000: Standard Aspect Ratio: 4x3
[  406.103119][T13084] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  406.106254][T13084] vivid-000: DV Timings: 640x480p59 inactive
[  406.109222][T13084] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  406.112419][T13084] vivid-000: Maximum EDID Blocks: 2
[  406.119862][T13084] vivid-000: Limited RGB Range (16-235): false
[  406.122241][T13084] vivid-000: Rx RGB Quantization Range: Automatic
[  406.125682][T13084] vivid-000: Power Present: 0x00000001
[  406.128211][T13084] tpg source WxH: 720x576 (HSV)
[  406.130097][T13084] tpg field: 4
[  406.135921][T13084] tpg crop: (0,0)/64x64
[  406.138374][T13084] tpg compose: (0,0)/16x16
[  406.139849][T13084] tpg colorspace: 1
[  406.141356][T13084] tpg transfer function: 0/1
[  406.143049][T13084] tpg HSV encoding: 0/0
[  406.144951][T13084] tpg quantization: 0/1
[  406.147145][T13084] tpg RGB range: 0/2
[  406.148939][T13084] vivid-000: ==================  END STATUS  ==================
[  406.304097][ T6019] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  406.345575][ T6019] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  406.349796][ T6019] usb 8-1: config 0 interface 0 has no altsetting 0
[  406.358020][ T6019] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  406.365426][ T6019] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  406.369068][ T6019] usb 8-1: Product: syz
[  406.370930][ T6019] usb 8-1: Manufacturer: syz
[  406.374188][ T6019] usb 8-1: SerialNumber: syz
[  406.381775][ T6019] usb 8-1: config 0 descriptor??
[  406.400399][ T6019] hub 8-1:0.0: bad descriptor, ignoring hub
[  406.403074][ T6019] hub 8-1:0.0: probe with driver hub failed with error -5
[  406.411023][ T6019] usb 8-1: selecting invalid altsetting 0
[  406.497936][T13095] fuse: Bad value for 'fd'
[  406.972609][T13102] input: syz1 as /devices/virtual/input/input37
[  408.508445][T13114] IPVS: set_ctl: invalid protocol: 1 0.0.0.0:20000
[  409.175770][   T53] usb 8-1: USB disconnect, device number 29
[  409.359548][T13119] fuse: Bad value for 'fd'
[  410.261545][T13130] lo speed is unknown, defaulting to 1000
[  410.404336][T13130] lo speed is unknown, defaulting to 1000
[  410.866432][T13138] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2131'.
[  410.870532][T13138] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2131'.
[  411.714506][T13149] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  413.439084][T13163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2138'.
[  413.782302][T13177] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  414.118396][T13183] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2144'.
[  414.857876][T13190] 9pnet_fd: Insufficient options for proto=fd
[  414.972841][T13196] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  414.974910][T13196] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  414.978321][T13196] vhci_hcd vhci_hcd.0: Device attached
[  415.057436][T13200] lo speed is unknown, defaulting to 1000
[  415.060195][T13200] lo speed is unknown, defaulting to 1000
[  415.066949][T13200] lo speed is unknown, defaulting to 1000
[  415.098715][T13200] infiniband syś0: RDMA CMA: cma_listen_on_dev, error -98
[  415.323110][ T1342] usb 46-1: SetAddress Request (30) to port 0
[  415.325839][T13200] lo speed is unknown, defaulting to 1000
[  415.326443][ T1342] usb 46-1: new SuperSpeed USB device number 30 using vhci_hcd
[  415.329329][T13200] lo speed is unknown, defaulting to 1000
[  415.333797][T13200] lo speed is unknown, defaulting to 1000
[  415.336809][T13200] lo speed is unknown, defaulting to 1000
[  415.339479][T13200] lo speed is unknown, defaulting to 1000
[  415.931727][T13197] vhci_hcd: connection reset by peer
[  416.036254][   T46] vhci_hcd: stop threads
[  416.037952][   T46] vhci_hcd: release socket
[  416.039635][   T46] vhci_hcd: disconnect device
[  416.604824][T13213] lo speed is unknown, defaulting to 1000
[  416.779256][T13213] lo speed is unknown, defaulting to 1000
[  416.782577][T13213] lo speed is unknown, defaulting to 1000
[  417.365303][ T6018] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  417.528024][ T6018] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[  417.531605][ T6018] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  417.535737][ T6018] usb 9-1: config 0 interface 0 has no altsetting 0
[  417.540273][ T6018] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  417.543749][ T6018] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  417.548972][ T6018] usb 9-1: Product: syz
[  417.550929][ T6018] usb 9-1: Manufacturer: syz
[  417.553009][ T6018] usb 9-1: SerialNumber: syz
[  417.557448][ T6018] usb 9-1: config 0 descriptor??
