last executing test programs:

5.88313558s ago: executing program 3 (id=694):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000380))
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x161141)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x1b7e, &(0x7f0000000300)={0x0, 0xf81b, 0x10100, 0x0, 0x356, 0x0, r2}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000240)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x70a, 0x41e3, 0x0, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000200)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x2, 0x4, 0xa})
connect$inet6(r6, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvmmsg(r6, &(0x7f0000003d40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000400)=""/247, 0xf7}], 0x1}, 0x3}], 0x1, 0x40010020, 0x0)

5.028743468s ago: executing program 3 (id=696):
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$FBIOGET_CON2FBMAP(r0, 0x460f, &(0x7f0000000000)={0x10018, 0x3})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r1=>0x0})
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)={0x2c, 0x0, 0x7be9ca225e964e2d, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x81}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44004}, 0x4000004)
vmsplice(r0, &(0x7f00000002c0), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40041}, 0x40010)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x4, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x8800}, 0x4004000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180))
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aa"], 0x0)
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x526}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0)
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtaction={0x60, 0x31, 0x53b, 0x0, 0x0, {0x9}, [{0x4c, 0x1, [@m_sample={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0xce1, 0xffffffff, 0x7, 0x3, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x60}}, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
ioctl$KVM_GET_MSRS(r5, 0xc008ae88, &(0x7f00000005c0)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r10 = getpid()
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x7)

4.776631765s ago: executing program 1 (id=698):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@cgroup, 0xffffffffffffffff, 0x24, 0x0, 0x0, @void, @value=0x0}, 0x20)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x3, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), 0xffffffffffffffff)
ioctl$TIOCCBRK(r2, 0x5428)
sendmsg$NL80211_CMD_LEAVE_IBSS(r5, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000801}, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x34, r1, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}]}, 0x48}}, 0x0)

4.553640276s ago: executing program 3 (id=699):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
r1 = syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x82)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000100), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', 0x0, 0x1068, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000540)={0x0, 0xe099, 0x0, 0x1, 0xb5}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x40f9, 0x217, 0xa5, 0x0, 0x0)

4.354376521s ago: executing program 2 (id=700):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x1, 0x3, 0xfffffffe, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x6, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000020c0), 0x60081, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xcb}]}, 0x2c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000140)={0x48, r5, 0x1, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x23, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0x9, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, @void, @void, @val={0x3, 0x1, 0xab}, @void, @void}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x48}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080)
connect$phonet_pipe(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xb3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x4)

3.835112323s ago: executing program 1 (id=701):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300), 0x8) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26}) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
read$FUSE(r4, 0x0, 0x0) (async)
pidfd_getfd(r4, r0, 0x0) (async)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r5, 0x400448c9, 0x0) (async)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10) (async)
setsockopt$SO_BINDTODEVICE_wg(r7, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4) (async)
sendto$inet(r7, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
unshare(0x40020000)

3.643001089s ago: executing program 2 (id=702):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b9040a00000000fe0500002015000600142603600e1209000a0000b94dcf5c0468c1d67f6f94007134cfeee0800089e408e8d8ef52b40800de00e06bbace8017cbec4c2ee5a7cef4090000001fb79164075ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5035ccb29e00360db70100000040fad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a83100043370e9701008400002d3bc75dc0bb9dd33e438c0000000000000000", 0xd8}], 0x1}, 0x880)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) (rerun: 32)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="fffffdff1f00fcdb5ee41f1ffe028014000200"/38], 0x34}, 0x1, 0x0, 0x0, 0x4000800}, 0x48806)

3.625183228s ago: executing program 1 (id=703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMKSA(r4, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000000)={0x30, r2, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000084}, 0x20000000)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, r5, 0x1, 0x80, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x87}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f0000000240)={0x1cc, r5, 0x8, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x101}, @NL80211_ATTR_FRAME_MATCH={0xc3, 0x5b, "d6b7d46645baa7f35f286217fc71fa89028ee98bcd84321811fb5924f5f3b60374eea18bbafee8c0e40451817dac3bd88fee31d587c475ff6c7edc8ece31d7492c28437c8275dda8a8ca207d4dd28fa48e886520a95bb142245b5e4eb3647bbbeb1c1a5f8d38ebe63725d1bb29e38cd7e36ae3f56d251047b1f692afdf1daabe3a30cac6b12be82806cd107abd7ef4bc09f0dd00b43e5a731bcc31d3c837989e0dc06ba56135be023749fbcb02bc5e1199c951510caa4021fd9546c589fd50"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}, @NL80211_ATTR_FRAME_MATCH={0x51, 0x5b, "6d03cc6cb4d05a362e05203b9b264d073c238198c7014ab8d2335da25c79c6cf8892f4ff7505df44a4ebfb8e795f456b7f3ec0dcceb591ab3bf667970f50274f1436805f5e94bd2d7aba86d275"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x5}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_FRAME_MATCH={0x77, 0x5b, "3f5b40d4046a77fd5da5b6b00c22078462e35f9fa018ccb0b701040d24570823cd86776086769bd8b68f076fc1754b6ec939f4b43b5306e0eae3992463c269bcdd8f3f6d2634bb2d6d8571ceb74ac8806b199a92c2292d2b337e0a85e1cd63ce348e2d37bdf8e91fd2b5c770b5e639c6c51dea"}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x40}, 0x400d4)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r2, 0x400, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x74}, @void, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc881}, 0x24001840)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r9, 0x1, 0x19, &(0x7f0000000140)='wg0\x00', 0x4)
r10 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBSENT(r10, 0x4b48, &(0x7f00000004c0)={0x8, "f35fe409960655f46231f11bc9d2aea43c1ed8108b61950bbfa356de16eb85c332b622825a2abe9bc2c3fd1fd2b5810aa47aa985ee5e53832a007664b4a6cc715dc77d0d79627ae144d2768827f27e98500364c4b1b243612d8bf5a527ddf91db982fa7821139865da01eba8d203fa9a059d7559d3a4419b8f6b275074753f3bd68989fa1c2dbd32ccfa0fdc8912401e53e59ffdefb20002f9c40435f996be27cd4d4f5f05dfd75027d7b10b48988d282e0b390daeeb32aca64738fa56f3dd10922fa70ab901b0e2ce0df5a74ab7040be065c30a9c20885714446e9ee76e789bea636af877aab373ec38d933a12167347c0820dd383fdf8d077e7cb69549ef0ead3f976d4145530e39d0009259b01210f7fa2cf584548449b16c21ce1c7e11091857ea09e353982eaacd63c183782143c56a001d4e5de61cac5b8d4e70df60c12ba10fef4a775ba482cf78e2bf6c8f34ff1c66c508009ec74e489ee33cf74cb5c656249f60d7ff4a9e500d8e6d2928b1f0ede09cd59bd967ed6cf6ea1dd7e33e3ef09903d332e9ad1ace2c031e2a06eb76cdf120096d540c46037b6e3b1ed06e980e6c727357b3f1c17fc12325ef0cba1d07a679401c7c1d364f4af067886c9192a50996b2649b3ecfadcb9bdeb6927e295edf5f0bbe0fd439d630c32dc2178a827b3d7999a4904acd5fb237d8db23b4eff14455db10cf173656f4b7c2e08f8e"})
connect$inet(r9, &(0x7f00000001c0)={0x2, 0x2, @remote}, 0x10)
sendmmsg(r9, &(0x7f0000007fc0), 0x800001d, 0x191c)

3.556190548s ago: executing program 1 (id=704):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', 0x0})
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f0000006300)={0x2020, 0x0, <r6=>0x0}, 0x2020)
close_range(r3, 0xffffffffffffffff, 0x2)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x10408, 0x8}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r8 = dup2(r7, r5)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x24, 0x3, 0x8, 0x205, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8906}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xf7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4004004)
lseek(r8, 0x0, 0x4)

3.555892114s ago: executing program 2 (id=705):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in=@multicast2, 0x0, 0x2}, [@srcaddr={0x14, 0xd, @in=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = openat$null(0xffffff9c, &(0x7f0000000000), 0xa4be2dbb5525ea7c, 0x0)
ioctl$VHOST_VDPA_SET_VRING_ENABLE(r2, 0x4008af75, &(0x7f0000000040)={0x2, 0x5})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@bridge_newneigh={0x34, 0x1c, 0x1, 0x4070bd29, 0x25dfdbff, {0x7, 0x0, 0x0, r6, 0x80, 0xac, 0xa}, [@NDA_LLADDR={0xa, 0x2, @remote}, @NDA_FDB_EXT_ATTRS={0xc, 0xe, 0x0, 0x1, [@NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x2}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x4040000)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
r9 = accept4(r8, 0x0, 0x0, 0x0)
r10 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r10, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @broadcast}, 0xc)
r11 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r11, &(0x7f0000000380)=[{&(0x7f0000000640)=""/212, 0xd4}], 0x1, 0x6, 0x0)
readv(r9, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xf7f0c528ac37382d, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.554334349s ago: executing program 3 (id=706):
r0 = socket(0xa, 0x1, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x2017be01})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)={0x40000000})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x6, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r3], 0x4c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)
sendto$inet(r2, &(0x7f0000000100)="ab", 0xffe0, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000004c0)={0x14, 0x34, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x3ff9}]}, 0x14}], 0x1}, 0x14)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={&(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, <r7=>0x0], &(0x7f0000000080)=[0x0], &(0x7f0000000180)=[<r8=>0x0], 0x2, 0x3, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000200)={r7, 0x0, 0x0, 0x0, 0x3})
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000280)={r8, 0x0, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0], 0x2, r9})

2.659988474s ago: executing program 0 (id=685):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="17000000150001002cbd7000fcdbdf25023800ff", @ANYRES32=0x0, @ANYBLOB="14f5498e3c6a885f6f00"/20], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000020000051ec11581b4d0de69f60003132008502000000000000001000"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xe, 0x0, &(0x7f0000000140)="e0b9547ed387dbeb00002e000000", 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffff}, 0x4c)
mount$afs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x4, &(0x7f00000007c0)={[{@flock_write}, {@flock_openafs}, {@flock_openafs}, {@dyn}, {@dyn}, {}, {@flock_write}, {@flock_write}, {@dyn}, {@flock_strict}], [{@dont_hash}, {@subj_type={'subj_type', 0x3d, 'flock=openafs'}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@smackfshat={'smackfshat', 0x3d, 'gre0\x00'}}, {@fowner_eq}, {@appraise}, {@appraise}]})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1, 0x2, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x13}, 0x94)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB="280000000906010200000000000000000200ffff0900020073797a310000000005000685f0f151b9d3922143981333a1f40100070000007e4704ebfae25148d3049b36d802ca3cde258a9014dd3d409c69268458f930abb98bb7578e3f6fb6858b372732dc08d8df87a391f44d6897e180b518ce9360e0e1c10565e9162bfdb7b8a6871670de075a899f9124b94f70f58e314bc547d8f0c02c51d1ca1313dcda4189d1217019400ae8843a76550705db079e26a55f6b5fc828c410996cb98e575fd2024cda8330c7eb6eafea73c504a66db93be437482947"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x40c0080)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000580))
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f00000000c0)={[{0xfffffffd, 0x800, 0x2, 0x0, 0x0, 0xa5, 0xbd, 0x9, 0xad, 0x4, 0x0, 0x0, 0x40000000}, {0x3, 0x4005, 0x0, 0x0, 0x41, 0x0, 0x0, 0xff, 0x99, 0xff, 0x0, 0x2, 0x86}, {0x3fe, 0x2, 0x2, 0xfd, 0x0, 0x0, 0xb3, 0x0, 0x4, 0xfe, 0x80, 0xff, 0x7}], 0x5})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e20, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x4}]}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r5, &(0x7f0000000080)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x14)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace(0x10, r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="5800000002060108005faccf21000000000000040900020073797a3100000000050004000000000011000300686173683a6e65742c6e6574000000000c0007800800124000000002050005000a000000050001000600000030a190c64a3ff51e664cd5409091e903fb11aa49b42304de3e6bf7161bc3152c66906d50cab31ec19aaf00831e6c8c029fac4cf0c4baa3136d00d310079fc2ee6beecf02f8e6e89ee2372fc4f276b9dce40ac1c7671c32d9da12f4091b972351965661718534e352a17c51179863802d7f3ba374694e3830b721e018cff90facd25e76248ecdff75f8806d453c62b0fa348818d5739eba4e126b610d1d0cc35ba602fa6d182d091a7652ca4a5c54b090f592a1b0be5363ff0a9aae2a090c018ade804b1992fed290bb77ad2dfbd7bce24b26118253449f560ed6cb"], 0x58}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
connect$802154_dgram(r5, &(0x7f0000000000), 0x14)
syz_io_uring_setup(0x34ee, &(0x7f00000000c0)={0x0, 0x4000, 0x3012, 0x0, 0x334}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

2.65048639s ago: executing program 0 (id=707):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000340)={0x0, 0xcc75, 0x8, 0x0, 0x2e9, 0x0, r1}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_setup(0x5b23, &(0x7f00000003c0)={0x0, 0xef71, 0x800, 0x2, 0x2f1}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000440))
r6 = memfd_create(&(0x7f0000000040)='\x02A\xbb\xcc\x96\x0e\x00\x00\x00\x00\x00\x00', 0x6)
syz_io_uring_submit(r5, r4, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0xc20459c04f4e7c78})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

2.520549323s ago: executing program 3 (id=708):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x2010000)
r0 = socket(0x40000000002, 0x3, 0x2)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f00000000c0)=0xffffffffffffffff)
syz_usb_disconnect(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
sendmsg$NL80211_CMD_TDLS_MGMT(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000100)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x1}]}, 0x24}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_emit_ethernet(0x52, &(0x7f0000000340)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x1c, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x6, "4f2a1d57"}]}}}}}}}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a01010000000000000000010000000900030073797a3100000000080007006e6174000900010073797a310000000014000480080002407c40280f080001"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000044)

2.483040677s ago: executing program 2 (id=709):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@cgroup, 0xffffffffffffffff, 0x24, 0x0, 0x0, @void, @value=0x0}, 0x20)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x3, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), 0xffffffffffffffff)
ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428)
sendmsg$NL80211_CMD_LEAVE_IBSS(r4, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000801}, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x34, r1, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}]}, 0x48}}, 0x0)

1.678099402s ago: executing program 0 (id=710):
mount(&(0x7f0000000140)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0x200001, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
pipe(&(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000000)='fd', 0x0, r1)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f04000000000000000000850000000f000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018270000", @ANYRES16=r1, @ANYBLOB="00000000fcffffff8520000002000000"], 0x0, 0x81, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xffffffff}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000300)=[0x1, 0x1, 0x1, 0xffffffffffffffff], &(0x7f0000000400)=[{0x3, 0x3, 0x10, 0xb}, {0x5, 0x5, 0x3, 0xb}, {0x5, 0x5, 0xc, 0x2}, {0x0, 0x2, 0x3}, {0x1, 0x3, 0xb, 0x2}], 0x10, 0x8001}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001f00)={@cgroup, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, &(0x7f0000001e40), 0x0, 0x0, <r6=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000780)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="475ad700000000000000000000f056dea113a9aec0ad905978931d0314489a9a4297427e6a1666c7c1604abcb28a5e960178dea5ff32e70b1061e05c98ff43307d84901c701203e38a078a19cf059c043b3b87e34ac3cfe2d741749a796486f0edac94bc7d624f5462d1446193bb0d9e9716a9ffd6c4a965c5dfe7aa4369106fffd6d60b30b630c6f2c663c2056bdf1dcdca00df784b5194886f09d1d1c7aa6d6f2c6a86604bb6cba8966c7b7ad7bec5c605bfda9a51e85f72de00697368289508e3c38ef9ca1e4bdf2b92ebd8d4f9cd4dcb98414924d21c4de475238b5c73178bef105ebaff680edcf6445fc90756a2a83a7f3f9af629ad47660a55a6425aba5aa1be76664164210f8541e3f9c2bd4f9c96748b029ea41980a76a7dcf2191bc744a759b6ad7df1eb47dab90cdd6a9bab033b38f1da3", @ANYRES32=r2, @ANYBLOB, @ANYRES64=r6], 0x20)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/key-users\x00', 0x0, 0x0)
pread64(r7, &(0x7f00000003c0)=""/119, 0x77, 0xfffffffa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000580)={0x6, <r8=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)=ANY=[@ANYRES32=r7, @ANYRES32=r4, @ANYBLOB='\f\x00\x00\x005 \x00\x00', @ANYRES32=r5, @ANYBLOB="c60c51f26ff0a8923060dcf919745c0f24911d22df39320ad2f16d6ec3a3d5803b97a42a2299507008d668171217c75554f1f07d4b44c1f2a491a3502386b830af09619356f1c3d3f08379e16d7466e4bbc82fe4394313bd05d8e5fab85c73bb52d5285eef34144e03d8d3c8981f7e96d55cfe4c7c729adee4cca0365843f6ad8445b0e7b268bb9e0eaed19dd562f9f56d67", @ANYRES32=r8, @ANYBLOB, @ANYRES64=r6], 0x20)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000340)=r8, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=@newqdisc={0x34, 0x10, 0x1, 0x40000, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x0, 0xa}, {0xfffd, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0xd, 0x2}}, @TCA_RATE={0x6, 0x5, {0xf9, 0x4}}]}, 0x34}}, 0x0)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r11=>0x0}, &(0x7f0000000080)=0x8)
ioctl$KVM_GET_VCPU_EVENTS(r10, 0x4048aecb, &(0x7f0000000080))
r12 = syz_open_dev$vim2m(&(0x7f0000000240), 0x41d3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r12, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r12, 0x40045612, &(0x7f0000000000)=0x1)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000000c0)={r11, 0xd4}, &(0x7f0000000100)=0x8)
openat$nullb(0xffffff9c, &(0x7f0000000180), 0x131980, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, &(0x7f00000002c0)={&(0x7f0000002000)={[{&(0x7f00000001c0)="9dcd543f9a4ec618efadf5a61a875ec874560c6accade1f7de59a97ff2345c0c5e95841b999ff5db3250bf65a52c51102ad50f2e59b70569edf5a25b3caf5e203514033df9443038ffd4158bb9bbfd1b4082e72e5504f238705dc07367bca38bc74e5141ae6029b81efce7ac701e90bbd2f6382ab997accc18a5de327ea294d4", 0x80, 0x1}, {&(0x7f0000000280)="e505f84e682611d6b69d88a739210f75a1cadcea8ae9e14624c497624e8b4991c93690f2", 0x24, 0x1}]}, 0x2, 0x3}, 0x1)
mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4002, &(0x7f0000000300)=0x3ff, 0x7, 0x0)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000080)=0x3, 0x8, 0x0)

1.561196305s ago: executing program 1 (id=711):
socket(0x2, 0x1, 0x0)
request_key(&(0x7f0000000000)='ceph\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0xfffffffffffffffb)
r0 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x37db}, 0x38)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x40000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000a00000006000a36c4afa42700"/28], 0x1c}}, 0x20000080)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$packet(0x11, 0x3, 0x300)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x1c4d, &(0x7f0000000400)={0x0, 0x707b, 0x40, 0x4, 0x80288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='('], 0x28}, 0x0, 0x2000c000})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xf, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000009300181100", @ANYRES32=r0, @ANYBLOB="03330000f5f82f1648e4ea817eaa3b3433d6e87596be01033f8539022c4a967018cfc27d2bf7037e9e3b15587df0890b1108956b3887e9bd8fc8f0c42adcee556f9b68510ac9525c1f290fcedf56b4476e6df93d53c374023bf043dcc3124e41a1c4ee2bcfbc5436c9a7592b8adfa9ab9c7e4184237e6bb2010400000000000048d3edd82635e79a5a680f4f16b5d5ea3216762f4378d8eb7e27dbcf50009413804f84a0520278346097f94b090ab932b6c7665b51967fec54fc8cd66d9b82221c80113d3cbbfba9ae746ffab448e75870f124f3b74b17bc97863eb8c6a8c5bb32a49178fc7f0155b6c1e3b014330fd859c4e0a3d9b87c229d6ce4bd0e307dc6fc31d5935b5702c716c701f47a855a88a24e66a9cd44c8978dae2d8e297867213d08d53cf3b035a1b454505838578b8cdb2e097cd1c50a37ea9cc28a7348f5e80ef9204b917f9176078d78e113401ed6bd3e714aff204d8666b96de4b76eb108f035f529e73e985a975d4052ed902e88b64fd25137893076948cb30049ba9463e144ef12000000000000000000000000000000f4573ae44891d9"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0xffffffa1}, 0x94)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23, 0x3, @empty}, 0x1c)
sendto$inet6(r5, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c)
r6 = syz_open_procfs(0x0, 0x0)
userfaultfd(0x80801)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @multicast2}, 0x2, 0x4, 0x4, 0x4}}, 0x2e)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000480)=""/42)
write$FUSE_NOTIFY_INVAL_ENTRY(r6, &(0x7f00000001c0)={0x22, 0x3, 0x0, {0x5, 0x1, 0x0, '}'}}, 0x22)

