last executing test programs:

19.221130594s ago: executing program 2 (id=1663):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000b80), 0x41, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x111000, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x4004743a, &(0x7f0000000300))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
r6 = dup(r5)
ioctl$PPPIOCCONNECT(r6, 0x40047435, &(0x7f00000002c0)=0x2)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000080000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r8)
sendmsg$NFC_CMD_GET_TARGET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r9, 0x1}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r8)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r8)
sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e04023c20"], 0x7)
r10 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x101200)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r10, 0x40044103, &(0x7f0000000040)=0xffffffff)

18.941463824s ago: executing program 2 (id=1665):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = getpid()
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001640)=@generic={&(0x7f0000001600)='./file0\x00'}, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000001680)=ANY=[@ANYBLOB="107438b06f13fe9214f8d72de167a03166a964b0be3ddf8c99431bd7fdeded027d99ecad6c081e7e764b51bcde945a6edec5d5bb93aeb63d44b9c58814861bb952e4a27ac365682c40d318feb9c29f039e2be3afdd2a29eb059e2604635882bd1765c6acf5a9d09409f5ae2e50a49cc1ddb522e2454bfdbbf51066be6b2ad15cc2b06c15802d6ff8b283eb373e1520b29e4ad414afe99d8e343d86f7dfcdb53ed01fb5429dda478568ceae1fa527b2b1ee19846f0f9ff011247f722f3f6a226753182895138720fd49bd5646beebbec021242e4c1c512b9912ae071b5b2555c81faed91a435677e35ab513ea403e", @ANYBLOB="ee32c22f724b51deb1efedcc77df09cde3d9e0e265811e8ac55c6ea61964aadd89184b09fbef9dea33e8ad1c78a95df79102a21b4e5a901ccae296e737e12c81dee4c32dc1673b54d503e34a206fbdc7d2595c2d75157b390af9d5fd0e93eae55e4c472cc7a77f9dfb2f876d53a3fc2c73a1f594c95b7b26abe885c8a25e8dbbbe4f04388ae42387a10533923b9b622530b320bc129c5a9506", @ANYRESOCT, @ANYRESDEC, @ANYRESDEC=r0, @ANYRES64=r1], &(0x7f0000001480)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000500)='tlb_flush\x00', r3}, 0x10)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000100), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000008000"/18], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145}, 0x80)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$RTC_IRQP_SET(r4, 0x4008700c, 0x5a4)
syz_emit_vhci(&(0x7f00000014c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x2a}, @l2cap_cid_signaling={{0x26}, [@l2cap_info_rsp={{0xb, 0xe0, 0x4}, {0x80, 0xe}}, @l2cap_disconn_req={{0x6, 0x8, 0x4}, {0x7f, 0x61}}, @l2cap_move_chan_cfm={{0x10, 0x3, 0x4}, {0x3, 0x3}}, @l2cap_info_req={{0xa, 0xa, 0x2}, {0x1000}}, @l2cap_move_chan_rsp={{0xf, 0x5, 0x4}, {0x4, 0x9}}]}}, 0x2f)
socket$netlink(0x10, 0x3, 0x8000000004)
writev(0xffffffffffffffff, &(0x7f0000001540), 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
fsetxattr$security_capability(r5, &(0x7f0000000000), &(0x7f0000000100)=@v3={0x3000000, [], 0xffffffffffffffff}, 0x18, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r6, &(0x7f0000001880)=[{}], 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000006c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000380)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x8}, @ioring_restriction_sqe_flags_allowed={0x2, 0x12}], 0x2)
clock_gettime(0x0, &(0x7f0000001540)={<r9=>0x0, <r10=>0x0})
futex(&(0x7f0000001500)=0x1, 0x7, 0x2, &(0x7f0000001580)={r9, r10+10000000}, &(0x7f00000015c0)=0x1, 0x2)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0x100, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x9}}]}, 0x2c}}, 0x0)