[  417.563928][ T6018] hub 9-1:0.0: bad descriptor, ignoring hub
[  417.566735][ T6018] hub 9-1:0.0: probe with driver hub failed with error -5
[  417.572633][ T6018] usb 9-1: selecting invalid altsetting 0
[  418.912159][T13250] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2158'.
[  418.916711][T13250] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2158'.
[  420.418128][T13247] syz.2.2157 (13247) used greatest stack depth: 19256 bytes left
[  420.435231][ T1342] usb 46-1: device descriptor read/8, error -110
[  420.597505][ T6018] usb 9-1: USB disconnect, device number 21
[  420.836502][ T1342] usb usb46-port1: attempt power cycle
[  420.955376][ T6037] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  421.219187][ T6037] usb 8-1: config index 0 descriptor too short (expected 39, got 27)
[  421.222041][ T6037] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  421.226136][ T6037] usb 8-1: config 0 interface 0 has no altsetting 0
[  421.230874][ T6037] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  421.233722][ T6037] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  421.237308][ T6037] usb 8-1: Product: syz
[  421.238616][ T6037] usb 8-1: Manufacturer: syz
[  421.240140][ T6037] usb 8-1: SerialNumber: syz
[  421.243075][ T6037] usb 8-1: config 0 descriptor??
[  421.247121][ T6037] hub 8-1:0.0: bad descriptor, ignoring hub
[  421.249117][ T6037] hub 8-1:0.0: probe with driver hub failed with error -5
[  421.254065][ T6037] usb 8-1: selecting invalid altsetting 0
[  421.427058][ T1342] usb usb46-port1: unable to enumerate USB device
[  424.102822][T13299] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2172'.
[  424.125390][   T53] usb 8-1: USB disconnect, device number 30
[  424.214413][T13303] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2174'.
[  426.275689][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  426.348547][T13351] tc_dump_action: action bad kind
[  427.225257][T13377] netlink: 'syz.3.2196': attribute type 1 has an invalid length.
[  427.227882][T13377] netlink: 'syz.3.2196': attribute type 4 has an invalid length.
[  427.230354][T13377] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.2196'.
[  427.344553][T13380] 9pnet_fd: Insufficient options for proto=fd
[  427.566726][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  427.566738][   T40] audit: type=1326 audit(1759433009.443:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.585543][   T40] audit: type=1326 audit(1759433009.443:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.592717][   T40] audit: type=1326 audit(1759433009.443:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.601331][   T40] audit: type=1326 audit(1759433009.443:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.608661][   T40] audit: type=1326 audit(1759433009.443:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.615903][   T40] audit: type=1326 audit(1759433009.443:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=338 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.623598][   T40] audit: type=1326 audit(1759433009.443:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.631014][   T40] audit: type=1326 audit(1759433009.443:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.638017][   T40] audit: type=1326 audit(1759433009.443:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  427.645321][   T40] audit: type=1326 audit(1759433009.453:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.2204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  428.621010][T13421] lo speed is unknown, defaulting to 1000
[  428.855753][ T5966] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  428.863080][ T5966] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  428.867985][ T5966] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  428.872482][ T5966] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  428.876293][ T5966] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  428.922442][ T1141] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  428.934007][T13421] lo speed is unknown, defaulting to 1000
[  428.936935][T13421] lo speed is unknown, defaulting to 1000
[  428.965534][T13426] lo speed is unknown, defaulting to 1000
[  429.007596][ T1141] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.021504][T13421] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2212'.
[  429.024752][T13421] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2212'.
[  429.046265][T13421] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2212'.
[  429.049225][T13421] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2212'.
[  429.076293][   T53] Process accounting resumed
[  429.098395][T13421] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2212'.
[  429.103045][T13421] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2212'.