1.560352824s ago: executing program 3 (id=712):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000040)=ANY=[@ANYBLOB="64000000000101"], 0x64}, 0x1, 0x0, 0x0, 0x4000095}, 0x20048085)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x3c1, 0x3, 0x340, 0x0, 0x111, 0x4b4, 0x148, 0xd4feffff, 0x278, 0x20a, 0x278, 0x278, 0x278, 0x3, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x24}, @mcast2, [0xffffffff, 0xffffffff, 0xffffffff, 0xff], [0xffffff00, 0xffffff00, 0xffffff00], 'vlan0\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x89, 0x2, 0x4, 0x2}, 0x0, 0xec, 0x148, 0x0, {}, [@inet=@rpfilter={{0x24}}, @inet=@rpfilter={{0x24}, {0x5}}]}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv4=@empty, [0xff000000, 0xffffffff, 0xffffff00, 0xffffffff], 0x4e20, 0x4e21, 0x4e21, 0x4e20, 0x33a4, 0x0, 0x8, 0x7, 0x7}}}, {{@uncond, 0x0, 0xc8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x7, 0x20000007, 0xf2e5, 'snmp\x00', 'syz0\x00', {0x2}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x39c)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000286dd61"], 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x1, 0x16, 0x1f3, 0x0})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3, 0x0, 0xd}, 0x18)
r4 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r8, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="010300000100fddbdf2526"], 0x14}}, 0x0) (fail_nth: 5)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001280)={r4, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000000000000deff0000000000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x800]}})
r10 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r10, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209001d107379ef0000004a6e10e6320000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274140000001100010000000000000000000100000a"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r11 = openat$tun(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$tun(r11, &(0x7f00000003c0)=ANY=[@ANYBLOB="00006004ffffffffffff0180c20000008847000000000000000063120bd703ed2f01ff020000000000000000000000000001000000000000000000000000000000001d000000800000002907000000000000c91020010000000000000000000000000000010600000000000000010007200000000106010000030000000000000004000000000000000200000000000000000404040206000000fe88000000000000000000000000010100000001ff0e01fd0000000020010000000000000000000000000002fe8800000000000000000000000001010000000000000000000000000000000000000000000000000000ffffac1414bbfc010000000000000000000000000000fc02000000000000000000000000000000000000000000000000ffffac1e01018b0e000000000000050200070710000000020281000000000000000000800730000000030aff0700050000000000000000000000000000090500000000000000040000000000000040000000000000000001000502800100010004010607200000000206050400fbffffffffffffff04000000000000000101000000000000000c20880b00300003000553605e20a4ca2e1c37d7c522ddba0eb634dacd7c99a40b3a39eb2139e9ea617092e3cfdaa0d9957e85e9b018d853ca003dd004000800689819a6e0a981f96df882d5d14b302aa25b01e40483daebe0a481677d9cc2a0ce82e50df2ed7ecaf00c3069a281384c43dbba906cdcce608387532ad57ac77cb32fe51529bf424bfaaf3a098b9d684c41c15dc59b323aa16b4c24432ebf063b97f3acd79f86cecb6e90202c8a50d72e5e1eda83cf722ecfde220b86772d368a8a5807f47781de6ffed93c8f5ac0c0cbfea312e07b5405143eed8dac536ed57a1abd6bdc6de3bd5c210fcb73db0669a9d9f7e94420952da96a78c4000086dd00070f840523ce7f6c10584160c41e51cedb709fa3b4eb8ea4235aaaf57d5f7691c2dfe7c22f126b2da8f87bbaadc29bd9c785a5abdc8e678864741157d3b0b2310bf1f5cc363d9bf458c8fc6d85355a83cdcd10d7801208095742fd4c2faacfd0487bb4f018d63c6d325761fded07c1024b13a2f33dd3248948bbade7b3d079bf080088be00000002120047fa0100000000000001080022eb0000000123007d2c020000000000000300016a0108006558000000049588892db1fd0f331de33af36ba99780b885d5840246a6eeb2df5906dd5a710ec880bf7b8e9874ba50c6dabfc32b05fb7e93839b3975aeb32aaaf1440b1405f607b2e2902c95bffa537473ba7aa5b67b3b6a34504a66b4e3bb4cf32b912ce8aea03cb3a0231b8d85975b261e4a30b4c7ed45917dd9a3fab70cd4cb1e4865b2d07e8be258b46c1ad4cf1f579965dcb9d8c4fbf758c322645737a16a1bb7ccd46973f8aab19c2782d0f6a1eb855027048b9579b216052e230cf884bba2412ecd322d18c401ccc57fd52c00"/1069], 0x42f)

1.509237429s ago: executing program 2 (id=713):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x15c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x6}, {0xffff, 0xf}, {0x0, 0x2}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x12c, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x8, 0x7fff, 0x85, 0x2, 0xf, 0x9, 0x4}}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x3}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x5}, @TCA_CHOKE_STAB={0x104, 0x2, "407471c6ed6d3aef7202bcf2e573720b6ad4b5725b42eb36fda5dac036ea9216e4594e1209cc15800262ea1717fc198bbc860059b7d3bf509d662bc6b5b7e03894485255124c6fb6e7213496774333b8645339c00ad470443f7d2f458f088fae16a84219eeeab5d864a0b71295c289d8e863b18240c10ec0b3cfa659a002b8ddf8e64361e2c95c6117fdb96995151c6189285c00c6f98295343b5af7e0444cbc2d5b0f7fe317fe6da9e7589b9d8ae64be085bfb410365eb99a23470268b42fad9bd6996220d5721f8965b7d2b2e1831532d38f89bccfcd7cd1dac3be30da348b5769c074a2bd30b0cb38111d2c93b28d77aeafea856db6a440d5223562356058"}]}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x48041}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xa)
r5 = dup(r4)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b07c7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)
ioctl$UI_SET_PHYS(r6, 0x4008556c, 0x0)
r7 = open(&(0x7f0000000040)='./file1\x00', 0x125040, 0x14c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80141, 0x0)
ftruncate(r7, 0x200004)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x1, 0x0, 0x8000, 0x60401, 0xffffffffffffffff, 0x0, '\x00', 0x0, r5, 0x0, 0x0, 0x4}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1, 0x21, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r9, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$BLKRAGET(r7, 0x1263, &(0x7f0000000180))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001240)={r5, 0x20, &(0x7f0000001200)={&(0x7f0000001040)=""/184, 0xb8, 0x0, &(0x7f0000001100)=""/222, 0xde}}, 0x10)
write$apparmor_exec(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000000000000"], 0x8)
sendfile(r5, r7, 0x0, 0x80001d00c0d1)

1.484502385s ago: executing program 0 (id=714):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r1, 0x6, 0x9, 0x0, &(0x7f0000000040))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x3c, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xfffffff9, 0x1}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40480c0}, 0x4000004)

1.385688762s ago: executing program 0 (id=715):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@cgroup, 0xffffffffffffffff, 0x24, 0x0, 0x0, @void, @value=0x0}, 0x20)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x3, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), 0xffffffffffffffff)
ioctl$TIOCCBRK(r2, 0x5428)
sendmsg$NL80211_CMD_LEAVE_IBSS(r5, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000801}, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x34, r1, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}]}, 0x48}}, 0x0)

492.223324ms ago: executing program 0 (id=716):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
r1 = io_uring_setup(0x734a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xfff7fffc})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='f', @ANYBLOB])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r5, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0xff, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
sendmmsg(r5, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
link(&(0x7f0000000b40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@quota}]})
unshare(0x2a020480)

39.929803ms ago: executing program 2 (id=717):
r0 = socket(0xa, 0x1, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x2017be01})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)={0x40000000})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x6, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r3], 0x4c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)
sendto$inet(r2, &(0x7f0000000100)="ab", 0xffe0, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000004c0)={0x14, 0x34, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x3ff9}]}, 0x14}], 0x1}, 0x14)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={&(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, <r7=>0x0], &(0x7f0000000080)=[0x0], &(0x7f0000000180)=[<r8=>0x0], 0x2, 0x3, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000200)={r7, 0x0, 0x0, 0x0, 0x3})
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000280)={r8, 0x0, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0], 0x2, r9})

0s ago: executing program 1 (id=718):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x10001}}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0x1}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001500010000000000000000000500000008000100", @ANYRES16=r3], 0x1c}, 0x1, 0x0, 0x0, 0x48001}, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000180)='htcp\x00', 0x5)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0xffffffffffffff76, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_QUANTUM={0x8, 0x3, 0x7}]}}]}, 0x38}}, 0x0)
shutdown(r2, 0x2)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r5 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})

0s ago: executing program 3 (id=720):
r0 = socket(0x0, 0x3, 0xfffffffd)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="0c0e000000050102000000000000000000000005540201000200000008000000000d030000800d0073797a3100000000000000000000000000000000000000000000000000000000a7389ca6d66b6e2a737e3b63e4f329f32e9144ff3cf6d3d7f1ac87ce3dd437298da9437f37550aaa608527c2d018345a4647ac59609c9470e284126c5ab22675040004000200000003000000090003000200000005000000ff00f0bb03000000010000000e000d0001000000070000000200ffff01000000030000000700e50001000000264b00008100050000000000030000000e0001000200000000008001030007000100000005000000090042ff0200000006000000e75f030000000000020000000300040000000000000000000600660c010000000800000003000001000000000500000000040f000000000003000000060e800003000000000000008100000002000000010000000900000801000000070000000900020000000000560000000400ffff000000000500000002000b0003000000fc03000000100800030000006d0100009b3f080002000000faffffff0b00ff000100000001000000da077fc9010000000100000003000f0002000000b50d0000000807000300000005000000020006000000000003000000ff07000001000000000000000200010003000000805600000600080002000000040000001000ec00030000002bad00000008150001000000090000000001820d00000000040000000be480400200000000000000050006000300000008000000ff070300010000007f00000008000800030000000000000008000600000000008e3f00000800040000000000050000005402010002000000010000000d03330000010d0073797a310000000000000000000000000000000000000000000000000000000044fb4ab9bec460205366f66d0b8d0d22ca9d61b51a14152d2d8fc6d4bc880b6c69c226604281bc32905a724587bd5bf1b2f3adcbbf6059aa6f86fd6489003a090900030002000000a30f00000500070002000000000000000800fd0900000000060000000b00fbff03000000810000000500050003000000f100000004000800010000000a0000000080050001000000010000000900000002000000090000009a00040000000000e7590000010073000300000039000000000057c1010000000b0000000008760000000000020000000001000001000000000000000100020002000000040000000f00010003000000800000000900080003000000041800000600040003000000ff0f000005000500030000000b000000030000000100000008000000ff070b000100000010000000090002000200000003000000010004000100000008000000ee00faff01000000090000000000008003000000010400000500090003000000060000000900ff0101000000030000000900010002000000020000000000faff0000000002000000ff000700030000002e000000f9ff010001000000010000000200000800000000008000000d00080001000000040000000400010002000000d10000000600ab070200000080000000e702018001000000c7a00000070005000200000004000000669f000003000000bb0000000d00010003000000020000001c008e000300000004000000860489090000000006000000540201000100000042231537100106000800200073797a300000000000000000000000000000000000000000000000000000000005021cb3154ac604467a710151fa681eb05a50ff499c4502aca992cdf719b3725226a5f8a551490981b7ce2b79cd548d91c06beab54960a146a4a0043e0e1dde0400ffff00000000d99a3a7304005c0403000000010000000900018003000000fbffffff0002080003000000080000000600000003000000050000000100f7ff02000000050000000600070003000000040000000100060000000000070000007f0000000300000006000000690f0800020000000800000003000e00000000000100000000fc0500020000000600000004006a0002000000090000008100090000000000080000000200810002000000040000000700060003000000faffffff0000ad0b02000000080000001f000c000100000001010000bd2304000200000002000000ff038100020000000b000000020007000200000009000000654f38fb010000000700000004000d000200000009000000060009000200000007000000e2c705000300000000000000810005000100000005000000070000100300000066030000060000800300000002000000ff03030002000000faffffff0600053500000000f4f2000000090500030000000e000000ff7fff0f01000000070000004000ff7f00000000090000000900030003000000000000000400070003000000070000000700aff500000000060000000200a70702000000070000000200020003000000ff030000060005000200000001000000ff07f7ff02000000060000005402010001000000951bffffca0e0800ffff260073797a30000000000000000000000000000000000000000000000000000000002e3286d7f5c2c59e7b9d2e74c08ad90718ac0cfcdd1fc26555908e968fc668757ada811c3c8930f22b7ed6f4ecdc0106a424b96c0b9acee2a038cd5dd3bc0df80d007f0003000000ffff000006330600010000000600000080000000020000000e000000090000100300000000000000f805ff010300000005000000ffff0714000000007a7affff0200010100000000060000000800050002000000050000000300090001000000070000000300080003000000050000000500000003000000267700000500000001000000030000000900ff030200000008000000ff03ff0f01000000090000000500060002000000020000000c000000020000000e00000009000800000000000800000006000700010000000000000009000a0003000000080000000100050003000000000000000700ff0103000000ff7fffffbb0702000200000000000000030009000300000004000000020001000300000003000000010006000000000003000000f7ff6000030000001d000000ff01040000000000000000000500010000000000fdffffff000002000300000002000000ff07f7ff0200000003000000ff031b00000000000500000098004d0c03000000000100000000050003000000010000000900a7000300000066fc00000400f700000000000000000081000000010000000000000081000200010000000900000005000300010000000400000007007f000100000005ffffff0600c83f5cff00000c00000054020100010000000300000005ff00087f00070073797a310000000000000000000000000000000000000000000000000000000078c75d914dbdd606d69c4e446bf3114febcc59ab42b5b54284dd9d7c350bbabe91bf7dd6b5a65e77d98e76cf4fdea0b1999a4c9053eaf88dba161276c7fde06a0c00010003000000000000000600080002000000001000000500030002000000080000004b000000020000000600000007006b0902000000f1f500000600010000000000ae080000ae000600020000000900000003000d00020000000000000006000200000000000100000009000001020000000800000057a9ba0402000000000000000000c50e0300000010000000ff7fff0f02000000ff00000001000100000000000004000009000300010000000800000001010008030000007d0000000200050003000000ba0f0000010400040100000004000000060006000000000000000000060007000300000007000000f9ff000001000000810000000400810000000000ff0700006856ff010100000002000000040040000200000003000000000005000100000000005000fbff080001000000070000000200050000000000ffffffff40007f0002000000850000000b000400030000000200000002000001030000000000000001000e00020000001810fffa23e499460000306d050004000300000001000000b90d000e0300000007000000f8ff930000000000060000000600050000000000780900000300040001000000030000000800010003000000ffffff7f0a0f40000000000048000000010005000200000005000000ffff040001000000dc0c0000540201000100000009000000030202000900030073797a310000000000000000000000000000000000000000000000000000000018b14de356de14e4ed639e0354c8f3124a663507468763e22af668e7e15d15c1521f8e01f76547b3d77c6b9dbc7e6dcc58fb0a2e9085afab7d8297a6b27ce6f909000300000000000000000014000100000000000000000002000300030000000000010003008100010000000500000001800800020000000900000007000a0000000000000000008a000800000000000400000005000d000600000000fcffff0081f70503000000010001000900040001000000000001000a00000802000000090000004b0cfaff02000000010000000200040001000000acdb000001000a0f010000009d6c00000400359c010000000500000006006c7c01000000feffffff01800e0002000000090000000300020001000000d699000008000800030000000f0000000104ff0702000000ff7f00000700ff0701000000ff0000000200060000000000010000800800300002000000020000007f00080003000000280900000500100000000000070000000800040003000000020000001e4b010002000000180c00000200ffff0100000005000000240702000000000083f6ffff04a97f000200000006000000320b080001000000000200000300030000000000070000000100080002000000c3ae0000010005000100000001000000060006000300000002000000b90602000000000001800000040efeff02000000090000000a003c0e020000000700000010000e00030000000100000001000010"], 0xe0c}, 0x1, 0x0, 0x0, 0x24000804}, 0x4001010)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x7ffc, 0x3003}, 0x4)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001180)={0x6, 0x5, &(0x7f0000000f40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x2, 0x3, 0x3, 0x2, 0x7, 0xfffffffffffffffe, 0x1}]}, &(0x7f0000000f80)='syzkaller\x00', 0x6, 0xe7, &(0x7f0000000fc0)=""/231, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000010c0)={0x2, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001100)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001140)=[{0x0, 0x1, 0x8, 0x9}, {0x4, 0x5, 0xb, 0x4}], 0x10, 0x1}, 0x94)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x21, 0xffffffff, 0xfffffffff12bd390, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@posixacl}]}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x6}, 0x48)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r6, &(0x7f0000000580)='1\x00', 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sysctl(r6, &(0x7f0000000000)='2\x00', 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockname$packet(r0, &(0x7f0000001480)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000014c0)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000001540)={'syztnl0\x00', &(0x7f0000001500)={'erspan0\x00', r7, 0x700, 0x20, 0x9, 0x7, {{0x6, 0x4, 0x3, 0x3, 0x18, 0x68, 0x0, 0x3, 0x4, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@noop]}}}}})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0xc09, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0xffffffff}]}}}]}, 0x38}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001400)={r1, 0x0, 0x37, 0x9, &(0x7f0000001240)="8e8fae4564141867f5ee4f3b2050c9b872626b59f0aa0c6d37883999d33c6fdfb2bdcd76c730d79154c8919d0c812a3ca2f2a0b46c8771", &(0x7f0000001280)=""/9, 0x4, 0x0, 0x8a, 0x5e, &(0x7f00000012c0)="abf66615006acf993dfd2485be704c0a2f78823d9c9e9d7a83305f30670f534bf753ee64cb640a12282266fcbb74ca701a046b4bece825a7241d7f4362101293142b074501c2c6c7abe5a114d9603a7f3e2d551489780d415876615f683f717f3e75e5d66feb58f2da318e56d222b3d700884f1d434adc65735002296c80264ba78c507fca3a4e1ac91e", &(0x7f0000001380)="e4ec6cdcadca9489c44d4f1c3037bf7afab2c329d46a6a44d47f73f9c4574933eeef3690700374612002c01d4f3d5926b65a19957db882f6916885ad040f1dc6c7dc729a10082ec690b324d985e2078fc19a75cdd46f1020409b6b454712", 0x5, 0x0, 0x5}, 0x4c)

kernel console output (not intermixed with test programs):

