last executing test programs:

4m53.389299237s ago: executing program 1 (id=528):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x9)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000300)={&(0x7f00001d5000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/68, 0x44, 0x1, &(0x7f0000000100)=""/19, 0x13}, &(0x7f0000000340)=0x40)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$netlink(0x10, 0x3, 0x12)
lremovexattr(0x0, &(0x7f00000001c0)=@known='system.posix_acl_default\x00')
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
write$dsp(r3, &(0x7f0000000380)="e2c16f13722e083015f96d2ebf0bd91f36fbaab1e45926c5a6a3671b2cd6060fc70f5a8a7073b7e9230816eb7f8a7acec8b6ae9bff19f77453bf9a27bab9a6d85f6336821932e69b2b57e736d9eddf7c1b9340f2f227", 0x56)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r4, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
io_uring_enter(r4, 0x4e14, 0x912a, 0x41, 0x0, 0x0)
io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e6, 0x2, 0x2, 0xf2})

4m45.042435083s ago: executing program 1 (id=547):
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@private0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x8, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x80000000000000, 0x5}, 0x400, 0x0, 0x0, 0x3}}, 0xb4}}, 0x4c050) (async)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@private0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x8, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x80000000000000, 0x5}, 0x400, 0x0, 0x0, 0x3}}, 0xb4}}, 0x4c050)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0xfffffff8, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c) (async)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0xfffffff8, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000000000000100000005000500ea000000080004000000000005000600000000000800030001"], 0x34}}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x0, 0x0, 0x54, 0x6}, 0x9c)

4m44.285762027s ago: executing program 1 (id=549):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x40800)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
unshare(0x62040200)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f00000002c0)={'broute\x00', 0x8800, 0x0, 0x0, [0x3, 0x7, 0x4, 0x1, 0x2, 0x7]}, &(0x7f0000000200)=0x78)

4m43.959604511s ago: executing program 1 (id=550):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xf0)
connect$ax25(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000500)='/sys/kernel/notes', 0x0, 0x90)
fsetxattr$security_capability(r1, &(0x7f0000000200), 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0xab3011, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
bind$ax25(r0, &(0x7f0000000080)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x48)

4m43.844749464s ago: executing program 1 (id=551):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x200000000000017d, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4a, '\x00', 0x0, 0x0, r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000900)='dlm_ast\x00', r1, 0x0, 0x10001}, 0x18)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/rcu_normal', 0x88102, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x700, 0xfdef)
lsetxattr$trusted_overlay_upper(&(0x7f0000000240)='./file0\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00fb880403c48768ebe7f2b1e178878f33168a7a6505c169f0e9297b7ff2cc951b930d606e6c4d159bfe8a89fd6392ee1cd8f32921d6a47a8d004c2b74dd29978cc60fcdf864739f970b1c6f83f4e886e59dc208ecdb396d5d1da1f3bb4edc191bd3358d923019665ab60264832cef85b37842a77e9fc38a454e71c6dbc263d73b3e7f540f2b"], 0x88, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f00000003c0))
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
r8 = openat(r2, &(0x7f0000000100)='./file0\x00', 0x2b4181, 0xae)
preadv(r8, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
read$FUSE(r8, &(0x7f0000005b80)={0x2020}, 0x2020)
ioctl$BTRFS_IOC_ADD_DEV(r7, 0xff08, 0x0)
r9 = gettid()
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r10, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000000)='\x00', 0x1)
write$rfkill(r10, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)

4m43.24746228s ago: executing program 1 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6(0xa, 0x3, 0x5)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x301, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4840}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
accept4$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x800)
r4 = dup(r3)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
write$UHID_INPUT(r4, &(0x7f0000002100)={0x18, {"a2e3ad2119c752f91b5e09091bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838721a0890e0878f0e1ac6e7049b3d63959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d076d0936cd3b78130daa61d8e809ea889b5802b77f07ffff27b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469d8524ce2000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70d998ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5af098ce9ee70771aaa18119a867e1088334935e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df61d4b0794c9ac711989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000108000e0a37ce0d0d4aa202f928f28381aab144a52429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c5389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe765f43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b2fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f794c9eee1198751adaa13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6cc02608dc715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d8872fe174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dc9d719c1484d2f980000000203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x24, 0x3f, 0x1, 0x70bd2c, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x10, 0x0, 0x1, [@nested={0x4, 0xa}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

4m43.004345756s ago: executing program 32 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6(0xa, 0x3, 0x5)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x301, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4840}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
accept4$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x800)
r4 = dup(r3)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
write$UHID_INPUT(r4, &(0x7f0000002100)={0x18, {"a2e3ad2119c752f91b5e09091bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838721a0890e0878f0e1ac6e7049b3d63959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d076d0936cd3b78130daa61d8e809ea889b5802b77f07ffff27b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469d8524ce2000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70d998ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5af098ce9ee70771aaa18119a867e1088334935e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df61d4b0794c9ac711989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000108000e0a37ce0d0d4aa202f928f28381aab144a52429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c5389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe765f43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b2fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f794c9eee1198751adaa13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6cc02608dc715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d8872fe174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dc9d719c1484d2f980000000203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x24, 0x3f, 0x1, 0x70bd2c, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x10, 0x0, 0x1, [@nested={0x4, 0xa}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

3m44.129204464s ago: executing program 0 (id=772):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) (fail_nth: 8)

3m43.891944339s ago: executing program 0 (id=773):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
recvfrom$l2tp(r2, 0x0, 0x0, 0x120, 0x0, 0x0)
bind$l2tp(r2, &(0x7f0000000040), 0x10)
sendto$l2tp(r2, &(0x7f0000000280)="e5786a0d000000000000003b", 0xc, 0x8000, &(0x7f0000000240)={0x2, 0x0, @loopback}, 0x10)
syz_emit_ethernet(0x14, &(0x7f00000005c0)={@local, @local, @val={@void, {0x8100, 0x3, 0x0, 0x1}}, {@generic={0x8863, "5aa7"}}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4048aecb, &(0x7f0000000080))

3m43.706928712s ago: executing program 0 (id=774):
syz_io_uring_setup(0x12e, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x3, 0xfffffffd}, &(0x7f0000000140), &(0x7f0000000280))
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000180)=0x5, 0x4)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000"], 0x48)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000480)=""/207, 0xcf}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000000340)=""/114, 0x72}], 0x3}, 0x40010021)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r7 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0x7728, 0x0, 0x800004, 0xfffffffc, 0x0, r1}, &(0x7f0000000140), &(0x7f0000000280)=<r8=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xb, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat2(r5, 0x0, &(0x7f0000000080)={0x0, 0x40, 0x38}, 0x18)
syz_io_uring_submit(0x0, r8, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)

3m42.803950173s ago: executing program 0 (id=776):
r0 = openat$cdrom(0xffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000340)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0xfffffffe, 0x0, 0x54}, 0x9c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
r2 = socket(0x1f, 0x3, 0x10001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x11}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x17}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f00000001c0)="0101000871a7832e6b7303c3cd59", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, 0x50)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000440)=@assoc_value, &(0x7f0000000480)=0x8)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0xab3011, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
ioctl$CDROMREADTOCENTRY(r0, 0x5306, &(0x7f0000000300)={0x2, 0x9, 0x6, 0x3, @msf={0x0, 0x4, 0xa}, 0x3})
umount2(&(0x7f0000000400)='./file0\x00', 0x6)

3m42.501211876s ago: executing program 0 (id=780):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x3, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket(0xa, 0x3, 0x3a)
r3 = fcntl$getown(r0, 0x9)
ptrace$setsig(0x4203, r3, 0x48, &(0x7f0000000340)={0x1f, 0x3, 0x3})
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private0, 0x809}, {0xa, 0x8, 0x0, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe, 0x0, 0xffffffff]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x4e22, 0x0, @mcast1}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r4 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc75}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000480))
socket$kcm(0x11, 0x3, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_setup(0x5b03, &(0x7f00000003c0)={0x0, 0xef71, 0x800, 0x2, 0x2f1}, &(0x7f00000001c0), &(0x7f0000000440))
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

3m42.023725303s ago: executing program 0 (id=784):
syz_io_uring_setup(0x12e, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x3, 0xfffffffd}, &(0x7f0000000140), &(0x7f0000000280))
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000180)=0x5, 0x4)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000"], 0x48)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000480)=""/207, 0xcf}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000000340)=""/114, 0x72}], 0x3}, 0x40010021)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r5 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0x7728, 0x0, 0x800004, 0xfffffffc}, &(0x7f0000000140), &(0x7f0000000280)=<r6=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xb, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat2(r3, 0x0, &(0x7f0000000080)={0x0, 0x40, 0x38}, 0x18)
syz_io_uring_submit(0x0, r6, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)

3m41.976331468s ago: executing program 33 (id=784):
syz_io_uring_setup(0x12e, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x3, 0xfffffffd}, &(0x7f0000000140), &(0x7f0000000280))
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000180)=0x5, 0x4)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000"], 0x48)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000480)=""/207, 0xcf}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000000340)=""/114, 0x72}], 0x3}, 0x40010021)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r5 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0x7728, 0x0, 0x800004, 0xfffffffc}, &(0x7f0000000140), &(0x7f0000000280)=<r6=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xb, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat2(r3, 0x0, &(0x7f0000000080)={0x0, 0x40, 0x38}, 0x18)
syz_io_uring_submit(0x0, r6, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)

49.490878021s ago: executing program 5 (id=1637):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r5}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000680), 0x2000006c, r5}, 0x38)
sendto$inet6(r1, &(0x7f0000000100)="b8", 0x1, 0x2000c851, 0x0, 0x0)
shutdown(r1, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f00000000c0)={0x0, 0x6, 0x1, 'j'}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000001600)={0x0, 0x6}, 0x8)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffffff7}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4004800}, 0x20048888)

48.542364057s ago: executing program 5 (id=1639):
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = syz_io_uring_setup(0x766e, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)

48.492441548s ago: executing program 5 (id=1640):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000940)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUCODE(r1, 0xc018480d, &(0x7f0000000480)={0x1, 0x200, 0x0, 0xfc000000, 0x3, 0x4})

46.852302056s ago: executing program 5 (id=1652):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x428480, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140080001000010000000000000000000100000a3c000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b140000001100010000000000000000000100000a"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r3, &(0x7f00000000c0)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

45.92220141s ago: executing program 5 (id=1663):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000500)='ramfs\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file1/file0/file0\x00', 0x0, 0x18}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0x1}}, './file0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

45.002568373s ago: executing program 5 (id=1670):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
mkdirat(0xffffffffffffff9c, 0x0, 0x30)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readv(r3, &(0x7f0000000000), 0x0)
ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000100), 0x8)
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
getsockopt$inet6_buf(r4, 0x29, 0x6, 0x0, &(0x7f0000000180))

29.992568414s ago: executing program 34 (id=1670):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
mkdirat(0xffffffffffffff9c, 0x0, 0x30)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readv(r3, &(0x7f0000000000), 0x0)
ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000100), 0x8)
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
getsockopt$inet6_buf(r4, 0x29, 0x6, 0x0, &(0x7f0000000180))

21.891213067s ago: executing program 4 (id=1749):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='fd/3\x00')
r1 = fanotify_init(0x0, 0x2)
fanotify_mark(r1, 0x1, 0x8000039, r0, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/46, 0x2e}], 0x1, 0xf44, 0x2)

21.721007506s ago: executing program 4 (id=1750):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x8000000}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f00000001c0)={{}, {0x41}, [], {}, [], {0x10, 0x2}}, 0x24, 0x0)

21.641672652s ago: executing program 4 (id=1751):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r4, 0xc0844123, &(0x7f0000000340)={0x2, "68957441f6e2eaf1f36e8fa7cd59f218dc49a9c4743197a41a6261674f2456cc6b12f2cc8c8e8a1ed772bd9b68ab8d3993a0755147aafd25b10aab6d9656291e"})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
getresgid(0x0, 0x0, 0x0)

20.712060803s ago: executing program 4 (id=1753):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETGAMMA(r4, 0xc02064a5, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="040b0b00c9003ac02216a150c0c9"], 0xe)

19.822361897s ago: executing program 4 (id=1757):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
getpid()

18.922208677s ago: executing program 4 (id=1760):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80080)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x1, 0x3, 0xb}, 0x20)
write$P9_RXATTRWALK(r0, &(0x7f0000000000)={0xf, 0x1f, 0x1, 0x7ff}, 0xf)
write$binfmt_elf32(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0xf7, 0x9, 0xf, 0x3, 0x87e, 0x2, 0x3, 0x3e, 0x133, 0x38, 0x266, 0x6e, 0x101, 0x20, 0x2, 0x7, 0x1, 0x55e}, [{0x4, 0xffffff81, 0x2, 0x7fff, 0x8003, 0x7, 0x3, 0x7}, {0x6474e554, 0x0, 0x4, 0x5, 0x400, 0x5, 0x101, 0x9}], "eb112aecc2b24dfb988cd483b1fcdbf7f493f7acfa7392bc3366eac2946217ce12ce30359b2aa006641c1da838e694eb9f53d0cec7605151cd49d0366d5a830f0141b5cf593d7b7257b16b0577629e5ad9291bf6648119aef6daf2156cd98891a4cc37e7d4fe5eb33928253494eee88c5a1aa37e578bf7ddc1764420ec8bf7a9ab231d5c70e3a6c98ebfb603b45ee70dc9c5c94209456917183e143f60299a43d188500d1a3b40f4cff23817f7e204bf6fee04fa5c365bbb5ead2bcada5f96ce09c8b83fd52d3b5b36dddea2fd730b", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa47)
close_range(r1, 0xffffffffffffffff, 0x0)

4.819145226s ago: executing program 2 (id=1784):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(r0, &(0x7f0000001c80)={0x0, 0x0, 0x0}, 0x80)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000940)="5c00000012006bab9a3fe3d86e17aa0a046b870af34f04001a001931a0e69ee517d2301f2febcf0eca707888d34460bc8c000000a705251e6182949a3651f60a84c9e4d4938037e70e4509c5bb00000000000000000000ee17459447", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x10)
recvmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000009c0)=""/195, 0xc3}, {&(0x7f0000000ac0)=""/211, 0xd3}, {&(0x7f0000001dc0)=""/4094, 0xffe}, {&(0x7f0000000100)=""/222, 0xde}, {&(0x7f0000000380)=""/224, 0xe0}, {&(0x7f0000000780)=""/213, 0xd5}, {&(0x7f0000000c80)=""/4079, 0xfef}, {&(0x7f0000001cc0)=""/242, 0xf2}, {&(0x7f00000005c0)=""/197, 0xc5}], 0x9}, 0x40000002)

3.931808812s ago: executing program 35 (id=1760):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80080)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x1, 0x3, 0xb}, 0x20)
write$P9_RXATTRWALK(r0, &(0x7f0000000000)={0xf, 0x1f, 0x1, 0x7ff}, 0xf)
write$binfmt_elf32(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0xf7, 0x9, 0xf, 0x3, 0x87e, 0x2, 0x3, 0x3e, 0x133, 0x38, 0x266, 0x6e, 0x101, 0x20, 0x2, 0x7, 0x1, 0x55e}, [{0x4, 0xffffff81, 0x2, 0x7fff, 0x8003, 0x7, 0x3, 0x7}, {0x6474e554, 0x0, 0x4, 0x5, 0x400, 0x5, 0x101, 0x9}], "eb112aecc2b24dfb988cd483b1fcdbf7f493f7acfa7392bc3366eac2946217ce12ce30359b2aa006641c1da838e694eb9f53d0cec7605151cd49d0366d5a830f0141b5cf593d7b7257b16b0577629e5ad9291bf6648119aef6daf2156cd98891a4cc37e7d4fe5eb33928253494eee88c5a1aa37e578bf7ddc1764420ec8bf7a9ab231d5c70e3a6c98ebfb603b45ee70dc9c5c94209456917183e143f60299a43d188500d1a3b40f4cff23817f7e204bf6fee04fa5c365bbb5ead2bcada5f96ce09c8b83fd52d3b5b36dddea2fd730b", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa47)
close_range(r1, 0xffffffffffffffff, 0x0)

3.882004089s ago: executing program 2 (id=1788):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800786a00"/28, @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="17000000000000000084000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)

3.832170094s ago: executing program 2 (id=1790):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x18, r1, 0x1, 0xffffffff, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x4}]}, 0x18}}, 0x0)

3.832034428s ago: executing program 2 (id=1791):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x1409, 0x219, 0x70bd2b, 0x25dfdbfd}, 0x10}, 0x1, 0x0, 0x0, 0x20040048}, 0x14)

3.771509431s ago: executing program 2 (id=1792):
socket(0x400000000010, 0x3, 0x0)
modify_ldt$read_default(0x2, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_procfs(r0, &(0x7f00000003c0)='statm\x00')
read$FUSE(r3, &(0x7f0000004180)={0x2020}, 0x2020)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="580000000008010200000000000000000200ffff0600024022eb000005000300ffff00000900010073797a3000000000260004"], 0x58}, 0x1, 0x0, 0x0, 0x20000015}, 0x40)

2.61224534s ago: executing program 6 (id=1795):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r3)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.10111684s ago: executing program 3 (id=1796):
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x402, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0xfff, 0x100000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000080)={0xd7, 0x1000, 0x2000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10)