[  429.103914][ T1141] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.117260][T13426] lo speed is unknown, defaulting to 1000
[  429.123279][T13426] lo speed is unknown, defaulting to 1000
[  429.200285][ T1141] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.258971][T13426] chnl_net:caif_netlink_parms(): no params data found
[  429.562040][ T1141] bond1 (unregistering): (slave gretap1): Releasing active interface
[  429.574519][ T1141] bond2 (unregistering): (slave gretap2): Releasing active interface
[  429.577516][ T1141] gretap2 (unregistering): left allmulticast mode
[  429.654848][ T1141] bond1 (unregistering): (slave bridge1): Releasing active interface
[  429.796015][ T1141] bond0 (unregistering): Released all slaves
[  429.802679][ T1141] bond1 (unregistering): Released all slaves
[  429.809580][ T1141] bond2 (unregistering): Released all slaves
[  429.815749][T13426] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.818760][T13426] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.821682][T13426] bridge_slave_0: entered allmulticast mode
[  429.824845][T13426] bridge_slave_0: entered promiscuous mode
[  429.850213][T13426] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.854062][T13426] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.857583][T13426] bridge_slave_1: entered allmulticast mode
[  429.860948][T13426] bridge_slave_1: entered promiscuous mode
[  429.922108][T13426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  429.925780][ T1141] tipc: Disabling bearer <eth:team0>
[  429.929074][ T1141] tipc: Disabling bearer <eth:syzkaller0>
[  429.932182][ T1141] tipc: Left network mode
[  429.933957][T13426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  429.958608][ T1141] IPVS: stopping master sync thread 6173 ...
[  429.993578][T13449] vlan3: entered allmulticast mode
[  429.997311][T13449] dummy0: entered allmulticast mode
[  430.008555][T13426] team0: Port device team_slave_0 added
[  430.013442][T13426] team0: Port device team_slave_1 added
[  430.068640][T13426] batman_adv: batadv0: Adding interface: batadv_slave_0
[  430.070881][T13426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.079999][T13426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  430.127322][T13426] batman_adv: batadv0: Adding interface: batadv_slave_1
[  430.129841][T13426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.138212][T13426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  430.196504][T13426] hsr_slave_0: entered promiscuous mode
[  430.198978][T13426] hsr_slave_1: entered promiscuous mode
[  430.201123][T13426] debugfs: 'hsr0' already exists in 'hsr'
[  430.202976][T13426] Cannot create hsr debugfs directory
[  430.251501][T13458] Bluetooth: MGMT ver 1.23
[  430.414092][ T1141] hsr_slave_0: left promiscuous mode
[  430.417341][ T1141] hsr_slave_1: left promiscuous mode
[  430.445419][ T1141] veth1_macvtap: left promiscuous mode
[  430.447526][ T1141] veth0_macvtap: left promiscuous mode
[  430.450769][ T1141] veth1_vlan: left promiscuous mode
[  430.490688][T13469] vivid-000: =================  START STATUS  =================
[  430.493220][T13469] vivid-000: Test Pattern: 75% Colorbar
[  430.494989][T13469] vivid-000: Fill Percentage of Frame: 100
[  430.497029][T13469] vivid-000: Horizontal Movement: Move Left Fast
[  430.499508][T13469] vivid-000: Vertical Movement: No Movement
[  430.501721][T13469] vivid-000: OSD Text Mode: All
[  430.505532][T13469] vivid-000: Show Border: false
[  430.507171][T13469] vivid-000: Show Square: false
[  430.508851][T13469] vivid-000: Sensor Flipped Horizontally: false
[  430.510863][T13469] vivid-000: Sensor Flipped Vertically: false
[  430.512835][T13469] vivid-000: Insert SAV Code in Image: false
[  430.514772][T13469] vivid-000: Insert EAV Code in Image: false
[  430.517676][T13469] vivid-000: Insert Video Guard Band: false
[  430.519926][T13469] vivid-000: Reduced Framerate: false
[  430.521902][T13469] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  430.524604][T13469] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  430.527193][T13469] vivid-000: Enable Capture Cropping: true grabbed
[  430.529250][T13469] vivid-000: Enable Capture Composing: true grabbed
[  430.531346][T13469] vivid-000: Enable Capture Scaler: true grabbed