[ T7506]  do_fast_syscall_32+0x32/0x80
[  132.168533][ T7506]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.168546][ T7506] RIP: 0023:0xf70be579
[  132.168554][ T7506] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  132.168564][ T7506] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  132.168573][ T7506] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  132.168580][ T7506] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  132.168585][ T7506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  132.168591][ T7506] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  132.168596][ T7506] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  132.168608][ T7506]  </TASK>
[  132.224015][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.228374][ T7509] netlink: 12 bytes leftover after parsing attributes in process `syz.2.340'.
[  132.228483][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.292679][ T7512] FAULT_INJECTION: forcing a failure.
[  132.292679][ T7512] name failslab, interval 1, probability 0, space 0, times 0
[  132.297533][ T7512] CPU: 3 UID: 0 PID: 7512 Comm: syz.0.345 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  132.297555][ T7512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  132.297565][ T7512] Call Trace:
[  132.297571][ T7512]  <TASK>
[  132.297577][ T7512]  dump_stack_lvl+0x16c/0x1f0
[  132.297606][ T7512]  should_fail_ex+0x512/0x640
[  132.297630][ T7512]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  132.297660][ T7512]  should_failslab+0xc2/0x120
[  132.297677][ T7512]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  132.297703][ T7512]  ? kasan_save_stack+0x42/0x60
[  132.297726][ T7512]  ? kasan_save_stack+0x33/0x60
[  132.297749][ T7512]  ? kasan_save_track+0x14/0x30
[  132.297772][ T7512]  ? v9fs_session_init+0xb3/0x1a80
[  132.297798][ T7512]  ? vfs_get_tree+0x8b/0x340
[  132.297818][ T7512]  kstrdup+0x53/0x100
[  132.297843][ T7512]  v9fs_session_init+0xb3/0x1a80
[  132.297879][ T7512]  ? __pfx_v9fs_session_init+0x10/0x10
[  132.297917][ T7512]  ? kasan_save_track+0x14/0x30
[  132.297940][ T7512]  v9fs_mount+0xc5/0xa30
[  132.297951][ T7512]  ? rcu_is_watching+0x12/0xc0
[  132.297963][ T7512]  ? __pfx_v9fs_mount+0x10/0x10
[  132.297975][ T7512]  ? apparmor_capable+0x114/0x1d0
[  132.297987][ T7512]  ? __pfx_v9fs_mount+0x10/0x10
[  132.297997][ T7512]  legacy_get_tree+0x10c/0x220
[  132.298013][ T7512]  vfs_get_tree+0x8b/0x340
[  132.298025][ T7512]  path_mount+0x1414/0x2020
[  132.298041][ T7512]  ? kmem_cache_free+0x2d1/0x4d0
[  132.298056][ T7512]  ? __pfx_path_mount+0x10/0x10
[  132.298076][ T7512]  ? getname_flags.part.0+0x1c5/0x550
[  132.298089][ T7512]  ? putname+0x154/0x1a0
[  132.298100][ T7512]  __ia32_sys_mount+0x28b/0x310
[  132.298116][ T7512]  ? __pfx___ia32_sys_mount+0x10/0x10
[  132.298133][ T7512]  ? rcu_is_watching+0x12/0xc0
[  132.298145][ T7512]  __do_fast_syscall_32+0x7c/0x3a0
[  132.298162][ T7512]  do_fast_syscall_32+0x32/0x80
[  132.298178][ T7512]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.298191][ T7512] RIP: 0023:0xf70be579
[  132.298199][ T7512] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  132.298209][ T7512] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  132.298219][ T7512] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000040
[  132.298225][ T7512] RDX: 00000000800000c0 RSI: 0000000002000040 RDI: 0000000080000440
[  132.298231][ T7512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  132.298236][ T7512] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  132.298242][ T7512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  132.298254][ T7512]  </TASK>
[  133.078885][ T7520] netlink: 56 bytes leftover after parsing attributes in process `syz.2.347'.
[  133.105330][ T7525] affs: No valid root block on device sr0
[  133.333421][ T7536] autofs: Unknown parameter '00000000000000000000'
[  133.446334][ T7536] netlink: 48 bytes leftover after parsing attributes in process `syz.1.352'.
[  133.465825][   T12] Bluetooth: Error in BCSP hdr checksum
[  133.581039][   T40] audit: type=1800 audit(1752606137.039:38): pid=7543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.355" name="bus" dev="9p" ino=36047895 res=0 errno=0
[  133.593943][ T7546] 9pnet_fd: Insufficient options for proto=fd
[  133.723597][   T12] Bluetooth: Error in BCSP hdr checksum
[  133.731675][   T59] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  133.891716][   T59] usb 8-1: Using ep0 maxpacket: 32
[  133.895412][   T59] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  133.900980][   T59] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  133.905032][   T59] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  133.907860][   T59] usb 8-1: Product: syz
[  133.909595][   T59] usb 8-1: Manufacturer: syz
[  133.913058][   T59] usb 8-1: SerialNumber: syz
[  133.918951][   T59] usb 8-1: config 0 descriptor??
[  133.922715][ T7523] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  133.993314][   T12] Bluetooth: Error in BCSP hdr checksum
[  134.128728][ T7523] FAULT_INJECTION: forcing a failure.
[  134.128728][ T7523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.133695][ T7523] CPU: 0 UID: 0 PID: 7523 Comm: syz.3.348 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  134.133717][ T7523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.133727][ T7523] Call Trace:
[  134.133733][ T7523]  <TASK>
[  134.133740][ T7523]  dump_stack_lvl+0x16c/0x1f0
[  134.133769][ T7523]  should_fail_ex+0x512/0x640
[  134.133796][ T7523]  _copy_to_user+0x32/0xd0
[  134.133823][ T7523]  simple_read_from_buffer+0xcb/0x170
[  134.133847][ T7523]  proc_fail_nth_read+0x197/0x270
[  134.133875][ T7523]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.133914][ T7523]  ? rw_verify_area+0xcf/0x680
[  134.133934][ T7523]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.133954][ T7523]  vfs_read+0x1e4/0xc60
[  134.133978][ T7523]  ? fdget_pos+0x2a2/0x370
[  134.134005][ T7523]  ? __pfx_vfs_read+0x10/0x10
[  134.134025][ T7523]  ? find_held_lock+0x2b/0x80
[  134.134049][ T7523]  ? __fget_files+0x20e/0x3c0
[  134.134079][ T7523]  ksys_read+0x12a/0x250
[  134.134102][ T7523]  ? __pfx_ksys_read+0x10/0x10
[  134.134126][ T7523]  ? rcu_is_watching+0x12/0xc0
[  134.134148][ T7523]  __do_fast_syscall_32+0x7c/0x3a0
[  134.134175][ T7523]  do_fast_syscall_32+0x32/0x80
[  134.134200][ T7523]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.134221][ T7523] RIP: 0023:0xf710e579
[  134.134233][ T7523] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.134248][ T7523] RSP: 002b:00000000f50fe590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  134.134264][ T7523] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50fe620
[  134.134275][ T7523] RDX: 000000000000000f RSI: 00000000f7473ff4 RDI: 0000000000000000
[  134.134284][ T7523] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  134.134293][ T7523] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.134301][ T7523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.134320][ T7523]  </TASK>
[  134.220815][   T59] usb 8-1: USB disconnect, device number 2
[  134.230396][ T7554] team_slave_0: entered promiscuous mode
[  134.232934][ T7554] team_slave_1: entered promiscuous mode
[  134.235758][ T7554] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  134.239351][ T7554] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  134.548661][ T7562] lo speed is unknown, defaulting to 1000
[  134.551698][ T7562] lo speed is unknown, defaulting to 1000
[  134.555267][ T7562] lo speed is unknown, defaulting to 1000
[  134.577513][ T7562] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  134.632877][ T7562] lo speed is unknown, defaulting to 1000
[  134.638147][ T7562] lo speed is unknown, defaulting to 1000
[  134.643402][ T7562] lo speed is unknown, defaulting to 1000
[  134.648584][ T7562] lo speed is unknown, defaulting to 1000
[  135.149009][ T7571] FAULT_INJECTION: forcing a failure.
[  135.149009][ T7571] name failslab, interval 1, probability 0, space 0, times 0
[  135.154444][ T7571] CPU: 3 UID: 0 PID: 7571 Comm: syz.3.362 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  135.154465][ T7571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.154475][ T7571] Call Trace:
[  135.154482][ T7571]  <TASK>
[  135.154488][ T7571]  dump_stack_lvl+0x16c/0x1f0
[  135.154517][ T7571]  should_fail_ex+0x512/0x640
[  135.154540][ T7571]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  135.154563][ T7571]  should_failslab+0xc2/0x120
[  135.154581][ T7571]  __kmalloc_cache_noprof+0x6a/0x3e0
[  135.154601][ T7571]  ? rtnl_newlink+0x11b/0x2000
[  135.154629][ T7571]  ? __pfx_rtnl_newlink+0x10/0x10
[  135.154653][ T7571]  rtnl_newlink+0x11b/0x2000
[  135.154687][ T7571]  ? __pfx_rtnl_newlink+0x10/0x10
[  135.154717][ T7571]  ? kmem_cache_free+0x2d1/0x4d0
[  135.154740][ T7571]  ? kfree_skbmem+0x1a4/0x1f0
[  135.154768][ T7571]  ? __lock_acquire+0x622/0x1c90
[  135.154793][ T7571]  ? rcu_is_watching+0x12/0xc0
[  135.154812][ T7571]  ? trace_cap_capable+0x18d/0x200
[  135.154836][ T7571]  ? find_held_lock+0x2b/0x80
[  135.154852][ T7571]  ? __pfx_rtnl_newlink+0x10/0x10
[  135.154877][ T7571]  ? __pfx_rtnl_newlink+0x10/0x10
[  135.154901][ T7571]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  135.154928][ T7571]  ? __pfx_rtnl_newlink+0x10/0x10
[  135.154955][ T7571]  rtnetlink_rcv_msg+0x95e/0xe90
[  135.154984][ T7571]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  135.155018][ T7571]  ? ref_tracker_free+0x37c/0x830
[  135.155049][ T7571]  netlink_rcv_skb+0x155/0x420
[  135.155067][ T7571]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  135.155093][ T7571]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  135.155118][ T7571]  ? netlink_deliver_tap+0x1ae/0xd30
[  135.155146][ T7571]  netlink_unicast+0x58d/0x850
[  135.155168][ T7571]  ? __pfx_netlink_unicast+0x10/0x10
[  135.155192][ T7571]  netlink_sendmsg+0x8d1/0xdd0
[  135.155212][ T7571]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.155231][ T7571]  ? __import_iovec+0x1dd/0x650
[  135.155253][ T7571]  ____sys_sendmsg+0xa95/0xc70
[  135.155273][ T7571]  ? __pfx_____sys_sendmsg+0x10/0x10
[  135.155289][ T7571]  ? get_compat_msghdr+0x11a/0x170
[  135.155324][ T7571]  ___sys_sendmsg+0x134/0x1d0
[  135.155348][ T7571]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.155383][ T7571]  ? find_held_lock+0x2b/0x80
[  135.155415][ T7571]  __sys_sendmsg+0x16d/0x220
[  135.155440][ T7571]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.155487][ T7571]  ? rcu_is_watching+0x12/0xc0
[  135.155507][ T7571]  __do_fast_syscall_32+0x7c/0x3a0
[  135.155534][ T7571]  do_fast_syscall_32+0x32/0x80
[  135.155558][ T7571]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.155578][ T7571] RIP: 0023:0xf710e579
[  135.155610][ T7571] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.155628][ T7571] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  135.155643][ T7571] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  135.155653][ T7571] RDX: 0000000000040800 RSI: 0000000000000000 RDI: 0000000000000000
[  135.155662][ T7571] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.155671][ T7571] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.155681][ T7571] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.155703][ T7571]  </TASK>
[  135.467391][ T7584] netlink: 'syz.2.366': attribute type 1 has an invalid length.
[  135.467395][ T7585] netlink: 'syz.2.366': attribute type 1 has an invalid length.
[  135.482569][ T7585] 8021q: adding VLAN 0 to HW filter on device bond1
[  135.491815][ T5964] Bluetooth: hci4: command 0x1003 tx timeout
[  135.491834][ T5317] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  135.513573][ T7584] bond1: (slave veth3): Enslaving as an active interface with a down link
[  135.523978][ T7585] bond1: (slave veth0_to_bond): making interface the new active one
[  135.529025][ T7585] veth0_to_bond: entered promiscuous mode
[  135.532468][ T7585] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  135.584237][   T12] bond1: (slave veth0_to_bond): link status definitely down, disabling slave
[  135.592848][   T12] veth0_to_bond: left promiscuous mode
[  135.596340][   T12] bond1: now running without any active interface!
[  135.843093][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  135.993736][   T24] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  135.998300][   T24] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  136.002555][   T24] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  136.006467][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.014117][ T7591] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  136.021484][   T24] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  136.246263][ T7591] FAULT_INJECTION: forcing a failure.
[  136.246263][ T7591] name failslab, interval 1, probability 0, space 0, times 0
[  136.252079][ T7591] CPU: 1 UID: 0 PID: 7591 Comm: syz.2.368 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  136.252116][ T7591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.252126][ T7591] Call Trace:
[  136.252132][ T7591]  <TASK>
[  136.252139][ T7591]  dump_stack_lvl+0x16c/0x1f0
[  136.252169][ T7591]  should_fail_ex+0x512/0x640
[  136.252192][ T7591]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  136.252219][ T7591]  should_failslab+0xc2/0x120
[  136.252236][ T7591]  __kmalloc_cache_noprof+0x6a/0x3e0
[  136.252259][ T7591]  ? snd_seq_oss_open+0x55/0xa20
[  136.252281][ T7591]  snd_seq_oss_open+0x55/0xa20
[  136.252302][ T7591]  odev_open+0x6f/0x90
[  136.252326][ T7591]  ? __pfx_odev_open+0x10/0x10
[  136.252351][ T7591]  soundcore_open+0x409/0x580
[  136.252380][ T7591]  ? __pfx_soundcore_open+0x10/0x10
[  136.252405][ T7591]  chrdev_open+0x231/0x6a0
[  136.252431][ T7591]  ? __pfx_apparmor_file_open+0x10/0x10
[  136.252454][ T7591]  ? __pfx_chrdev_open+0x10/0x10
[  136.252482][ T7591]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  136.252511][ T7591]  do_dentry_open+0x744/0x1c10
[  136.252538][ T7591]  ? __pfx_chrdev_open+0x10/0x10
[  136.252570][ T7591]  vfs_open+0x82/0x3f0
[  136.252593][ T7591]  path_openat+0x1de4/0x2cb0
[  136.252628][ T7591]  ? __pfx_path_openat+0x10/0x10
[  136.252661][ T7591]  do_filp_open+0x20b/0x470
[  136.252687][ T7591]  ? __pfx_do_filp_open+0x10/0x10
[  136.252731][ T7591]  ? _raw_spin_unlock+0x28/0x50
[  136.252753][ T7591]  ? alloc_fd+0x471/0x7d0
[  136.252784][ T7591]  do_sys_openat2+0x11b/0x1d0
[  136.252802][ T7591]  ? __pfx_do_sys_openat2+0x10/0x10
[  136.252824][ T7591]  ? __pfx___schedule+0x10/0x10
[  136.252851][ T7591]  ? __fget_files+0x20e/0x3c0
[  136.252879][ T7591]  __ia32_compat_sys_openat+0x16d/0x210
[  136.252900][ T7591]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  136.252920][ T7591]  ? ksys_write+0x1ac/0x250
[  136.252948][ T7591]  ? rcu_is_watching+0x12/0xc0
[  136.252971][ T7591]  __do_fast_syscall_32+0x7c/0x3a0
[  136.252999][ T7591]  do_fast_syscall_32+0x32/0x80
[  136.253024][ T7591]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  136.253046][ T7591] RIP: 0023:0xf70ae579
[  136.253060][ T7591] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  136.253077][ T7591] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  136.253092][ T7591] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000240
[  136.253103][ T7591] RDX: 00000000000c2882 RSI: 0000000000000000 RDI: 0000000000000000
[  136.253113][ T7591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  136.253123][ T7591] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  136.253133][ T7591] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  136.253157][ T7591]  </TASK>
[  136.374970][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.382849][ T5987] usb 7-1: USB disconnect, device number 8
[  136.594787][   T40] audit: type=1326 audit(1752606140.059:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7621 comm="syz.3.379" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0
[  136.677478][ T7624] cgroup: Unknown subsys name 'fowner>00000000000000000000'
[  136.864878][ T7635] FAULT_INJECTION: forcing a failure.
[  136.864878][ T7635] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.869168][ T7635] CPU: 3 UID: 0 PID: 7635 Comm: syz.2.382 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  136.869182][ T7635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.869189][ T7635] Call Trace:
[  136.869192][ T7635]  <TASK>
[  136.869197][ T7635]  dump_stack_lvl+0x16c/0x1f0
[  136.869216][ T7635]  should_fail_ex+0x512/0x640
[  136.869233][ T7635]  should_fail_alloc_page+0xe7/0x130
[  136.869245][ T7635]  prepare_alloc_pages+0x3c2/0x610
[  136.869258][ T7635]  ? rcu_is_watching+0x12/0xc0
[  136.869271][ T7635]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  136.869289][ T7635]  ? rcu_is_watching+0x12/0xc0
[  136.869300][ T7635]  ? trace_mm_page_alloc+0x11f/0x1a0
[  136.869311][ T7635]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  136.869327][ T7635]  ? stack_trace_save+0x8e/0xc0
[  136.869340][ T7635]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  136.869360][ T7635]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  136.869375][ T7635]  ? __get_vm_area_node+0x1ca/0x330
[  136.869386][ T7635]  ? __bpf_map_area_alloc+0x12e/0x200
[  136.869396][ T7635]  ? htab_map_alloc+0x44b/0x1570
[  136.869412][ T7635]  ? htab_of_map_alloc+0x6c/0xf0
[  136.869426][ T7635]  ? map_create+0x58f/0x1db0
[  136.869440][ T7635]  ? __sys_bpf+0x47cc/0x4d80
[  136.869448][ T7635]  ? __ia32_sys_bpf+0x76/0xe0
[  136.869457][ T7635]  ? __do_fast_syscall_32+0x7c/0x3a0
[  136.869477][ T7635]  alloc_pages_bulk_noprof+0x71c/0x1410
[  136.869492][ T7635]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  136.869509][ T7635]  ? policy_nodemask+0xea/0x4e0
[  136.869520][ T7635]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  136.869536][ T7635]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  136.869552][ T7635]  kasan_populate_vmalloc+0xf1/0x1f0
[  136.869569][ T7635]  alloc_vmap_area+0x959/0x29c0
[  136.869586][ T7635]  ? __pfx_alloc_vmap_area+0x10/0x10
[  136.869601][ T7635]  __get_vm_area_node+0x1ca/0x330
[  136.869615][ T7635]  __vmalloc_node_range_noprof+0x271/0x14b0
[  136.869629][ T7635]  ? htab_map_alloc+0x44b/0x1570
[  136.869643][ T7635]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  136.869661][ T7635]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  136.869678][ T7635]  ? htab_map_alloc+0x44b/0x1570
[  136.869694][ T7635]  ? mark_held_locks+0x49/0x80
[  136.869709][ T7635]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  136.869723][ T7635]  ? pcpu_alloc_noprof+0x1f5/0x1470
[  136.869741][ T7635]  ? htab_map_alloc+0x44b/0x1570
[  136.869755][ T7635]  __bpf_map_area_alloc+0x12e/0x200
[  136.869766][ T7635]  ? htab_map_alloc+0x44b/0x1570
[  136.869783][ T7635]  htab_map_alloc+0x44b/0x1570
[  136.869800][ T7635]  ? fput+0x70/0xf0
[  136.869816][ T7635]  ? bpf_map_meta_alloc+0xfd/0x780
[  136.869833][ T7635]  htab_of_map_alloc+0x6c/0xf0
[  136.869848][ T7635]  map_create+0x58f/0x1db0
[  136.869867][ T7635]  ? __pfx_map_create+0x10/0x10
[  136.869881][ T7635]  ? __might_fault+0xe3/0x190
[  136.869896][ T7635]  ? __might_fault+0xe3/0x190
[  136.869909][ T7635]  ? __might_fault+0x13b/0x190
[  136.869929][ T7635]  __sys_bpf+0x47cc/0x4d80
[  136.869940][ T7635]  ? __pfx___sys_bpf+0x10/0x10
[  136.869949][ T7635]  ? ksys_write+0x190/0x250
[  136.869966][ T7635]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  136.869989][ T7635]  ? fput+0x70/0xf0
[  136.869998][ T7635]  ? ksys_write+0x1ac/0x250
[  136.870012][ T7635]  ? __pfx_ksys_write+0x10/0x10
[  136.870029][ T7635]  __ia32_sys_bpf+0x76/0xe0
[  136.870039][ T7635]  __do_fast_syscall_32+0x7c/0x3a0
[  136.870056][ T7635]  do_fast_syscall_32+0x32/0x80
[  136.870072][ T7635]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  136.870085][ T7635] RIP: 0023:0xf70ae579
[  136.870093][ T7635] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  136.870103][ T7635] RSP: 002b:00000000f507d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  136.870113][ T7635] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800008c0
[  136.870120][ T7635] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  136.870126][ T7635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  136.870131][ T7635] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  136.870137][ T7635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  136.870149][ T7635]  </TASK>
[  136.870919][ T6523] libceph: connect (1)[c::]:6789 error -101
[  137.000508][ T6523] libceph: mon0 (1)[c::]:6789 connect error
[  137.263839][    T9] libceph: connect (1)[c::]:6789 error -101
[  137.265952][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  137.561333][ T7632] ceph: No mds server is up or the cluster is laggy
[  137.739922][ T5317] Bluetooth: hci3: unexpected event for opcode 0x2042
[  137.864405][   T40] audit: type=1800 audit(1752606141.319:40): pid=7657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.387" name="bus" dev="9p" ino=36047895 res=0 errno=0