2.100873686s ago: executing program 3 (id=1797):
clock_adjtime(0x0, &(0x7f0000000380)={0x3ff, 0xfff0bdc1, 0x4100, 0xb, 0x0, 0xf423f, 0x800000000000003, 0x1000006, 0x0, 0x100, 0x3, 0x0, 0x7, 0x0, 0x9f, 0x2, 0x0, 0x0, 0x300000000000, 0x9, 0x8001, 0x5, 0xfffffffffffffffd, 0x3, 0x0, 0xe})

2.031996309s ago: executing program 3 (id=1798):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = fsopen(0x0, 0x1)
r4 = fsmount(r3, 0x0, 0x1)
fchdir(r4)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x8880, 0x10)
lseek(r5, 0x538a, 0x1)

1.772166412s ago: executing program 6 (id=1799):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x8000, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1.641957741s ago: executing program 6 (id=1800):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x3, 0xff)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3ac}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, &(0x7f0000000f40)={0x4, 0x1, '\x00', [@ra={0x5, 0x2, 0xa}, @ra={0x5, 0x2, 0x5000}, @ra={0x5, 0x2, 0x7}, @padn]}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000000)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000080), r3, 0x0, 0x3, 0x1}}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'dummy0\x00'})
pread64(0xffffffffffffffff, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)

1.411670084s ago: executing program 6 (id=1801):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000018c0)=ANY=[], 0x118)
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, 0x0, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
socket$inet6(0xa, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r5=>0x0})
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/ipc\x00')
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x1c, r4, 0xd66771a5e8224ded, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0)

1.101198023s ago: executing program 3 (id=1802):
write$RDMA_USER_CM_CMD_NOTIFY(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, 0x0, 0x0)
bind$inet6(r3, 0x0, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r4, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

701.09969ms ago: executing program 2 (id=1803):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x7, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x10}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)={0x0, @multicast2, @multicast1}, &(0x7f0000000040)=0xc)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
socket(0x1e, 0x805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = shmget(0x1, 0x4000, 0xa20, &(0x7f0000ffb000/0x4000)=nil)
shmat(r6, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r7, 0x3)
accept4$bt_l2cap(r7, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0)
setsockopt$MRT6_DEL_MIF(r2, 0x29, 0xcb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x7}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {}, {0x18, 0x7, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{}, {0x6, 0x0, 0x5, 0x7}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

520.343169ms ago: executing program 6 (id=1804):
socket(0x840000000002, 0x3, 0xff)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x5c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x2c, 0x2, {{0xfffffffb, 0x3, 0x8, 0x3, 0xfffffffd, 0x5}, [@TCA_NETEM_CORR={0x10, 0x1, {0x80000000, 0xff, 0xe}}]}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)

390.507666ms ago: executing program 6 (id=1805):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000040)={0x2000, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
poll(&(0x7f0000000780)=[{r5, 0x3230}], 0x1, 0x40000)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r3, 0xffffffffffffffff, 0x0)

180.546952ms ago: executing program 3 (id=1806):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x1fffff, 0x1, 0x11, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0xe)
gettid()
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

0s ago: executing program 3 (id=1807):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000340)={r4, 0x0, 0x0, 0x0, 0x1, [<r5=>0x0], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={r5, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r6})

kernel console output (not intermixed with test programs):