[  430.533392][T13469] vivid-000: Timestamp Source: End of Frame
[  430.535795][T13469] vivid-000: Colorspace: SMPTE 170M
[  430.537719][T13469] vivid-000: Transfer Function: Default
[  430.539774][T13469] vivid-000: Y'CbCr Encoding: Default
[  430.541661][T13469] vivid-000: HSV Encoding: Hue 0-179
[  430.543345][T13469] vivid-000: Quantization: Default
[  430.545029][T13469] vivid-000: Apply Alpha To Red Only: false
[  430.547283][T13469] vivid-000: Standard Aspect Ratio: 4x3
[  430.549158][T13469] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  430.551633][T13469] vivid-000: DV Timings: 640x480p59 inactive
[  430.553533][T13469] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  430.556139][T13469] vivid-000: Maximum EDID Blocks: 2
[  430.557936][T13469] vivid-000: Limited RGB Range (16-235): false
[  430.560112][T13469] vivid-000: Rx RGB Quantization Range: Automatic
[  430.562474][T13469] vivid-000: Power Present: 0x00000001
[  430.564264][T13469] tpg source WxH: 720x576 (HSV)
[  430.565917][T13469] tpg field: 4
[  430.567010][T13469] tpg crop: (0,0)/64x64
[  430.568396][T13469] tpg compose: (0,0)/16x16
[  430.569860][T13469] tpg colorspace: 1
[  430.571195][T13469] tpg transfer function: 0/1
[  430.572819][T13469] tpg HSV encoding: 0/0
[  430.574234][T13469] tpg quantization: 0/1
[  430.576011][T13469] tpg RGB range: 0/2
[  430.577466][T13469] vivid-000: ==================  END STATUS  ==================
[  430.760024][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  430.999442][   T63] Bluetooth: hci0: command tx timeout
[  432.180326][T13489] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2225'.
[  432.242842][T13492] vcan0: tx drop: invalid sa for name 0x0000000000000004
Connection to localhost closed by remote host.
[  432.835370][   T53] lo speed is unknown, defaulting to 1000
[  432.837315][   T53] infiniband syz0: ib_query_port failed (-19)
[  432.887092][T13494] syz_tun (unregistering): left allmulticast mode
[  432.889522][T13494] syz_tun (unregistering): left promiscuous mode
[  432.891861][T13494] bridge0: port 3(syz_tun) entered disabled state
[  433.025999][T13489] bond0: (slave syz_tun): Releasing backup interface
[  433.046587][   T61] smc: removing ib device syz1
[  433.080895][   T63] Bluetooth: hci0: command tx timeout
[  433.422530][ T1141] IPVS: stop unused estimator thread 0...
[  433.574018][   T61] ------------[ cut here ]------------
[  433.576034][   T61] GID entry ref leak for dev syz1 index 2 ref=1
[  433.578441][   T61] WARNING: CPU: 2 PID: 61 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x387/0x4b0
[  433.582980][   T61] Modules linked in:
[  433.591093][   T61] CPU: 2 UID: 0 PID: 61 Comm: kworker/u32:3 Not tainted syzkaller #0 PREEMPT(full) 
[  433.595463][   T61] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.599544][   T61] Workqueue: ib-unreg-wq ib_unregister_work
[  433.601356][   T61] RIP: 0010:gid_table_release_one+0x387/0x4b0
[  433.603206][   T61] Code: 07 00 00 48 85 f6 74 2b 48 89 74 24 38 e8 b1 d1 68 f9 48 8b 74 24 38 44 89 f1 44 89 ea 48 c7 c7 a0 92 74 8c e8 7a ac 27 f9 90 <0f> 0b 90 90 e9 6e fe ff ff e8 8b d1 68 f9 48 8d bd 78 07 00 00 48
[  433.609847][   T61] RSP: 0018:ffffc900007cfb50 EFLAGS: 00010286
[  433.612056][   T61] RAX: 0000000000000000 RBX: ffff888047dbce00 RCX: ffffffff81796528
[  433.614503][   T61] RDX: ffff88801fc1a480 RSI: ffffffff81796535 RDI: 0000000000000001
[  433.617108][   T61] RBP: ffff88806d9f0000 R08: 0000000000000001 R09: 0000000000000000
[  433.620335][   T61] R10: 0000000000000000 R11: 0000000000000000 R12: ffffed1008fb79db
[  433.624117][   T61] R13: 0000000000000002 R14: 0000000000000001 R15: dffffc0000000000
[  433.627180][   T61] FS:  0000000000000000(0000) GS:ffff888097e66000(0000) knlGS:0000000000000000
[  433.630281][   T61] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  433.633098][   T61] CR2: 00007ffed72c6070 CR3: 000000000df82000 CR4: 0000000000352ef0
[  433.636236][   T61] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  433.638912][   T61] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  433.641658][   T61] Call Trace:
[  433.642882][   T61]  <TASK>
[  433.644010][   T61]  ib_device_release+0xef/0x1e0
[  433.645909][   T61]  ? __pfx_ib_device_release+0x10/0x10