[  137.948036][ T5987] libceph: connect (1)[c::]:6789 error -101
[  137.955746][ T5987] libceph: mon0 (1)[c::]:6789 connect error
[  138.222821][ T5987] libceph: connect (1)[c::]:6789 error -101
[  138.225105][ T5987] libceph: mon0 (1)[c::]:6789 connect error
[  138.534522][ T7658] ceph: No mds server is up or the cluster is laggy
[  138.751500][ T7668] loop4: detected capacity change from 0 to 7
[  139.122621][ T7677] lo speed is unknown, defaulting to 1000
[  139.463084][ T7679] 9pnet: Unknown protocol version 9p2000.u
[  139.522731][ T7682] lo speed is unknown, defaulting to 1000
[  139.750869][ T7689] netlink: 36 bytes leftover after parsing attributes in process `syz.3.395'.
[  139.766791][ T7689] netlink: 16 bytes leftover after parsing attributes in process `syz.3.395'.
[  139.770139][ T7689] netlink: 36 bytes leftover after parsing attributes in process `syz.3.395'.
[  139.778455][ T7689] netlink: 36 bytes leftover after parsing attributes in process `syz.3.395'.
[  139.785230][ T7689] cgroup: Unknown subsys name 'fowner>00000000000000000000'
[  140.051396][ T7708] lo speed is unknown, defaulting to 1000
[  140.785352][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'.
[  140.790636][ T7728] netlink: 'syz.2.406': attribute type 1 has an invalid length.
[  140.794157][ T7730] netlink: 104 bytes leftover after parsing attributes in process `syz.1.407'.
[  140.794186][ T7730] netlink: 104 bytes leftover after parsing attributes in process `syz.1.407'.
[  140.994864][ T7737] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  140.997241][ T7737] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  141.009001][ T7737] vhci_hcd vhci_hcd.0: Device attached
[  141.047067][ T7740] vhci_hcd: connection closed
[  141.048750][   T46] vhci_hcd: stop threads
[  141.060343][   T46] vhci_hcd: release socket
[  141.062107][   T46] vhci_hcd: disconnect device
[  141.072842][    T9] IPVS: starting estimator thread 0...
[  141.161802][ T7748] IPVS: using max 43 ests per chain, 103200 per kthread
[  141.195508][ T7751] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  141.315863][ T7757] FAULT_INJECTION: forcing a failure.
[  141.315863][ T7757] name failslab, interval 1, probability 0, space 0, times 0
[  141.319744][ T7757] CPU: 3 UID: 0 PID: 7757 Comm: syz.2.415 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  141.319758][ T7757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.319764][ T7757] Call Trace:
[  141.319768][ T7757]  <TASK>
[  141.319772][ T7757]  dump_stack_lvl+0x16c/0x1f0
[  141.319792][ T7757]  should_fail_ex+0x512/0x640
[  141.319807][ T7757]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  141.319823][ T7757]  should_failslab+0xc2/0x120
[  141.319834][ T7757]  __kmalloc_cache_noprof+0x6a/0x3e0
[  141.319848][ T7757]  ? autofs_init_fs_context+0x1a7/0x580
[  141.319861][ T7757]  autofs_init_fs_context+0x1a7/0x580
[  141.319871][ T7757]  ? __pfx_autofs_init_fs_context+0x10/0x10
[  141.319881][ T7757]  alloc_fs_context+0x54a/0x9c0
[  141.319899][ T7757]  path_mount+0xaf8/0x2020
[  141.319916][ T7757]  ? kmem_cache_free+0x2d1/0x4d0
[  141.319930][ T7757]  ? __pfx_path_mount+0x10/0x10
[  141.319945][ T7757]  ? getname_flags.part.0+0x1c5/0x550
[  141.319958][ T7757]  ? putname+0x154/0x1a0
[  141.319969][ T7757]  __ia32_sys_mount+0x28b/0x310
[  141.319989][ T7757]  ? __pfx___ia32_sys_mount+0x10/0x10
[  141.320006][ T7757]  ? rcu_is_watching+0x12/0xc0
[  141.320020][ T7757]  __do_fast_syscall_32+0x7c/0x3a0
[  141.320037][ T7757]  do_fast_syscall_32+0x32/0x80
[  141.320053][ T7757]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  141.320066][ T7757] RIP: 0023:0xf70ae579
[  141.320074][ T7757] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  141.320084][ T7757] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  141.320094][ T7757] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000440
[  141.320100][ T7757] RDX: 0000000080000280 RSI: 000000000201000c RDI: 0000000080000040
[  141.320106][ T7757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  141.320112][ T7757] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  141.320117][ T7757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  141.320130][ T7757]  </TASK>
[  141.452603][ T7759] netdevsim netdevsim3: Direct firmware load for ��0���Pq���D"�2�N�ktT�Wj��%�N�� failed with error -2
[  141.456971][ T7759] netdevsim netdevsim3: Falling back to sysfs fallback for: ��0���Pq���D"�2�N�ktT�Wj��%�N��
[  141.525370][ T7761] netlink: 72 bytes leftover after parsing attributes in process `syz.2.417'.
[  141.733288][ T5317] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  141.736830][ T5317] Bluetooth: hci3: Injecting HCI hardware error event
[  141.741139][ T5964] Bluetooth: hci3: hardware error 0x00
[  141.900109][ T7780] 9pnet: p9_errstr2errno: server reported unknown error loc_percpu
[  141.915413][ T7780] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  141.964188][ T7783] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.967927][ T7783] batadv_slave_0: entered promiscuous mode
[  142.116641][ T7788] FAULT_INJECTION: forcing a failure.
[  142.116641][ T7788] name failslab, interval 1, probability 0, space 0, times 0
[  142.130792][ T7788] CPU: 1 UID: 0 PID: 7788 Comm: syz.2.426 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  142.130818][ T7788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.130831][ T7788] Call Trace:
[  142.130836][ T7788]  <TASK>
[  142.130843][ T7788]  dump_stack_lvl+0x16c/0x1f0
[  142.130871][ T7788]  should_fail_ex+0x512/0x640
[  142.130895][ T7788]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  142.130921][ T7788]  should_failslab+0xc2/0x120
[  142.130938][ T7788]  __kmalloc_cache_noprof+0x6a/0x3e0
[  142.130962][ T7788]  ? kernfs_fop_open+0xa3a/0xda0
[  142.130987][ T7788]  kernfs_fop_open+0xa3a/0xda0
[  142.131006][ T7788]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  142.131034][ T7788]  do_dentry_open+0x744/0x1c10
[  142.131061][ T7788]  ? __pfx_kernfs_fop_open+0x10/0x10
[  142.131086][ T7788]  vfs_open+0x82/0x3f0
[  142.131108][ T7788]  path_openat+0x1de4/0x2cb0
[  142.131140][ T7788]  ? trace_kmem_cache_alloc+0x28/0xc0
[  142.131157][ T7788]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  142.131184][ T7788]  ? __pfx_path_openat+0x10/0x10
[  142.131210][ T7788]  ? __asan_memcpy+0x3c/0x60
[  142.131237][ T7788]  do_file_open_root+0x322/0x610
[  142.131261][ T7788]  ? __kasan_slab_free+0x51/0x70
[  142.131289][ T7788]  ? __pfx_do_file_open_root+0x10/0x10
[  142.131340][ T7788]  ? do_raw_spin_lock+0x12c/0x2b0
[  142.131373][ T7788]  file_open_root+0x2a7/0x450
[  142.131400][ T7788]  ? __pfx_file_open_root+0x10/0x10
[  142.131424][ T7788]  ? _raw_spin_unlock+0x28/0x50
[  142.131457][ T7788]  do_handle_open+0x9d7/0xb70
[  142.131480][ T7788]  ? __pfx_do_handle_open+0x10/0x10
[  142.131506][ T7788]  ? ksys_write+0x1ac/0x250
[  142.131552][ T7788]  ? __pfx_ksys_write+0x10/0x10
[  142.131596][ T7788]  ? __do_fast_syscall_32+0x7c/0x3a0
[  142.131622][ T7788]  __do_fast_syscall_32+0x7c/0x3a0
[  142.131646][ T7788]  do_fast_syscall_32+0x32/0x80
[  142.131669][ T7788]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  142.131691][ T7788] RIP: 0023:0xf70ae579
[  142.131704][ T7788] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  142.131720][ T7788] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[  142.131736][ T7788] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  142.131751][ T7788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  142.131761][ T7788] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  142.131771][ T7788] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  142.131781][ T7788] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  142.131805][ T7788]  </TASK>
[  142.217803][    C1] vkms_vblank_simulate: vblank timer overrun
[  142.475315][ T7800] mkiss: ax0: crc mode is auto.
[  142.655673][ T7799] netlink: 8 bytes leftover after parsing attributes in process `syz.1.431'.
[  142.658480][ T7799] netlink: 'syz.1.431': attribute type 5 has an invalid length.
[  142.660839][ T7799] netlink: 20 bytes leftover after parsing attributes in process `syz.1.431'.
[  142.666439][ T7799] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  142.669286][ T7799] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  142.672041][ T7799] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  142.674687][ T7799] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  142.677441][ T7799] geneve2: entered promiscuous mode
[  142.679068][ T7799] geneve2: entered allmulticast mode
[  143.821800][ T5964] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  143.980726][ T7828] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  143.982807][ T7828] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  143.986136][ T7828] vhci_hcd vhci_hcd.0: Device attached
[  144.242005][ T5987] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  144.385211][ T7835] FAULT_INJECTION: forcing a failure.
[  144.385211][ T7835] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  144.390139][ T7835] CPU: 0 UID: 0 PID: 7835 Comm: syz.3.439 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  144.390155][ T7835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.390161][ T7835] Call Trace:
[  144.390166][ T7835]  <TASK>
[  144.390170][ T7835]  dump_stack_lvl+0x16c/0x1f0
[  144.390190][ T7835]  should_fail_ex+0x512/0x640
[  144.390207][ T7835]  should_fail_alloc_page+0xe7/0x130
[  144.390219][ T7835]  prepare_alloc_pages+0x3c2/0x610
[  144.390234][ T7835]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  144.390250][ T7835]  ? is_bpf_text_address+0x8a/0x1a0
[  144.390265][ T7835]  ? bpf_ksym_find+0x124/0x1c0
[  144.390277][ T7835]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  144.390290][ T7835]  ? is_bpf_text_address+0x94/0x1a0
[  144.390304][ T7835]  ? kernel_text_address+0x8d/0x100
[  144.390314][ T7835]  ? __kernel_text_address+0xd/0x40
[  144.390323][ T7835]  ? unwind_get_return_address+0x59/0xa0
[  144.390341][ T7835]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  144.390358][ T7835]  ? __lock_acquire+0xb8a/0x1c90
[  144.390375][ T7835]  ? kvm_sched_clock_read+0x11/0x20
[  144.390391][ T7835]  ? __lock_acquire+0xb8a/0x1c90
[  144.390405][ T7835]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  144.390422][ T7835]  ? policy_nodemask+0xea/0x4e0
[  144.390433][ T7835]  alloc_pages_mpol+0x1fb/0x550
[  144.390444][ T7835]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  144.390458][ T7835]  folio_alloc_mpol_noprof+0x36/0x2f0
[  144.390471][ T7835]  vma_alloc_folio_noprof+0xed/0x1e0
[  144.390482][ T7835]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  144.390494][ T7835]  ? find_held_lock+0x2b/0x80
[  144.390505][ T7835]  ? __handle_mm_fault+0x1092/0x5490
[  144.390521][ T7835]  __handle_mm_fault+0x2f21/0x5490
[  144.390538][ T7835]  ? __pfx___handle_mm_fault+0x10/0x10
[  144.390551][ T7835]  ? __pfx_mt_find+0x10/0x10
[  144.390568][ T7835]  ? find_vma+0xbf/0x140
[  144.390578][ T7835]  ? __pfx_find_vma+0x10/0x10
[  144.390590][ T7835]  handle_mm_fault+0x589/0xd10
[  144.390604][ T7835]  ? __pkru_allows_pkey+0x51/0xb0
[  144.390619][ T7835]  do_user_addr_fault+0x7a6/0x1370
[  144.390636][ T7835]  ? rcu_is_watching+0x12/0xc0
[  144.390660][ T7835]  exc_page_fault+0x5c/0xb0
[  144.390677][ T7835]  asm_exc_page_fault+0x26/0x30
[  144.390687][ T7835] RIP: 0010:_copy_to_iter+0x37e/0x16f0
[  144.390704][ T7835] Code: fc 4d 85 f6 0f 85 52 ff ff ff e8 6d f5 e3 fc 4c 8b 74 24 18 89 de 4c 89 f7 e8 6e de 49 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 f6 <f3> a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 22 ff ff ff
[  144.390714][ T7835] RSP: 0018:ffffc90004fdfb00 EFLAGS: 00050246
[  144.390727][ T7835] RAX: 0000000000000001 RBX: 00000000000006a5 RCX: 00000000000006a5
[  144.390733][ T7835] RDX: ffffed1001c27cd5 RSI: ffff88800e13e000 RDI: 0000000080000000
[  144.390740][ T7835] RBP: 0000000080000000 R08: 0000000000000000 R09: ffffed1001c27cd4
[  144.390746][ T7835] R10: ffff88800e13e6a4 R11: 0000000000000000 R12: ffffc90004fdfd88
[  144.390752][ T7835] R13: 00000000800006a5 R14: ffff88800e13e000 R15: 00007ffffffff000
[  144.390769][ T7835]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  144.390782][ T7835]  ? __pfx__copy_to_iter+0x10/0x10
[  144.390797][ T7835]  ? preempt_schedule_thunk+0x16/0x30
[  144.390812][ T7835]  ? preempt_schedule_common+0x44/0xc0
[  144.390826][ T7835]  ? preempt_schedule_thunk+0x16/0x30
[  144.390843][ T7835]  seq_read_iter+0xcf8/0x12c0
[  144.390863][ T7835]  proc_reg_read_iter+0x220/0x310
[  144.390880][ T7835]  vfs_read+0x8bf/0xc60
[  144.390897][ T7835]  ? __pfx_vfs_read+0x10/0x10
[  144.390910][ T7835]  ? find_held_lock+0x2b/0x80
[  144.390930][ T7835]  ksys_read+0x12a/0x250
[  144.390944][ T7835]  ? __pfx_ksys_read+0x10/0x10
[  144.390960][ T7835]  ? rcu_is_watching+0x12/0xc0
[  144.390973][ T7835]  __do_fast_syscall_32+0x7c/0x3a0
[  144.390990][ T7835]  do_fast_syscall_32+0x32/0x80
[  144.391006][ T7835]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.391018][ T7835] RIP: 0023:0xf710e579
[  144.391027][ T7835] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.391036][ T7835] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  144.391045][ T7835] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  144.391051][ T7835] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  144.391057][ T7835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.391062][ T7835] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.391068][ T7835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.391081][ T7835]  </TASK>
[  144.540563][ T7829] vhci_hcd: connection reset by peer
[  144.542381][ T1174] vhci_hcd: stop threads
[  144.543760][ T1174] vhci_hcd: release socket
[  144.545754][ T1174] vhci_hcd: disconnect device
[  144.700308][ T7843] IPVS: wrr: FWM 3 0x00000003 - no destination available
[  144.951689][ T6000] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  145.092026][ T6000] usb 8-1: device descriptor read/64, error -71
[  145.341695][ T6000] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  145.471710][ T6000] usb 8-1: device descriptor read/64, error -71
[  145.584308][ T6000] usb usb8-port1: attempt power cycle
[  146.040292][ T6000] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  146.062291][ T6000] usb 8-1: device descriptor read/8, error -71
[  146.164642][ T7850] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  146.166714][ T7850] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  146.278286][ T7850] vhci_hcd vhci_hcd.0: Device attached
[  146.401667][ T6000] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  146.446888][ T6000] usb 8-1: device descriptor read/8, error -71
[  146.551802][ T6000] usb usb8-port1: unable to enumerate USB device
[  146.870048][ T7865] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.873724][ T7865] batadv_slave_0: entered promiscuous mode
[  147.022834][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802566dc00: rx timeout, send abort
[  147.523335][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802566e000: rx timeout, send abort
[  147.526438][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802566dc00: abort rx timeout. Force session deactivation
[  147.724592][ T7881] block device autoloading is deprecated and will be removed.
[  147.896164][ T7891] FAULT_INJECTION: forcing a failure.
[  147.896164][ T7891] name failslab, interval 1, probability 0, space 0, times 0
[  147.900671][ T7891] CPU: 2 UID: 0 PID: 7891 Comm: syz.3.458 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  147.900685][ T7891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.900692][ T7891] Call Trace:
[  147.900696][ T7891]  <TASK>
[  147.900700][ T7891]  dump_stack_lvl+0x16c/0x1f0
[  147.900722][ T7891]  should_fail_ex+0x512/0x640
[  147.900738][ T7891]  ? __kmalloc_noprof+0xbf/0x510
[  147.900754][ T7891]  ? fib_create_info+0x53f/0x46b0
[  147.900768][ T7891]  should_failslab+0xc2/0x120
[  147.900778][ T7891]  __kmalloc_noprof+0xd2/0x510
[  147.900797][ T7891]  fib_create_info+0x53f/0x46b0
[  147.900817][ T7891]  ? __pfx_rtmsg_fib+0x10/0x10
[  147.900831][ T7891]  ? __pfx_fib_create_info+0x10/0x10
[  147.900844][ T7891]  ? fib_insert_alias+0x18b/0xe30
[  147.900864][ T7891]  fib_table_insert+0x177/0x1c40
[  147.900878][ T7891]  ? __lock_acquire+0x622/0x1c90
[  147.900894][ T7891]  ? __pfx_fib_table_insert+0x10/0x10
[  147.900903][ T7891]  ? finish_task_switch.isra.0+0x2fa/0xc10
[  147.900919][ T7891]  ? find_held_lock+0x2b/0x80
[  147.900933][ T7891]  ? fib_magic+0x4d4/0x5c0
[  147.900943][ T7891]  fib_magic+0x4d4/0x5c0
[  147.900960][ T7891]  ? __pfx_fib_magic+0x10/0x10
[  147.900976][ T7891]  ? queue_work_on+0x8b/0x1f0
[  147.900988][ T7891]  fib_add_ifaddr+0x3a1/0x580
[  147.901004][ T7891]  fib_inetaddr_event+0x147/0x270
[  147.901018][ T7891]  notifier_call_chain+0xbc/0x410
[  147.901030][ T7891]  ? __pfx_fib_inetaddr_event+0x10/0x10
[  147.901046][ T7891]  blocking_notifier_call_chain+0x69/0xa0
[  147.901060][ T7891]  __inet_insert_ifa+0x925/0xcd0
[  147.901076][ T7891]  ? __pfx___inet_insert_ifa+0x10/0x10
[  147.901092][ T7891]  inet_rtm_newaddr+0xd87/0x1540
[  147.901107][ T7891]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  147.901121][ T7891]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  147.901132][ T7891]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  147.901142][ T7891]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  147.901159][ T7891]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  147.901170][ T7891]  rtnetlink_rcv_msg+0x95e/0xe90
[  147.901188][ T7891]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  147.901208][ T7891]  ? ref_tracker_free+0x37c/0x830
[  147.901226][ T7891]  netlink_rcv_skb+0x155/0x420
[  147.901237][ T7891]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  147.901254][ T7891]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  147.901269][ T7891]  ? netlink_deliver_tap+0x1ae/0xd30
[  147.901289][ T7891]  netlink_unicast+0x58d/0x850
[  147.901302][ T7891]  ? __pfx_netlink_unicast+0x10/0x10
[  147.901316][ T7891]  netlink_sendmsg+0x8d1/0xdd0
[  147.901329][ T7891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.901340][ T7891]  ? __import_iovec+0x1dd/0x650
[  147.901353][ T7891]  ____sys_sendmsg+0xa95/0xc70
[  147.901366][ T7891]  ? __pfx_____sys_sendmsg+0x10/0x10
[  147.901377][ T7891]  ? get_compat_msghdr+0x11a/0x170
[  147.901399][ T7891]  ___sys_sendmsg+0x134/0x1d0
[  147.901415][ T7891]  ? __pfx____sys_sendmsg+0x10/0x10
[  147.901437][ T7891]  ? find_held_lock+0x2b/0x80
[  147.901456][ T7891]  __sys_sendmsg+0x16d/0x220
[  147.901472][ T7891]  ? __pfx___sys_sendmsg+0x10/0x10
[  147.901493][ T7891]  ? rcu_is_watching+0x12/0xc0
[  147.901506][ T7891]  __do_fast_syscall_32+0x7c/0x3a0
[  147.901524][ T7891]  do_fast_syscall_32+0x32/0x80
[  147.901540][ T7891]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.901553][ T7891] RIP: 0023:0xf710e579
[  147.901561][ T7891] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.901571][ T7891] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  147.901594][ T7891] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  147.901600][ T7891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  147.901606][ T7891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.901612][ T7891] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.901617][ T7891] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.901631][ T7891]  </TASK>
[  148.025924][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802566e000: abort rx timeout. Force session deactivation
[  148.087514][ T7893] netlink: 'syz.3.459': attribute type 10 has an invalid length.
[  148.100974][ T7893] 8021q: adding VLAN 0 to HW filter on device team0
[  148.113319][ T7893] : (slave team0): Enslaving as an active interface with an up link
[  148.375792][ T7889] __nla_validate_parse: 3 callbacks suppressed
[  148.375802][ T7889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.456'.
[  148.381903][ T7889] netlink: 'syz.1.456': attribute type 5 has an invalid length.
[  148.384912][ T7889] netlink: 20 bytes leftover after parsing attributes in process `syz.1.456'.
[  148.451724][ T6652] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  148.613317][ T6652] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  148.618123][ T6652] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  148.623255][ T6652] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  148.627282][ T6652] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  148.632769][ T6652] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  148.636235][ T6652] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.639762][ T6652] usb 8-1: config 0 descriptor??
[  149.096996][ T7857] vhci_hcd: connection closed
[  149.097288][ T1138] vhci_hcd: stop threads
[  149.101090][ T1138] vhci_hcd: release socket
[  149.103568][ T1138] vhci_hcd: disconnect device
[  149.341674][ T5987] vhci_hcd: vhci_device speed not set
[  149.382218][ T6652] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  149.589380][ T6652] usb 8-1: USB disconnect, device number 7