 device bond0
[  454.532703][T10102] mac80211_hwsim hwsim14 wlan1: entered allmulticast mode
[  454.546677][T10102] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  454.591870][T10112] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1000'.
[  455.991911][T10150] FAULT_INJECTION: forcing a failure.
[  455.991911][T10150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.996215][T10150] CPU: 1 UID: 0 PID: 10150 Comm: syz.2.1010 Not tainted syzkaller #0 PREEMPT(full) 
[  455.996236][T10150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.996244][T10150] Call Trace:
[  455.996250][T10150]  <TASK>
[  455.996255][T10150]  dump_stack_lvl+0x16c/0x1f0
[  455.996283][T10150]  should_fail_ex+0x512/0x640
[  455.996311][T10150]  copy_fpstate_to_sigframe+0x854/0xaf0
[  455.996332][T10150]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  455.996347][T10150]  ? posixtimer_deliver_signal+0x105/0x6b0
[  455.996372][T10150]  ? x86_task_fpu+0x5f/0x90
[  455.996397][T10150]  get_sigframe+0x4a8/0x9c0
[  455.996424][T10150]  ? __pfx_get_sigframe+0x10/0x10
[  455.996446][T10150]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  455.996471][T10150]  ? _raw_spin_unlock_irq+0x29/0x50
[  455.996490][T10150]  ? siginfo_layout+0x177/0x290
[  455.996514][T10150]  ia32_setup_rt_frame+0xe3/0xb30
[  455.996535][T10150]  ? __pfx_mntput_no_expire+0x10/0x10
[  455.996556][T10150]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  455.996582][T10150]  arch_do_signal_or_restart+0x471/0x790
[  455.996606][T10150]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  455.996628][T10150]  ? __pfx_do_handle_open+0x10/0x10
[  455.996654][T10150]  ? ksys_write+0x1ac/0x250
[  455.996675][T10150]  ? __pfx_ksys_write+0x10/0x10
[  455.996701][T10150]  exit_to_user_mode_loop+0x85/0x130
[  455.996721][T10150]  __do_fast_syscall_32+0x240/0x300
[  455.996747][T10150]  do_fast_syscall_32+0x32/0x80
[  455.996770][T10150]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  455.996789][T10150] RIP: 0023:0xf706d579
[  455.996801][T10150] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  455.996816][T10150] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[  455.996832][T10150] RAX: 0000000000000005 RBX: 0000000000000003 RCX: 0000000080000140
[  455.996842][T10150] RDX: 0000000000305680 RSI: 0000000000000000 RDI: 0000000000000000
[  455.996850][T10150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  455.996859][T10150] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  455.996868][T10150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  455.996888][T10150]  </TASK>
[  456.066230][    C1] vkms_vblank_simulate: vblank timer overrun
[  456.129359][T10158] syz.4.1012 (10158): drop_caches: 1
[  456.164297][T10158] syz.4.1012 (10158): drop_caches: 1
[  456.240638][T10167] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  456.462054][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  457.731158][ T5741] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  459.010106][ T6005] usb 46-1: device descriptor read/8, error -110
[  459.401659][ T6005] usb usb46-port1: attempt power cycle
[  459.962600][ T6005] usb usb46-port1: unable to enumerate USB device
[  468.700597][   T41] kauditd_printk_skb: 9 callbacks suppressed
[  468.700614][   T41] audit: type=1326 audit(1760298155.865:43016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  468.709453][   T41] audit: type=1326 audit(1760298155.865:43017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000
[  468.716171][   T41] audit: type=1326 audit(1760298155.865:43018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  468.722653][   T41] audit: type=1326 audit(1760298155.865:43019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  468.729293][   T41] audit: type=1326 audit(1760298155.865:43020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000
[  468.736358][   T41] audit: type=1326 audit(1760298155.865:43021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  468.743165][   T41] audit: type=1326 audit(1760298155.865:43022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000
[  468.749768][   T41] audit: type=1326 audit(1760298155.865:43023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  468.756797][   T41] audit: type=1326 audit(1760298155.865:43024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  468.763742][   T41] audit: type=1326 audit(1760298155.865:43025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10194 comm="syz.4.1016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000
[  470.028187][T10223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1021'.
[  470.549592][T10235] syz.4.1024 (10235): drop_caches: 1
[  470.560758][T10239] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  470.578388][T10235] syz.4.1024 (10235): drop_caches: 1
[  470.800102][  T842] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  470.960032][  T842] usb 10-1: Using ep0 maxpacket: 8
[  470.963293][  T842] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  470.965814][  T842] usb 10-1: config 179 has no interface number 0
[  470.967744][  T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  470.971463][  T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  470.975165][  T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  470.979107][  T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  470.982739][  T842] usb 10-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  470.987370][  T842] usb 10-1: config 179 interface 65 has no altsetting 0
[  470.989817][  T842] usb 10-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  470.992861][  T842] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.006121][  T842] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input10
[  471.144827][T10253] hfsplus: unable to find HFS+ superblock
[  471.206160][ T5741] usb 10-1: USB disconnect, device number 4
[  471.206168][    C2] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  471.440613][ T6005] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  471.476753][T10258] binder: 10255:10258 ioctl 40182103 80000300 returned -22
[  471.480455][T10258] binder: 10255:10258 unknown command 0
[  471.482232][T10258] binder: 10255:10258 ioctl c0306201 800001c0 returned -22
[  471.485344][T10258] sctp: [Deprecated]: syz.3.1031 (pid 10258) Use of struct sctp_assoc_value in delayed_ack socket option.
[  471.485344][T10258] Use struct sctp_sack_info instead
[  471.590053][ T6005] usb 9-1: device descriptor read/64, error -71
[  471.830084][ T6005] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  471.846536][T10268] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1035'.
[  471.960085][ T6005] usb 9-1: device descriptor read/64, error -71
[  472.071816][ T6005] usb usb9-port1: attempt power cycle
[  472.319597][T10278] syz.5.1038 (10278): drop_caches: 1
[  472.338227][T10278] syz.5.1038 (10278): drop_caches: 1
[  472.410019][ T6005] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  472.431263][T10278] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  472.431487][ T6005] usb 9-1: device descriptor read/8, error -71
[  472.680084][ T6005] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  472.701228][ T6005] usb 9-1: device descriptor read/8, error -71
[  472.820181][ T6005] usb usb9-port1: unable to enumerate USB device
[  472.820253][T10295] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1044'.
[  473.917330][T10321] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1052'.
[  473.921323][T10321] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1052'.
[  473.931990][T10321] bridge1: entered promiscuous mode
[  473.933730][T10321] bridge1: entered allmulticast mode
[  473.938289][T10321] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1052'.
[  474.071598][T10327] syz.5.1053 (10327): drop_caches: 1
[  474.095847][T10327] syz.5.1053 (10327): drop_caches: 1
[  474.200855][T10328] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  475.538184][T10378] netlink: 'syz.5.1059': attribute type 11 has an invalid length.
[  475.754147][T10378] netlink: 'syz.5.1059': attribute type 12 has an invalid length.
[  475.922067][T10386] FAULT_INJECTION: forcing a failure.
[  475.922067][T10386] name failslab, interval 1, probability 0, space 0, times 0
[  475.926006][T10386] CPU: 3 UID: 0 PID: 10386 Comm: syz.4.1062 Not tainted syzkaller #0 PREEMPT(full) 
[  475.926019][T10386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  475.926026][T10386] Call Trace:
[  475.926031][T10386]  <TASK>
[  475.926035][T10386]  dump_stack_lvl+0x16c/0x1f0
[  475.926055][T10386]  should_fail_ex+0x512/0x640
[  475.926072][T10386]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  475.926088][T10386]  should_failslab+0xc2/0x120
[  475.926098][T10386]  kmem_cache_alloc_node_noprof+0x78/0x770
[  475.926112][T10386]  ? __alloc_skb+0x2b2/0x380
[  475.926130][T10386]  ? __alloc_skb+0x2b2/0x380
[  475.926143][T10386]  __alloc_skb+0x2b2/0x380
[  475.926158][T10386]  ? __pfx___alloc_skb+0x10/0x10
[  475.926172][T10386]  ? trace_kmalloc+0x2b/0xd0
[  475.926180][T10386]  ? __kmalloc_noprof+0x2f0/0x880
[  475.926193][T10386]  ? __tipc_nl_compat_doit+0xe4/0x3d0
[  475.926208][T10386]  __tipc_nl_compat_doit+0x110/0x3d0
[  475.926219][T10386]  ? netlink_unicast+0x64c/0x870
[  475.926235][T10386]  ? netlink_sendmsg+0x8c8/0xdd0
[  475.926251][T10386]  ? __pfx___tipc_nl_compat_doit+0x10/0x10
[  475.926261][T10386]  ? __do_fast_syscall_32+0x7c/0x300
[  475.926284][T10386]  ? bpf_lsm_capable+0x9/0x10
[  475.926294][T10386]  ? security_capable+0x7e/0x260
[  475.926306][T10386]  tipc_nl_compat_doit+0x11e/0x290
[  475.926319][T10386]  tipc_nl_compat_recv+0x783/0xc50
[  475.926332][T10386]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  475.926343][T10386]  ? __pfx_tipc_nl_node_reset_link_stats+0x10/0x10
[  475.926359][T10386]  ? __pfx_tipc_nl_compat_link_reset_stats+0x10/0x10
[  475.926374][T10386]  ? __pfx___mutex_trylock_common+0x10/0x10
[  475.926388][T10386]  ? rcu_is_watching+0x12/0xc0
[  475.926403][T10386]  ? trace_contention_end+0xdd/0x130
[  475.926413][T10386]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  475.926428][T10386]  genl_family_rcv_msg_doit+0x209/0x2f0
[  475.926464][T10386]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  475.926476][T10386]  ? genl_get_cmd+0x194/0x580
[  475.926491][T10386]  ? __radix_tree_lookup+0x21f/0x2c0
[  475.926507][T10386]  genl_rcv_msg+0x55c/0x800
[  475.926520][T10386]  ? __pfx_genl_rcv_msg+0x10/0x10
[  475.926532][T10386]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  475.926549][T10386]  netlink_rcv_skb+0x158/0x420
[  475.926565][T10386]  ? __pfx_genl_rcv_msg+0x10/0x10
[  475.926577][T10386]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  475.926600][T10386]  ? netlink_deliver_tap+0x1ae/0xd30
[  475.926618][T10386]  genl_rcv+0x28/0x40
[  475.926627][T10386]  netlink_unicast+0x5aa/0x870
[  475.926645][T10386]  ? __pfx_netlink_unicast+0x10/0x10
[  475.926667][T10386]  netlink_sendmsg+0x8c8/0xdd0
[  475.926686][T10386]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.926704][T10386]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  475.926718][T10386]  ____sys_sendmsg+0xa98/0xc70
[  475.926731][T10386]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.926742][T10386]  ? get_compat_msghdr+0x11a/0x170
[  475.926763][T10386]  ___sys_sendmsg+0x134/0x1d0
[  475.926780][T10386]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.926803][T10386]  ? find_held_lock+0x2b/0x80
[  475.926826][T10386]  __sys_sendmsg+0x16d/0x220
[  475.926842][T10386]  ? __pfx___sys_sendmsg+0x10/0x10
[  475.926868][T10386]  ? rcu_is_watching+0x12/0xc0
[  475.926884][T10386]  __do_fast_syscall_32+0x7c/0x300
[  475.926901][T10386]  do_fast_syscall_32+0x32/0x80
[  475.926918][T10386]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  475.926931][T10386] RIP: 0023:0xf702d579
[  475.926940][T10386] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  475.926950][T10386] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  475.926960][T10386] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  475.926967][T10386] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  475.926973][T10386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  475.926978][T10386] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  475.926984][T10386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  475.926998][T10386]  </TASK>
[  476.054109][  T842] IPVS: starting estimator thread 0...
[  476.140082][T10390] IPVS: using max 43 ests per chain, 103200 per kthread
[  476.391840][T10396] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  476.653409][T10395] syz.3.1065 (10395): drop_caches: 1
[  476.677578][T10395] syz.3.1065 (10395): drop_caches: 1
[  477.891614][T10429] binder: 10427:10429 ioctl 40182103 80000300 returned -22
[  477.896224][T10429] sctp: [Deprecated]: syz.4.1074 (pid 10429) Use of struct sctp_assoc_value in delayed_ack socket option.
[  477.896224][T10429] Use struct sctp_sack_info instead
[  478.609065][T10451] syz.3.1081 (10451): drop_caches: 1
[  478.633100][T10451] syz.3.1081 (10451): drop_caches: 1
[  478.691788][T10453] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  478.768462][T10462] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1083'.
[  479.974067][T10486] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  479.976163][T10486] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  479.980717][T10486] vhci_hcd vhci_hcd.0: Device attached
[  480.007556][T10486] FAULT_INJECTION: forcing a failure.
[  480.007556][T10486] name failslab, interval 1, probability 0, space 0, times 0
[  480.011974][T10486] CPU: 1 UID: 0 PID: 10486 Comm: syz.3.1085 Not tainted syzkaller #0 PREEMPT(full) 
[  480.011998][T10486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  480.012005][T10486] Call Trace:
[  480.012009][T10486]  <TASK>
[  480.012013][T10486]  dump_stack_lvl+0x16c/0x1f0
[  480.012034][T10486]  should_fail_ex+0x512/0x640
[  480.012051][T10486]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  480.012068][T10486]  should_failslab+0xc2/0x120
[  480.012078][T10486]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  480.012093][T10486]  ? __d_alloc+0x32/0xae0
[  480.012111][T10486]  ? __d_alloc+0x32/0xae0
[  480.012125][T10486]  __d_alloc+0x32/0xae0
[  480.012138][T10486]  ? __pfx_idr_alloc_u32+0x10/0x10
[  480.012154][T10486]  d_alloc_pseudo+0x1c/0xc0
[  480.012165][T10486]  alloc_file_pseudo+0xcf/0x230
[  480.012178][T10486]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  480.012189][T10486]  ? find_held_lock+0x2b/0x80
[  480.012206][T10486]  __anon_inode_getfile+0xe8/0x280
[  480.012224][T10486]  bpf_link_prime+0x10f/0x290
[  480.012239][T10486]  bpf_raw_tp_link_attach+0x2ad/0x630
[  480.012254][T10486]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  480.012267][T10486]  ? find_held_lock+0x2b/0x80
[  480.012282][T10486]  ? __fget_files+0x204/0x3c0
[  480.012301][T10486]  ? fput+0x9b/0xd0
[  480.012311][T10486]  ? __bpf_prog_get+0x97/0x2a0
[  480.012322][T10486]  __sys_bpf+0x20c1/0x4980
[  480.012338][T10486]  ? __pfx___sys_bpf+0x10/0x10
[  480.012351][T10486]  ? find_held_lock+0x2b/0x80
[  480.012368][T10486]  ? find_held_lock+0x2b/0x80
[  480.012386][T10486]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  480.012413][T10486]  ? xfd_validate_state+0x61/0x180
[  480.012428][T10486]  __ia32_sys_bpf+0x76/0xe0
[  480.012443][T10486]  __do_fast_syscall_32+0x7c/0x300
[  480.012461][T10486]  do_fast_syscall_32+0x32/0x80
[  480.012477][T10486]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  480.012490][T10486] RIP: 0023:0xf7fb2579
[  480.012498][T10486] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  480.012509][T10486] RSP: 002b:00000000f546455c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  480.012519][T10486] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000100
[  480.012525][T10486] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000000
[  480.012531][T10486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  480.012546][T10486] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  480.012554][T10486] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  480.012569][T10486]  </TASK>
[  480.101267][    C1] vkms_vblank_simulate: vblank timer overrun
[  480.108614][T10490] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1090'.
[  480.115634][T10490] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  480.310812][T10487] vhci_hcd: connection closed
[  480.320271][ T7016] vhci_hcd: stop threads
[  480.324098][ T7016] vhci_hcd: release socket
[  480.326031][ T7016] vhci_hcd: disconnect device
[  480.350066][   T55] usb 44-1: enqueue for inactive port 0
[  480.516425][T10498] syz.5.1093 (10498): drop_caches: 1
[  480.540674][T10498] syz.5.1093 (10498): drop_caches: 1
[  480.612683][T10499] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  480.840706][   T55] usb usb44-port1: attempt power cycle
[  481.533864][T10512] FAULT_INJECTION: forcing a failure.
[  481.533864][T10512] name failslab, interval 1, probability 0, space 0, times 0
[  481.540238][T10512] CPU: 2 UID: 0 PID: 10512 Comm: syz.3.1098 Not tainted syzkaller #0 PREEMPT(full) 
[  481.540253][T10512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  481.540260][T10512] Call Trace:
[  481.540264][T10512]  <TASK>
[  481.540269][T10512]  dump_stack_lvl+0x16c/0x1f0
[  481.540288][T10512]  should_fail_ex+0x512/0x640
[  481.540305][T10512]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  481.540321][T10512]  should_failslab+0xc2/0x120
[  481.540332][T10512]  kmem_cache_alloc_node_noprof+0x78/0x770
[  481.540346][T10512]  ? copy_process+0x4b5/0x76a0
[  481.540365][T10512]  ? copy_process+0x4b5/0x76a0
[  481.540381][T10512]  copy_process+0x4b5/0x76a0
[  481.540403][T10512]  ? __pfx_copy_process+0x10/0x10
[  481.540434][T10512]  ? lockdep_init_map_type+0x5c/0x280
[  481.540447][T10512]  ? lockdep_init_map_type+0x5c/0x280
[  481.540458][T10512]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  481.540471][T10512]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  481.540488][T10512]  vhost_task_create+0x1d2/0x370
[  481.540500][T10512]  ? __pfx_vhost_task_create+0x10/0x10
[  481.540516][T10512]  ? __pfx_vhost_task_fn+0x10/0x10
[  481.540535][T10512]  kvm_mmu_post_init_vm+0x1b7/0x380
[  481.540551][T10512]  kvm_arch_vcpu_ioctl_run+0x66/0x1970
[  481.540566][T10512]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  481.540580][T10512]  kvm_vcpu_ioctl+0x5eb/0x1690
[  481.540592][T10512]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  481.540604][T10512]  ? tomoyo_path_number_perm+0x18d/0x580
[  481.540618][T10512]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  481.540641][T10512]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  481.540656][T10512]  ? do_vfs_ioctl+0x128/0x14f0
[  481.540668][T10512]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  481.540686][T10512]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  481.540698][T10512]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  481.540709][T10512]  ? __fget_files+0x20e/0x3c0
[  481.540726][T10512]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  481.540738][T10512]  __ia32_compat_sys_ioctl+0x242/0x370
[  481.540752][T10512]  __do_fast_syscall_32+0x7c/0x300
[  481.540770][T10512]  do_fast_syscall_32+0x32/0x80
[  481.540786][T10512]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  481.540799][T10512] RIP: 0023:0xf7fb2579
[  481.540808][T10512] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  481.540818][T10512] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  481.540828][T10512] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  481.540835][T10512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  481.540841][T10512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  481.540846][T10512] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  481.540852][T10512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.540871][T10512]  </TASK>
[  482.180516][   T55] usb usb44-port1: unable to enumerate USB device
[  482.272988][T10531] x_tables: duplicate underflow at hook 3
[  482.375360][T10533] syz.4.1104 (10533): drop_caches: 1
[  482.398839][T10533] syz.4.1104 (10533): drop_caches: 1
[  482.530715][T10534] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  482.914503][T10544] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  482.917075][T10544] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  482.919695][T10544] vhci_hcd vhci_hcd.0: Device attached
[  482.985953][   T41] kauditd_printk_skb: 2450 callbacks suppressed
[  482.985969][   T41] audit: type=1800 audit(1760298170.145:45476): pid=10544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1105" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  483.131772][T10555] overlay: ./file0 is not a directory
[  483.181675][T10554] netlink: 'syz.4.1109': attribute type 1 has an invalid length.
[  483.184223][T10554] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  483.186735][T10554] IPv6: NLM_F_CREATE should be set when creating new route
[  483.188999][T10554] IPv6: NLM_F_CREATE should be set when creating new route
[  483.200094][ T5741] usb 44-1: SetAddress Request (14) to port 0
[  483.202095][ T5741] usb 44-1: new SuperSpeed USB device number 14 using vhci_hcd
[  483.458321][T10545] vhci_hcd: connection reset by peer
[  483.460746][ T1148] vhci_hcd: stop threads
[  483.462117][ T1148] vhci_hcd: release socket
[  483.463534][ T1148] vhci_hcd: disconnect device
[  483.610075][   T35] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  483.760011][   T35] usb 9-1: Using ep0 maxpacket: 8
[  483.763637][   T35] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  483.766919][   T35] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  483.770096][   T35] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  483.773280][   T35] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  483.776613][   T35] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  483.781141][   T35] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  483.784870][   T35] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.001415][T10562] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1112'.
[  484.004938][T10562] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1112'.
[  484.040602][   T35] usb 9-1: usb_control_msg returned -32
[  484.047584][   T35] usbtmc 9-1:16.0: can't read capabilities
[  484.335201][T10574] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  484.337329][T10574] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  484.339391][T10574] comedi comedi3: 8255: I/O port conflict (0x16,4)
[  484.341660][T10574] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  484.343764][T10574] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  484.346007][T10574] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  484.348618][T10574] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  484.350957][T10574] comedi comedi3: 8255: I/O port conflict (0xa,4)
[  484.353024][T10574] comedi comedi3: 8255: I/O port conflict (0xfd,4)
[  484.355282][T10574] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  484.357614][T10574] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  484.359816][T10574] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  484.362242][T10574] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  484.367142][T10574] comedi comedi3: 8255: I/O port conflict (0x80009,4)
[  484.369614][T10574] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  484.372391][T10574] comedi comedi3: 8255: I/O port conflict (0x7f,4)
[  484.374522][T10574] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  484.376667][T10574] comedi comedi3: 8255: I/O port conflict (0x40000003,4)
[  484.379571][T10574] comedi comedi3: 8255: I/O port conflict (0x89,4)
[  484.381862][T10574] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  484.383898][T10574] comedi comedi3: 8255: I/O port conflict (0x20001e58,4)
[  484.386120][T10574] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  484.388318][T10574] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  484.390985][T10574] comedi comedi3: 8255: I/O port conflict (0x995d000,4)
[  484.423235][T10578] syz.3.1117 (10578): drop_caches: 1
[  484.442204][T10578] syz.3.1117 (10578): drop_caches: 1
[  484.450604][T10562] usbtmc 9-1:16.0: INITIATE_ABORT_BULK_OUT returned 0
[  484.540991][T10578] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  484.656104][   T62] usb 9-1: USB disconnect, device number 6
[  485.217191][   T41] audit: type=1326 audit(1760298172.375:45477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffd598 code=0x7ffc0000
[  485.224869][   T41] audit: type=1326 audit(1760298172.385:45478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffd598 code=0x7ffc0000