[  433.648369][   T61]  device_release+0xa4/0x240
[  433.650231][   T61]  kobject_put+0x1e4/0x5a0
[  433.651688][   T61]  put_device+0x1f/0x30
[  433.653014][   T61]  process_one_work+0x9cf/0x1b70
[  433.654665][   T61]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  433.657118][   T61]  ? __pfx_process_one_work+0x10/0x10
[  433.658823][   T61]  ? assign_work+0x1a0/0x250
[  433.660236][   T61]  worker_thread+0x6c8/0xf10
[  433.661677][   T61]  ? __kthread_parkme+0x19e/0x250
[  433.663231][   T61]  ? __pfx_worker_thread+0x10/0x10
[  433.664923][   T61]  kthread+0x3c2/0x780
[  433.666360][   T61]  ? __pfx_kthread+0x10/0x10
[  433.668160][   T61]  ? rcu_is_watching+0x12/0xc0
[  433.670252][   T61]  ? __pfx_kthread+0x10/0x10
[  433.672348][   T61]  ret_from_fork+0x56d/0x730
[  433.674107][   T61]  ? __pfx_kthread+0x10/0x10
[  433.675985][   T61]  ret_from_fork_asm+0x1a/0x30
[  433.677806][   T61]  </TASK>
[  433.679100][   T61] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  433.681582][   T61] CPU: 2 UID: 0 PID: 61 Comm: kworker/u32:3 Not tainted syzkaller #0 PREEMPT(full) 
[  433.684535][   T61] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.688341][   T61] Workqueue: ib-unreg-wq ib_unregister_work
[  433.690442][   T61] Call Trace:
[  433.692136][   T61]  <TASK>
[  433.693523][   T61]  dump_stack_lvl+0x3d/0x1f0
[  433.695436][   T61]  vpanic+0x6e8/0x7a0
[  433.697129][   T61]  ? __pfx_vpanic+0x10/0x10
[  433.698942][   T61]  ? gid_table_release_one+0x387/0x4b0
[  433.701192][   T61]  panic+0xca/0xd0
[  433.702495][   T61]  ? __pfx_panic+0x10/0x10
[  433.704086][   T61]  ? check_panic_on_warn+0x1f/0xb0
[  433.705719][   T61]  check_panic_on_warn+0xab/0xb0
[  433.707477][   T61]  __warn+0xf6/0x3c0
[  433.709087][   T61]  ? __pfx_vprintk_emit+0x10/0x10
[  433.710830][   T61]  ? gid_table_release_one+0x387/0x4b0
[  433.712631][   T61]  report_bug+0x3c3/0x580
[  433.714202][   T61]  ? gid_table_release_one+0x387/0x4b0
[  433.716042][   T61]  handle_bug+0x184/0x210
[  433.717534][   T61]  exc_invalid_op+0x17/0x50
[  433.719223][   T61]  asm_exc_invalid_op+0x1a/0x20
[  433.720900][   T61] RIP: 0010:gid_table_release_one+0x387/0x4b0
[  433.722972][   T61] Code: 07 00 00 48 85 f6 74 2b 48 89 74 24 38 e8 b1 d1 68 f9 48 8b 74 24 38 44 89 f1 44 89 ea 48 c7 c7 a0 92 74 8c e8 7a ac 27 f9 90 <0f> 0b 90 90 e9 6e fe ff ff e8 8b d1 68 f9 48 8d bd 78 07 00 00 48
[  433.729279][   T61] RSP: 0018:ffffc900007cfb50 EFLAGS: 00010286
[  433.731171][   T61] RAX: 0000000000000000 RBX: ffff888047dbce00 RCX: ffffffff81796528
[  433.733878][   T61] RDX: ffff88801fc1a480 RSI: ffffffff81796535 RDI: 0000000000000001
[  433.736508][   T61] RBP: ffff88806d9f0000 R08: 0000000000000001 R09: 0000000000000000
[  433.739328][   T61] R10: 0000000000000000 R11: 0000000000000000 R12: ffffed1008fb79db
[  433.741864][   T61] R13: 0000000000000002 R14: 0000000000000001 R15: dffffc0000000000
[  433.744446][   T61]  ? __warn_printk+0x198/0x350
[  433.745973][   T61]  ? __warn_printk+0x1a5/0x350
[  433.747530][   T61]  ib_device_release+0xef/0x1e0
[  433.749302][   T61]  ? __pfx_ib_device_release+0x10/0x10
[  433.750993][   T61]  device_release+0xa4/0x240
[  433.752728][   T61]  kobject_put+0x1e4/0x5a0
[  433.754164][   T61]  put_device+0x1f/0x30
[  433.755475][   T61]  process_one_work+0x9cf/0x1b70
[  433.757027][   T61]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  433.759349][   T61]  ? __pfx_process_one_work+0x10/0x10
[  433.761514][   T61]  ? assign_work+0x1a0/0x250
[  433.763670][   T61]  worker_thread+0x6c8/0xf10
[  433.765658][   T61]  ? __kthread_parkme+0x19e/0x250
[  433.767551][   T61]  ? __pfx_worker_thread+0x10/0x10
[  433.769308][   T61]  kthread+0x3c2/0x780
[  433.770861][   T61]  ? __pfx_kthread+0x10/0x10
[  433.772804][   T61]  ? rcu_is_watching+0x12/0xc0
[  433.774565][   T61]  ? __pfx_kthread+0x10/0x10
[  433.776411][   T61]  ret_from_fork+0x56d/0x730
[  433.778382][   T61]  ? __pfx_kthread+0x10/0x10
[  433.780200][   T61]  ret_from_fork_asm+0x1a/0x30
[  433.782541][   T61]  </TASK>
[  433.784749][   T61] Kernel Offset: disabled
[  433.786737][   T61] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:23:29  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88804cdf0e80 RCX=ffffc900001e7a64 RDX=0000000000000002