[  149.674805][ T7912] fido_id[7912]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb8/report_descriptor': No such file or directory
[  149.838064][ T7922] affs: No valid root block on device sr0
[  149.971877][   T34] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  150.121793][   T34] usb 7-1: Using ep0 maxpacket: 16
[  150.132356][   T34] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  150.136266][   T34] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  150.140071][   T34] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  150.147356][   T34] usb 7-1: config 1 interface 0 has no altsetting 0
[  150.153292][   T34] usb 7-1: New USB device found, idVendor=0825, idProduct=0000, bcdDevice= 0.00
[  150.156846][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.159940][   T34] usb 7-1: Product: syz
[  150.164669][   T34] usb 7-1: Manufacturer: syz
[  150.166542][   T34] usb 7-1: SerialNumber: syz
[  150.235788][ T7926] atomic_op ffff88802854c198 conn xmit_atomic 0000000000000000
[  150.376037][   T34] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 255 proto 1 vid 0x0825 pid 0x0000
[  150.643763][   T29] usb usb38-port1: attempt power cycle
[  150.677781][ T7915] usblp0:failed reading printer status (-71)
[  150.677785][   T10] usb 7-1: USB disconnect, device number 9
[  150.882815][ T7913] usblp0: removed
[  150.947001][ T7937] netlink: 4 bytes leftover after parsing attributes in process `syz.1.472'.
[  151.313648][   T29] usb usb38-port1: unable to enumerate USB device
[  151.953063][ T7955] netlink: 8 bytes leftover after parsing attributes in process `syz.2.477'.
[  151.957110][ T7955] netlink: 'syz.2.477': attribute type 5 has an invalid length.
[  151.960199][ T7955] netlink: 20 bytes leftover after parsing attributes in process `syz.2.477'.
[  151.969924][ T7955] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  151.973794][ T7955] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  151.976702][ T7955] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  151.980056][ T7955] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  151.983072][ T7955] geneve0: entered promiscuous mode
[  151.984729][ T7955] geneve0: entered allmulticast mode
[  153.014104][ T7965] fuse: Bad value for 'user_id'
[  153.015765][ T7965] fuse: Bad value for 'user_id'
[  153.024811][   T40] audit: type=1326 audit(1752606156.489:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.034317][   T40] audit: type=1326 audit(1752606156.489:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.043360][   T40] audit: type=1326 audit(1752606156.499:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.050580][   T40] audit: type=1326 audit(1752606156.499:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.061772][   T40] audit: type=1326 audit(1752606156.499:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.070489][   T40] audit: type=1326 audit(1752606156.499:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.079339][   T40] audit: type=1326 audit(1752606156.499:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.086013][   T40] audit: type=1326 audit(1752606156.499:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.092950][   T40] audit: type=1326 audit(1752606156.499:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.101229][   T40] audit: type=1326 audit(1752606156.499:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.480" exe="/syz-executor" sig=0 arch=40000003 syscall=95 compat=1 ip=0xf70be579 code=0x7ffc0000
[  153.217569][ T7971] netlink: 20 bytes leftover after parsing attributes in process `syz.3.482'.
[  153.495934][ T7980] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  153.498499][ T7980] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  153.557565][ T7982] netlink: 96 bytes leftover after parsing attributes in process `syz.3.485'.
[  154.652469][ T8005] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  155.631706][ T5819] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  155.688233][ T8034] FAULT_INJECTION: forcing a failure.
[  155.688233][ T8034] name failslab, interval 1, probability 0, space 0, times 0
[  155.692347][ T8034] CPU: 1 UID: 0 PID: 8034 Comm: syz.2.496 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  155.692361][ T8034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.692368][ T8034] Call Trace:
[  155.692371][ T8034]  <TASK>
[  155.692375][ T8034]  dump_stack_lvl+0x16c/0x1f0
[  155.692395][ T8034]  should_fail_ex+0x512/0x640
[  155.692410][ T8034]  ? fs_reclaim_acquire+0xae/0x150
[  155.692424][ T8034]  ? tomoyo_encode2+0x100/0x3e0
[  155.692438][ T8034]  should_failslab+0xc2/0x120
[  155.692448][ T8034]  __kmalloc_noprof+0xd2/0x510
[  155.692464][ T8034]  ? d_absolute_path+0x136/0x1a0
[  155.692477][ T8034]  tomoyo_encode2+0x100/0x3e0
[  155.692493][ T8034]  tomoyo_encode+0x29/0x50
[  155.692506][ T8034]  tomoyo_realpath_from_path+0x18f/0x6e0
[  155.692525][ T8034]  tomoyo_path_number_perm+0x245/0x580
[  155.692536][ T8034]  ? tomoyo_path_number_perm+0x237/0x580
[  155.692550][ T8034]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  155.692576][ T8034]  ? find_held_lock+0x2b/0x80
[  155.692592][ T8034]  ? hook_file_ioctl_common+0x145/0x410
[  155.692606][ T8034]  ? __fget_files+0x20e/0x3c0
[  155.692619][ T8034]  ? __fput_deferred+0x450/0x480
[  155.692632][ T8034]  security_file_ioctl_compat+0x9b/0x240
[  155.692646][ T8034]  __ia32_compat_sys_ioctl+0xc3/0x370
[  155.692660][ T8034]  __do_fast_syscall_32+0x7c/0x3a0
[  155.692677][ T8034]  do_fast_syscall_32+0x32/0x80
[  155.692693][ T8034]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.692706][ T8034] RIP: 0023:0xf70ae579
[  155.692715][ T8034] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.692725][ T8034] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  155.692735][ T8034] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005323
[  155.692741][ T8034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  155.692747][ T8034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.692753][ T8034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.692759][ T8034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.692771][ T8034]  </TASK>
[  155.692781][ T8034] ERROR: Out of memory at tomoyo_realpath_from_path.
[  155.812591][ T5819] usb 8-1: Using ep0 maxpacket: 16
[  155.816235][ T5819] usb 8-1: config 0 has no interfaces?
[  155.819390][ T5819] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  155.823876][ T5819] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  155.827360][ T5819] usb 8-1: Manufacturer: syz
[  155.832340][ T5819] usb 8-1: config 0 descriptor??
[  155.866953][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.498'.
[  155.869735][ T8039] bridge_slave_1: left allmulticast mode
[  155.871534][ T8039] bridge_slave_1: left promiscuous mode
[  155.873994][ T8039] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.879642][ T8039] bridge_slave_0: left allmulticast mode
[  155.881476][ T8039] bridge_slave_0: left promiscuous mode
[  155.885966][ T8039] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.056746][ T8022] netlink: 8 bytes leftover after parsing attributes in process `syz.3.492'.
[  156.067694][ T5987] usb 8-1: USB disconnect, device number 8
[  156.551296][ T8048] FAULT_INJECTION: forcing a failure.
[  156.551296][ T8048] name failslab, interval 1, probability 0, space 0, times 0
[  156.555288][ T8048] CPU: 1 UID: 0 PID: 8048 Comm: syz.0.501 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  156.555302][ T8048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.555309][ T8048] Call Trace:
[  156.555313][ T8048]  <TASK>
[  156.555317][ T8048]  dump_stack_lvl+0x16c/0x1f0
[  156.555336][ T8048]  should_fail_ex+0x512/0x640
[  156.555352][ T8048]  ? fs_reclaim_acquire+0xae/0x150
[  156.555366][ T8048]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  156.555381][ T8048]  should_failslab+0xc2/0x120
[  156.555391][ T8048]  __kmalloc_noprof+0xd2/0x510
[  156.555437][ T8048]  tomoyo_realpath_from_path+0xc2/0x6e0
[  156.555453][ T8048]  ? tomoyo_profile+0x47/0x60
[  156.555470][ T8048]  tomoyo_path_number_perm+0x245/0x580
[  156.555482][ T8048]  ? tomoyo_path_number_perm+0x237/0x580
[  156.555495][ T8048]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.555521][ T8048]  ? find_held_lock+0x2b/0x80
[  156.555532][ T8048]  ? hook_file_ioctl_common+0x145/0x410
[  156.555547][ T8048]  ? __fget_files+0x20e/0x3c0
[  156.555560][ T8048]  ? __fput_deferred+0x450/0x480
[  156.555573][ T8048]  security_file_ioctl_compat+0x9b/0x240
[  156.555587][ T8048]  __ia32_compat_sys_ioctl+0xc3/0x370
[  156.555609][ T8048]  __do_fast_syscall_32+0x7c/0x3a0
[  156.555626][ T8048]  do_fast_syscall_32+0x32/0x80
[  156.555642][ T8048]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.555656][ T8048] RIP: 0023:0xf70be579
[  156.555665][ T8048] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.555676][ T8048] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  156.555685][ T8048] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080345621
[  156.555692][ T8048] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  156.555698][ T8048] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.555704][ T8048] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.555709][ T8048] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.555722][ T8048]  </TASK>
[  156.555726][ T8048] ERROR: Out of memory at tomoyo_realpath_from_path.
[  156.661064][ T8054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.504'.
[  156.703783][ T8056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.506'.
[  156.989967][ T8072] tipc: Enabled bearer <eth:vlan0>, priority 10
[  157.037716][ T8074] netlink: 'syz.3.511': attribute type 11 has an invalid length.
[  157.040360][ T8074] netlink: 20 bytes leftover after parsing attributes in process `syz.3.511'.
[  157.070567][ T8074] netlink: 'syz.3.511': attribute type 12 has an invalid length.
[  157.073900][ T8074] netlink: 32 bytes leftover after parsing attributes in process `syz.3.511'.
[  157.431721][   T29] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  157.469445][ T8079] lo speed is unknown, defaulting to 1000
[  157.607907][   T29] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.698201][   T29] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.706096][   T29] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  157.711334][   T29] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  157.717899][   T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.724093][   T29] usb 8-1: config 0 descriptor??
[  158.112938][ T6000] tipc: Node number set to 4137075064
[  158.133187][   T29] plantronics 0003:047F:FFFF.0006: reserved main item tag 0xd
[  158.145059][   T29] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  158.603650][   T40] kauditd_printk_skb: 53 callbacks suppressed
[  158.603660][   T40] audit: type=1326 audit(1752606162.069:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8085 comm="syz.0.515" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  158.730369][ T8108] FAULT_INJECTION: forcing a failure.
[  158.730369][ T8108] name failslab, interval 1, probability 0, space 0, times 0
[  158.734405][ T8108] CPU: 2 UID: 0 PID: 8108 Comm: syz.0.519 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  158.734429][ T8108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.734439][ T8108] Call Trace:
[  158.734445][ T8108]  <TASK>
[  158.734452][ T8108]  dump_stack_lvl+0x16c/0x1f0
[  158.734480][ T8108]  should_fail_ex+0x512/0x640
[  158.734502][ T8108]  ? __kmalloc_noprof+0xbf/0x510
[  158.734527][ T8108]  ? ethnl_default_doit+0x209/0xed0
[  158.734550][ T8108]  should_failslab+0xc2/0x120
[  158.734567][ T8108]  __kmalloc_noprof+0xd2/0x510
[  158.734602][ T8108]  ethnl_default_doit+0x209/0xed0
[  158.734627][ T8108]  ? __nla_parse+0x40/0x60
[  158.734645][ T8108]  ? __pfx_ethnl_default_doit+0x10/0x10
[  158.734672][ T8108]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  158.734692][ T8108]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  158.734716][ T8108]  genl_family_rcv_msg_doit+0x206/0x2f0
[  158.734737][ T8108]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  158.734754][ T8108]  ? genl_get_cmd+0x194/0x580
[  158.734777][ T8108]  ? __radix_tree_lookup+0x21f/0x2c0
[  158.734805][ T8108]  genl_rcv_msg+0x55c/0x800
[  158.734828][ T8108]  ? __pfx_genl_rcv_msg+0x10/0x10
[  158.734864][ T8108]  ? __pfx_ethnl_default_doit+0x10/0x10
[  158.734900][ T8108]  netlink_rcv_skb+0x155/0x420
[  158.734918][ T8108]  ? __pfx_genl_rcv_msg+0x10/0x10
[  158.734940][ T8108]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  158.734968][ T8108]  ? netlink_deliver_tap+0x1ae/0xd30
[  158.735000][ T8108]  genl_rcv+0x28/0x40
[  158.735017][ T8108]  netlink_unicast+0x58d/0x850
[  158.735039][ T8108]  ? __pfx_netlink_unicast+0x10/0x10
[  158.735080][ T8108]  netlink_sendmsg+0x8d1/0xdd0
[  158.735102][ T8108]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.735121][ T8108]  ? __import_iovec+0x1dd/0x650
[  158.735144][ T8108]  ____sys_sendmsg+0xa95/0xc70
[  158.735163][ T8108]  ? trace_event_raw_event_gfs2_glock_state_change+0xb0/0x6a0
[  158.735192][ T8108]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.735209][ T8108]  ? get_compat_msghdr+0x11a/0x170
[  158.735248][ T8108]  ___sys_sendmsg+0x134/0x1d0
[  158.735274][ T8108]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.735311][ T8108]  ? find_held_lock+0x2b/0x80
[  158.735347][ T8108]  __sys_sendmsg+0x16d/0x220
[  158.735373][ T8108]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.735433][ T8108]  ? rcu_is_watching+0x12/0xc0
[  158.735455][ T8108]  __do_fast_syscall_32+0x7c/0x3a0
[  158.735484][ T8108]  do_fast_syscall_32+0x32/0x80
[  158.735510][ T8108]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  158.735531][ T8108] RIP: 0023:0xf70be579
[  158.735545][ T8108] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  158.735562][ T8108] RSP: 002b:00000000f508d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  158.735587][ T8108] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  158.735598][ T8108] RDX: 0000000004010000 RSI: 0000000000000000 RDI: 0000000000000000
[  158.735608][ T8108] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.735618][ T8108] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  158.735628][ T8108] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.735652][ T8108]  </TASK>
[  160.499056][ T5819] usb 8-1: USB disconnect, device number 9
[  161.931440][   T40] audit: type=1800 audit(1752606165.389:105): pid=8166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.535" name="bus" dev="9p" ino=36047895 res=0 errno=0
[  162.254061][ T8170] binder: 8169:8170 ioctl c0306201 0 returned -14
[  162.314436][ T8173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.537'.
[  162.401932][ T8175] lo speed is unknown, defaulting to 1000
[  162.651333][ T8185] overlayfs: failed to resolve './file1': -2
[  162.739609][   T40] audit: type=1326 audit(1752606166.199:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.746339][   T40] audit: type=1326 audit(1752606166.199:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=151 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.752944][   T40] audit: type=1326 audit(1752606166.199:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.759478][   T40] audit: type=1326 audit(1752606166.199:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.766867][   T40] audit: type=1326 audit(1752606166.199:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.773455][   T40] audit: type=1326 audit(1752606166.199:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.780024][   T40] audit: type=1326 audit(1752606166.199:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  162.786618][   T40] audit: type=1326 audit(1752606166.199:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8186 comm="syz.3.541" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.414779][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.2.546'.
[  163.418293][ T8203] netlink: 12 bytes leftover after parsing attributes in process `syz.2.546'.
[  163.438483][ T8203] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  164.385094][ T8235] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3897524436 (7795048872 ns) > initial count (2759807172 ns). Using initial count to start timer.
[  164.390806][ T8235] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3996681224 (15986724896 ns) > initial count (3709615788 ns). Using initial count to start timer.
[  164.477230][ T8241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.557'.
[  164.570761][ T8255] netlink: 16 bytes leftover after parsing attributes in process `syz.2.559'.
[  164.674283][ T8263] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  164.778061][ T5964] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  164.781440][ T5964] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  164.781482][ T5964] Bluetooth: hci1: SCO packet for unknown connection handle 201
[  165.130776][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  165.130787][   T40] audit: type=1800 audit(1752606168.589:130): pid=8290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.570" name="bus" dev="9p" ino=36047895 res=0 errno=0
[  165.235272][ T8296] netlink: 'syz.3.571': attribute type 1 has an invalid length.
[  165.238947][ T8296] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3932861366 (125851563712 ns) > initial count (73672152448 ns). Using initial count to start timer.
[  165.477225][   T40] audit: type=1326 audit(1752606168.939:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.485877][   T40] audit: type=1326 audit(1752606168.939:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.494439][   T40] audit: type=1326 audit(1752606168.949:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=151 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.503273][   T40] audit: type=1326 audit(1752606168.949:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.510014][   T40] audit: type=1326 audit(1752606168.949:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.516959][   T40] audit: type=1326 audit(1752606168.949:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.523899][   T40] audit: type=1326 audit(1752606168.949:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.530426][   T40] audit: type=1326 audit(1752606168.949:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.537249][   T40] audit: type=1326 audit(1752606168.949:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8303 comm="syz.3.574" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.584227][ T8308] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  165.586385][ T8308] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  165.589001][ T8308] vhci_hcd vhci_hcd.0: Device attached
[  165.593513][ T8308] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(13)
[  165.595625][ T8308] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  165.598027][ T8308] vhci_hcd vhci_hcd.0: Device attached
[  165.600741][ T8308] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  165.608248][ T8308] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(17)
[  165.610270][ T8308] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  165.612778][ T8308] vhci_hcd vhci_hcd.0: Device attached
[  165.615739][ T8308] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(19)
[  165.617815][ T8308] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  165.620211][ T8308] vhci_hcd vhci_hcd.0: Device attached
[  165.626737][ T8308] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(21)
[  165.628820][ T8308] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  165.636955][ T8308] vhci_hcd vhci_hcd.0: Device attached
[  165.639900][ T8308] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  165.645174][ T8308] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  165.648950][ T8308] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  165.656353][ T8317] vhci_hcd: connection closed
[  165.656451][ T8315] vhci_hcd: connection closed
[  165.656622][ T1138] vhci_hcd: stop threads
[  165.661273][ T1138] vhci_hcd: release socket
[  165.662040][ T8313] vhci_hcd: connection closed
[  165.662730][ T8311] vhci_hcd: connection closed
[  165.664157][ T8309] vhci_hcd: connection closed
[  165.667180][ T1138] vhci_hcd: disconnect device
[  165.671476][ T1138] vhci_hcd: stop threads
[  165.673066][ T1138] vhci_hcd: release socket
[  165.674470][ T1138] vhci_hcd: disconnect device
[  165.676652][ T1138] vhci_hcd: stop threads
[  165.678000][ T1138] vhci_hcd: release socket
[  165.679414][ T1138] vhci_hcd: disconnect device
[  165.681004][ T1138] vhci_hcd: stop threads
[  165.682362][ T1138] vhci_hcd: release socket
[  165.683763][ T1138] vhci_hcd: disconnect device
[  165.685356][ T1138] vhci_hcd: stop threads
[  165.686780][ T1138] vhci_hcd: release socket
[  165.688230][ T1138] vhci_hcd: disconnect device
[  166.329489][ T8335] netlink: 45 bytes leftover after parsing attributes in process `syz.3.580'.