18.274505384s ago: executing program 2 (id=1672):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x500, 0x0, 0x1c4, 0x1c4, 0x1c4, 0x318, 0x50c, 0x50c, 0x50c, 0x50c, 0x50c, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [], 'macvlan1\x00', 'erspan0\x00'}, 0x0, 0xc8, 0xec, 0x0, {0x7a00000000000000}, [@inet=@rpfilter={{0x24}}]}, @HL={0x24}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0xa4, 0xd8}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {}, 0xf3dd}}}, {{@ipv6={@mcast1, @remote, [], [], '\x00', 'dummy0\x00'}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xa4, 0xe4}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x55c)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000006c0)={0x73622a85, 0x1080})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000680)=[@increfs_done], 0x0, 0x0, 0x0})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xff, 0x7fff0010}]})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r3, 0x40082102, &(0x7f0000000080))
r4 = openat$hpet(0xffffff9c, &(0x7f00000009c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000c00)=[{&(0x7f0000000a00)=""/152, 0x98}], 0x1, 0xc096, 0x2)
r5 = dup3(r2, r1, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r7 = openat2$dir(0xffffff9c, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x8000, 0x10, 0x24}, 0x18)
readv(r7, &(0x7f00000008c0)=[{&(0x7f00000007c0)=""/137, 0x89}, {&(0x7f0000000880)=""/21, 0x15}, {&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f0000000ac0)=""/182, 0xb6}, {&(0x7f0000000b80)=""/91, 0x5b}, {&(0x7f0000001c40)=""/201, 0xc9}], 0x6)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000700)='westwood\x00', 0x9)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x3b}, @ptr={0x70742a85, 0x0, &(0x7f0000000900)=""/206, 0xce}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x11}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000020000082505a1a44000010203110902a0d9dbbf2e3332e3b49e259e46796701d055cf57a3cd69740eb310db641db1da9db976d19a151e07af222d6694a4fbaf920bb6aa6618111279ff0a9ccec60d03467b76e2c9000000"], 0x0)
ioctl$EVIOCRMFF(r0, 0x40085507, 0x0)

15.181870882s ago: executing program 2 (id=1691):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
socket$rds(0x15, 0x5, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0xc0185879, &(0x7f0000000240)={@desc={0x1, 0x13, @desc1}})
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000400)="3f4e55f1", 0x4)
sendto$unix(r2, &(0x7f0000000080), 0xffffff9d, 0x0, 0x0, 0x0)
socket$kcm(0x2, 0x3, 0x84)
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x149800, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x989680}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000480))
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0)
sendmsg$IPVS_CMD_GET_SERVICE(r7, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0x88, r8, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x17}}]}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0xb}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xc0}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x11}, 0x44095)

14.272934127s ago: executing program 2 (id=1700):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x1fff, 0x0)
r0 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0), 0x8, 0x0)
r1 = io_uring_setup(0x3e76, &(0x7f0000000000))
creat(&(0x7f0000000000)='./file0\x00', 0x0)
dup2(r0, r1)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r2 = io_uring_setup(0xfc6, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x382})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r3, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0x4008af12, &(0x7f0000000080)={0x1, 0x7b})
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x1, r6})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0xde)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

12.008078281s ago: executing program 2 (id=1713):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'geneve0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r1, 0x22a0f}}, 0x20}}, 0x0)

4.291677135s ago: executing program 3 (id=1751):
read$FUSE(0xffffffffffffffff, &(0x7f00000020c0)={0x2020}, 0x2020)

4.290082247s ago: executing program 3 (id=1752):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xec0, 0x30, 0xb, 0x0, 0x0, {}, [{0xeac, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe60, 0x2, 0x0, 0x0, {{0xa}, {0xe34, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1}, [{}, {}, {0x0, 0x0, 0x0, 0x2000}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x10000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {}, {0x0, 0x1000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, {0x0, 0x0, 0x0, 0x8d}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x400}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x400000}, {0x0, 0x0, 0x0, 0x7e15}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x0, 0x3}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x10, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec0}}, 0x4000)
r1 = getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r3, 0x80045104, &(0x7f0000000040))
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r5=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r5, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
mkdirat$cgroup_root(0xffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mountinfo\x00')
ppoll(&(0x7f0000000280)=[{r7}], 0x1, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81e8943c, &(0x7f0000000480)={0x0, ""/256, <r8=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP(r3, 0xd0009412, &(0x7f0000000680)={r8, 0x4})
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
openat$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', 0x181000, 0x10c)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r9)

3.499075473s ago: executing program 0 (id=1754):
socket(0x10, 0x3, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r3, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000002280)={'syzkaller0\x00', @local}) (fail_nth: 9)