RSI=ffffffff8d99cf1a RDI=ffffffff8bd00dc0 RBP=dffffc0000000000 RSP=ffffc900001e7a88
R8 =0000000000000001 R9 =fffff5200003cf48 R10=0000000000000003 R11=0000000000000000
R12=ffffffff8b1a86d0 R13=ffff88804cdf0e80 R14=ffff88801d2fc900 R15=0000000000000003
RIP=ffffffff8196ca5a RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097c66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffed72c6070 CR3=000000000df82000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000104080 Opmask01=0000000000000000 Opmask02=000000000101001f Opmask03=0000000082000020
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 449f888f49f161f5 b05ec3e9ae2c939c
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 33782bc261945fda 3306958e41dadc32
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d823ca2a7cda766 f6133cc6147adb85
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9c70344e19ed26b1 f3ac75f591a393f1
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005dc0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9f608a00f126fb00 0000000700010789
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9cc61200eb49d200 02bd3600de9f4800
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e91e000000010789 0000000400010782
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001078a fd44100000000002
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cea7be7fb3f26aaa 845f88a9b3483089
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bc2f66f061960470 f264c70274d7ac50
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 642f33647261632f 646e756f732f302e 303a312d382f312d 382f386273752f33
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 337073642f336472 61632f646e756f73 2f302e303a312d38 2f312d382f386273
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 752f332e6463685f 796d6d75642f6d72 6f6674616c702f73 6563697665642f73
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7766736c6d61722c 4142312c4339312c 3739312c3539312c 3339312c3239312c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3139312c3039312c 4638312c4538312c 4238312c3938312c 3838312c3538312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3438312c3138312c 3937312c3737312c 3437312c4436312c 4336312c3636312c
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3336312c3136312c 3036312c30462c46 442c30442c46432c 38412c37412c4639
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffff110056e76c8 RBX=ffff88802b73b640 RCX=ffffffff81ae6c7b RDX=ffff88801d6b8000
RSI=ffffffff849b004b RDI=ffff88802b73b640 RBP=0000000000000000 RSP=ffffc90000590f78
R8 =0000000000000001 R9 =ffffed10056a76d0 R10=ffff88802b53b687 R11=ffffc90000590ff8
R12=dffffc0000000000 R13=0000000000000001 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff849b0057 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097d66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffed72c6070 CR3=0000000063027000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080000010 Opmask01=0000000000021d1f Opmask02=00000000ffff1fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000007000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1600000010 000000003de00ec6
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffebd0896e8 00007ffebd089720
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000649 00007f1675e8738d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1600000010 00007ffebd089720
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffebd089718 00007ffebd089750
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1675d1b025
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffebd089750
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6e6e6e6e6e6e6e 6e6e6e6e6e6e6e6e
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6e6e6e6e6e6e6e 645f0f0a1d41180b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f72726520636269 6c67206c61746146 000000706d74752f 6e75722f7261762f
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 640065676175676e 616c5f626400656c 7075745f62640062 6f6c625f62640065
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800494b4d594b42 4d405f4e48004940 5c59585f4e48004e 43404e5f4e480049
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73203034313d6873 657268745f676f64 68637461772e6575 6575716b726f7720
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e617020343d7372 6f6e696d5f796361 67656c5f6d756e5f 6964656d6f632e69