[  166.607903][ T8341] affs: No valid root block on device sr0
[  166.831706][ T6523] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  166.986780][ T6523] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  166.990957][ T6523] usb 6-1: config 1 interface 0 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 14
[  167.011889][ T6523] usb 6-1: config 1 interface 0 has no altsetting 0
[  167.015757][ T6523] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  167.018888][ T6523] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  167.021542][ T6523] usb 6-1: SerialNumber: syz
[  167.031952][ T6523] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  167.586945][ T8378] affs: No valid root block on device sr0
[  167.805699][ T8380] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3897524436 (7795048872 ns) > initial count (2759807172 ns). Using initial count to start timer.
[  167.827276][ T8380] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3996681224 (15986724896 ns) > initial count (3709615788 ns). Using initial count to start timer.
[  167.906241][ T8385] FAULT_INJECTION: forcing a failure.
[  167.906241][ T8385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.910314][ T8385] CPU: 0 UID: 0 PID: 8385 Comm: syz.2.594 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  167.910328][ T8385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.910335][ T8385] Call Trace:
[  167.910339][ T8385]  <TASK>
[  167.910343][ T8385]  dump_stack_lvl+0x16c/0x1f0
[  167.910362][ T8385]  should_fail_ex+0x512/0x640
[  167.910380][ T8385]  _copy_from_user+0x2e/0xd0
[  167.910397][ T8385]  __ia32_compat_sys_socketcall+0x187/0x770
[  167.910409][ T8385]  ? __fget_files+0x20e/0x3c0
[  167.910424][ T8385]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  167.910436][ T8385]  ? fput+0x70/0xf0
[  167.910449][ T8385]  ? rcu_is_watching+0x12/0xc0
[  167.910462][ T8385]  __do_fast_syscall_32+0x7c/0x3a0
[  167.910480][ T8385]  do_fast_syscall_32+0x32/0x80
[  167.910500][ T8385]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.910513][ T8385] RIP: 0023:0xf70ae579
[  167.910521][ T8385] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.910532][ T8385] RSP: 002b:00000000f507c430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  167.910542][ T8385] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f507c444
[  167.910548][ T8385] RDX: 0000000000000000 RSI: 00000000f507c560 RDI: 00000000f7413ff4
[  167.910554][ T8385] RBP: 00000000f507c560 R08: 0000000000000000 R09: 0000000000000000
[  167.910560][ T8385] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[  167.910566][ T8385] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.910579][ T8385]  </TASK>
[  167.962354][    C0] vkms_vblank_simulate: vblank timer overrun
[  168.027439][ T8390] netlink: 48 bytes leftover after parsing attributes in process `syz.3.595'.
[  168.246908][ T8401] 9pnet_virtio: no channels available for device syz
[  168.927625][ T8413] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  168.930083][ T8413] IPv6: NLM_F_CREATE should be set when creating new route
[  168.934237][ T8413] lo: entered allmulticast mode
[  168.950133][ T8413] tunl0: entered allmulticast mode
[  168.953325][ T8413] gre0: entered allmulticast mode
[  168.958176][ T8413] gretap0: entered allmulticast mode
[  168.962143][ T8413] erspan0: entered allmulticast mode
[  168.967083][ T8413] ip_vti0: entered allmulticast mode
[  168.971105][ T8413] ip6_vti0: entered allmulticast mode
[  168.975869][ T8413] sit0: entered allmulticast mode
[  168.981710][ T8413] ip6tnl0: entered allmulticast mode
[  168.987518][ T8413] ip6gre0: entered allmulticast mode
[  168.990629][ T8413] syz_tun: entered allmulticast mode
[  168.994207][ T8413] ip6gretap0: entered allmulticast mode
[  168.997352][ T8413] vcan0: entered allmulticast mode
[  169.004228][ T8413] bond0: entered allmulticast mode
[  169.005845][ T8413] bond_slave_0: entered allmulticast mode
[  169.007678][ T8413] bond_slave_1: entered allmulticast mode
[  169.009480][ T8413] macvlan2: entered allmulticast mode
[  169.011198][ T8413] team0: entered allmulticast mode
[  169.013899][ T8413] team_slave_0: entered allmulticast mode
[  169.015811][ T8413] team_slave_1: entered allmulticast mode
[  169.019537][ T8413] team_slave_0: left promiscuous mode
[  169.027941][ T8413] team_slave_1: left promiscuous mode
[  169.035522][ T8413] dummy0: entered allmulticast mode
[  169.044251][ T8413] nlmon0: entered allmulticast mode
[  169.049126][ T8413] caif0: entered allmulticast mode
[  169.051113][ T8413] batadv0: entered allmulticast mode
[  169.055836][ T8413] vxcan0: entered allmulticast mode
[  169.058447][ T8413] vxcan1: entered allmulticast mode
[  169.061550][ T8413] veth0: entered allmulticast mode
[  169.065205][ T8413] veth1: entered allmulticast mode
[  169.081740][ T8413] wg0: entered allmulticast mode
[  169.087347][ T8413] wg1: entered allmulticast mode
[  169.097725][ T8413] wg2: entered allmulticast mode
[  169.109236][ T8413] veth0_to_bridge: entered allmulticast mode
[  169.121271][ T8413] bridge_slave_0: entered allmulticast mode
[  169.145472][ T8413] veth1_to_bridge: entered allmulticast mode
[  169.161123][ T8413] bridge_slave_1: entered allmulticast mode
[  169.169795][ T8413] veth0_to_bond: entered allmulticast mode
[  169.207056][ T8413] veth1_to_bond: entered allmulticast mode
[  169.210930][ T8413] veth0_to_team: entered allmulticast mode
[  169.214984][ T8413] veth1_to_team: entered allmulticast mode
[  169.219394][ T8413] veth0_to_batadv: entered allmulticast mode
[  169.223502][ T8413] batadv_slave_0: left promiscuous mode
[  169.225410][ T8413] batadv_slave_0: entered allmulticast mode
[  169.228190][ T8413] veth1_to_batadv: entered allmulticast mode
[  169.231372][ T8413] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.234496][ T8413] batadv_slave_1: entered allmulticast mode
[  169.237796][ T8413] xfrm0: entered allmulticast mode
[  169.241347][ T8413] veth0_to_hsr: entered allmulticast mode
[  169.244701][ T8413] hsr_slave_0: entered allmulticast mode
[  169.247830][ T8413] veth1_to_hsr: entered allmulticast mode
[  169.250913][ T8413] hsr_slave_1: entered allmulticast mode
[  169.254603][ T8413] hsr0: entered allmulticast mode
[  169.258148][ T8413] veth1_virt_wifi: entered allmulticast mode
[  169.261995][ T8413] veth0_virt_wifi: entered allmulticast mode
[  169.265073][ T8413] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  169.268086][ T8413] veth1_vlan: entered allmulticast mode
[  169.271845][ T8413] veth0_vlan: entered allmulticast mode
[  169.274839][ T8413] tipc: Resetting bearer <eth:vlan0>
[  169.280184][ T8413] vlan0: entered allmulticast mode
[  169.282361][ T8413] vlan1: entered allmulticast mode
[  169.296555][ T8413] macvlan0: entered allmulticast mode
[  169.383026][ T8413] macvlan1: entered allmulticast mode
[  169.386285][ T8413] ipvlan0: entered allmulticast mode
[  169.388164][ T8413] ipvlan1: entered allmulticast mode
[  169.390893][ T8413] veth1_macvtap: entered allmulticast mode
[  169.395123][ T8413] veth0_macvtap: entered allmulticast mode
[  169.399865][ T8413] macvtap0: entered allmulticast mode
[  169.403141][ T8413] macsec0: entered allmulticast mode
[  169.406334][ T8413] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.409283][ T8413] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.412304][ T8413] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.415080][ T8413] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.417969][ T8413] geneve1: entered allmulticast mode
[  169.421439][ T8413] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  169.427643][ T8413] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[  169.431967][ T8413] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[  169.449304][ T8413] netdevsim netdevsim2 netdevsim3: entered allmulticast mode
[  169.455801][ T8413] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  169.458602][ T8413] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  169.463148][ T8413] bridge1: entered allmulticast mode
[  169.473782][ T8413] bond1: entered allmulticast mode
[  169.479661][ T8413] veth2: entered allmulticast mode
[  169.483196][ T8413] veth3: entered allmulticast mode
[  169.491063][ T8413] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  169.494106][ T8413] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  169.497293][ T8413] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  169.500796][ T8413] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  169.504310][ T8413] geneve0: left promiscuous mode
[  169.513543][ T8413] bridge0: entered allmulticast mode
[  169.521452][   T24] lo speed is unknown, defaulting to 1000
[  169.523888][   T24] syz0: Port: 1 Link DOWN
[  169.746887][ T6000] usb 6-1: USB disconnect, device number 3
[  169.828157][ T8431] netlink: 4 bytes leftover after parsing attributes in process `syz.1.607'.
[  169.887824][ T8435] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.605'.
[  170.055105][ T8446] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  170.152339][ T6040] libceph: connect (1)[c::]:6789 error -101
[  170.154872][ T6040] libceph: mon0 (1)[c::]:6789 connect error
[  170.198016][ T8449] ceph: No mds server is up or the cluster is laggy
[  170.420605][   T40] kauditd_printk_skb: 121 callbacks suppressed
[  170.420778][   T40] audit: type=1326 audit(1752606173.879:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.429907][   T40] audit: type=1326 audit(1752606173.879:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.436798][   T40] audit: type=1326 audit(1752606173.879:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.446811][   T40] audit: type=1326 audit(1752606173.879:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.453427][   T40] audit: type=1326 audit(1752606173.879:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.459925][   T40] audit: type=1326 audit(1752606173.879:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.469307][   T40] audit: type=1326 audit(1752606173.879:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.476047][   T40] audit: type=1326 audit(1752606173.879:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.482653][   T40] audit: type=1326 audit(1752606173.879:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.488945][   T40] audit: type=1326 audit(1752606173.879:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8452 comm="syz.3.613" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  170.756491][ T8464] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3932861366 (125851563712 ns) > initial count (73672152448 ns). Using initial count to start timer.
[  170.932769][ T8471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'.
[  171.102967][ T8484] affs: No valid root block on device sr0
[  171.345137][ T8503] netlink: 'syz.2.629': attribute type 1 has an invalid length.
[  171.485619][ T8509] netlink: 4 bytes leftover after parsing attributes in process `syz.0.631'.
[  171.611747][ T6652] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  171.761712][ T6652] usb 7-1: Using ep0 maxpacket: 32
[  171.789489][ T6652] usb 7-1: config 9 has an invalid interface number: 150 but max is 1
[  171.811958][ T6652] usb 7-1: config 9 has an invalid interface number: 25 but max is 1
[  171.814623][ T6652] usb 7-1: config 9 contains an unexpected descriptor of type 0x1, skipping
[  171.818740][ T6652] usb 7-1: config 9 has an invalid interface number: 76 but max is 1
[  171.822778][ T6652] usb 7-1: config 9 has 3 interfaces, different from the descriptor's value: 2
[  171.860715][ T6652] usb 7-1: config 9 has no interface number 0
[  171.881021][ T6652] usb 7-1: config 9 has no interface number 1
[  171.902316][ T6652] usb 7-1: config 9 has no interface number 2
[  171.920192][ T6652] usb 7-1: config 9 interface 150 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  171.978618][ T6652] usb 7-1: too many endpoints for config 9 interface 25 altsetting 22: 77, using maximum allowed: 30
[  172.015167][ T6652] usb 7-1: config 9 interface 25 altsetting 22 has a duplicate endpoint with address 0xA, skipping
[  172.039650][ T6652] usb 7-1: config 9 interface 25 altsetting 22 has 5 endpoint descriptors, different from the interface descriptor's value: 77
[  172.222720][ T6652] usb 7-1: config 9 interface 76 altsetting 2 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  172.227296][ T6652] usb 7-1: config 9 interface 76 altsetting 2 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  172.231493][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x3, skipping
[  172.236708][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x6, skipping
[  172.240362][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has an endpoint descriptor with address 0xDD, changing to 0x8D
[  172.250247][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x8D, skipping
[  172.257543][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0xC, skipping
[  172.284927][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x1, skipping
[  172.315739][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x9, skipping
[  172.355642][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x6, skipping
[  172.387882][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  172.418168][ T6652] usb 7-1: config 9 interface 76 altsetting 2 endpoint 0x8B has an invalid bInterval 167, changing to 11
[  172.444149][ T6652] usb 7-1: config 9 interface 76 altsetting 2 endpoint 0x8B has invalid maxpacket 49782, setting to 1024
[  172.457599][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0x2, skipping
[  172.466462][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  172.483605][ T6652] usb 7-1: config 9 interface 76 altsetting 2 has 14 endpoint descriptors, different from the interface descriptor's value: 12
[  172.500130][ T6652] usb 7-1: config 9 interface 150 has no altsetting 0
[  172.502500][ T6652] usb 7-1: config 9 interface 25 has no altsetting 0
[  172.504663][ T6652] usb 7-1: config 9 interface 76 has no altsetting 0
[  172.509126][ T6652] usb 7-1: Dual-Role OTG device on HNP port
[  172.518828][ T6652] usb 7-1: New USB device found, idVendor=0489, idProduct=e02c, bcdDevice=5c.72
[  172.522663][ T6652] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.525269][ T6652] usb 7-1: Product: ⅺ쟿캫ፎ꿦蒔魯죦猋悘䬖똣녕㍗骽ⱊꮐ핽힐鑵5뱊ퟌ纮㢠ᕦ帥뙲鸎㥁⵷쩤ઉ냨盫瀶르᧜ѽῇӥ着攁曓鼙᳸놦隓樖ꄈ橑禴ㅹ彣㘿쫟젙눺攮
[  172.533314][ T6652] usb 7-1: Manufacturer: 픿뜕塷窝ࠝ匄ꎧ萑⭎툸櫜사윹뫎▱槑뻮栆೨쥬欔㛀赏͒턶Ꙛᨙ㎢䝘⹞퐎嗧㹞Ⱊ宂䞟榈ᛈ龁酂⪈ⳬ襮᎜⸤睢剁婋纛삓⫓֧ᑇ퓡醣왕忂ᒅㆄ뇄볚亊઄ꀜᏝ欹ᨱ햜㉆❅㞨䙣蒳༿यთ⇤䒒療ફ⇞⁞蛯먳滑✏⫰铙Ͱ๬뷡孵幣厘ෆ늻ﾄ㰗ᒨ쫎袐
[  172.544437][ T6652] usb 7-1: SerialNumber: ɗ鄐貋紬隔
[  172.610476][ T8528] x_tables: ip_tables: icmp match: only valid for protocol 1
[  172.677716][ T8528] xt_hashlimit: size too large, truncated to 1048576
[  172.766032][ T8528] netlink: 20 bytes leftover after parsing attributes in process `syz.1.636'.
[  172.972186][ T6652] usb 7-1: USB disconnect, device number 10
[  173.086498][ T8549] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  173.089547][ T8549] IPv6: NLM_F_CREATE should be set when creating new route
[  173.099097][ T8549] lo: entered allmulticast mode
[  173.103946][ T8549] tunl0: entered allmulticast mode
[  173.107510][ T8549] gre0: entered allmulticast mode
[  173.115663][ T8549] gretap0: entered allmulticast mode
[  173.124834][ T8549] erspan0: entered allmulticast mode
[  173.128830][ T8549] ip_vti0: entered allmulticast mode
[  173.131773][ T8549] ip6_vti0: entered allmulticast mode
[  173.134670][ T8549] sit0: entered allmulticast mode
[  173.138985][ T8549] ip6tnl0: entered allmulticast mode
[  173.146439][ T8549] ip6gre0: entered allmulticast mode
[  173.150464][ T8549] syz_tun: entered allmulticast mode
[  173.155459][ T8549] ip6gretap0: entered allmulticast mode
[  173.158446][ T8549] bridge0: entered allmulticast mode
[  173.160406][ T8549] vcan0: entered allmulticast mode
[  173.163794][ T8549] bond0: entered allmulticast mode
[  173.165491][ T8549] bond_slave_0: entered allmulticast mode
[  173.167303][ T8549] bond_slave_1: entered allmulticast mode
[  173.177695][ T8549] team0: entered allmulticast mode
[  173.179344][ T8549] team_slave_0: entered allmulticast mode
[  173.181212][ T8549] team_slave_1: entered allmulticast mode
[  173.186494][ T8549] dummy0: entered allmulticast mode
[  173.190256][ T8549] nlmon0: entered allmulticast mode
[  173.192950][ T8549] caif0: entered allmulticast mode
[  173.194844][ T8549] batadv0: entered allmulticast mode
[  173.197888][ T8549] vxcan0: entered allmulticast mode
[  173.199945][ T8549] vxcan1: entered allmulticast mode
[  173.202787][ T8549] veth0: entered allmulticast mode
[  173.206084][ T8549] veth1: entered allmulticast mode
[  173.209480][ T8549] wg0: entered allmulticast mode
[  173.212448][ T8549] wg1: entered allmulticast mode
[  173.215394][ T8549] wg2: entered allmulticast mode
[  173.218510][ T8549] veth0_to_bridge: entered allmulticast mode
[  173.224036][ T8549] veth1_to_bridge: entered allmulticast mode
[  173.228906][ T8549] veth0_to_bond: entered allmulticast mode
[  173.233199][ T8549] veth1_to_bond: entered allmulticast mode
[  173.237473][ T8549] veth0_to_team: entered allmulticast mode
[  173.242605][ T8549] veth1_to_team: entered allmulticast mode
[  173.247365][ T8549] veth0_to_batadv: entered allmulticast mode
[  173.250466][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.254222][ T8549] batadv_slave_0: entered allmulticast mode
[  173.258134][ T8549] veth1_to_batadv: entered allmulticast mode
[  173.261301][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.264391][ T8549] batadv_slave_1: entered allmulticast mode
[  173.267463][ T8549] xfrm0: entered allmulticast mode
[  173.270897][ T8549] veth0_to_hsr: entered allmulticast mode
[  173.274183][ T8549] hsr_slave_0: entered allmulticast mode
[  173.277853][ T8549] veth1_to_hsr: entered allmulticast mode
[  173.285215][ T8549] hsr_slave_1: entered allmulticast mode
[  173.289709][ T8549] hsr0: entered allmulticast mode
[  173.295860][ T8549] veth1_virt_wifi: entered allmulticast mode
[  173.301803][ T8549] veth0_virt_wifi: entered allmulticast mode
[  173.305108][ T8549] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  173.308525][ T8549] veth1_macvtap: entered allmulticast mode
[  173.312622][ T8549] veth0_macvtap: entered allmulticast mode
[  173.317953][ T8549] macvtap0: entered allmulticast mode
[  173.321165][ T8549] macsec0: entered allmulticast mode
[  173.325068][ T8549] geneve0: entered allmulticast mode
[  173.328654][ T8549] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.331521][ T8549] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.334472][ T8549] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.337286][ T8549] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.340535][ T8549] geneve1: entered allmulticast mode
[  173.344333][ T8549] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  173.349784][ T8549] netdevsim netdevsim0 netdevsim1: entered allmulticast mode
[  173.353306][ T8549] netdevsim netdevsim0 netdevsim2: entered allmulticast mode
[  173.356778][ T8549] netdevsim netdevsim0 netdevsim3: entered allmulticast mode
[  173.360140][ T8549] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  173.363483][ T8549] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  173.366366][ T8549] veth2: entered allmulticast mode
[  173.368732][ T8549] veth3: entered allmulticast mode
[  173.371036][ T8549] mac80211_hwsim hwsim10 wlan2: entered allmulticast mode
[  173.374247][ T8549] mac80211_hwsim hwsim11 wlan3: entered allmulticast mode
[  173.377929][ T8549] bridge1: entered allmulticast mode
[  173.381511][ T8549] bridge2: left promiscuous mode
[  173.384691][ T8549] erspan0.1: entered allmulticast mode
[  173.619146][ T8559] affs: No valid root block on device sr0
[  173.858807][ T8565] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  174.040524][ T8573] netlink: 28 bytes leftover after parsing attributes in process `syz.1.650'.
[  174.049966][ T8573] netlink: 24 bytes leftover after parsing attributes in process `syz.1.650'.
[  174.127642][ T8579] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  174.130093][ T8579] IPv6: NLM_F_CREATE should be set when creating new route
[  174.135364][ T8579] lo: entered allmulticast mode
[  174.138596][ T8579] tunl0: entered allmulticast mode
[  174.142515][ T8579] gre0: entered allmulticast mode
[  174.148139][ T8579] gretap0: entered allmulticast mode
[  174.153917][ T8579] erspan0: entered allmulticast mode
[  174.157093][ T8579] ip_vti0: entered allmulticast mode
[  174.159770][ T8579] ip6_vti0: entered allmulticast mode
[  174.163919][ T8579] sit0: entered allmulticast mode
[  174.167730][ T8579] ip6tnl0: entered allmulticast mode
[  174.170603][ T8579] ip6gre0: entered allmulticast mode
[  174.177052][ T8579] syz_tun: entered allmulticast mode
[  174.180169][ T8579] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.183779][ T8579] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.187816][ T8579] bridge0: entered allmulticast mode
[  174.193148][ T8579] vcan0: entered allmulticast mode
[  174.195965][ T8579] : entered allmulticast mode