3.2414451s ago: executing program 3 (id=1755):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="7beafa0c08ec1b46058b4026f2dff6928bb44c21548a03ee56c32edc62ae082f72e552c716ef04624aa83c563d4b25f0cc83b47edd87908f515e7fe72b70d179dc4727161ca5db0980199b69ff5236d69f5fc7c46971f53fb3a1512aeadafca606ad1a71a1b1656329a55ea7826abb2ce40c00a9d065e57530ed18b57f1fe3dc63b3012ae9e0d80580c7979844ffaf36ab6fbbd65bfdcc2cecba8672c7389dac835101a10e21626bdad2ef62a977f2cef1c48759c9d5b79d9f71a3a8bcbb0d3e87960d5e7058b107bd592a4492b25568f97df28d5b3998375e279d9087f39c7f48ed0f14bb3b6c09b96acaa61404459ba8c67d"], 0x10}, 0x1, 0x0, 0x0, 0x4040}, 0x20000841)

3.00585297s ago: executing program 3 (id=1756):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r1)

2.99380931s ago: executing program 0 (id=1757):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0) (fail_nth: 9)

2.993104917s ago: executing program 3 (id=1758):
r0 = socket$kcm(0x10, 0x3, 0x10)
syz_emit_vhci(0x0, 0x22)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000a00))
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000380)={"84db8cb4", 0x0, 0x0, 0x0, 0x0, 0x0, "0022aed9ae659d4d95fd3d1fa09814", "aadb641b", "29b9c72a", "5439cfe3", ["f56f1a42e3d0ab344d8bc6cc", "22147745eb9df6cf6a880d29", "9ad3eb5918df0f52938453c9", "ac562047f08f7537b6597721"]})
write$binfmt_script(r1, &(0x7f0000000780), 0x208e24b)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
eventfd(0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', 0x0})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
lseek(r0, 0x4, 0x0)
r4 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x4, 0x0, 0x0)
write(r4, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b859322", 0x3b)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f00000001c0), 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYRES32=r3], 0x101)
socket$inet6(0xa, 0x6, 0x0)
ioctl$TUNGETVNETBE(r3, 0x800454df, &(0x7f00000000c0)=0x1)
socket$inet_dccp(0x2, 0x6, 0x0)
r6 = socket(0x1, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x33}})

2.992088451s ago: executing program 0 (id=1759):
openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = userfaultfd(0x80800)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r3, &(0x7f0000005b80)=[{{&(0x7f00000030c0)={0xa, 0x4e23, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000003700)=[@hopopts={{0x14}}], 0x14}}], 0x1, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x3000002, 0x11, r2, 0x0)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x3000, 0x0, 0x2})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000200), 0x48)
ppoll(&(0x7f0000000000)=[{}], 0x77, 0x0, 0x0, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x8)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sync()

2.770672539s ago: executing program 1 (id=1762):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000b80), 0x41, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x111000, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r4, 0x4004743a, &(0x7f0000000300))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
r6 = dup(r5)
ioctl$PPPIOCCONNECT(r6, 0x40047435, &(0x7f00000002c0)=0x2)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000080000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r8}, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r9)
sendmsg$NFC_CMD_GET_TARGET(r9, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r9)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r9)
sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e04023c20"], 0x7)
r10 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x101200)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r10, 0x40044103, &(0x7f0000000040)=0xffffffff)

2.010455859s ago: executing program 0 (id=1763):
mount(&(0x7f0000000080)=@sg0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='ocfs2\x00', 0x2188000, &(0x7f0000000240)='%&@\x00')
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x3e, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="500000000001000000000000e0fff7ffffffffff180001801400000008000100ac1414bb08000200ac0314bb24000280140001"], 0x50}}, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="d824000028000100020000080000000003"], 0x24d8}], 0x1}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = getpid()
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec85"], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000002c0)="6f59bb69296212101db2d25d7d1550eabd8017f1dcae8582eee7d0417821deba372ff17566312ebdfed0dee4fcaabfcd0f157495460a5f6fcd15448f9fc823", 0x3f}], 0x1}}], 0x1, 0x0)
getsockopt$bt_hci(r1, 0x0, 0x1, &(0x7f00000004c0)=""/132, &(0x7f0000000340)=0x84)
add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f00000001c0)="f4807c8dd029ff9d4387d3882e09202200c53262d691a4fea7243e671ad60a7d224d72542067d3525b4209a48b866d1c9ec52c3396040a663b7311e524b221a32e558d003b4ba31d7a464084bac79a14a0fbde697ae7ddbde12d1b52d77d5a638057f1f1e39e067f54748f71e3f940bd4ed593267eddb1598cf1ae4cb537cbe57637058aff4e6c7f35ad72c10600e822e0b1739d5a26b1f77ebb43286048d2361df2c1a8e0abf77744597d039041f9a155976600", 0xfffff, 0xffffffffffffffff)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0xa, 0x88be}, @void, @eth={@multicast, @remote, @val={@val={0x88a8, 0x6, 0x0, 0x1}, {0x6558, 0x5, 0x0, 0x21}}, {@ipv4={0x800, @generic={{0x11, 0x4, 0x0, 0x3d, 0x44, 0x68, 0x0, 0x7, 0x88, 0x0, @multicast2, @local, {[@end, @end, @lsrr={0x83, 0x2b, 0x2b, [@multicast2, @dev={0xac, 0x14, 0x14, 0x3c}, @multicast2, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @private=0xa010102, @remote, @rand_addr=0x64010102, @loopback]}]}}}}}}}, 0x5e)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x50}, 0x0)