[  485.231803][   T41] audit: type=1326 audit(1760298172.385:45479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffd598 code=0x7ffc0000
[  485.238427][   T41] audit: type=1326 audit(1760298172.385:45480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffd598 code=0x7ffc0000
[  485.245146][   T41] audit: type=1326 audit(1760298172.385:45481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd579 code=0x7ffc0000
[  485.252482][   T41] audit: type=1326 audit(1760298172.385:45482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd579 code=0x7ffc0000
[  485.259138][   T41] audit: type=1326 audit(1760298172.385:45483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd579 code=0x7ffc0000
[  485.270079][   T41] audit: type=1326 audit(1760298172.385:45484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffd598 code=0x7ffc0000
[  485.278687][   T41] audit: type=1326 audit(1760298172.385:45485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.5.1121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd579 code=0x7ffc0000
[  486.565150][T10611] syz.5.1127 (10611): drop_caches: 1
[  486.604247][T10611] syz.5.1127 (10611): drop_caches: 1
[  486.681018][T10612] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  487.315020][T10623] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1132'.
[  487.538402][T10630] xt_CT: You must specify a L4 protocol and not use inversions on it
[  488.391320][ T5741] usb 44-1: device descriptor read/8, error -110
[  488.800505][ T5741] usb usb44-port1: attempt power cycle
[  489.371615][ T5741] usb usb44-port1: unable to enumerate USB device
[  489.563386][T10662] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  489.566226][T10662] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  489.570529][T10662] vhci_hcd vhci_hcd.0: Device attached
[  489.664478][   T41] kauditd_printk_skb: 1179 callbacks suppressed
[  489.664492][   T41] audit: type=1800 audit(1760298176.825:46665): pid=10662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1140" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  489.850146][   T55] usb 48-1: SetAddress Request (6) to port 0
[  489.851475][T10668] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1141'.
[  489.852151][   T55] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  490.120759][T10663] vhci_hcd: connection reset by peer
[  490.123119][   T26] vhci_hcd: stop threads
[  490.124589][   T26] vhci_hcd: release socket
[  490.126297][   T26] vhci_hcd: disconnect device
[  490.244913][T10677] 9pnet_fd: Insufficient options for proto=fd
[  490.345775][   T41] audit: type=1326 audit(1760298177.505:46666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.352927][   T41] audit: type=1326 audit(1760298177.505:46667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.359477][   T41] audit: type=1326 audit(1760298177.505:46668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.367785][   T41] audit: type=1326 audit(1760298177.505:46669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.374713][   T41] audit: type=1326 audit(1760298177.505:46670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.381911][   T41] audit: type=1326 audit(1760298177.505:46671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.388441][   T41] audit: type=1326 audit(1760298177.505:46672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.395632][   T41] audit: type=1326 audit(1760298177.505:46673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  490.402383][   T41] audit: type=1326 audit(1760298177.505:46674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10680 comm="syz.2.1144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d598 code=0x7ffc0000
[  491.208684][ T6031] libceph: connect (1)[c::]:6789 error -101
[  491.214707][ T6031] libceph: mon0 (1)[c::]:6789 connect error
[  491.248658][T10700] ceph: No mds server is up or the cluster is laggy
[  491.263420][T10703] input: syz1 as /devices/virtual/input/input11
[  492.054926][T10712] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1154'.
[  493.810358][T10745] FAULT_INJECTION: forcing a failure.
[  493.810358][T10745] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  493.820121][T10745] CPU: 2 UID: 0 PID: 10745 Comm: syz.5.1162 Not tainted syzkaller #0 PREEMPT(full) 
[  493.820137][T10745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  493.820144][T10745] Call Trace:
[  493.820148][T10745]  <TASK>
[  493.820152][T10745]  dump_stack_lvl+0x16c/0x1f0
[  493.820172][T10745]  should_fail_ex+0x512/0x640
[  493.820192][T10745]  _copy_to_user+0x32/0xd0
[  493.820203][T10745]  simple_read_from_buffer+0xcb/0x170
[  493.820218][T10745]  proc_fail_nth_read+0x197/0x240
[  493.820234][T10745]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  493.820249][T10745]  ? rw_verify_area+0xcf/0x6c0
[  493.820263][T10745]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  493.820277][T10745]  vfs_read+0x1e4/0xcf0
[  493.820294][T10745]  ? __pfx_vfs_read+0x10/0x10
[  493.820307][T10745]  ? find_held_lock+0x2b/0x80
[  493.820326][T10745]  ? __fget_files+0x20e/0x3c0
[  493.820339][T10745]  ? handle_mm_fault+0x1f0/0xd10
[  493.820356][T10745]  ksys_read+0x12a/0x250
[  493.820370][T10745]  ? __pfx_ksys_read+0x10/0x10
[  493.820385][T10745]  ? rcu_is_watching+0x12/0xc0
[  493.820403][T10745]  __do_fast_syscall_32+0x7c/0x300
[  493.820421][T10745]  do_fast_syscall_32+0x32/0x80
[  493.820437][T10745]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  493.820450][T10745] RIP: 0023:0xf6ffd579
[  493.820458][T10745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  493.820469][T10745] RSP: 002b:00000000f53ed590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  493.820479][T10745] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53ed620
[  493.820486][T10745] RDX: 000000000000000f RSI: 00000000f7395ff4 RDI: 0000000000000000
[  493.820491][T10745] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  493.820497][T10745] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  493.820503][T10745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  493.820518][T10745]  </TASK>
[  493.974790][T10748] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1163'.
[  494.371235][T10754] infiniband syz1: set active
[  494.372966][T10754] infiniband syz1: added syz_tun
[  494.398631][T10754] RDS/IB: syz1: added
[  494.400404][T10754] smc: adding ib device syz1 with port count 1
[  494.402489][T10754] smc:    ib device syz1 port 1 has no pnetid
[  494.710247][ T6013] syz1: Port: 1 Link DOWN
[  494.931596][   T55] usb 48-1: device descriptor read/8, error -110
[  495.100172][   T12] smc: removing ib device syz1
[  495.255527][T10777] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  495.262572][T10777] FAULT_INJECTION: forcing a failure.
[  495.262572][T10777] name failslab, interval 1, probability 0, space 0, times 0
[  495.267501][T10777] CPU: 1 UID: 0 PID: 10777 Comm: syz.3.1173 Not tainted syzkaller #0 PREEMPT(full) 
[  495.267515][T10777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  495.267521][T10777] Call Trace:
[  495.267525][T10777]  <TASK>
[  495.267530][T10777]  dump_stack_lvl+0x16c/0x1f0
[  495.267549][T10777]  should_fail_ex+0x512/0x640
[  495.267565][T10777]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  495.267581][T10777]  should_failslab+0xc2/0x120
[  495.267591][T10777]  kmem_cache_alloc_noprof+0x75/0x6e0
[  495.267605][T10777]  ? getname_flags.part.0+0x4c/0x550
[  495.267620][T10777]  ? getname_flags.part.0+0x4c/0x550
[  495.267630][T10777]  getname_flags.part.0+0x4c/0x550
[  495.267643][T10777]  getname_flags+0x93/0xf0
[  495.267662][T10777]  __ia32_sys_renameat2+0xd4/0x130
[  495.267680][T10777]  __do_fast_syscall_32+0x7c/0x300
[  495.267698][T10777]  do_fast_syscall_32+0x32/0x80
[  495.267713][T10777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.267727][T10777] RIP: 0023:0xf7fb2579
[  495.267735][T10777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  495.267746][T10777] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000161
[  495.267756][T10777] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000a00
[  495.267762][T10777] RDX: 00000000ffffff9c RSI: 0000000080000600 RDI: 0000000000000002
[  495.267768][T10777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  495.267774][T10777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  495.267780][T10777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  495.267794][T10777]  </TASK>
[  495.322394][   T55] usb usb48-port1: attempt power cycle
[  495.815039][T10794] FAULT_INJECTION: forcing a failure.
[  495.815039][T10794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  495.819313][T10794] CPU: 3 UID: 0 PID: 10794 Comm: syz.3.1178 Not tainted syzkaller #0 PREEMPT(full) 
[  495.819327][T10794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  495.819333][T10794] Call Trace:
[  495.819338][T10794]  <TASK>
[  495.819342][T10794]  dump_stack_lvl+0x16c/0x1f0
[  495.819363][T10794]  should_fail_ex+0x512/0x640
[  495.819383][T10794]  _copy_from_user+0x2e/0xd0
[  495.819394][T10794]  get_compat_msghdr+0xa7/0x170
[  495.819410][T10794]  ? __pfx_get_compat_msghdr+0x10/0x10
[  495.819430][T10794]  ___sys_sendmsg+0x1ae/0x1d0
[  495.819448][T10794]  ? __pfx____sys_sendmsg+0x10/0x10
[  495.819470][T10794]  ? find_held_lock+0x2b/0x80
[  495.819494][T10794]  __sys_sendmsg+0x16d/0x220
[  495.819510][T10794]  ? __pfx___sys_sendmsg+0x10/0x10
[  495.819531][T10794]  ? rcu_is_watching+0x12/0xc0
[  495.819548][T10794]  __do_fast_syscall_32+0x7c/0x300
[  495.819566][T10794]  do_fast_syscall_32+0x32/0x80
[  495.819582][T10794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.819596][T10794] RIP: 0023:0xf7fb2579
[  495.819604][T10794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  495.819615][T10794] RSP: 002b:00000000f548555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  495.819625][T10794] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 0000000080000240
[  495.819631][T10794] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  495.819637][T10794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  495.819643][T10794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  495.819650][T10794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  495.819665][T10794]  </TASK>
[  495.873424][    C3] vkms_vblank_simulate: vblank timer overrun
[  495.892043][   T55] usb usb48-port1: unable to enumerate USB device
[  496.662286][T10811] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1184'.
[  496.766827][T10815] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  497.772977][T10836] qnx6: unable to read the first superblock
[  497.775153][T10836] qnx6: unable to read the first superblock
[  497.776966][T10836] qnx6: unable to read the first superblock
[  498.013805][T10847] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1194'.
[  498.016630][T10847] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1194'.
[  498.019503][T10847] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1194'.
[  498.022677][T10847] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1194'.
[  498.150770][T10848] "syz.4.1192" (10848) uses obsolete ecb(arc4) skcipher
[  498.154837][T10853] bridge1: entered promiscuous mode
[  498.430040][ T6031] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  498.580088][ T6031] usb 8-1: Using ep0 maxpacket: 32
[  498.583535][ T6031] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  498.586076][ T6031] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  498.589387][ T6031] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 56, changing to 9
[  498.592792][ T6031] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 9275, setting to 1024
[  498.596190][ T6031] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  498.600272][ T6031] usb 8-1: config 0 interface 0 has no altsetting 0
[  498.603997][ T6031] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  498.606759][ T6031] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  498.609319][ T6031] usb 8-1: Product: syz
[  498.610766][ T6031] usb 8-1: Manufacturer: syz
[  498.612272][ T6031] usb 8-1: SerialNumber: syz
[  498.615176][ T6031] usb 8-1: config 0 descriptor??
[  498.619498][T10858] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  498.623217][ T6031] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  498.627157][ T6031] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  498.960624][T10862] FAULT_INJECTION: forcing a failure.
[  498.960624][T10862] name failslab, interval 1, probability 0, space 0, times 0
[  498.966083][T10862] CPU: 2 UID: 0 PID: 10862 Comm: syz.3.1197 Not tainted syzkaller #0 PREEMPT(full) 
[  498.966105][T10862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  498.966116][T10862] Call Trace:
[  498.966123][T10862]  <TASK>
[  498.966130][T10862]  dump_stack_lvl+0x16c/0x1f0
[  498.966159][T10862]  should_fail_ex+0x512/0x640
[  498.966185][T10862]  ? __kmalloc_noprof+0xca/0x880
[  498.966208][T10862]  should_failslab+0xc2/0x120
[  498.966259][T10862]  __kmalloc_noprof+0xdd/0x880
[  498.966279][T10862]  ? io_cache_alloc_new+0x45/0xf0
[  498.966301][T10862]  ? io_cache_alloc_new+0x45/0xf0
[  498.966316][T10862]  io_cache_alloc_new+0x45/0xf0
[  498.966332][T10862]  __io_prep_rw+0x21d/0x1090
[  498.966351][T10862]  ? find_held_lock+0x2b/0x80
[  498.966375][T10862]  ? __pfx___io_prep_rw+0x10/0x10
[  498.966392][T10862]  ? __io_alloc_req_refill+0x18f/0x5e0
[  498.966417][T10862]  ? __io_alloc_req_refill+0x33a/0x5e0
[  498.966441][T10862]  io_prep_rw+0x76/0x2c0
[  498.966460][T10862]  ? __pfx_io_prep_rw+0x10/0x10
[  498.966488][T10862]  io_prep_readv+0x20/0xa0
[  498.966509][T10862]  io_submit_sqes+0x855/0x2710
[  498.966547][T10862]  __do_sys_io_uring_enter+0xd69/0x1630
[  498.966576][T10862]  ? __fget_files+0x20e/0x3c0
[  498.966598][T10862]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  498.966622][T10862]  ? fput+0x9b/0xd0
[  498.966638][T10862]  ? ksys_write+0x1ac/0x250
[  498.966660][T10862]  ? __pfx_ksys_write+0x10/0x10
[  498.966684][T10862]  ? rcu_is_watching+0x12/0xc0
[  498.966711][T10862]  __do_fast_syscall_32+0x7c/0x300
[  498.966739][T10862]  do_fast_syscall_32+0x32/0x80
[  498.966762][T10862]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  498.966782][T10862] RIP: 0023:0xf7fb2579
[  498.966795][T10862] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  498.966810][T10862] RSP: 002b:00000000f548555c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  498.966827][T10862] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000567
[  498.966837][T10862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  498.966846][T10862] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  498.966855][T10862] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  498.966864][T10862] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  498.966896][T10862]  </TASK>
[  499.046654][    C2] hpet_rtc_timer_reinit: 315 callbacks suppressed
[  499.046664][    C2] hpet: Lost 4 RTC interrupts
[  499.417048][T10880] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1202'.
[  499.663732][T10882] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1203'.
[  499.991420][T10888] FAULT_INJECTION: forcing a failure.
[  499.991420][T10888] name failslab, interval 1, probability 0, space 0, times 0
[  499.995480][T10888] CPU: 0 UID: 0 PID: 10888 Comm: syz.5.1204 Not tainted syzkaller #0 PREEMPT(full) 
[  499.995494][T10888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  499.995500][T10888] Call Trace:
[  499.995504][T10888]  <TASK>
[  499.995508][T10888]  dump_stack_lvl+0x16c/0x1f0
[  499.995527][T10888]  should_fail_ex+0x512/0x640
[  499.995544][T10888]  ? __kmalloc_cache_noprof+0x5f/0x780
[  499.995558][T10888]  should_failslab+0xc2/0x120
[  499.995569][T10888]  __kmalloc_cache_noprof+0x72/0x780
[  499.995581][T10888]  ? lockdep_init_map_type+0x5c/0x280
[  499.995606][T10888]  ? alloc_netdev_mqs+0xe67/0x1550
[  499.995625][T10888]  ? alloc_netdev_mqs+0xe67/0x1550
[  499.995644][T10888]  alloc_netdev_mqs+0xe67/0x1550
[  499.995663][T10888]  rtnl_create_link+0xc08/0xf90
[  499.995682][T10888]  rtnl_newlink+0xb69/0x2000
[  499.995703][T10888]  ? __pfx_rtnl_newlink+0x10/0x10
[  499.995726][T10888]  ? kfree_skbmem+0x1a4/0x1f0
[  499.995744][T10888]  ? rcu_is_watching+0x12/0xc0
[  499.995764][T10888]  ? find_held_lock+0x2b/0x80
[  499.995778][T10888]  ? __pfx_rtnl_newlink+0x10/0x10
[  499.995793][T10888]  ? __pfx_rtnl_newlink+0x10/0x10
[  499.995808][T10888]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  499.995825][T10888]  ? __pfx_rtnl_newlink+0x10/0x10
[  499.995841][T10888]  rtnetlink_rcv_msg+0x95e/0xe90
[  499.995859][T10888]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  499.995880][T10888]  ? ref_tracker_free+0x37c/0x830
[  499.995892][T10888]  netlink_rcv_skb+0x158/0x420
[  499.995909][T10888]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  499.995926][T10888]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  499.995948][T10888]  ? netlink_deliver_tap+0x1ae/0xd30
[  499.995967][T10888]  netlink_unicast+0x5aa/0x870
[  499.995985][T10888]  ? __pfx_netlink_unicast+0x10/0x10
[  499.996007][T10888]  netlink_sendmsg+0x8c8/0xdd0
[  499.996026][T10888]  ? __pfx_netlink_sendmsg+0x10/0x10
[  499.996044][T10888]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  499.996058][T10888]  ____sys_sendmsg+0xa98/0xc70
[  499.996072][T10888]  ? __pfx_____sys_sendmsg+0x10/0x10
[  499.996082][T10888]  ? get_compat_msghdr+0x11a/0x170
[  499.996104][T10888]  ___sys_sendmsg+0x134/0x1d0
[  499.996121][T10888]  ? __pfx____sys_sendmsg+0x10/0x10
[  499.996144][T10888]  ? find_held_lock+0x2b/0x80
[  499.996168][T10888]  __sys_sendmsg+0x16d/0x220
[  499.996183][T10888]  ? __pfx___sys_sendmsg+0x10/0x10
[  499.996205][T10888]  ? rcu_is_watching+0x12/0xc0
[  499.996222][T10888]  __do_fast_syscall_32+0x7c/0x300
[  499.996240][T10888]  do_fast_syscall_32+0x32/0x80
[  499.996256][T10888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  499.996269][T10888] RIP: 0023:0xf6ffd579
[  499.996278][T10888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  499.996288][T10888] RSP: 002b:00000000f53ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  499.996298][T10888] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000280
[  499.996304][T10888] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  499.996310][T10888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  499.996316][T10888] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  499.996321][T10888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  499.996336][T10888]  </TASK>
[  500.423798][T10903] (syz.4.1210,10903,3):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  500.426742][T10903] (syz.4.1210,10903,3):ocfs2_fill_super:1177 ERROR: status = -22
[  500.435492][T10903] comedi comedi3: comedi_config --init_data is deprecated
[  500.490317][ T6013] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  500.640156][ T6013] usb 10-1: device descriptor read/64, error -71
[  500.889999][ T6013] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  501.030321][ T6013] usb 10-1: device descriptor read/64, error -71
[  501.143834][ T6013] usb usb10-port1: attempt power cycle
[  501.481691][T10910] syz.4.1212 (10910): drop_caches: 1
[  501.490804][ T6013] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  501.520785][ T6013] usb 10-1: device descriptor read/8, error -71
[  501.528271][T10910] syz.4.1212 (10910): drop_caches: 1
[  501.610903][T10911] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  501.780309][ T6013] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  501.800693][ T6013] usb 10-1: device descriptor read/8, error -71
[  501.910925][ T6013] usb usb10-port1: unable to enumerate USB device
[  503.891124][T10858] ldusb 8-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110
[  503.944158][   T54] usb 8-1: USB disconnect, device number 18
[  503.948909][   T54] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  504.036947][   T41] audit: type=1326 audit(1760298191.195:46989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.055405][   T41] audit: type=1326 audit(1760298191.195:46990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.064691][   T41] audit: type=1326 audit(1760298191.205:46991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=323 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.074987][   T41] audit: type=1326 audit(1760298191.205:46992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.086622][   T41] audit: type=1326 audit(1760298191.205:46993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.110545][   T41] audit: type=1326 audit(1760298191.205:46994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.176750][   T41] audit: type=1326 audit(1760298191.205:46995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.205673][   T41] audit: type=1326 audit(1760298191.205:46996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.222402][   T41] audit: type=1326 audit(1760298191.215:46997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.232838][   T41] audit: type=1326 audit(1760298191.215:46998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.242314][   T41] audit: type=1326 audit(1760298191.215:46999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.3.1228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[  504.270777][T10960] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1224'.
[  506.033843][T10962] Set syz1 is full, maxelem 65536 reached
[  506.629542][T10996] netlink: 276 bytes leftover after parsing attributes in process `syz.5.1239'.
[  506.640084][T10996] netlink: 276 bytes leftover after parsing attributes in process `syz.5.1239'.
[  507.168963][T11011] FAULT_INJECTION: forcing a failure.
[  507.168963][T11011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.175944][T11011] CPU: 1 UID: 0 PID: 11011 Comm: syz.3.1244 Not tainted syzkaller #0 PREEMPT(full) 
[  507.175960][T11011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.175967][T11011] Call Trace:
[  507.175971][T11011]  <TASK>
[  507.175976][T11011]  dump_stack_lvl+0x16c/0x1f0
[  507.175996][T11011]  should_fail_ex+0x512/0x640
[  507.176015][T11011]  _copy_from_user+0x2e/0xd0
[  507.176025][T11011]  kstrtouint_from_user+0xd6/0x1d0
[  507.176039][T11011]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  507.176052][T11011]  ? __lock_acquire+0xb8a/0x1c90
[  507.176070][T11011]  proc_fail_nth_write+0x83/0x220
[  507.176086][T11011]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  507.176104][T11011]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  507.176118][T11011]  vfs_write+0x2a0/0x11d0
[  507.176136][T11011]  ? __pfx_vfs_write+0x10/0x10
[  507.176150][T11011]  ? find_held_lock+0x2b/0x80
[  507.176168][T11011]  ? __fget_files+0x20e/0x3c0
[  507.176203][T11011]  ksys_write+0x12a/0x250
[  507.176226][T11011]  ? __pfx_ksys_write+0x10/0x10
[  507.176247][T11011]  ? fput+0x9b/0xd0
[  507.176262][T11011]  ? rcu_is_watching+0x12/0xc0
[  507.176290][T11011]  __do_fast_syscall_32+0x7c/0x300
[  507.176310][T11011]  do_fast_syscall_32+0x32/0x80
[  507.176327][T11011]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  507.176340][T11011] RIP: 0023:0xf7fb2579
[  507.176349][T11011] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  507.176359][T11011] RSP: 002b:00000000f54a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  507.176370][T11011] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54a6620
[  507.176376][T11011] RDX: 0000000000000001 RSI: 00000000f7445ff4 RDI: 0000000000000000
[  507.176382][T11011] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  507.176388][T11011] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  507.176394][T11011] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  507.176413][T11011]  </TASK>
[  511.249584][T11067] QAT: failed to copy from user cfg_data.
[  511.291019][T11070] FAULT_INJECTION: forcing a failure.
[  511.291019][T11070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.307045][T11070] CPU: 3 UID: 0 PID: 11070 Comm: syz.4.1265 Not tainted syzkaller #0 PREEMPT(full) 
[  511.307061][T11070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  511.307068][T11070] Call Trace:
[  511.307071][T11070]  <TASK>
[  511.307075][T11070]  dump_stack_lvl+0x16c/0x1f0
[  511.307096][T11070]  should_fail_ex+0x512/0x640
[  511.307115][T11070]  strncpy_from_user+0x3b/0x2e0
[  511.307132][T11070]  getname_flags.part.0+0x8f/0x550
[  511.307143][T11070]  ? __pfx_ksys_write+0x10/0x10
[  511.307159][T11070]  getname_flags+0x93/0xf0
[  511.307173][T11070]  __ia32_sys_symlinkat+0x86/0xc0
[  511.307189][T11070]  __do_fast_syscall_32+0x7c/0x300
[  511.307207][T11070]  do_fast_syscall_32+0x32/0x80
[  511.307223][T11070]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  511.307236][T11070] RIP: 0023:0xf702d579