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64656d6f63203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2bdf3228df3822 282b2e2fdf37342d 280b0412bfc92435 283232282c31242f
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 24bf242d282b232c 22ee222e312feebf 222e312feebf2435 283232282c31242f
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851d3355 RDI=ffffffff9ab52140 RBP=ffffffff9ab52100 RSP=ffffc900007cf4b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000003a R14=ffffffff9ab52100 R15=ffffffff851d32f0
RIP=ffffffff851d337f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097e66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffed72c6070 CR3=000000000df82000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000104080 Opmask01=000000000000003f Opmask02=00000000fffdffbf Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000a60ce07b 00000000cec3662e
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 14090fdc0bcf220a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7d547f1b20
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7d547f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737373 431e161e035c1810
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 54003d534b4e494c 564544003d4d4554 535953425553003d 4854415056454400
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 464505b913128500 0000000000000010 0030313831353131 32343d44455a494c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100041b9575bd056 4544003d44495546 4574317d757a7c67 77703d0910141809
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f6d67fd5f5fff5f 7f7f7fff757ff57f 5f767fff7f7ffff7 77777d0b7f7c7b6f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343d440034303234 3230340031310038 3134333831303300 3433353732303432
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000010000000000 0000000000000010 0000313831303100 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000f9823db2 RBX=ffff88801bf12fb0 RCX=000000001a5a9676 RDX=00000000f9823db2
RSI=ffff88801bf12fd8 RDI=00000000607aa836 RBP=0000000000000000 RSP=ffffc900005bf670
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffff88801bf12fd8 R13=ffff88801bf12480 R14=00000000bad0ae41 R15=0000000000000001
RIP=ffffffff8196b030 RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097f66000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffed72c6070 CR3=000000000df82000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000104080 Opmask01=0000000000000000 Opmask02=00000000013f001f Opmask03=0000000082000020
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 aa66677b76212474 52c2a9f5bbcdbf03
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d8282b69e899f95a 02b1f3743c535415
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7a270bd9ccf25ca9 567a5649c568254d
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8f28cf949bdf62c0 377f664c80ccef78
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 fad9e8373f5ce5cd a983464a1c328d97
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e3b33c0c53a3c08 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 443f2be66c2503d0 61404a77ca22c303
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5490641900000000 29d9dc0dfc571d0f
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c9f01d65a1f11a1 d34b02f45ca26031
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1e223e01aaf621d7 e915d68fca19f8b7
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 612f33647261632f 646e756f732f302e 303a312d382f312d 382f386273752f33
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 336f696475612f33 647261632f646e75 6f732f302e303a31 2d382f312d382f38
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6273752f332e6463 685f796d6d75642f 6d726f6674616c70 2f73656369766564
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558686fceb70 0000558686fcec70 0000558686fcecf0 0000558686fcead0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558686fcebf0 0000558686fcf8d0 0000558686fdbc90 0000558686fdc4f0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558686fcf230 0000558686fd9420 0000558686fccc20 0000558686fdf260
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558686fcba10 0000558686fdd040 0000558686fca730 0000558686fc6630
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000