2.010173146s ago: executing program 1 (id=1764):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x4, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000000004000000318a285845e71040b55ff64f4ebf0000000000950000fffffff900"], 0x0}, 0x90)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = io_uring_setup(0x1155, &(0x7f0000004740)={0x0, 0x0, 0x4})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
io_uring_register$IORING_REGISTER_RING_FDS(r2, 0x14, 0x0, 0x0)
read(r4, 0x0, 0x2)
pwrite64(r4, &(0x7f0000000340)="5da1", 0x4, 0x0)
readv(r4, &(0x7f00000002c0)=[{&(0x7f0000000000)=""/22, 0x16}, {&(0x7f00000001c0)=""/219, 0xdb}], 0x2)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB="70010000100033060000000000000000ffffffff000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000a0000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0020000000000000000000ac1e00010000000000000000000000001c0004000000000000000000fe8000000000000000000000000000bbe18128e44032de352f0f1a6c8eee792cb2d296e87dd0c50f3446acd83922fbe114144ae6651a50410c4773e3701e05df529dddd97d42282092f78538c5cf3aec6c9b73c5eb64636b2ce1c777232e7e2e6c4a2d535265feb96fd69f0c87182d5d288035992ba8765a7abddb52dcdf6c918fa82c3ef6c77177d718e9a0a017f98d062c"], 0x170}}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r2, 0x2, 0x0, 0x0)
ioctl$int_out(r2, 0x5460, &(0x7f0000000040))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x8000, 0x0)
mkdirat(r5, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r5, 0x0, r5, &(0x7f0000000200)='./bus/file0\x00', 0x0)
unlinkat(r5, &(0x7f00000002c0)='./bus\x00', 0x200)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r5, 0x84, 0x1c, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
sendmmsg$inet(r1, &(0x7f0000002880)=[{{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000a00)="a2", 0x1}], 0x1}}], 0x1, 0x8041)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1}}], 0x1, 0x40000121, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x20)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x60, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_KEYS={0x2c, 0x51, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "0300000000000000936d93b747"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}]}]}, @NL80211_ATTR_HIDDEN_SSID={0xa, 0x7e, @default_ap_ssid}, @NL80211_ATTR_FREQ_FIXED={0x4}]}, 0x60}}, 0x0)

1.941442208s ago: executing program 3 (id=1766):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r2=>0x0})
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x0)
ioctl$BLKPG(r3, 0x1269, &(0x7f00000002c0)={0x1, 0x0, 0x98, &(0x7f0000000380)={0xab98, 0x400000000000000, 0x200f}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001280)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r1, @ANYBLOB="39007adacb9cb63f3c1e9d97ce6b6c63f2521adfc9e3e8d944f3a38d53adcb34113acc749e2ecf9e880dfc986f5ade267030629ae0fbc2eae381ecd80cb4851d4b60f386c8053c04d73a51a9c9bf11430f905a9c1366e3055b861e6f7aaf1590c668688fed232b9b32cff524266e7d87e0b6f886c122880bb9b693cb7fab47241e89c500fff01bd183f467e24f0e19fbd5e4e4bf0f89fe10676f71b3f27ebc59574eb8a1c8fa6ad1c490b68955436ea86f75a39a054b9421aea8261d3d3c7613ec71c0df20f94d5cdd26bb2ad3f9ba20cdd7aac5c87fa9e7cfe9c759d4a5542ff473b6a5beb53d759eaa5f281af06b4aa7188fb4"], 0x5c}}, 0x0)
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000001540)={&(0x7f0000001480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001500)={&(0x7f00000014c0)={0x3c, r4, 0x800, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x6, 0x7e}}}}, [@NL80211_ATTR_KEY_SEQ={0x11, 0xa, "c2f086ebf116548e672b7be672"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44185307690a90a4}, 0x40010)
r5 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$NL80211_CMD_DEL_PMK(r1, &(0x7f0000001440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001400)={&(0x7f00000013c0)={0x20, r4, 0x8, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x8100}, 0x81)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3e, 0x0)
sendmsg$rds(r6, &(0x7f0000001240)={&(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000001200)=[{&(0x7f00000000c0)=""/25, 0x19}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000140)=""/20, 0x14}], 0x3, 0x0, 0x0, 0x40000}, 0x40000)