[  511.307245][T11070] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  511.307255][T11070] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000130
[  511.307265][T11070] RAX: ffffffffffffffda RBX: 0000000080000440 RCX: 0000000000000003
[  511.307271][T11070] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  511.307277][T11070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  511.307283][T11070] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  511.307288][T11070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  511.307303][T11070]  </TASK>
[  511.362461][    C3] vkms_vblank_simulate: vblank timer overrun
[  511.392674][T11075] overlayfs: upper fs does not support file handles, falling back to index=off.
[  514.150029][ T6799] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  514.300790][ T6799] usb 7-1: Using ep0 maxpacket: 8
[  514.303795][ T6799] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  514.306410][ T6799] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  514.309367][ T6799] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  514.312451][ T6799] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  514.315431][ T6799] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  514.321196][ T6799] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  514.324003][ T6799] usb 7-1: New USB device strings: Mfr=234, Product=255, SerialNumber=0
[  514.326561][ T6799] usb 7-1: Product: syz
[  514.327873][ T6799] usb 7-1: Manufacturer: syz
[  514.537416][T11107] netlink: 'syz.2.1276': attribute type 1 has an invalid length.
[  516.296979][T11131] bridge0: port 3(erspan0) entered blocking state
[  516.299186][T11131] bridge0: port 3(erspan0) entered disabled state
[  516.301655][T11131] erspan0: entered allmulticast mode
[  516.304227][T11131] erspan0: entered promiscuous mode
[  516.306160][T11131] bridge0: port 3(erspan0) entered blocking state
[  516.308183][T11131] bridge0: port 3(erspan0) entered forwarding state
[  516.318656][T11131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1285'.
[  516.940072][ T6799] usb 7-1: usb_control_msg returned -71
[  516.950106][ T6799] usbtmc 7-1:16.0: can't read capabilities
[  516.953841][ T6799] usb 7-1: USB disconnect, device number 22
[  517.233702][T11148] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1289'.
[  517.414536][T11154] binder: 11152:11154 ioctl c0185649 80000540 returned -22
[  517.892128][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  517.953259][T11174] FAULT_INJECTION: forcing a failure.
[  517.953259][T11174] name failslab, interval 1, probability 0, space 0, times 0
[  517.957944][T11174] CPU: 0 UID: 0 PID: 11174 Comm: syz.4.1298 Not tainted syzkaller #0 PREEMPT(full) 
[  517.957970][T11174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  517.957977][T11174] Call Trace:
[  517.957981][T11174]  <TASK>
[  517.957985][T11174]  dump_stack_lvl+0x16c/0x1f0
[  517.958005][T11174]  should_fail_ex+0x512/0x640
[  517.958021][T11174]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  517.958037][T11174]  should_failslab+0xc2/0x120
[  517.958065][T11174]  kmem_cache_alloc_noprof+0x75/0x6e0
[  517.958079][T11174]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  517.958091][T11174]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  517.958105][T11174]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  517.958116][T11174]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  517.958132][T11174]  mmu_topup_memory_caches+0x25/0x170
[  517.958147][T11174]  kvm_mmu_load+0xd6/0x23c0
[  517.958160][T11174]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  517.958177][T11174]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  517.958195][T11174]  ? __pfx_kvm_mmu_load+0x10/0x10
[  517.958208][T11174]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  517.958219][T11174]  ? kvm_check_and_inject_events+0x71c/0x1310
[  517.958237][T11174]  vcpu_run+0x3779/0x54d0
[  517.958250][T11174]  ? kvm_mmu_post_init_vm+0x280/0x380
[  517.958266][T11174]  ? __lock_acquire+0xb8a/0x1c90
[  517.958280][T11174]  ? __pfx_vcpu_run+0x10/0x10
[  517.958297][T11174]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  517.958312][T11174]  ? __local_bh_enable_ip+0xa4/0x120
[  517.958331][T11174]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  517.958344][T11174]  kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  517.958363][T11174]  kvm_vcpu_ioctl+0x5eb/0x1690
[  517.958376][T11174]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  517.958387][T11174]  ? tomoyo_path_number_perm+0x18d/0x580
[  517.958402][T11174]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  517.958419][T11174]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  517.958434][T11174]  ? do_vfs_ioctl+0x128/0x14f0
[  517.958446][T11174]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  517.958465][T11174]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  517.958476][T11174]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  517.958488][T11174]  ? __fget_files+0x20e/0x3c0
[  517.958514][T11174]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  517.958528][T11174]  __ia32_compat_sys_ioctl+0x242/0x370
[  517.958542][T11174]  __do_fast_syscall_32+0x7c/0x300
[  517.958560][T11174]  do_fast_syscall_32+0x32/0x80
[  517.958576][T11174]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  517.958589][T11174] RIP: 0023:0xf702d579
[  517.958598][T11174] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  517.958609][T11174] RSP: 002b:00000000f541d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  517.958619][T11174] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  517.958625][T11174] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  517.958631][T11174] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  517.958636][T11174] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  517.958642][T11174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  517.958657][T11174]  </TASK>
[  520.182124][T11229] fuse: Unknown parameter '00000000000000000036°sáËc³á(wdêñ:¡¢*^¶ÀjyC§à1‘]Œ–¿ytŽ‚¡o&¿À
Ù»€p˜'
[  520.929410][T11249] netlink: 'syz.4.1322': attribute type 1 has an invalid length.
[  520.949921][T11249] 8021q: adding VLAN 0 to HW filter on device bond0
[  521.125282][T11249] bond0: (slave veth3): Enslaving as an active interface with a down link
[  521.141488][T11249] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1322'.
[  522.487768][T11267] ptrace attach of "/syz-executor exec"[5953] was attempted by "/syz-executor exec"[11267]
[  522.544105][T11269] bridge0: port 4(syz_tun) entered blocking state
[  522.547250][T11269] bridge0: port 4(syz_tun) entered disabled state
[  522.549748][T11269] syz_tun: entered allmulticast mode
[  522.552606][T11269] syz_tun: entered promiscuous mode
[  522.554884][T11269] bridge0: port 4(syz_tun) entered blocking state
[  522.557490][T11269] bridge0: port 4(syz_tun) entered forwarding state
[  522.760745][T11276] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  522.762854][T11276] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  522.765500][T11276] vhci_hcd vhci_hcd.0: Device attached
[  523.080429][  T842] usb 47-1: new low-speed USB device number 3 using vhci_hcd
[  523.327372][T11277] vhci_hcd: connection reset by peer
[  523.330604][   T26] vhci_hcd: stop threads
[  523.332557][   T26] vhci_hcd: release socket
[  523.334035][   T26] vhci_hcd: disconnect device
[  524.000268][   T35] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  524.160106][   T35] usb 7-1: Using ep0 maxpacket: 8
[  524.164218][   T35] usb 7-1: config 179 has an invalid interface number: 162 but max is 0
[  524.167546][   T35] usb 7-1: config 179 has an invalid descriptor of length 194, skipping remainder of the config
[  524.172701][   T35] usb 7-1: config 179 has no interface number 0
[  524.174975][   T35] usb 7-1: config 179 interface 162 altsetting 158 endpoint 0xF has an invalid bInterval 63, changing to 9
[  524.180379][   T35] usb 7-1: config 179 interface 162 altsetting 158 endpoint 0xF has invalid maxpacket 57611, setting to 1024
[  524.184130][   T35] usb 7-1: config 179 interface 162 altsetting 158 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  524.188920][   T35] usb 7-1: config 179 interface 162 has no altsetting 0
[  524.194082][   T35] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  524.196925][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.411308][T11293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.415256][T11293] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  524.419053][   T35] usb 7-1: USB disconnect, device number 23
[  525.080132][T11328] capability: warning: `syz.2.1348' uses 32-bit capabilities (legacy support in use)
[  525.130127][   T30] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  525.282189][   T30] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  525.286948][   T30] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  525.291577][   T30] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  525.296182][   T30] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  525.301228][   T30] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.308201][   T30] usb 10-1: config 0 descriptor??
[  525.916243][   T30] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  526.111514][   T55] usb 10-1: USB disconnect, device number 9
[  526.995483][T11371] mac80211_hwsim hwsim4 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  527.225395][T11378] FAULT_INJECTION: forcing a failure.
[  527.225395][T11378] name failslab, interval 1, probability 0, space 0, times 0
[  527.229771][T11378] CPU: 1 UID: 0 PID: 11378 Comm: syz.5.1363 Not tainted syzkaller #0 PREEMPT(full) 
[  527.229786][T11378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  527.229793][T11378] Call Trace:
[  527.229797][T11378]  <TASK>
[  527.229802][T11378]  dump_stack_lvl+0x16c/0x1f0
[  527.229840][T11378]  should_fail_ex+0x512/0x640
[  527.229861][T11378]  ? __kmalloc_cache_noprof+0x5f/0x780
[  527.229877][T11378]  should_failslab+0xc2/0x120
[  527.229887][T11378]  __kmalloc_cache_noprof+0x72/0x780
[  527.229900][T11378]  ? dev_ethtool+0x1a2/0x5bc0
[  527.229922][T11378]  ? dev_ethtool+0x1a2/0x5bc0
[  527.229933][T11378]  dev_ethtool+0x1a2/0x5bc0
[  527.229972][T11378]  ? stack_depot_save_flags+0x29/0x9c0
[  527.229996][T11378]  ? __lock_acquire+0xb8a/0x1c90
[  527.230008][T11378]  ? kasan_save_stack+0x42/0x60
[  527.230023][T11378]  ? kasan_save_stack+0x33/0x60
[  527.230037][T11378]  ? kasan_save_track+0x14/0x30
[  527.230052][T11378]  ? __kasan_save_free_info+0x3b/0x60
[  527.230065][T11378]  ? tomoyo_path_number_perm+0x470/0x580
[  527.230078][T11378]  ? __pfx_dev_ethtool+0x10/0x10
[  527.230089][T11378]  ? do_fast_syscall_32+0x32/0x80
[  527.230105][T11378]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  527.230136][T11378]  ? kasan_quarantine_put+0x10a/0x240
[  527.230151][T11378]  ? lockdep_hardirqs_on+0x7c/0x110
[  527.230168][T11378]  ? find_held_lock+0x2b/0x80
[  527.230190][T11378]  ? __lock_acquire+0x622/0x1c90
[  527.230219][T11378]  ? find_held_lock+0x2b/0x80
[  527.230242][T11378]  ? dev_load+0x8e/0x240
[  527.230270][T11378]  dev_ioctl+0x290/0x1060
[  527.230295][T11378]  compat_sock_ioctl+0x42e/0x730
[  527.230320][T11378]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  527.230338][T11378]  ? hook_file_ioctl_common+0x145/0x410
[  527.230357][T11378]  ? __fget_files+0x20e/0x3c0
[  527.230376][T11378]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  527.230387][T11378]  __ia32_compat_sys_ioctl+0x242/0x370
[  527.230402][T11378]  __do_fast_syscall_32+0x7c/0x300
[  527.230419][T11378]  do_fast_syscall_32+0x32/0x80
[  527.230435][T11378]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  527.230448][T11378] RIP: 0023:0xf6ffd579
[  527.230457][T11378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  527.230468][T11378] RSP: 002b:00000000f53ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  527.230478][T11378] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[  527.230484][T11378] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  527.230490][T11378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  527.230496][T11378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  527.230502][T11378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  527.230516][T11378]  </TASK>
[  527.823555][T11388] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  527.825644][T11388] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  527.828038][T11388] vhci_hcd vhci_hcd.0: Device attached
[  528.070053][ T6799] usb 41-1: new low-speed USB device number 4 using vhci_hcd
[  528.200035][  T842] vhci_hcd: vhci_device speed not set
[  528.632437][T11389] vhci_hcd: connection reset by peer
[  528.637826][ T1143] vhci_hcd: stop threads
[  528.639264][ T1143] vhci_hcd: release socket
[  528.669462][ T1143] vhci_hcd: disconnect device
[  528.928526][T11410] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1373'.
[  529.833882][T11486] usb usb5: usbfs: process 11486 (syz.5.1379) did not claim interface 0 before use
[  530.301712][T11504] FAULT_INJECTION: forcing a failure.
[  530.301712][T11504] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  530.306099][T11504] CPU: 2 UID: 0 PID: 11504 Comm: syz.2.1385 Not tainted syzkaller #0 PREEMPT(full) 
[  530.306113][T11504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  530.306120][T11504] Call Trace:
[  530.306124][T11504]  <TASK>
[  530.306128][T11504]  dump_stack_lvl+0x16c/0x1f0
[  530.306148][T11504]  should_fail_ex+0x512/0x640
[  530.306167][T11504]  _copy_from_user+0x2e/0xd0
[  530.306177][T11504]  video_usercopy+0x723/0x1450
[  530.306192][T11504]  ? __pfx___video_do_ioctl+0x10/0x10
[  530.306203][T11504]  ? __pfx_video_usercopy+0x10/0x10
[  530.306220][T11504]  ? hook_file_ioctl_common+0x145/0x410
[  530.306238][T11504]  v4l2_ioctl+0x1bd/0x250
[  530.306251][T11504]  v4l2_compat_ioctl32+0x217/0x2c0
[  530.306268][T11504]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  530.306285][T11504]  __ia32_compat_sys_ioctl+0x242/0x370
[  530.306301][T11504]  __do_fast_syscall_32+0x7c/0x300
[  530.306319][T11504]  do_fast_syscall_32+0x32/0x80
[  530.306335][T11504]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  530.306350][T11504] RIP: 0023:0xf706d579
[  530.306360][T11504] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  530.306369][T11504] RSP: 002b:00000000f543c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  530.306379][T11504] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000004020565a
[  530.306386][T11504] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  530.306392][T11504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  530.306397][T11504] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  530.306403][T11504] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  530.306416][T11504]  </TASK>
[  530.363486][    C2] hpet_rtc_timer_reinit: 14 callbacks suppressed
[  530.363495][    C2] hpet: Lost 3 RTC interrupts
[  531.251092][T11529] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  531.398877][T11528] syz.2.1395 (11528): drop_caches: 1
[  531.460752][T11528] syz.2.1395 (11528): drop_caches: 1
[  531.719810][T11539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1398'.
[  531.774983][T11539] @: renamed from syz_tun (while UP)
[  532.157737][T11557] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1401'.
[  532.557089][T11563] FAULT_INJECTION: forcing a failure.
[  532.557089][T11563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.561437][T11563] CPU: 3 UID: 0 PID: 11563 Comm: syz.2.1402 Not tainted syzkaller #0 PREEMPT(full) 
[  532.561452][T11563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  532.561458][T11563] Call Trace:
[  532.561462][T11563]  <TASK>
[  532.561466][T11563]  dump_stack_lvl+0x16c/0x1f0
[  532.561486][T11563]  should_fail_ex+0x512/0x640
[  532.561505][T11563]  _copy_from_user+0x2e/0xd0
[  532.561515][T11563]  snd_pcm_oss_write2+0x1c2/0x410
[  532.561530][T11563]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  532.561542][T11563]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  532.561558][T11563]  ? snd_pcm_oss_prepare+0x11e/0x220
[  532.561571][T11563]  snd_pcm_oss_write+0x710/0xa10
[  532.561585][T11563]  ? security_file_permission+0x71/0x210
[  532.561602][T11563]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  532.561614][T11563]  vfs_write+0x2a0/0x11d0
[  532.561633][T11563]  ? __pfx_vfs_write+0x10/0x10
[  532.561646][T11563]  ? find_held_lock+0x2b/0x80
[  532.561662][T11563]  ? __fget_files+0x204/0x3c0
[  532.561679][T11563]  ? __fget_files+0x20e/0x3c0
[  532.561691][T11563]  ? handle_mm_fault+0x1f0/0xd10
[  532.561721][T11563]  ksys_write+0x12a/0x250
[  532.561736][T11563]  ? __pfx_ksys_write+0x10/0x10
[  532.561752][T11563]  ? rcu_is_watching+0x12/0xc0
[  532.561769][T11563]  __do_fast_syscall_32+0x7c/0x300
[  532.561786][T11563]  do_fast_syscall_32+0x32/0x80
[  532.561802][T11563]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  532.561816][T11563] RIP: 0023:0xf706d579
[  532.561825][T11563] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  532.561835][T11563] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  532.561845][T11563] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000500
[  532.561852][T11563] RDX: 000000000000fc36 RSI: 0000000000000000 RDI: 0000000000000000
[  532.561857][T11563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  532.561863][T11563] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  532.561869][T11563] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  532.561884][T11563]  </TASK>
[  532.742025][T11566] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1403'.
[  533.106602][T11580] ptrace attach of ""[11582] was attempted by "/syz-executor exec"[11580]
[  533.180116][ T6799] vhci_hcd: vhci_device speed not set
[  533.320080][T11584] syz.2.1409 (11584): drop_caches: 1
[  533.350939][T11586] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  533.500126][T11584] syz.2.1409 (11584): drop_caches: 1
[  534.745117][T11596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  534.759531][T11596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  534.820845][T11599] bridge0: port 4(erspan0) entered blocking state
[  534.824163][T11599] bridge0: port 4(erspan0) entered disabled state
[  534.827098][T11599] erspan0: entered allmulticast mode
[  534.833968][T11599] erspan0: entered promiscuous mode
[  534.837286][T11599] bridge0: port 4(erspan0) entered blocking state
[  534.839339][T11599] bridge0: port 4(erspan0) entered forwarding state
[  534.855848][T11599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1411'.
[  535.344617][T11602] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1414'.
[  535.438122][T11605] ieee802154 phy0 wpan0: encryption failed: -90
[  535.941676][T11621] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  535.992841][T11617] syz.4.1419 (11617): drop_caches: 1
[  536.061925][T11617] syz.4.1419 (11617): drop_caches: 1
[  537.174024][T11667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  537.183165][T11667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  537.405410][T11672] netlink: 'syz.3.1432': attribute type 1 has an invalid length.
[  537.422230][T11672] 8021q: adding VLAN 0 to HW filter on device bond0
[  537.594626][T11672] bond0: (slave veth5): Enslaving as an active interface with a down link
[  537.663304][T11672] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1432'.
[  538.396405][T11683] syz.2.1434 (11683): drop_caches: 1
[  538.469258][T11683] syz.2.1434 (11683): drop_caches: 1
[  538.480457][T11684] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  539.950334][T11695] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  539.952547][T11695] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  539.955260][T11695] vhci_hcd vhci_hcd.0: Device attached
[  539.961154][T11692] syz.2.1438 (11692): drop_caches: 1
[  540.040485][T11696] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  540.059106][T11692] syz.2.1438 (11692): drop_caches: 1
[  540.210637][   T55] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  540.777186][T11697] vhci_hcd: connection reset by peer
[  540.779017][T11474] vhci_hcd: stop threads
[  540.781036][T11474] vhci_hcd: release socket
[  540.782661][T11474] vhci_hcd: disconnect device
[  541.120940][T11710] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1442'.
[  541.123790][T11710] netlink: 'syz.2.1442': attribute type 5 has an invalid length.
[  541.126143][T11710] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1442'.
[  541.208681][T11710] geneve2: entered promiscuous mode
[  541.214763][T11710] geneve2: entered allmulticast mode
[  541.226600][T11453] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  541.229314][T11453] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  541.232370][T11453] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  541.235127][T11453] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  541.428379][T11714] syz.4.1443 (11714): drop_caches: 1
[  541.491394][T11715] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  541.492947][T11714] syz.4.1443 (11714): drop_caches: 1
[  541.885891][T11729] i2c i2c-1: Invalid block write size 34
[  543.259014][T11757] veth1_to_bond: entered allmulticast mode
[  543.475490][T11758] veth1_to_bond: left allmulticast mode
[  543.615925][T11761] syz.2.1459 (11761): drop_caches: 1
[  543.682295][T11761] syz.2.1459 (11761): drop_caches: 1
[  543.690842][T11762] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  544.928511][T11773] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1463'.
[  545.131248][T11776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1464'.
[  545.330122][   T55] vhci_hcd: vhci_device speed not set
[  546.303416][T11794] vivid-000: =================  START STATUS  =================
[  546.305995][T11794] vivid-000: Test Pattern: 75% Colorbar
[  546.310100][T11794] vivid-000: Fill Percentage of Frame: 100
[  546.312718][T11794] vivid-000: Horizontal Movement: No Movement
[  546.314695][T11794] vivid-000: Vertical Movement: No Movement
[  546.316639][T11794] vivid-000: OSD Text Mode: All
[  546.318192][T11794] vivid-000: Show Border: false
[  546.319772][T11794] vivid-000: Show Square: false
[  546.324288][T11794] vivid-000: Sensor Flipped Horizontally: false
[  546.326355][T11794] vivid-000: Sensor Flipped Vertically: false
[  546.328359][T11794] vivid-000: Insert SAV Code in Image: false
[  546.331624][T11794] vivid-000: Insert EAV Code in Image: false
[  546.333723][T11794] vivid-000: Insert Video Guard Band: false
[  546.335759][T11794] vivid-000: Reduced Framerate: false
[  546.337551][T11794] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  546.339937][T11794] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  546.343973][T11794] vivid-000: Enable Capture Cropping: true
[  546.345981][T11794] vivid-000: Enable Capture Composing: true
[  546.347883][T11794] vivid-000: Enable Capture Scaler: true
[  546.349742][T11794] vivid-000: Timestamp Source: End of Frame
[  546.352885][T11794] vivid-000: Colorspace: Rec. 709
[  546.357712][T11794] vivid-000: Transfer Function: Default
[  546.362219][T11794] vivid-000: Y'CbCr Encoding: Default
[  546.367710][T11794] vivid-000: HSV Encoding: Hue 0-179
[  546.371126][T11794] vivid-000: Quantization: Default
[  546.373603][T11794] vivid-000: Apply Alpha To Red Only: false
[  546.376056][T11794] vivid-000: Standard Aspect Ratio: 4x3
[  546.379236][T11794] vivid-000: DV Timings Signal Mode: Current DV Timings
[  546.382244][T11794] vivid-000: DV Timings: 640x480p59 inactive
[  546.384442][T11794] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  546.387399][T11794] vivid-000: Maximum EDID Blocks: 2
[  546.389031][T11794] vivid-000: Limited RGB Range (16-235): true
[  546.393380][T11794] vivid-000: Rx RGB Quantization Range: Automatic
[  546.396183][T11794] vivid-000: Power Present: 0x00000001
[  546.398416][T11794] tpg source WxH: 1280x720 (Y'CbCr)
[  546.400610][T11794] tpg field: 1
[  546.402016][T11794] tpg crop: (0,0)/1280x720
[  546.403826][T11794] tpg compose: (0,0)/1280x720
[  546.405952][T11794] tpg colorspace: 3
[  546.407445][T11794] tpg transfer function: 0/0
[  546.409891][T11794] tpg Y'CbCr encoding: 0/0
[  546.411637][T11794] tpg quantization: 0/0
[  546.412982][T11794] tpg RGB range: 0/1
[  546.415063][T11794] vivid-000: ==================  END STATUS  ==================
[  546.452997][T11800] 8021q: adding VLAN 0 to HW filter on device bond0
[  546.460513][T11800] bond0: (slave rose0): Enslaving as an active interface with an up link
[  546.563928][T11803] syz.5.1470 (11803): drop_caches: 1