[  174.197736][ T8579] bond_slave_0: entered allmulticast mode
[  174.199959][ T8579] bond_slave_1: entered allmulticast mode
[  174.202563][ T8579] team0: entered allmulticast mode
[  174.204840][ T8579] team_slave_1: entered allmulticast mode
[  174.207723][ T8579] dummy0: entered allmulticast mode
[  174.244050][ T8579] nlmon0: entered allmulticast mode
[  174.246750][ T8579] caif0: entered allmulticast mode
[  174.249269][ T8579] batadv0: entered allmulticast mode
[  174.253667][ T8579] vxcan0: entered allmulticast mode
[  174.255930][ T8579] vxcan1: entered allmulticast mode
[  174.259390][ T8579] veth0: entered allmulticast mode
[  174.264163][ T8579] veth1: entered allmulticast mode
[  174.268248][ T8579] wg0: entered allmulticast mode
[  174.275754][ T8579] wg1: entered allmulticast mode
[  174.286705][ T8579] wg2: entered allmulticast mode
[  174.292415][ T8579] veth0_to_bridge: entered allmulticast mode
[  174.297383][ T8579] veth1_to_bridge: entered allmulticast mode
[  174.305948][ T8579] veth0_to_bond: entered allmulticast mode
[  174.317960][ T8579] veth1_to_bond: entered allmulticast mode
[  174.324912][ T8579] veth0_to_team: entered allmulticast mode
[  174.329626][ T8579] team_slave_0: left promiscuous mode
[  174.333084][ T8579] veth1_to_team: entered allmulticast mode
[  174.340561][ T8579] veth0_to_batadv: entered allmulticast mode
[  174.345082][ T8579] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  174.349049][ T8579] batadv_slave_0: entered allmulticast mode
[  174.355560][ T8579] veth1_to_batadv: entered allmulticast mode
[  174.359559][ T8579] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.363725][ T8579] batadv_slave_1: entered allmulticast mode
[  174.369084][ T8579] xfrm0: entered allmulticast mode
[  174.375668][ T8579] veth0_to_hsr: entered allmulticast mode
[  174.379643][ T8579] hsr_slave_0: entered allmulticast mode
[  174.384441][ T8579] veth1_to_hsr: entered allmulticast mode
[  174.388995][ T8579] hsr_slave_1: entered allmulticast mode
[  174.392599][ T8579] hsr0: entered allmulticast mode
[  174.398294][ T8579] veth1_virt_wifi: entered allmulticast mode
[  174.403303][ T8579] veth0_virt_wifi: entered allmulticast mode
[  174.406389][ T8579] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  174.409813][ T8579] veth1_vlan: entered allmulticast mode
[  174.414529][ T8579] veth0_vlan: entered allmulticast mode
[  174.420673][ T8579] vlan0: entered allmulticast mode
[  174.424304][ T8579] macvlan0: entered allmulticast mode
[  174.427891][ T8579] macvlan1: entered allmulticast mode
[  174.431132][ T8579] ipvlan0: entered allmulticast mode
[  174.433451][ T8579] ipvlan1: entered allmulticast mode
[  174.436155][ T8579] veth1_macvtap: entered allmulticast mode
[  174.440551][ T8579] veth0_macvtap: entered allmulticast mode
[  174.445253][ T8579] macvtap0: entered allmulticast mode
[  174.454049][ T8579] macsec0: entered allmulticast mode
[  174.460956][ T8579] geneve0: entered allmulticast mode
[  174.464983][ T8579] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.468212][ T8579] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.471200][ T8579] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.474322][ T8579] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.477503][ T8579] geneve1: entered allmulticast mode
[  174.480818][ T8579] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  174.484627][ T8579] netdevsim netdevsim3 netdevsim1: entered allmulticast mode
[  174.488342][ T8579] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  174.493684][ T8579] netdevsim netdevsim3 netdevsim3: entered allmulticast mode
[  174.497633][ T8579] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  174.499783][ T8579] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  174.502780][ T8579] bridge1: left promiscuous mode
[  174.505015][ T8579] team_slave_1.0: entered allmulticast mode
[  174.509343][ T8579] bridge2: entered allmulticast mode
[  174.514354][ T8579] bridge3: entered allmulticast mode
[  174.766656][ T8594] 9pnet_virtio: no channels available for device syz
[  174.958133][ T8597] netlink: 12 bytes leftover after parsing attributes in process `syz.0.659'.
[  176.266562][ T8616] overlayfs: failed to resolve './file0': -2
[  176.408065][ T8621] netlink: 132 bytes leftover after parsing attributes in process `syz.0.666'.
[  176.422511][ T8620] wg2: entered promiscuous mode
[  176.424094][ T8620] wg2: entered allmulticast mode
[  176.475301][   T40] kauditd_printk_skb: 82 callbacks suppressed
[  176.475311][   T40] audit: type=1326 audit(1752606179.939:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.494454][   T40] audit: type=1326 audit(1752606179.949:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=151 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.506287][   T40] audit: type=1326 audit(1752606179.949:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.515736][   T40] audit: type=1326 audit(1752606179.949:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.526520][   T40] audit: type=1326 audit(1752606179.949:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.536791][   T40] audit: type=1326 audit(1752606179.949:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.546518][   T40] audit: type=1326 audit(1752606179.949:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.556349][   T40] audit: type=1326 audit(1752606179.949:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.563562][ T8628] FAULT_INJECTION: forcing a failure.
[  176.563562][ T8628] name failslab, interval 1, probability 0, space 0, times 0
[  176.568290][ T8628] CPU: 2 UID: 0 PID: 8628 Comm: syz.1.670 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  176.568328][ T8628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.568339][ T8628] Call Trace:
[  176.568346][ T8628]  <TASK>
[  176.568353][ T8628]  dump_stack_lvl+0x16c/0x1f0
[  176.568384][ T8628]  should_fail_ex+0x512/0x640
[  176.568417][ T8628]  ? do_raw_spin_lock+0x12c/0x2b0
[  176.568448][ T8628]  should_failslab+0xc2/0x120
[  176.568466][ T8628]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  176.568494][ T8628]  ? __alloc_skb+0x2b2/0x380
[  176.568523][ T8628]  __alloc_skb+0x2b2/0x380
[  176.568547][ T8628]  ? __pfx___alloc_skb+0x10/0x10
[  176.568570][ T8628]  ? sctp_bind_addrs_to_raw+0x2c7/0x3e0
[  176.568606][ T8628]  _sctp_make_chunk+0x51/0x270
[  176.568633][ T8628]  sctp_make_control+0x2f/0x2d0
[  176.568656][ T8628]  sctp_make_init+0x6f0/0xdc0
[  176.568687][ T8628]  ? __pfx_sctp_make_init+0x10/0x10
[  176.568713][ T8628]  ? find_held_lock+0x2b/0x80
[  176.568739][ T8628]  ? sctp_sm_lookup_event+0x15b/0x570
[  176.568765][ T8628]  ? __pfx_sctp_sm_lookup_event+0x10/0x10
[  176.568794][ T8628]  sctp_sf_do_prm_asoc+0xbf/0x360
[  176.568815][ T8628]  ? __pfx_sctp_pname+0x10/0x10
[  176.568838][ T8628]  sctp_do_sm+0x181/0x5c80
[  176.568861][ T8628]  ? sctp_sendmsg+0xef5/0x1ee0
[  176.568882][ T8628]  ? __sys_sendmsg+0x16d/0x220
[  176.568906][ T8628]  ? __do_fast_syscall_32+0x7c/0x3a0
[  176.568931][ T8628]  ? do_fast_syscall_32+0x32/0x80
[  176.568956][ T8628]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  176.568980][ T8628]  ? __pfx_sctp_do_sm+0x10/0x10
[  176.569033][ T8628]  ? sk_leave_memory_pressure+0xdd/0x130
[  176.569054][ T8628]  ? __sk_mem_raise_allocated+0x94d/0x1670
[  176.569087][ T8628]  sctp_primitive_ASSOCIATE+0x9c/0xd0
[  176.569114][ T8628]  sctp_sendmsg_to_asoc+0xa45/0x1bf0
[  176.569132][ T8628]  ? sctp_assoc_set_primary+0x177/0x300
[  176.569161][ T8628]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  176.569182][ T8628]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  176.569205][ T8628]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  176.569231][ T8628]  sctp_sendmsg+0xef5/0x1ee0
[  176.569252][ T8628]  ? fixup_exception+0x10c/0xaf0
[  176.569286][ T8628]  ? __pfx_sctp_sendmsg+0x10/0x10
[  176.569310][ T8628]  ? __pfx___might_resched+0x10/0x10
[  176.569339][ T8628]  ? find_held_lock+0x2b/0x80
[  176.569358][ T8628]  ? __pfx_aa_sk_perm+0x10/0x10
[  176.569382][ T8628]  ? __import_iovec+0x1dd/0x650
[  176.569402][ T8628]  ? __pfx_sctp_sendmsg+0x10/0x10
[  176.569424][ T8628]  inet_sendmsg+0x119/0x140
[  176.569449][ T8628]  ____sys_sendmsg+0x973/0xc70
[  176.569472][ T8628]  ? __pfx_____sys_sendmsg+0x10/0x10
[  176.569490][ T8628]  ? get_compat_msghdr+0x11a/0x170
[  176.569521][ T8628]  ? get_perf_callchain+0x24c/0x760
[  176.569552][ T8628]  ___sys_sendmsg+0x134/0x1d0
[  176.569579][ T8628]  ? __pfx____sys_sendmsg+0x10/0x10
[  176.569619][ T8628]  ? find_held_lock+0x2b/0x80
[  176.569654][ T8628]  __sys_sendmsg+0x16d/0x220
[  176.569682][ T8628]  ? __pfx___sys_sendmsg+0x10/0x10
[  176.569707][ T8628]  ? __pfx_bpf_trace_run2+0x10/0x10
[  176.569739][ T8628]  ? syscall_trace_enter+0x1cb/0x260
[  176.569769][ T8628]  ? rcu_is_watching+0x12/0xc0
[  176.569792][ T8628]  __do_fast_syscall_32+0x7c/0x3a0
[  176.569821][ T8628]  do_fast_syscall_32+0x32/0x80
[  176.569848][ T8628]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  176.569869][ T8628] RIP: 0023:0xf70be579
[  176.569884][ T8628] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  176.569900][ T8628] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  176.569917][ T8628] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000700
[  176.569928][ T8628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  176.569938][ T8628] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  176.569947][ T8628] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  176.569957][ T8628] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  176.569981][ T8628]  </TASK>
[  176.570290][   T40] audit: type=1326 audit(1752606179.949:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.763180][   T40] audit: type=1326 audit(1752606179.949:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8625 comm="syz.1.669" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[  176.826509][ T8636] lo: entered allmulticast mode
[  176.829542][ T8636] tunl0: entered allmulticast mode
[  176.835540][ T8636] gre0: entered allmulticast mode
[  176.873006][ T8636] gretap0: entered allmulticast mode
[  176.884572][ T8636] erspan0: entered allmulticast mode
[  176.895373][ T8636] ip_vti0: entered allmulticast mode
[  176.898124][ T8636] ip6_vti0: entered allmulticast mode
[  176.901095][ T8636] sit0: entered allmulticast mode
[  176.910166][ T8636] ip6tnl0: entered allmulticast mode
[  176.917149][ T8636] ip6gre0: entered allmulticast mode
[  176.950914][ T8636] syz_tun: entered allmulticast mode
[  176.960262][ T8636] ip6gretap0: entered allmulticast mode
[  176.967333][ T8636] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.970779][ T8636] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.976527][ T8636] bridge0: entered allmulticast mode
[  176.987844][ T8636] vcan0: entered allmulticast mode
[  176.995888][ T8636] bond0: entered allmulticast mode
[  176.998093][ T8636] bond_slave_0: entered allmulticast mode
[  177.000500][ T8636] bond_slave_1: entered allmulticast mode
[  177.009564][ T8636] team0: entered allmulticast mode
[  177.011372][ T8636] team_slave_0: entered allmulticast mode
[  177.014723][ T8636] team_slave_1: entered allmulticast mode
[  177.022119][ T8636] dummy0: entered allmulticast mode
[  177.029849][ T8636] nlmon0: entered allmulticast mode
[  177.036129][ T8636] caif0: entered allmulticast mode
[  177.038932][ T8636] batadv0: entered allmulticast mode
[  177.044587][ T8636] vxcan0: entered allmulticast mode
[  177.049177][ T8636] vxcan1: entered allmulticast mode
[  177.054902][ T8636] veth0: entered allmulticast mode
[  177.063781][ T8636] veth1: entered allmulticast mode
[  177.073918][ T8636] wg0: entered allmulticast mode
[  177.080037][ T8636] wg1: entered allmulticast mode
[  177.086575][ T8636] wg2: left promiscuous mode
[  177.091976][ T8636] veth0_to_bridge: entered allmulticast mode
[  177.099596][ T8636] veth1_to_bridge: entered allmulticast mode
[  177.118597][ T8636] veth0_to_bond: entered allmulticast mode
[  177.127294][ T8636] veth1_to_bond: entered allmulticast mode
[  177.135707][ T8636] veth0_to_team: entered allmulticast mode
[  177.149014][ T8636] veth1_to_team: entered allmulticast mode
[  177.162196][ T8636] veth0_to_batadv: entered allmulticast mode
[  177.167308][ T8636] batadv_slave_0: left promiscuous mode
[  177.169135][ T8636] batadv_slave_0: entered allmulticast mode
[  177.172534][ T8636] veth1_to_batadv: entered allmulticast mode
[  177.177322][ T8636] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.181137][ T8636] batadv_slave_1: entered allmulticast mode
[  177.187819][ T8636] xfrm0: entered allmulticast mode
[  177.192943][ T8636] veth0_to_hsr: entered allmulticast mode
[  177.196769][ T8636] hsr_slave_0: entered allmulticast mode
[  177.199999][ T8636] veth1_to_hsr: entered allmulticast mode
[  177.215325][ T8636] hsr_slave_1: entered allmulticast mode
[  177.219928][ T8636] hsr0: entered allmulticast mode
[  177.230968][ T8636] veth1_virt_wifi: entered allmulticast mode
[  177.236892][ T8636] veth0_virt_wifi: entered allmulticast mode
[  177.240362][ T8636] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  177.250481][ T8636] veth1_vlan: entered allmulticast mode
[  177.254317][ T6040] usb 8-1: new low-speed USB device number 10 using dummy_hcd
[  177.260449][ T8636] veth0_vlan: entered allmulticast mode
[  177.269412][ T8636] vlan0: entered allmulticast mode
[  177.281383][ T8636] vlan1: entered allmulticast mode
[  177.284521][ T8636] macvlan0: entered allmulticast mode
[  177.292349][ T8636] macvlan1: entered allmulticast mode
[  177.299294][ T8636] ipvlan0: entered allmulticast mode
[  177.303087][ T8636] ipvlan1: entered allmulticast mode
[  177.307411][ T8636] veth1_macvtap: entered allmulticast mode
[  177.316836][ T8636] veth0_macvtap: entered allmulticast mode
[  177.323166][ T8636] macvtap0: entered allmulticast mode
[  177.327514][ T8636] macsec0: entered allmulticast mode
[  177.333455][ T8636] geneve0: entered allmulticast mode
[  177.339316][ T8636] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.342727][ T8636] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.345928][ T8636] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.349657][ T8636] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.353808][ T8636] geneve1: entered allmulticast mode
[  177.361905][ T8636] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  177.368013][ T8636] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  177.376171][ T8636] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[  177.385400][ T8636] netdevsim netdevsim1 netdevsim3: entered allmulticast mode
[  177.392406][ T8636] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  177.395455][ T8636] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  177.398121][ T8636] bond1: entered allmulticast mode
[  177.399818][ T8636] bridge1: entered allmulticast mode
[  177.402282][ T8636] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  177.405970][ T8636] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  177.409616][ T8636] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  177.413399][ T8636] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  177.417650][ T8636] geneve2: left promiscuous mode
[  177.423019][ T8636] vti0: entered allmulticast mode
[  177.423104][ T6040] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  177.426214][ T8646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.677'.
[  177.428232][ T6040] usb 8-1: config 0 has no interface number 0
[  177.428255][ T6040] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  177.430971][ T8646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.677'.
[  177.433453][ T6040] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  177.433478][ T6040] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  177.449092][ T6040] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.460609][ T6040] usb 8-1: config 0 descriptor??
[  177.463339][ T8647] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  177.472217][ T6040] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  177.677313][ T6037] usb 8-1: USB disconnect, device number 10
[  177.797612][ T8661] netlink: 3 bytes leftover after parsing attributes in process `syz.2.679'.
[  177.806729][ T8661] batadv1: entered allmulticast mode
[  177.901645][ T6523] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  178.064084][ T6523] usb 6-1: Using ep0 maxpacket: 8
[  178.069357][ T6523] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  178.073979][ T6523] usb 6-1: language id specifier not provided by device, defaulting to English
[  178.078341][ T6523] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  178.081132][ T6523] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.083931][ T6523] usb 6-1: Product: 켊๑춒졈踖䝙璖墕듁䤲仜ᰳᤨ沥覽⾑⧐垣㭢䕦刮帓杉綝ꍀ琩꫟鱶џ놇⾊쯊꺓븗柄씈䀮ㆋෲ顩曢箩ȿ㞫Ⅹ巎ⲹ㿸謺׀䷷⻕䐚妙ঁ럼䥽酒憊텡獲믟⠟⛲涑끭➺寇⅌汇臎跨鸦
[  178.092205][ T6523] usb 6-1: Manufacturer: 髱詘눞嫻뢞贻㶷疷撊
[  178.094392][ T6523] usb 6-1: SerialNumber: 켗估摝盢ࣞ꛾ฯ钭
[  178.303656][ T5317] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  178.310192][ T5317] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  178.314630][ T5317] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  178.324526][ T6523] cdc_ncm 6-1:1.0: bind() failure
[  178.324861][ T5317] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  178.329214][ T5317] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  178.340304][ T6523] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  178.346393][ T6523] cdc_ncm 6-1:1.1: bind() failure
[  178.357705][ T6523] usb 6-1: USB disconnect, device number 4
[  178.391527][ T8669] lo speed is unknown, defaulting to 1000
[  178.520714][ T8669] chnl_net:caif_netlink_parms(): no params data found
[  178.572101][ T8677] FAULT_INJECTION: forcing a failure.
[  178.572101][ T8677] name failslab, interval 1, probability 0, space 0, times 0
[  178.577284][ T8677] CPU: 0 UID: 0 PID: 8677 Comm: syz.2.688 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  178.577306][ T8677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.577316][ T8677] Call Trace:
[  178.577323][ T8677]  <TASK>
[  178.577331][ T8677]  dump_stack_lvl+0x16c/0x1f0
[  178.577360][ T8677]  should_fail_ex+0x512/0x640
[  178.577381][ T8677]  ? __kmalloc_noprof+0xbf/0x510
[  178.577407][ T8677]  ? scsi_ioctl_reset+0x136/0x850
[  178.577431][ T8677]  should_failslab+0xc2/0x120
[  178.577447][ T8677]  __kmalloc_noprof+0xd2/0x510
[  178.577470][ T8677]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  178.577497][ T8677]  scsi_ioctl_reset+0x136/0x850
[  178.577519][ T8677]  scsi_ioctl+0xf9c/0x1820
[  178.577537][ T8677]  ? __pfx___might_resched+0x10/0x10
[  178.577555][ T8677]  ? find_held_lock+0x2b/0x80
[  178.577572][ T8677]  ? __pfx_scsi_ioctl+0x10/0x10
[  178.577596][ T8677]  ? __pfx_scsi_block_when_processing_errors+0x10/0x10
[  178.577618][ T8677]  ? tomoyo_path_number_perm+0x18d/0x580
[  178.577639][ T8677]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  178.577658][ T8677]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  178.577689][ T8677]  ? do_vfs_ioctl+0x523/0x1a60
[  178.577716][ T8677]  sg_ioctl+0xb98/0x27f0
[  178.577742][ T8677]  ? __pfx_sg_ioctl+0x10/0x10
[  178.577764][ T8677]  ? find_held_lock+0x2b/0x80
[  178.577781][ T8677]  ? hook_file_ioctl_common+0x145/0x410
[  178.577802][ T8677]  ? __fget_files+0x20e/0x3c0
[  178.577822][ T8677]  ? __fput_deferred+0x450/0x480
[  178.577842][ T8677]  ? __pfx_sg_ioctl+0x10/0x10
[  178.577861][ T8677]  compat_ptr_ioctl+0x6e/0xa0
[  178.577878][ T8677]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  178.577897][ T8677]  __ia32_compat_sys_ioctl+0x23f/0x370
[  178.577918][ T8677]  __do_fast_syscall_32+0x7c/0x3a0
[  178.577945][ T8677]  do_fast_syscall_32+0x32/0x80
[  178.577970][ T8677]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.577992][ T8677] RIP: 0023:0xf70ae579
[  178.578005][ T8677] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.578020][ T8677] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  178.578035][ T8677] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000002284
[  178.578045][ T8677] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  178.578055][ T8677] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.578064][ T8677] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  178.578075][ T8677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.578097][ T8677]  </TASK>
[  178.685776][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.731295][ T8674] lo speed is unknown, defaulting to 1000
[  178.821378][   T12] bridge_slave_1: left promiscuous mode
[  178.825294][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.834707][   T12] bridge_slave_0: left promiscuous mode
[  178.836734][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.248483][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  179.255105][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  179.260526][   T12] bond0 (unregistering): Released all slaves
[  179.268650][ T8669] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.284821][ T8669] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.287691][ T8669] bridge_slave_0: entered allmulticast mode