1.217971883s ago: executing program 0 (id=1767):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r1)

1.130947449s ago: executing program 0 (id=1768):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a0000080480020009"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$binfmt_aout(r1, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sysfs$2(0x2, 0x0, &(0x7f0000000840)=""/74)
ppoll(&(0x7f00000013c0)=[{r1}], 0x1, 0x0, 0x0, 0x0)
syz_usb_disconnect(r0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4048aecb, &(0x7f0000000100))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x48)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x0, 0x13, r6, 0x0)

901.597842ms ago: executing program 1 (id=1769):
read$FUSE(0xffffffffffffffff, &(0x7f00000020c0)={0x2020}, 0x2020)

901.227667ms ago: executing program 1 (id=1770):
r0 = socket$kcm(0x10, 0x3, 0x10)
syz_emit_vhci(0x0, 0x22)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000a00))
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000380)={"84db8cb4", 0x0, 0x0, 0x0, 0x0, 0x0, "0022aed9ae659d4d95fd3d1fa09814", "aadb641b", "29b9c72a", "5439cfe3", ["f56f1a42e3d0ab344d8bc6cc", "22147745eb9df6cf6a880d29", "9ad3eb5918df0f52938453c9", "ac562047f08f7537b6597721"]})
write$binfmt_script(r1, &(0x7f0000000780), 0x208e24b)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', 0x0})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
lseek(r0, 0x4, 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b859322", 0x3b)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f00000001c0), 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYRES32=r3], 0x101)
socket$inet6(0xa, 0x6, 0x0)
ioctl$TUNGETVNETBE(r3, 0x800454df, &(0x7f00000000c0)=0x1)
socket$inet_dccp(0x2, 0x6, 0x0)
r6 = socket(0x1, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x33, 0x3f}})

1.555341ms ago: executing program 1 (id=1771):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000340)={'wpan1\x00', <r2=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32=r2, @ANYBLOB="ed5bdae60b7c08f4a38bacd552c25556bc3b5c82a20062e9894a4c3e29ae9e336f5192ab711baf906f75652bf17dd460b0092a38dd8a318bfefe9bfa3e33ebeb4a47ce39f8d606af345e3e1a967db2506f6354293906f65d43cf2bc2b9355102000000550056500b99065dc911cd7f35080b0de61c198062bb9c5af12fc99b92b2097a048015d6bedee97ce801e86c94"], 0x40}, 0x4, 0x700000000000000, 0x0, 0x4000050}, 0x0)

0s ago: executing program 1 (id=1772):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x324)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_RETRIES(r3, 0x701, 0xffffffff)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000})
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$UFFDIO_CONTINUE(r5, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x2000}, &(0x7f0000000080), &(0x7f0000000140))
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
syz_open_procfs$userns(0x0, &(0x7f00000002c0))

kernel console output (not intermixed with test programs):