[  546.598690][T11803] syz.5.1470 (11803): drop_caches: 1
[  546.660676][T11804] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  546.691177][T11806] ip6tnl1: entered promiscuous mode
[  546.692907][T11806] ip6tnl1: entered allmulticast mode
[  546.704212][T11806] team0: Device ip6tnl1 is of different type
[  546.846377][T11810] erspan0: left allmulticast mode
[  546.848495][T11810] erspan0: left promiscuous mode
[  546.850317][T11810] bridge0: port 3(erspan0) entered disabled state
[  546.911925][T11810] syz_tun: left allmulticast mode
[  546.913767][T11810] syz_tun: left promiscuous mode
[  546.915469][T11810] bridge0: port 4(syz_tun) entered disabled state
[  547.341078][T11810] bridge_slave_0: left allmulticast mode
[  547.344130][T11810] bridge_slave_0: left promiscuous mode
[  547.346468][T11810] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.460278][T11810] bridge_slave_1: left allmulticast mode
[  547.462086][T11810] bridge_slave_1: left promiscuous mode
[  547.463822][T11810] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.642491][T11810] : (slave bond_slave_0): Releasing backup interface
[  548.618573][T11810] : (slave bond_slave_1): Releasing backup interface
[  548.735317][T11828] 9pnet_fd: Insufficient options for proto=fd
[  548.783520][T11810] team0: Port device team_slave_0 removed
[  548.836820][T11810] team0: Port device team_slave_1 removed
[  548.839069][T11810] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  548.842738][T11810] batman_adv: batadv0: Removing interface: batadv_slave_0
[  548.892767][T11833] support for the xor transformation has been removed.
[  548.904101][T11810] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  548.906713][T11810] batman_adv: batadv0: Removing interface: batadv_slave_1
[  548.942267][T11810] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  549.091798][T11841] syz.3.1483 (11841): drop_caches: 1
[  549.127882][T11841] syz.3.1483 (11841): drop_caches: 1
[  549.195518][T11842] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  549.478875][T11846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1484'.
[  551.207209][T11895] 9pnet_virtio: no channels available for device syz
[  551.286362][T11897] digital: digital_start_poll: Unknown protocol
[  551.359297][T11903] netlink: 'syz.2.1500': attribute type 1 has an invalid length.
[  551.368765][T11903] team0: Port device vlan2 added
[  551.470325][T11908] syz.3.1496 (11908): drop_caches: 1
[  551.506798][T11908] syz.3.1496 (11908): drop_caches: 1
[  551.517478][T11910] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  551.581064][T11911] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  552.223688][T11918] ip6gretap0: entered promiscuous mode
[  552.542953][T11927] fuse: Unknown parameter '¦2§:ànp²*'
[  553.001893][T11935] 9pnet_fd: Insufficient options for proto=fd
[  553.188563][T11937] FAULT_INJECTION: forcing a failure.
[  553.188563][T11937] name failslab, interval 1, probability 0, space 0, times 0
[  553.192558][T11937] CPU: 1 UID: 0 PID: 11937 Comm: syz.3.1509 Not tainted syzkaller #0 PREEMPT(full) 
[  553.192572][T11937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  553.192579][T11937] Call Trace:
[  553.192583][T11937]  <TASK>
[  553.192587][T11937]  dump_stack_lvl+0x16c/0x1f0
[  553.192606][T11937]  should_fail_ex+0x512/0x640
[  553.192623][T11937]  ? __kmalloc_noprof+0xca/0x880
[  553.192637][T11937]  should_failslab+0xc2/0x120
[  553.192648][T11937]  __kmalloc_noprof+0xdd/0x880
[  553.192659][T11937]  ? __pfx___mutex_trylock_common+0x10/0x10
[  553.192672][T11937]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  553.192688][T11937]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  553.192700][T11937]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  553.192713][T11937]  ? __mutex_lock+0x1c5/0x1060
[  553.192730][T11937]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  553.192754][T11937]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  553.192768][T11937]  ? genl_get_cmd+0x194/0x580
[  553.192782][T11937]  ? ____sys_sendmsg+0xa98/0xc70
[  553.192793][T11937]  ? ___sys_sendmsg+0x134/0x1d0
[  553.192807][T11937]  ? __radix_tree_lookup+0x21f/0x2c0
[  553.192824][T11937]  genl_rcv_msg+0x55c/0x800
[  553.192837][T11937]  ? __pfx_genl_rcv_msg+0x10/0x10
[  553.192849][T11937]  ? __pfx_ieee802154_list_phy+0x10/0x10
[  553.192868][T11937]  ? __lock_acquire+0x622/0x1c90
[  553.192881][T11937]  netlink_rcv_skb+0x158/0x420
[  553.192898][T11937]  ? __pfx_genl_rcv_msg+0x10/0x10
[  553.192909][T11937]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  553.192933][T11937]  ? netlink_deliver_tap+0x1ae/0xd30
[  553.192951][T11937]  genl_rcv+0x28/0x40
[  553.192960][T11937]  netlink_unicast+0x5aa/0x870
[  553.192979][T11937]  ? __pfx_netlink_unicast+0x10/0x10
[  553.192995][T11937]  ? __pfx___might_resched+0x10/0x10
[  553.193016][T11937]  netlink_sendmsg+0x8c8/0xdd0
[  553.193035][T11937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.193054][T11937]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  553.193068][T11937]  ____sys_sendmsg+0xa98/0xc70
[  553.193081][T11937]  ? __pfx_____sys_sendmsg+0x10/0x10
[  553.193095][T11937]  ? get_compat_msghdr+0x11a/0x170
[  553.193118][T11937]  ___sys_sendmsg+0x134/0x1d0
[  553.193134][T11937]  ? __pfx____sys_sendmsg+0x10/0x10
[  553.193158][T11937]  ? find_held_lock+0x2b/0x80
[  553.193184][T11937]  __sys_sendmsg+0x16d/0x220
[  553.193199][T11937]  ? __pfx___sys_sendmsg+0x10/0x10
[  553.193222][T11937]  ? rcu_is_watching+0x12/0xc0
[  553.193239][T11937]  __do_fast_syscall_32+0x7c/0x300
[  553.193258][T11937]  do_fast_syscall_32+0x32/0x80
[  553.193274][T11937]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  553.193287][T11937] RIP: 0023:0xf7fb2579
[  553.193295][T11937] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  553.193305][T11937] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  553.193315][T11937] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800002c0
[  553.193322][T11937] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  553.193327][T11937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  553.193333][T11937] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  553.193339][T11937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  553.193354][T11937]  </TASK>
[  553.469300][T11943] syz.3.1512 (11943): drop_caches: 1
[  553.481122][T11944] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  553.531527][T11943] syz.3.1512 (11943): drop_caches: 1
[  554.191154][T11940] delete_channel: no stack
[  555.115571][T11968] FAULT_INJECTION: forcing a failure.
[  555.115571][T11968] name failslab, interval 1, probability 0, space 0, times 0
[  555.120260][T11968] CPU: 0 UID: 0 PID: 11968 Comm: syz.5.1518 Not tainted syzkaller #0 PREEMPT(full) 
[  555.120275][T11968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  555.120281][T11968] Call Trace:
[  555.120285][T11968]  <TASK>
[  555.120289][T11968]  dump_stack_lvl+0x16c/0x1f0
[  555.120309][T11968]  should_fail_ex+0x512/0x640
[  555.120325][T11968]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  555.120344][T11968]  should_failslab+0xc2/0x120
[  555.120354][T11968]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  555.120371][T11968]  ? p9_client_create+0x5c8/0x11d0
[  555.120383][T11968]  ? kmemdup_nul+0x49/0xf0
[  555.120397][T11968]  kmemdup_nul+0x49/0xf0
[  555.120414][T11968]  p9_client_create+0x5c8/0x11d0
[  555.120427][T11968]  ? __pfx_p9_client_create+0x10/0x10
[  555.120441][T11968]  ? rcu_is_watching+0x12/0xc0
[  555.120457][T11968]  ? trace_kmalloc+0x2b/0xd0
[  555.120465][T11968]  ? __kmalloc_node_track_caller_noprof+0x362/0x8a0
[  555.120484][T11968]  ? lockdep_init_map_type+0x5c/0x280
[  555.120496][T11968]  ? __raw_spin_lock_init+0x3a/0x110
[  555.120511][T11968]  v9fs_session_init+0x1f7/0x1a80
[  555.120534][T11968]  ? __pfx_v9fs_session_init+0x10/0x10
[  555.120559][T11968]  v9fs_mount+0xc5/0xa90
[  555.120568][T11968]  ? rcu_is_watching+0x12/0xc0
[  555.120582][T11968]  ? __pfx_v9fs_mount+0x10/0x10
[  555.120591][T11968]  ? aa_get_newest_label+0xd2/0x250
[  555.120603][T11968]  ? apparmor_capable+0x114/0x1d0
[  555.120615][T11968]  ? __pfx_v9fs_mount+0x10/0x10
[  555.120624][T11968]  legacy_get_tree+0x10c/0x220
[  555.120641][T11968]  vfs_get_tree+0x8e/0x340
[  555.120654][T11968]  path_mount+0x7b9/0x23a0
[  555.120672][T11968]  ? __pfx_path_mount+0x10/0x10
[  555.120688][T11968]  ? kmem_cache_free+0x2d4/0x6c0
[  555.120701][T11968]  ? putname+0x154/0x1a0
[  555.120713][T11968]  ? putname+0x154/0x1a0
[  555.120724][T11968]  ? __ia32_sys_mount+0x291/0x310
[  555.120741][T11968]  __ia32_sys_mount+0x291/0x310
[  555.120763][T11968]  ? __pfx___ia32_sys_mount+0x10/0x10
[  555.120787][T11968]  ? rcu_is_watching+0x12/0xc0
[  555.120810][T11968]  __do_fast_syscall_32+0x7c/0x300
[  555.120835][T11968]  do_fast_syscall_32+0x32/0x80
[  555.120853][T11968]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  555.120867][T11968] RIP: 0023:0xf6ffd579
[  555.120875][T11968] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  555.120885][T11968] RSP: 002b:00000000f53ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  555.120895][T11968] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000040
[  555.120902][T11968] RDX: 00000000800000c0 RSI: 0000000000000010 RDI: 0000000080000100
[  555.120908][T11968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  555.120914][T11968] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  555.120920][T11968] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  555.120935][T11968]  </TASK>
[  555.364331][T11979] 9pnet_fd: Insufficient options for proto=fd
[  555.366405][T11980] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1528'.
[  556.345996][T11988] syz.2.1523 (11988): drop_caches: 1
[  556.399423][T11988] syz.2.1523 (11988): drop_caches: 1
[  556.400531][T11991] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  558.608861][T12016] 9pnet_fd: Insufficient options for proto=fd
[  558.689208][T12018] mkiss: ax0: crc mode is auto.
[  558.841886][T12017] /dev/sr0: Can't open blockdev
[  559.185825][T12030] syz.2.1535 (12030): drop_caches: 1
[  559.216385][T12030] syz.2.1535 (12030): drop_caches: 1
[  559.251424][T12033] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  559.272521][T12035] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1536'.
[  559.278725][T12035] netlink: 111 bytes leftover after parsing attributes in process `syz.5.1536'.
[  559.889239][T12049] 9pnet_fd: Insufficient options for proto=fd
[  560.713228][T12075] ubi31: attaching mtd0
[  560.726508][T12075] ubi31: scanning is finished
[  560.728221][T12075] ubi31: empty MTD device detected
[  560.786309][T12074] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  560.854357][T12073] syz.4.1548 (12073): drop_caches: 1
[  560.979654][T12073] syz.4.1548 (12073): drop_caches: 1
[  560.985181][T12075] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  560.990981][T12075] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  560.995596][T12075] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  560.997999][T12075] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  561.000587][T12075] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  561.002883][T12075] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  561.005534][T12075] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1430846251
[  561.008737][T12075] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  561.013006][T12079] ubi31: background thread "ubi_bgt31d" started, PID 12079
[  561.118566][T12086] 9pnet_fd: Insufficient options for proto=fd
[  561.577166][T12099] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1555'.
[  561.585160][T12099] netlink: 111 bytes leftover after parsing attributes in process `syz.5.1555'.
[  561.781525][T12103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1554'.
[  561.784644][T12103] netlink: 'syz.3.1554': attribute type 5 has an invalid length.
[  561.787421][T12103] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1554'.
[  562.130424][T12092] : (slave bond_slave_0): Releasing backup interface
[  562.346258][T12110] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  562.350754][T12110] kvm: kvm [12109]: vcpu0, guest rIP: 0xf000 Unhandled WRMSR(0x4000008d) = 0x0
[  562.573697][T12103] geneve2: entered promiscuous mode
[  562.575482][T12103] geneve2: entered allmulticast mode
[  562.662626][T12124] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1560'.
[  562.666175][T12124] netlink: 111 bytes leftover after parsing attributes in process `syz.5.1560'.
[  562.769500][T11443] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  562.772851][T11430] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  562.785399][T11430] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  562.788086][T11430] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  563.186839][T12144] 9pnet_fd: Insufficient options for proto=fd
[  563.552913][T12154] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1568'.
[  563.574943][T12154] netlink: 111 bytes leftover after parsing attributes in process `syz.5.1568'.
[  564.432842][T12171] 9pnet_fd: Insufficient options for proto=fd
[  564.558917][T12179] FAULT_INJECTION: forcing a failure.
[  564.558917][T12179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  564.563159][T12179] CPU: 3 UID: 0 PID: 12179 Comm: syz.4.1579 Not tainted syzkaller #0 PREEMPT(full) 
[  564.563174][T12179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  564.563180][T12179] Call Trace:
[  564.563185][T12179]  <TASK>
[  564.563190][T12179]  dump_stack_lvl+0x16c/0x1f0
[  564.563211][T12179]  should_fail_ex+0x512/0x640
[  564.563231][T12179]  _copy_from_iter+0x29f/0x1720
[  564.563250][T12179]  ? __lock_acquire+0x622/0x1c90
[  564.563262][T12179]  ? __pfx__copy_from_iter+0x10/0x10
[  564.563286][T12179]  copy_page_from_iter+0xde/0x180
[  564.563305][T12179]  tun_build_skb.constprop.0+0x2e8/0x1510
[  564.563327][T12179]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  564.563343][T12179]  ? __lock_acquire+0x622/0x1c90
[  564.563362][T12179]  tun_get_user+0x149c/0x3cc0
[  564.563381][T12179]  ? __pfx_tun_get_user+0x10/0x10
[  564.563401][T12179]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  564.563416][T12179]  ? find_held_lock+0x2b/0x80
[  564.563431][T12179]  ? tun_get+0x191/0x370
[  564.563445][T12179]  tun_chr_write_iter+0xdc/0x210
[  564.563459][T12179]  vfs_write+0x7d3/0x11d0
[  564.563475][T12179]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  564.563488][T12179]  ? __pfx_vfs_write+0x10/0x10
[  564.563501][T12179]  ? find_held_lock+0x2b/0x80
[  564.563524][T12179]  ksys_write+0x12a/0x250
[  564.563538][T12179]  ? __pfx_ksys_write+0x10/0x10
[  564.563554][T12179]  ? rcu_is_watching+0x12/0xc0
[  564.563571][T12179]  __do_fast_syscall_32+0x7c/0x300
[  564.563589][T12179]  do_fast_syscall_32+0x32/0x80
[  564.563606][T12179]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  564.563619][T12179] RIP: 0023:0xf702d579
[  564.563627][T12179] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  564.563638][T12179] RSP: 002b:00000000f541d520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  564.563648][T12179] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000080
[  564.563655][T12179] RDX: 000000000000004a RSI: 00000000f73c5ff4 RDI: 0000000000000000
[  564.563661][T12179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  564.563666][T12179] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  564.563672][T12179] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  564.563686][T12179]  </TASK>
[  564.836466][T12191] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  564.838834][T12191] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  564.841961][T12191] vhci_hcd vhci_hcd.0: Device attached
[  565.140217][   T55] usb 48-1: SetAddress Request (10) to port 0
[  565.142983][   T55] usb 48-1: new SuperSpeed USB device number 10 using vhci_hcd
[  565.170300][T12200] 9pnet_fd: Insufficient options for proto=fd
[  565.382245][T12204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1585'.
[  565.386742][T12204] netlink: 111 bytes leftover after parsing attributes in process `syz.2.1585'.
[  565.423004][T12193] vhci_hcd: connection reset by peer
[  565.425058][ T1143] vhci_hcd: stop threads
[  565.426474][ T1143] vhci_hcd: release socket
[  565.428087][ T1143] vhci_hcd: disconnect device
[  567.271414][T12230] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1594'.
[  567.770279][T12240] input: syz1 as /devices/virtual/input/input13
[  568.038213][T12260] xt_CT: You must specify a L4 protocol and not use inversions on it
[  570.210074][   T55] usb 48-1: device descriptor read/8, error -110
[  570.280967][T12297] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1617'.
[  570.600823][   T55] usb usb48-port1: attempt power cycle
[  570.903990][T12309] tipc: Started in network mode
[  570.905989][T12309] tipc: Node identity 1e047f56b9d, cluster identity 4711
[  570.908222][T12309] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  571.000058][  T842] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  571.000773][T12308] tipc: Disabling bearer <eth:syzkaller0>
[  571.150033][  T842] usb 7-1: Using ep0 maxpacket: 16
[  571.153077][  T842] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[  571.155594][  T842] usb 7-1: config 0 has no interface number 0
[  571.157594][  T842] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  571.162759][  T842] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  571.165710][  T842] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  571.168305][  T842] usb 7-1: Product: syz
[  571.169695][  T842] usb 7-1: SerialNumber: syz
[  571.173187][  T842] usb 7-1: config 0 descriptor??
[  571.177277][  T842] cm109 7-1:0.8: invalid payload size 208, expected 4
[  571.180488][   T55] usb usb48-port1: unable to enumerate USB device
[  571.180742][  T842] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input14
[  571.281913][T12315] loop6: detected capacity change from 0 to 524287999
[  571.584120][    C2] cm109 7-1:0.8: cm109_urb_irq_callback: urb status -71
[  571.586776][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.589173][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.591583][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.594017][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.596875][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.599292][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.601703][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.604062][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.606468][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.608867][    C2] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  571.613042][  T842] usb 7-1: USB disconnect, device number 24
[  571.613085][    C2] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  571.642415][  T842] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  573.338651][   T55] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  573.490019][   T55] usb 10-1: Using ep0 maxpacket: 32
[  573.493315][   T55] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  573.497747][   T55] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  573.501779][   T55] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  573.505374][   T55] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.511986][   T55] usb 10-1: config 0 descriptor??
[  573.933307][   T55] savu 0003:1E7D:2D5A.0016: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[  574.193407][   T55] usb 10-1: USB disconnect, device number 10
[  577.262004][T12461] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1676'.
[  578.808881][T12487] input: syz0 as /devices/virtual/input/input15
[  578.927000][T12494] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  579.030785][T12493] tipc: Disabling bearer <eth:syzkaller0>
[  579.333655][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  581.086375][T12515] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1694'.
[  581.089755][T12515] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1694'.
[  581.093069][T12515] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1694'.
[  581.096191][T12515] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1694'.
[  581.901948][T12526] ieee802154 phy0 wpan0: encryption failed: -22
[  583.282458][T12546] debugfs: 'ttyS3' already exists in 'caif_serial'
[  583.462249][T12548] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  587.871066][T12583] netlink: 34 bytes leftover after parsing attributes in process `syz.2.1719'.
[  590.783736][T12602] (syz.2.1724,12602,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  590.786487][T12602] (syz.2.1724,12602,0):ocfs2_fill_super:1177 ERROR: status = -22
[  590.795518][T12602] comedi comedi3: comedi_config --init_data is deprecated
[  591.795039][ T5298] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  591.798066][ T5298] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  591.801981][ T5298] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  591.804981][ T5298] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  591.808228][ T5298] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  591.813264][ T5952] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  591.819332][ T5952] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  591.822215][ T5952] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  591.825006][ T5952] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  591.827496][ T5952] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  591.880078][    T9] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  592.030101][    T9] usb 7-1: Using ep0 maxpacket: 16
[  592.033108][    T9] usb 7-1: config 1 interface 0 altsetting 52 bulk endpoint 0x82 has invalid maxpacket 16
[  592.036260][    T9] usb 7-1: config 1 interface 0 altsetting 52 bulk endpoint 0x3 has invalid maxpacket 8
[  592.039136][    T9] usb 7-1: config 1 interface 0 has no altsetting 0
[  592.042055][    T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  592.044773][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  592.047249][    T9] usb 7-1: SerialNumber: syz
[  592.050512][T12608] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  592.053549][T12608] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  592.356958][    T9] cdc_acm 7-1:1.0: ttyACM0: USB ACM device
[  592.362670][    T9] usb 7-1: USB disconnect, device number 25
[  592.934496][T11434] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.221709][T11434] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.294326][T12612] chnl_net:caif_netlink_parms(): no params data found
[  593.633129][T11434] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.890327][ T5952] Bluetooth: hci4: command tx timeout
[  594.041568][T11434] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.061031][T12612] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.063905][T12612] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.066570][T12612] bridge_slave_0: entered allmulticast mode
[  594.069660][T12612] bridge_slave_0: entered promiscuous mode
[  594.073442][T12612] bridge0: port 2(bridge_slave_1) entered blocking state
[  594.075996][T12612] bridge0: port 2(bridge_slave_1) entered disabled state
[  594.078366][T12612] bridge_slave_1: entered allmulticast mode
[  594.081591][T12612] bridge_slave_1: entered promiscuous mode
[  594.283486][T12612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  594.289097][T12612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  594.493712][T12612] team0: Port device team_slave_0 added
[  594.496914][T12612] team0: Port device team_slave_1 added
[  594.657120][T12612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  594.660110][T12612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  594.669380][T12612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  594.679619][T12612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  594.681855][T12612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  594.691342][T12612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  594.782107][T11434] bridge_slave_1: left allmulticast mode
[  594.784011][T11434] bridge_slave_1: left promiscuous mode
[  594.785905][T11434] bridge0: port 2(bridge_slave_1) entered disabled state
[  594.870526][T11434] bridge_slave_0: left allmulticast mode
[  594.872708][T11434] bridge_slave_0: left promiscuous mode
[  594.875134][T11434] bridge0: port 1(bridge_slave_0) entered disabled state
[  595.980105][ T5952] Bluetooth: hci4: command tx timeout
[  597.101169][T11434]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  597.210670][T11434]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  597.231928][T11434]  (unregistering): Released all slaves