[  179.290803][ T8669] bridge_slave_0: entered promiscuous mode
[  179.297468][ T8669] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.300216][ T8669] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.303245][ T8669] bridge_slave_1: entered allmulticast mode
[  179.306469][ T8669] bridge_slave_1: entered promiscuous mode
[  179.405418][ T8669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.410742][ T8669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.454309][ T8669] team0: Port device team_slave_0 added
[  179.463772][ T8669] team0: Port device team_slave_1 added
[  179.544287][ T8669] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.546979][ T8669] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.557507][ T8669] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.563697][ T8669] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.566372][ T8669] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.577429][ T8669] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.661774][ T8669] hsr_slave_0: entered promiscuous mode
[  179.664288][ T8669] hsr_slave_1: entered promiscuous mode
[  179.666358][ T8669] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  179.668847][ T8669] Cannot create hsr debugfs directory
[  179.894954][   T12] hsr_slave_0: left promiscuous mode
[  179.897625][   T12] hsr_slave_1: left promiscuous mode
[  179.899879][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.903878][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.375416][ T5317] Bluetooth: hci1: command tx timeout
[  180.509739][   T12] team0 (unregistering): Port device team_slave_1 removed
[  180.589399][   T12] team0 (unregistering): Port device team_slave_0 removed
[  181.253933][ T8723] input: syz0 as /devices/virtual/input/input17
[  181.919417][ T8669] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  181.928899][ T8669] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  181.938440][ T8669] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  181.952974][ T8669] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  182.084623][ T8669] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.100797][ T8669] 8021q: adding VLAN 0 to HW filter on device team0
[  182.114158][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.117206][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.127782][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.130783][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.296568][ T8669] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  182.375377][ T8783] netlink: 'syz.2.702': attribute type 10 has an invalid length.
[  182.377939][ T8783] netlink: 168 bytes leftover after parsing attributes in process `syz.2.702'.
[  182.391209][ T8783] netlink: 32 bytes leftover after parsing attributes in process `syz.2.702'.
[  182.526338][ T5317] Bluetooth: hci1: command tx timeout
[  182.710331][ T8669] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.760131][ T8669] veth0_vlan: entered promiscuous mode
[  182.777430][ T8669] veth1_vlan: entered promiscuous mode
[  182.806975][ T8800] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  182.809573][ T8800] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  182.820098][ T8669] veth0_macvtap: entered promiscuous mode
[  182.822504][ T8800] vhci_hcd vhci_hcd.0: Device attached
[  182.851915][ T8669] veth1_macvtap: entered promiscuous mode
[  182.860927][ T8669] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.865867][ T8669] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.877588][ T8669] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.880460][ T8669] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.887875][ T8669] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.890732][ T8669] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.055696][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.059093][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.080662][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.086456][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.101897][ T6000] usb 40-1: SetAddress Request (2) to port 0
[  183.104284][ T6000] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  184.173700][ T8801] vhci_hcd: connection reset by peer
[  184.245969][ T8817] affs: No valid root block on device sr0
[  184.316404][ T1138] vhci_hcd: stop threads
[  184.317802][ T1138] vhci_hcd: release socket
[  184.319293][ T1138] vhci_hcd: disconnect device
[  184.458015][ T8822] xt_HMARK: spi-set and port-set can't be combined
[  184.616700][ T5317] Bluetooth: hci1: command tx timeout
[  185.479351][ T8835] input: syz1 as /devices/virtual/input/input18
[  185.816437][ T8840] FAULT_INJECTION: forcing a failure.
[  185.816437][ T8840] name failslab, interval 1, probability 0, space 0, times 0
[  185.820424][ T8840] CPU: 0 UID: 0 PID: 8840 Comm: syz.3.712 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  185.820439][ T8840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.820445][ T8840] Call Trace:
[  185.820450][ T8840]  <TASK>
[  185.820454][ T8840]  dump_stack_lvl+0x16c/0x1f0
[  185.820490][ T8840]  should_fail_ex+0x512/0x640
[  185.820509][ T8840]  ? __kmalloc_noprof+0xbf/0x510
[  185.820526][ T8840]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  185.820540][ T8840]  should_failslab+0xc2/0x120
[  185.820551][ T8840]  __kmalloc_noprof+0xd2/0x510
[  185.820566][ T8840]  ? __pfx___mutex_lock+0x10/0x10
[  185.820587][ T8840]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  185.820604][ T8840]  genl_start+0x18f/0x980
[  185.820618][ T8840]  __netlink_dump_start+0x60e/0x990
[  185.820631][ T8840]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  185.820645][ T8840]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  185.820661][ T8840]  ? __pfx_genl_get_cmd+0x10/0x10
[  185.820671][ T8840]  ? __pfx_genl_start+0x10/0x10
[  185.820682][ T8840]  ? __pfx_genl_dumpit+0x10/0x10
[  185.820692][ T8840]  ? __pfx_genl_done+0x10/0x10
[  185.820705][ T8840]  ? __sys_sendmsg+0x16d/0x220
[  185.820719][ T8840]  ? __do_fast_syscall_32+0x7c/0x3a0
[  185.820734][ T8840]  ? __radix_tree_lookup+0x21f/0x2c0
[  185.820750][ T8840]  genl_rcv_msg+0x46e/0x800
[  185.820764][ T8840]  ? __pfx_genl_rcv_msg+0x10/0x10
[  185.820777][ T8840]  ? __pfx_ethnl_rss_dump_start+0x10/0x10
[  185.820787][ T8840]  ? __pfx_ethnl_rss_dumpit+0x10/0x10
[  185.820800][ T8840]  ? __lock_acquire+0x622/0x1c90
[  185.820817][ T8840]  netlink_rcv_skb+0x155/0x420
[  185.820828][ T8840]  ? __pfx_genl_rcv_msg+0x10/0x10
[  185.820841][ T8840]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  185.820857][ T8840]  ? netlink_deliver_tap+0x1ae/0xd30
[  185.820873][ T8840]  ? is_vmalloc_addr+0x86/0xa0
[  185.820889][ T8840]  genl_rcv+0x28/0x40
[  185.820900][ T8840]  netlink_unicast+0x58d/0x850
[  185.820912][ T8840]  ? __pfx_netlink_unicast+0x10/0x10
[  185.820926][ T8840]  netlink_sendmsg+0x8d1/0xdd0
[  185.820945][ T8840]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.820963][ T8840]  ? __import_iovec+0x1dd/0x650
[  185.820985][ T8840]  ____sys_sendmsg+0xa95/0xc70
[  185.821006][ T8840]  ? __pfx_____sys_sendmsg+0x10/0x10
[  185.821023][ T8840]  ? get_compat_msghdr+0x11a/0x170
[  185.821062][ T8840]  ___sys_sendmsg+0x134/0x1d0
[  185.821089][ T8840]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.821126][ T8840]  ? find_held_lock+0x2b/0x80
[  185.821162][ T8840]  __sys_sendmsg+0x16d/0x220
[  185.821187][ T8840]  ? __pfx___sys_sendmsg+0x10/0x10
[  185.821209][ T8840]  ? rcu_is_watching+0x12/0xc0
[  185.821222][ T8840]  __do_fast_syscall_32+0x7c/0x3a0
[  185.821239][ T8840]  do_fast_syscall_32+0x32/0x80
[  185.821255][ T8840]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  185.821269][ T8840] RIP: 0023:0xf710e579
[  185.821277][ T8840] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  185.821288][ T8840] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  185.821298][ T8840] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000100
[  185.821305][ T8840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  185.821311][ T8840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  185.821316][ T8840] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  185.821322][ T8840] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  185.821337][ T8840]  </TASK>
[  185.933882][    C0] vkms_vblank_simulate: vblank timer overrun
[  186.663775][ T8857] ------------[ cut here ]------------
[  186.666289][ T8857] WARNING: CPU: 0 PID: 8857 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x30b/0x23f0
[  186.670136][ T8857] Modules linked in:
[  186.671783][ T8857] CPU: 0 UID: 0 PID: 8857 Comm: syz.3.720 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  186.678122][ T8857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.682616][ T8857] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  186.685563][ T8857] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f e9 8f 12 73 09 83 fe 0a 0f 86 0a fe ff ff 80 3d 57 9d 7d 0e 00 75 0b c6 05 4e 9d 7d 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  186.694321][ T8857] RSP: 0018:ffffc90006d178c8 EFLAGS: 00010246
[  186.697160][ T8857] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  186.700815][ T8857] RDX: 0000000000000000 RSI: 0000000000000033 RDI: 0000000000040d40
[  186.701953][ T5317] Bluetooth: hci1: command tx timeout
[  186.704290][ T8857] RBP: 6e6bd6a69c38a700 R08: 0000000000000007 R09: 0000000000000000
[  186.708933][ T8857] R10: 6e6bd6a69c38a700 R11: 0000000000000001 R12: 0000000000000033
[  186.711784][ T8857] R13: 1ffff92000da2f2e R14: 6e6bd6a69c38a700 R15: 0000000000000033
[  186.714479][ T8857] FS:  0000000000000000(0000) GS:ffff888097520000(0063) knlGS:00000000f50ddb40
[  186.717495][ T8857] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  186.719626][ T8857] CR2: 0000000080004200 CR3: 000000006e38a000 CR4: 0000000000352ef0
[  186.722333][ T8857] Call Trace:
[  186.723841][ T8857]  <TASK>
[  186.725192][ T8857]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  186.727607][ T8857]  ? kasan_quarantine_put+0x10a/0x240
[  186.729351][ T8857]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.731022][ T8857]  ? kfree+0x2b4/0x4d0
[  186.732741][ T8857]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  186.735278][ T8857]  ? p9_client_clunk+0x12a/0x170
[  186.737449][ T8857]  ? p9_client_clunk+0x12f/0x170
[  186.739601][ T8857]  ? v9fs_fid_get_acl+0x7a/0x120
[  186.741738][ T8857]  __alloc_pages_noprof+0xb/0x1b0
[  186.743904][ T8857]  ___kmalloc_large_node+0x84/0x1e0
[  186.746227][ T8857]  ? v9fs_fid_get_acl+0x7a/0x120
[  186.748093][ T8857]  __kmalloc_large_node_noprof+0x1c/0x70
[  186.749885][ T8857]  __kmalloc_noprof.cold+0xc/0x61
[  186.751524][ T8857]  ? __pfx_iget5_locked+0x10/0x10
[  186.753696][ T8857]  ? v9fs_cache_inode_get_cookie+0x28f/0x3a0
[  186.755802][ T8857]  v9fs_fid_get_acl+0x7a/0x120
[  186.757366][ T8857]  v9fs_get_acl+0xee/0x530
[  186.758855][ T8857]  v9fs_inode_from_fid_dotl+0x264/0x2f0
[  186.760640][ T8857]  v9fs_mount+0x4fd/0xa30
[  186.762120][ T8857]  ? rcu_is_watching+0x12/0xc0
[  186.763692][ T8857]  ? __pfx_v9fs_mount+0x10/0x10
[  186.765319][ T8857]  ? apparmor_capable+0x114/0x1d0
[  186.766953][ T8857]  ? __pfx_v9fs_mount+0x10/0x10
[  186.768571][ T8857]  legacy_get_tree+0x10c/0x220
[  186.770149][ T8857]  vfs_get_tree+0x8b/0x340
[  186.771690][ T8857]  path_mount+0x1414/0x2020
[  186.773687][ T8857]  ? kmem_cache_free+0x2d1/0x4d0
[  186.775704][ T8857]  ? __pfx_path_mount+0x10/0x10
[  186.777740][ T8857]  ? getname_flags.part.0+0x1c5/0x550
[  186.779595][ T8857]  ? putname+0x154/0x1a0
[  186.780965][ T8857]  __ia32_sys_mount+0x28b/0x310
[  186.782536][ T8857]  ? __pfx___ia32_sys_mount+0x10/0x10
[  186.784283][ T8857]  ? rcu_is_watching+0x12/0xc0
[  186.785841][ T8857]  __do_fast_syscall_32+0x7c/0x3a0
[  186.787499][ T8857]  do_fast_syscall_32+0x32/0x80
[  186.789106][ T8857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.791105][ T8857] RIP: 0023:0xf710e579
[  186.792518][ T8857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.798491][ T8857] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  186.801200][ T8857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800003c0
[  186.803769][ T8857] RDX: 0000000080000b80 RSI: 0000000000000000 RDI: 0000000080000500
[  186.806510][ T8857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.809061][ T8857] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  186.811553][ T8857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.814062][ T8857]  </TASK>
[  186.815083][ T8857] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  186.817490][ T8857] CPU: 0 UID: 0 PID: 8857 Comm: syz.3.720 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  186.821143][ T8857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.824514][ T8857] Call Trace:
[  186.825570][ T8857]  <TASK>
[  186.826508][ T8857]  dump_stack_lvl+0x3d/0x1f0
[  186.827993][ T8857]  panic+0x71c/0x800
[  186.829262][ T8857]  ? __pfx_panic+0x10/0x10
[  186.830670][ T8857]  ? show_trace_log_lvl+0x29b/0x3e0
[  186.832342][ T8857]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  186.834343][ T8857]  check_panic_on_warn+0xab/0xb0
[  186.835927][ T8857]  __warn+0xf6/0x3c0
[  186.837181][ T8857]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  186.839101][ T8857]  report_bug+0x3c3/0x580
[  186.840897][ T8857]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  186.842843][ T8857]  handle_bug+0x184/0x210
[  186.844232][ T8857]  exc_invalid_op+0x17/0x50
[  186.845678][ T8857]  asm_exc_invalid_op+0x1a/0x20
[  186.847239][ T8857] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  186.849368][ T8857] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f e9 8f 12 73 09 83 fe 0a 0f 86 0a fe ff ff 80 3d 57 9d 7d 0e 00 75 0b c6 05 4e 9d 7d 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  186.855548][ T8857] RSP: 0018:ffffc90006d178c8 EFLAGS: 00010246
[  186.857465][ T8857] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  186.859967][ T8857] RDX: 0000000000000000 RSI: 0000000000000033 RDI: 0000000000040d40
[  186.862548][ T8857] RBP: 6e6bd6a69c38a700 R08: 0000000000000007 R09: 0000000000000000
[  186.865024][ T8857] R10: 6e6bd6a69c38a700 R11: 0000000000000001 R12: 0000000000000033
[  186.867491][ T8857] R13: 1ffff92000da2f2e R14: 6e6bd6a69c38a700 R15: 0000000000000033
[  186.870001][ T8857]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  186.872034][ T8857]  ? kasan_quarantine_put+0x10a/0x240
[  186.873721][ T8857]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.875395][ T8857]  ? kfree+0x2b4/0x4d0
[  186.876706][ T8857]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  186.878534][ T8857]  ? p9_client_clunk+0x12a/0x170
[  186.880151][ T8857]  ? p9_client_clunk+0x12f/0x170
[  186.881741][ T8857]  ? v9fs_fid_get_acl+0x7a/0x120
[  186.883309][ T8857]  __alloc_pages_noprof+0xb/0x1b0
[  186.884908][ T8857]  ___kmalloc_large_node+0x84/0x1e0
[  186.886553][ T8857]  ? v9fs_fid_get_acl+0x7a/0x120
[  186.888128][ T8857]  __kmalloc_large_node_noprof+0x1c/0x70
[  186.889911][ T8857]  __kmalloc_noprof.cold+0xc/0x61
[  186.891517][ T8857]  ? __pfx_iget5_locked+0x10/0x10
[  186.893103][ T8857]  ? v9fs_cache_inode_get_cookie+0x28f/0x3a0
[  186.894926][ T8857]  v9fs_fid_get_acl+0x7a/0x120
[  186.896453][ T8857]  v9fs_get_acl+0xee/0x530
[  186.897797][ T8857]  v9fs_inode_from_fid_dotl+0x264/0x2f0
[  186.899472][ T8857]  v9fs_mount+0x4fd/0xa30
[  186.900832][ T8857]  ? rcu_is_watching+0x12/0xc0
[  186.902317][ T8857]  ? __pfx_v9fs_mount+0x10/0x10
[  186.903866][ T8857]  ? apparmor_capable+0x114/0x1d0
[  186.905447][ T8857]  ? __pfx_v9fs_mount+0x10/0x10
[  186.906944][ T8857]  legacy_get_tree+0x10c/0x220
[  186.908472][ T8857]  vfs_get_tree+0x8b/0x340
[  186.909879][ T8857]  path_mount+0x1414/0x2020
[  186.911370][ T8857]  ? kmem_cache_free+0x2d1/0x4d0
[  186.912950][ T8857]  ? __pfx_path_mount+0x10/0x10
[  186.914475][ T8857]  ? getname_flags.part.0+0x1c5/0x550
[  186.916163][ T8857]  ? putname+0x154/0x1a0
[  186.917519][ T8857]  __ia32_sys_mount+0x28b/0x310
[  186.919174][ T8857]  ? __pfx___ia32_sys_mount+0x10/0x10
[  186.920890][ T8857]  ? rcu_is_watching+0x12/0xc0
[  186.922408][ T8857]  __do_fast_syscall_32+0x7c/0x3a0
[  186.924035][ T8857]  do_fast_syscall_32+0x32/0x80
[  186.925583][ T8857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.927558][ T8857] RIP: 0023:0xf710e579
[  186.928846][ T8857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.934782][ T8857] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  186.937385][ T8857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800003c0
[  186.939848][ T8857] RDX: 0000000080000b80 RSI: 0000000000000000 RDI: 0000000080000500
[  186.942343][ T8857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.944813][ T8857] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  186.947271][ T8857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.949718][ T8857]  </TASK>
[  186.951320][ T8857] Kernel Offset: disabled
[  186.952657][ T8857] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:03:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000050 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85584895 RDI=ffffffff9b0ac980 RBP=ffffffff9b0ac940 RSP=ffffc90006d17230
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000050 R14=ffffffff9b0ac940 R15=ffffffff85584830
RIP=ffffffff855848bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097520000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080004200 CR3=000000006e38a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000041c62d RBX=0000000000000001 RCX=ffffffff8b847c69 RDX=0000000000000000
RSI=ffffffff8de2c794 RDI=ffffffff8c157960 RBP=ffffed1003bdb488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666645 R10=ffff88802b33322b R11=0000000000000001
R12=0000000000000001 R13=ffff88801deda440 R14=ffffffff90a9a150 R15=0000000000000000
RIP=ffffffff8b8467cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097620000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f89bd1a9e9c CR3=0000000057903000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c06d743cbebc8fba ab784424b7049eec
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a28826f3ca0c39c8 bdf816604d975a1f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 49231fe06f507b5a 76e725057a34536c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 12d3b6221450e4e2 67a1ef70b72b304d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000009880
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 de45e00076fdde00 0000722f86575400
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8001000080010000 18fc470095051000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000722f80010000 1fdf22000000722e
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8001000000007231 0000722f80010000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bb47b302dca10fba 889498743bacf8a5
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f7063af18cd4a76 cb8ff54a1f769d99
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000031fa8df4 RBX=ffffffff93d63080 RCX=0000000000000002 RDX=0000000000000072
RSI=ffffffff815fdd7b RDI=ffffffff93d63080 RBP=ffffe8ffac2898c8 RSP=ffffc9000470f238
R8 =e5dff3a5b645d0da R9 =0000000000000001 R10=0000000000000000 R11=0000000000000001
R12=0000000000000004 R13=ffffe8ffac2898c0 R14=0000000000000002 R15=dffffc0000000000
RIP=ffffffff8b84680a RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097720000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c39dc09 CR3=000000006fef7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff88802b43a400 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000002 RDI=ffff88802b43a402 RBP=dffffc0000000000 RSP=ffffc900069f7680
R8 =0000000000000001 R9 =ffff88802b53b394 R10=ffff88802b43a403 R11=0000000000000001
R12=0000000000007ec6 R13=0000000000000000 R14=ffff88802b53b380 R15=ffffed1005687480
RIP=ffffffff8b872dbd RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097820000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080006000 CR3=000000006fef7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bb47b302dca10fba 889498743bacf8a5
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f7063af18cd4a76 cb8ff54a1f769d99
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 31f01c36b13fb3fe 1b20f36a714e9bdd
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e1f4c0c65fa0d747 7449702871cbb853
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000009840
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1808ca0000000000 24a5140001623d00
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 800100000000722e 0000722e0000722e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000722e7d1d9e00 1e7fc4000000722e
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a58c3e00c0ab6c00 0000000080010000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 02524ffd8480697f 8885d73439d47d9e
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0aa19a4b896e8539 ef3e2ec3c1c2cd52
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000