ed: 32
[  445.896212][   T57] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  445.900423][   T57] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  445.905108][   T57] usb 6-1: config index 4 descriptor too short (expected 55712, got 92)
[  445.908381][   T57] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  445.911810][   T57] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  445.916050][   T57] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  445.921086][   T57] usb 6-1: config index 5 descriptor too short (expected 55712, got 92)
[  445.925098][   T57] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  445.929172][   T57] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  445.933534][   T57] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  445.938695][   T57] usb 6-1: config index 6 descriptor too short (expected 55712, got 92)
[  445.942383][   T57] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  445.945824][   T57] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  445.949720][   T57] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  445.967475][   T57] usb 6-1: config index 7 descriptor too short (expected 55712, got 92)
[  445.970715][   T57] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  445.974666][   T57] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  445.979017][   T57] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  446.639917][T11160] random: crng reseeded on system resumption
[  446.856939][ T5358] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  446.857026][ T5358] CPU: 2 UID: 0 PID: 5358 Comm: kworker/u33:3 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  446.857045][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  446.857055][ T5358] Workqueue: hci4 hci_rx_work
[  446.857080][ T5358] Call Trace:
[  446.857086][ T5358]  <TASK>
[  446.857093][ T5358]  dump_stack_lvl+0x16c/0x1f0
[  446.857118][ T5358]  sysfs_warn_dup+0x7f/0xa0
[  446.857140][ T5358]  sysfs_create_dir_ns+0x24d/0x2b0
[  446.857161][ T5358]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  446.857179][ T5358]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  446.857204][ T5358]  ? do_raw_spin_unlock+0x172/0x230
[  446.857226][ T5358]  kobject_add_internal+0x2c8/0x990
[  446.857245][ T5358]  kobject_add+0x16f/0x240
[  446.857261][ T5358]  ? __pfx_kobject_add+0x10/0x10
[  446.857278][ T5358]  ? do_raw_spin_unlock+0x172/0x230
[  446.857299][ T5358]  ? kobject_put+0xab/0x5a0
[  446.857319][ T5358]  device_add+0x289/0x1a70
[  446.857336][ T5358]  ? __pfx_dev_set_name+0x10/0x10
[  446.857355][ T5358]  ? __pfx_device_add+0x10/0x10
[  446.857372][ T5358]  ? mgmt_send_event_skb+0x2f2/0x460
[  446.857396][ T5358]  hci_conn_add_sysfs+0x17e/0x230
[  446.857416][ T5358]  le_conn_complete_evt+0xfc7/0x1cf0
[  446.857438][ T5358]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  446.857455][ T5358]  ? trace_contention_end+0xea/0x140
[  446.857481][ T5358]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  446.857499][ T5358]  ? skb_pull_data+0x166/0x210
[  446.857518][ T5358]  hci_le_meta_evt+0x2e2/0x5d0
[  446.857543][ T5358]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  446.857566][ T5358]  hci_event_packet+0x666/0x1190
[  446.857585][ T5358]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  446.857606][ T5358]  ? __pfx_hci_event_packet+0x10/0x10
[  446.857622][ T5358]  ? mark_held_locks+0x9f/0xe0
[  446.857641][ T5358]  ? kcov_remote_start+0x3cf/0x6e0
[  446.857660][ T5358]  ? lockdep_hardirqs_on+0x7c/0x110
[  446.857682][ T5358]  hci_rx_work+0x2c6/0x1610
[  446.857708][ T5358]  process_one_work+0x958/0x1ad0
[  446.857734][ T5358]  ? __pfx_lock_acquire+0x10/0x10
[  446.857752][ T5358]  ? __pfx_process_one_work+0x10/0x10
[  446.857777][ T5358]  ? assign_work+0x1a0/0x250
[  446.857798][ T5358]  worker_thread+0x6c8/0xed0
[  446.857847][ T5358]  ? __pfx_worker_thread+0x10/0x10
[  446.857870][ T5358]  kthread+0x2c1/0x3a0
[  446.857921][ T5358]  ? _raw_spin_unlock_irq+0x23/0x50
[  446.857940][ T5358]  ? __pfx_kthread+0x10/0x10
[  446.857957][ T5358]  ret_from_fork+0x45/0x80
[  446.857979][ T5358]  ? __pfx_kthread+0x10/0x10
[  446.857993][ T5358]  ret_from_fork_asm+0x1a/0x30
[  446.858023][ T5358]  </TASK>
[  446.858086][ T5358] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  446.858115][ T5358] Bluetooth: hci4: failed to register connection device
[  446.917194][ T5358] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  447.299348][T11181] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  447.396983][   T39] kauditd_printk_skb: 13 callbacks suppressed
[  447.397000][   T39] audit: type=1326 audit(1725009360.588:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.412137][   T39] audit: type=1326 audit(1725009360.588:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.442022][   T39] audit: type=1326 audit(1725009360.588:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.451677][   T39] audit: type=1326 audit(1725009360.588:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.467311][   T39] audit: type=1326 audit(1725009360.588:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.476814][   T39] audit: type=1326 audit(1725009360.588:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.487696][   T39] audit: type=1326 audit(1725009360.588:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11178 comm="syz.2.1506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  447.841996][T11191] fuse: Unknown parameter '0x0000000000000005'
[  448.062228][   T57] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  448.066943][   T57] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.081740][   T57] usb 6-1: can't set config #191, error -71
[  448.085210][   T57] usb 6-1: USB disconnect, device number 40