[  598.060104][ T5952] Bluetooth: hci4: command tx timeout
[  598.120439][T11434] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  598.160792][T11434] bond0 (unregistering): Released all slaves
[  598.467544][T12612] hsr_slave_0: entered promiscuous mode
[  598.470824][T12612] hsr_slave_1: entered promiscuous mode
[  598.474317][T12612] debugfs: 'hsr0' already exists in 'hsr'
[  598.476691][T12612] Cannot create hsr debugfs directory
[  598.480557][T12676] tipc: Started in network mode
[  598.482143][T12676] tipc: Node identity 080211000001, cluster identity 4711
[  598.484479][T12676] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  598.663062][T12677] mac80211_hwsim hwsim4 syzkaller0: entered promiscuous mode
[  598.665755][T12677] mac80211_hwsim hwsim4 syzkaller0: entered allmulticast mode
[  598.999814][   T41] audit: type=1326 audit(1760298286.155:47014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.008476][   T41] audit: type=1326 audit(1760298286.155:47015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.018588][   T41] audit: type=1326 audit(1760298286.165:47016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=342 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.027203][   T41] audit: type=1326 audit(1760298286.165:47017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.036200][   T41] audit: type=1326 audit(1760298286.165:47018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.044760][   T41] audit: type=1326 audit(1760298286.165:47019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=139 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.053961][   T41] audit: type=1326 audit(1760298286.165:47020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.062063][   T41] audit: type=1326 audit(1760298286.165:47021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.069011][   T41] audit: type=1326 audit(1760298286.165:47022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.076332][   T41] audit: type=1326 audit(1760298286.165:47023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  599.480087][ T5741] tipc: Node number set to 134418688
[  599.490126][T11434] hsr_slave_0: left promiscuous mode
[  599.530138][T11434] hsr_slave_1: left promiscuous mode
[  599.532227][T11434] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  599.534586][T11434] batman_adv: batadv0: Removing interface: batadv_slave_0
[  599.581242][T11434] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  599.583712][T11434] batman_adv: batadv0: Removing interface: batadv_slave_1
[  599.657635][T11434] veth1_macvtap: left promiscuous mode
[  599.661030][T11434] veth0_macvtap: left promiscuous mode
[  599.663436][T11434] veth1_vlan: left promiscuous mode
[  599.665700][T11434] veth0_vlan: left promiscuous mode
[  600.130073][ T5952] Bluetooth: hci4: command tx timeout
[  600.380130][    T9] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  600.530145][    T9] usb 7-1: Using ep0 maxpacket: 8
[  600.533733][    T9] usb 7-1: config 0 has no interfaces?
[  600.537665][    T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  600.540564][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.543057][    T9] usb 7-1: Product: syz
[  600.544339][    T9] usb 7-1: Manufacturer: syz
[  600.545815][    T9] usb 7-1: SerialNumber: syz
[  600.549683][    T9] usb 7-1: config 0 descriptor??
[  600.771898][   T30] usb 7-1: USB disconnect, device number 26
[  601.855712][T12722] netlink: 'syz.3.1758': attribute type 10 has an invalid length.
[  602.411149][T12728] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input16
[  603.390085][ T6013] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  603.550085][ T6013] usb 7-1: Using ep0 maxpacket: 8
[  603.554129][ T6013] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  603.560759][ T6013] usb 7-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  603.564509][ T6013] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.567868][ T6013] usb 7-1: Product: syz
[  603.569735][ T6013] usb 7-1: Manufacturer: syz
[  603.572135][ T6013] usb 7-1: SerialNumber: syz
[  603.578924][ T6013] usb 7-1: config 0 descriptor??
[  603.584347][ T6013] streamzap 7-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[  603.784745][   T30] usb 7-1: USB disconnect, device number 27
[  606.286948][T12744] binder: 12742:12744 ioctl c0306201 80000540 returned -22
[  606.790525][T11434] team0 (unregistering): Port device team_slave_1 removed
[  607.650609][T11434] team0 (unregistering): Port device team_slave_0 removed
[  608.590165][ T5741] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  608.740123][ T5741] usb 7-1: Using ep0 maxpacket: 8
[  608.744120][ T5741] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  608.748251][ T5741] usb 7-1: New USB device found, idVendor=2801, idProduct=0201, bcdDevice=2a.d5
[  608.752091][ T5741] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.757355][ T5741] usb 7-1: config 0 descriptor??
[  608.762786][ T5741] uvcvideo 7-1:0.0: probe with driver uvcvideo failed with error -22
[  613.776682][T12720] bridge0: port 1(syz_tun) entered blocking state
[  613.779252][T12720] bridge0: port 1(syz_tun) entered disabled state
[  613.782189][T12720] syz_tun: entered allmulticast mode
[  613.785450][T12720] syz_tun: entered promiscuous mode
[  613.787445][T12720] bridge0: port 1(syz_tun) entered blocking state
[  613.789461][T12720] bridge0: port 1(syz_tun) entered forwarding state
[  613.840276][T12722] bridge0: port 1(syz_tun) entered disabled state
[  613.849744][T12722] bridge0: port 1(syz_tun) entered blocking state
[  613.852263][T12722] bridge0: port 1(syz_tun) entered forwarding state
[  613.990428][T12722] bridge0: port 1(syz_tun) entered disabled state
[  614.015166][ T5741] usb 7-1: USB disconnect, device number 28
[  614.049642][T12612] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  614.072507][T12612] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  614.111974][T12612] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  614.153070][T12612] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  614.245882][T12779] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1772'.
[  614.258905][T12612] 8021q: adding VLAN 0 to HW filter on device bond0
[  614.272045][T12612] 8021q: adding VLAN 0 to HW filter on device team0
[  614.278683][T11467] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.280879][T11467] bridge0: port 1(bridge_slave_0) entered forwarding state
[  614.288538][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.290856][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  614.415772][T12612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  614.572652][T12612] veth0_vlan: entered promiscuous mode
[  614.577268][T12612] veth1_vlan: entered promiscuous mode
[  614.592683][T12612] veth0_macvtap: entered promiscuous mode
[  614.599419][T12612] veth1_macvtap: entered promiscuous mode
[  614.608805][T12612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  614.617497][T12612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  614.624473][ T1143] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  614.627379][ T1143] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  614.630508][ T1143] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  614.633346][ T1143] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  614.822582][T11453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  614.824992][T11453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  614.841361][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  614.843888][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  614.954876][T12792] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1774'.
[  616.076195][T12816] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1781'.
[  616.303007][T12818] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.305775][T12818] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.371067][T12803] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  616.373265][T12803] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  616.524577][T12803] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  616.763836][T12818] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  616.774270][T12818] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  617.632818][T12824] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1784'.
[  617.636259][T11461] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.640426][T11461] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.644246][T11461] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.647911][T11461] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  617.694706][T12834] netlink: 'syz.2.1788': attribute type 2 has an invalid length.
[  617.697975][T12834] netlink: 'syz.2.1788': attribute type 9 has an invalid length.
[  617.701278][T12834] netlink: 'syz.2.1788': attribute type 1 has an invalid length.
[  617.703996][T12834] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1788'.
[  617.723138][T12836] fuse: Unknown parameter 'group_id00000000000000000000'
[  617.830321][ T5298] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  617.834491][ T5298] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  617.843646][ T5298] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  617.847204][ T5298] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  617.849904][ T5298] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  618.050250][ T5298] Bluetooth: hci4: command 0x0c1a tx timeout
[  618.250113][T12847] chnl_net:caif_netlink_parms(): no params data found
[  618.995284][T11467] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.042919][T12866] tipc: Started in network mode
[  619.045053][T12866] tipc: Node identity 72fda6f93cf7, cluster identity 4711
[  619.048162][T12866] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  619.151663][T12865] tipc: Resetting bearer <eth:syzkaller0>
[  619.342266][T11467] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.490388][T12864] tipc: Disabling bearer <eth:syzkaller0>
[  619.900300][ T5298] Bluetooth: hci2: command tx timeout
[  619.922482][T11467] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.140377][ T5298] Bluetooth: hci4: command 0x0c1a tx timeout
[  620.581521][T11467] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.601246][T12847] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.604662][T12847] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.607086][T12847] bridge_slave_0: entered allmulticast mode
[  620.609807][T12847] bridge_slave_0: entered promiscuous mode
[  620.614354][T12847] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.617953][T12847] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.621220][T12847] bridge_slave_1: entered allmulticast mode
[  620.624533][T12847] bridge_slave_1: entered promiscuous mode
[  620.786720][T12847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  620.791799][T12847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  621.006617][T12847] team0: Port device team_slave_0 added
[  621.015549][T12847] team0: Port device team_slave_1 added
[  621.420012][T12847] batman_adv: batadv0: Adding interface: batadv_slave_0
[  621.423530][T12847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  621.433456][T12847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  621.446278][T12847] batman_adv: batadv0: Adding interface: batadv_slave_1
[  621.448876][T12847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  621.459058][T12847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  621.563801][T11467] erspan0: left allmulticast mode
[  621.566202][T11467] erspan0: left promiscuous mode
[  621.568708][T11467] bridge0: port 4(erspan0) entered disabled state
[  621.642691][T11467] macvlan2: left allmulticast mode
[  621.644964][T11467] team0: left allmulticast mode
[  621.647097][T11467] team_slave_0: left allmulticast mode
[  621.650346][T11467] team_slave_1: left allmulticast mode
[  621.653437][T11467] macvlan2: left promiscuous mode
[  621.655750][T11467] bridge0: port 3(macvlan2) entered disabled state
[  621.722816][T11467] bridge_slave_1: left allmulticast mode
[  621.724694][T11467] bridge_slave_1: left promiscuous mode
[  621.726614][T11467] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.767660][T12906] ==================================================================
[  621.770277][T12906] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220
[  621.772664][T12906] Read of size 8 at addr ffff888013038408 by task syz.3.1807/12906
[  621.775867][T12906] 
[  621.777255][T12906] CPU: 2 UID: 0 PID: 12906 Comm: syz.3.1807 Not tainted syzkaller #0 PREEMPT(full) 
[  621.777269][T12906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  621.777276][T12906] Call Trace:
[  621.777280][T12906]  <TASK>
[  621.777286][T12906]  dump_stack_lvl+0x116/0x1f0
[  621.777305][T12906]  print_report+0xcd/0x630
[  621.777316][T12906]  ? __virt_addr_valid+0x81/0x610
[  621.777325][T12906]  ? __phys_addr+0xe8/0x180
[  621.777335][T12906]  ? __cpa_addr+0x1d3/0x220
[  621.777346][T12906]  kasan_report+0xe0/0x110
[  621.777356][T12906]  ? __cpa_addr+0x1d3/0x220
[  621.777370][T12906]  __cpa_addr+0x1d3/0x220
[  621.777382][T12906]  cpa_flush+0x28b/0x8a0
[  621.777396][T12906]  ? __pfx_cpa_flush+0x10/0x10
[  621.777409][T12906]  ? pgprot2cachemode+0x9a/0x130
[  621.777418][T12906]  ? __pfx_pgprot2cachemode+0x10/0x10
[  621.777427][T12906]  ? drm_gem_get_pages+0x6a0/0xa10
[  621.777442][T12906]  change_page_attr_set_clr+0x34e/0x4a0
[  621.777457][T12906]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[  621.777477][T12906]  _set_pages_array+0x1ab/0x2c0
[  621.777497][T12906]  drm_gem_shmem_get_pages_locked+0x384/0x490
[  621.777509][T12906]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[  621.777522][T12906]  drm_gem_shmem_pin_locked+0x223/0x470
[  621.777534][T12906]  ? __pfx_drm_gem_shmem_pin_locked+0x10/0x10
[  621.777549][T12906]  ? __pfx___might_resched+0x10/0x10
[  621.777574][T12906]  drm_gem_map_attach+0x184/0x270
[  621.777590][T12906]  ? __pfx_drm_gem_map_attach+0x10/0x10
[  621.777606][T12906]  dma_buf_dynamic_attach+0x1f3/0x530
[  621.777618][T12906]  ? __fget_files+0x20e/0x3c0
[  621.777633][T12906]  drm_gem_shmem_prime_import_no_map+0x67/0x3c0
[  621.777650][T12906]  ? __pfx_drm_gem_shmem_prime_import_no_map+0x10/0x10
[  621.777668][T12906]  drm_gem_prime_fd_to_handle+0x1a9/0x5f0
[  621.777680][T12906]  drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  621.777691][T12906]  drm_ioctl_kernel+0x1f4/0x3e0
[  621.777704][T12906]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  621.777716][T12906]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  621.777732][T12906]  drm_ioctl+0x5c9/0xc30
[  621.777746][T12906]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  621.777757][T12906]  ? __pfx_drm_ioctl+0x10/0x10
[  621.777777][T12906]  drm_compat_ioctl+0x327/0x460
[  621.777794][T12906]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  621.777810][T12906]  __ia32_compat_sys_ioctl+0x242/0x370
[  621.777828][T12906]  __do_fast_syscall_32+0x7c/0x300
[  621.777853][T12906]  do_fast_syscall_32+0x32/0x80
[  621.777871][T12906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  621.777885][T12906] RIP: 0023:0xf7fb2579
[  621.777894][T12906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  621.777904][T12906] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  621.777914][T12906] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c00c642e
[  621.777921][T12906] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  621.777927][T12906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  621.777933][T12906] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  621.777939][T12906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  621.777951][T12906]  </TASK>
[  621.777954][T12906] 
[  621.878726][T12906] Allocated by task 12906:
[  621.880158][T12906]  kasan_save_stack+0x33/0x60
[  621.881682][T12906]  kasan_save_track+0x14/0x30
[  621.883162][T12906]  __kasan_kmalloc+0xaa/0xb0
[  621.884634][T12906]  __kvmalloc_node_noprof+0x3a3/0x9c0
[  621.886346][T12906]  drm_gem_get_pages+0x144/0xa10
[  621.887907][T12906]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  621.889825][T12906]  drm_gem_shmem_pin_locked+0x223/0x470
[  621.891585][T12906]  drm_gem_map_attach+0x184/0x270
[  621.893124][T12906]  dma_buf_dynamic_attach+0x1f3/0x530
[  621.894800][T12906]  drm_gem_shmem_prime_import_no_map+0x67/0x3c0
[  621.896742][T12906]  drm_gem_prime_fd_to_handle+0x1a9/0x5f0
[  621.898518][T12906]  drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  621.900375][T12906]  drm_ioctl_kernel+0x1f4/0x3e0
[  621.901936][T12906]  drm_ioctl+0x5c9/0xc30
[  621.903272][T12906]  drm_compat_ioctl+0x327/0x460
[  621.904807][T12906]  __ia32_compat_sys_ioctl+0x242/0x370
[  621.906516][T12906]  __do_fast_syscall_32+0x7c/0x300
[  621.908148][T12906]  do_fast_syscall_32+0x32/0x80
[  621.909744][T12906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  621.911771][T12906] 
[  621.912536][T12906] The buggy address belongs to the object at ffff888013038000
[  621.912536][T12906]  which belongs to the cache kmalloc-2k of size 2048
[  621.916749][T12906] The buggy address is located 0 bytes to the right of
[  621.916749][T12906]  allocated 1032-byte region [ffff888013038000, ffff888013038408)
[  621.921271][T12906] 
[  621.922049][T12906] The buggy address belongs to the physical page:
[  621.924050][T12906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13038
[  621.926760][T12906] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  621.929358][T12906] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  621.931980][T12906] page_type: f5(slab)
[  621.933381][T12906] raw: 00fff00000000040 ffff88801b442f00 0000000000000000 dead000000000001
[  621.936059][T12906] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  621.938717][T12906] head: 00fff00000000040 ffff88801b442f00 0000000000000000 dead000000000001
[  621.941446][T12906] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  621.944118][T12906] head: 00fff00000000003 ffffea00004c0e01 00000000ffffffff 00000000ffffffff
[  621.946782][T12906] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  621.949450][T12906] page dumped because: kasan: bad access detected
[  621.951456][T12906] page_owner tracks the page as allocated
[  621.953221][T12906] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5961, tgid 5961 (syz-executor), ts 121482446992, free_ts 58519948406
[  621.959733][T12906]  post_alloc_hook+0x1c0/0x230
[  621.961297][T12906]  get_page_from_freelist+0x10a3/0x3a30
[  621.963025][T12906]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  621.964868][T12906]  alloc_pages_mpol+0x1fb/0x550
[  621.966397][T12906]  new_slab+0x24a/0x360
[  621.967711][T12906]  ___slab_alloc+0xdc4/0x1ae0
[  621.969209][T12906]  __slab_alloc.constprop.0+0x63/0x110
[  621.970949][T12906]  __kmalloc_cache_noprof+0x477/0x780
[  621.972627][T12906]  rtnl_newlink+0x11b/0x2000
[  621.974093][T12906]  rtnetlink_rcv_msg+0x95e/0xe90
[  621.975659][T12906]  netlink_rcv_skb+0x158/0x420
[  621.977161][T12906]  netlink_unicast+0x5aa/0x870
[  621.978686][T12906]  netlink_sendmsg+0x8c8/0xdd0
[  621.980204][T12906]  __sys_sendto+0x4a3/0x520
[  621.981694][T12906]  __ia32_compat_sys_socketcall+0x625/0x770
[  621.983535][T12906]  __do_fast_syscall_32+0x7c/0x300
[  621.985144][T12906] page last free pid 5349 tgid 5349 stack trace:
[  621.987092][T12906]  __free_frozen_pages+0x7df/0x1160
[  621.988713][T12906]  __put_partials+0x130/0x170
[  621.990203][T12906]  qlist_free_all+0x4d/0x120
[  621.991677][T12906]  kasan_quarantine_reduce+0x195/0x1e0
[  621.993372][T12906]  __kasan_slab_alloc+0x69/0x90
[  621.994903][T12906]  kmem_cache_alloc_noprof+0x250/0x6e0
[  621.996717][T12906]  getname_flags.part.0+0x4c/0x550
[  621.998322][T12906]  getname_flags+0x93/0xf0
[  621.999715][T12906]  do_readlinkat+0xb4/0x3a0
[  622.001213][T12906]  __x64_sys_readlink+0x78/0xc0
[  622.002731][T12906]  do_syscall_64+0xcd/0xfa0
[  622.004138][T12906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  622.005953][T12906] 
[  622.006712][T12906] Memory state around the buggy address:
[  622.008446][T12906]  ffff888013038300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  622.010968][T12906]  ffff888013038380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  622.013428][T12906] >ffff888013038400: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  622.015887][T12906]                       ^
[  622.015914][ T5298] Bluetooth: hci2: command tx timeout
[  622.017248][T12906]  ffff888013038480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  622.017258][T12906]  ffff888013038500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  622.017264][T12906] ==================================================================
[  622.018385][    C2] hpet_rtc_timer_reinit: 17 callbacks suppressed
[  622.018394][    C2] hpet: Lost 15 RTC interrupts
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  622.035813][T12906] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  622.039560][T12906] CPU: 3 UID: 0 PID: 12906 Comm: syz.3.1807 Not tainted syzkaller #0 PREEMPT(full) 
[  622.043750][T12906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  622.048481][T12906] Call Trace:
[  622.050006][T12906]  <TASK>
[  622.051380][T12906]  dump_stack_lvl+0x3d/0x1f0
[  622.053568][T12906]  vpanic+0x640/0x6f0
[  622.055450][T12906]  panic+0xca/0xd0
[  622.057149][T12906]  ? __pfx_panic+0x10/0x10
[  622.059238][T12906]  ? __cpa_addr+0x1d3/0x220
[  622.061257][T12906]  ? preempt_schedule_common+0x44/0xc0
[  622.063809][T12906]  ? preempt_schedule_thunk+0x16/0x30
[  622.066250][T12906]  check_panic_on_warn+0xab/0xb0
[  622.068529][T12906]  end_report+0x107/0x170
[  622.070511][T12906]  kasan_report+0xee/0x110
[  622.072489][T12906]  ? __cpa_addr+0x1d3/0x220
[  622.074624][T12906]  __cpa_addr+0x1d3/0x220
[  622.076541][T12906]  cpa_flush+0x28b/0x8a0
[  622.078547][T12906]  ? __pfx_cpa_flush+0x10/0x10
[  622.080665][T12906]  ? pgprot2cachemode+0x9a/0x130
[  622.082931][T12906]  ? __pfx_pgprot2cachemode+0x10/0x10
[  622.085371][T12906]  ? drm_gem_get_pages+0x6a0/0xa10
[  622.087654][T12906]  change_page_attr_set_clr+0x34e/0x4a0
[  622.090196][T12906]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[  622.093002][T12906]  _set_pages_array+0x1ab/0x2c0
[  622.095311][T12906]  drm_gem_shmem_get_pages_locked+0x384/0x490
[  622.098069][T12906]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[  622.101013][T12906]  drm_gem_shmem_pin_locked+0x223/0x470
[  622.103553][T12906]  ? __pfx_drm_gem_shmem_pin_locked+0x10/0x10
[  622.106332][T12906]  ? __pfx___might_resched+0x10/0x10
[  622.108662][T12906]  drm_gem_map_attach+0x184/0x270
[  622.111031][T12906]  ? __pfx_drm_gem_map_attach+0x10/0x10
[  622.113524][T12906]  dma_buf_dynamic_attach+0x1f3/0x530
[  622.115965][T12906]  ? __fget_files+0x20e/0x3c0
[  622.118088][T12906]  drm_gem_shmem_prime_import_no_map+0x67/0x3c0
[  622.120939][T12906]  ? __pfx_drm_gem_shmem_prime_import_no_map+0x10/0x10
[  622.123843][T12906]  drm_gem_prime_fd_to_handle+0x1a9/0x5f0
[  622.126429][T12906]  drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  622.129088][T12906]  drm_ioctl_kernel+0x1f4/0x3e0
[  622.131314][T12906]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  622.134243][T12906]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  622.136696][T12906]  drm_ioctl+0x5c9/0xc30
[  622.138591][T12906]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  622.141519][T12906]  ? __pfx_drm_ioctl+0x10/0x10
[  622.143754][T12906]  drm_compat_ioctl+0x327/0x460
[  622.145946][T12906]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  622.148376][T12906]  __ia32_compat_sys_ioctl+0x242/0x370
[  622.150918][T12906]  __do_fast_syscall_32+0x7c/0x300
[  622.153281][T12906]  do_fast_syscall_32+0x32/0x80
[  622.155436][T12906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  622.158303][T12906] RIP: 0023:0xf7fb2579
[  622.160210][T12906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  622.168947][T12906] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  622.172708][T12906] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c00c642e
[  622.176220][T12906] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  622.179919][T12906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  622.183493][T12906] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  622.187122][T12906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  622.190581][T12906]  </TASK>
[  622.192853][T12906] Kernel Offset: disabled
[  622.194928][T12906] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:45:10  Registers:
info registers vcpu 0

CPU#0
RAX=000000000098c221 RBX=0000000000000000 RCX=ffffffff8b62f2a9 RDX=0000000000000000
RSI=ffffffff8db0011e RDI=ffffffff8bf1e7c0 RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff908362d0 R15=0000000000000000
RIP=ffffffff8b62dd5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977e1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000a000 CR3=00000000510bb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0000001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000fffffdff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffa094f72b 00007fffa094f72b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffa094fc30 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffa094fc30 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000065646f6d2074 73616369746c756d 6c6c61207466656c 203a315f65766100
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000656465672074 7361636374667567 6666612074666566 2030315565766100
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6567646972622832 2074726f70203a30 656764697262205d 3736343131545b5d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7320646c756f7720 32333531206f7420 55544d2065687420 676e697474655320
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e6d656c626f7270 206568742065766c 6f7320646c756f77 2032333531206f74
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2055544d20656874 20676e6974746553 202e65636e616d72 6f66726570206568
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420746361706d69 20646c756f632068 6369687720327265 79616c206e6f2064
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000da2bcd RBX=0000000000000001 RCX=ffffffff8b62f2a9 RDX=0000000000000000
RSI=ffffffff8db0011e RDI=ffffffff8bf1e7c0 RBP=ffffed1003b5a490 RSP=ffffc9000046fde8
R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801dad2480 R14=ffffffff908362d0 R15=0000000000000000
RIP=ffffffff8b62dd5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978e1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000030d09ffc CR3=000000004b99b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff852db115 RDI=ffffffff9adf1e40 RBP=ffffffff9adf1e00 RSP=ffffc90003d87178
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3130383838666666
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9adf1e00 R15=ffffffff852db0b0
RIP=ffffffff852db13f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979e1000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c41e7d7 CR3=000000004932b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000011400000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=00000000000601bc RCX=ffffffff822fd3ed RDX=ffff888022244900
RSI=ffffffff8bf1e740 RDI=ffffffff8bf1e780 RBP=ffff88803fffa580 RSP=ffffc900033774b0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000001 R13=ffff88807ffce400 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff8b62fa38 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ae1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000f000 CR3=00000000510bb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000