[  448.107091][T11197] random: crng reseeded on system resumption
[  448.341610][T11200] ALSA: seq fatal error: cannot create timer (-16)
[  448.508888][T11211] overlayfs: missing 'lowerdir'
[  448.656135][ T5415] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  448.857185][ T5415] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  448.860973][ T5415] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  448.865467][ T5415] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  448.869405][ T5415] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  448.879144][ T5415] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  448.883116][ T5415] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  448.889153][ T5415] usb 7-1: Product: syz
[  448.890773][ T5415] usb 7-1: Manufacturer: syz
[  448.896945][ T5415] cdc_wdm 7-1:1.0: skipping garbage
[  448.899227][ T5415] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  448.927523][ T5358] Bluetooth: hci4: command tx timeout
[  448.964766][   T39] audit: type=1326 audit(1725009362.158:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1518" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  448.974463][   T39] audit: type=1326 audit(1725009362.158:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1518" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  448.987193][   T39] audit: type=1326 audit(1725009362.168:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1518" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf740e579 code=0x7ffc0000
[  449.162273][   T57] usb 7-1: USB disconnect, device number 40
[  449.182192][   T10] usb 8-1: new low-speed USB device number 31 using dummy_hcd
[  449.371240][   T10] usb 8-1: too many configurations: 17, using maximum allowed: 8
[  449.376180][   T10] usb 8-1: config index 0 descriptor too short (expected 55712, got 92)
[  449.379252][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.382906][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.387221][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.392333][   T10] usb 8-1: config index 1 descriptor too short (expected 55712, got 92)
[  449.395722][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.399302][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.404656][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.413008][   T10] usb 8-1: config index 2 descriptor too short (expected 55712, got 92)
[  449.416736][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.419750][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.425276][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.439281][   T10] usb 8-1: config index 3 descriptor too short (expected 55712, got 92)
[  449.444105][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.447888][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.452807][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.466729][   T10] usb 8-1: config index 4 descriptor too short (expected 55712, got 92)
[  449.470085][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.474838][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.479728][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.498614][   T10] usb 8-1: config index 5 descriptor too short (expected 55712, got 92)
[  449.501798][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.505427][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.509930][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.533730][   T10] usb 8-1: config index 6 descriptor too short (expected 55712, got 92)
[  449.536674][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.540116][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.547367][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.556916][   T10] usb 8-1: config index 7 descriptor too short (expected 55712, got 92)
[  449.569004][   T10] usb 8-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  449.577097][   T10] usb 8-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  449.589124][   T10] usb 8-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  449.687277][T11236] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  450.036770][T11241] random: crng reseeded on system resumption
[  450.304558][ T1168] IPVS: starting estimator thread 0...
[  450.392404][T11248] IPVS: using max 17 ests per chain, 40800 per kthread
[  450.722604][ T1168] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  450.915356][ T1168] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  450.919024][ T1168] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  450.924269][ T1168] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  450.928142][ T1168] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.936112][ T1168] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.944612][ T1168] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  450.948484][ T1168] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  450.951876][ T1168] usb 6-1: Product: syz
[  450.955919][ T1168] usb 6-1: Manufacturer: syz
[  450.961488][ T1168] cdc_wdm 6-1:1.0: skipping garbage
[  450.964033][ T1168] cdc_wdm 6-1:1.0: skipping garbage
[  450.967325][ T1168] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  450.969797][ T1168] cdc_wdm 6-1:1.0: Unknown control protocol
[  451.175965][T11257] cdc_wdm 6-1:1.0: Error submitting int urb - -90
[  451.184075][   T57] usb 6-1: USB disconnect, device number 41
[  451.509376][T11270] FAULT_INJECTION: forcing a failure.
[  451.509376][T11270] name failslab, interval 1, probability 0, space 0, times 0
[  451.516385][T11270] CPU: 1 UID: 0 PID: 11270 Comm: syz.0.1528 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  451.520839][T11270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.524877][T11270] Call Trace:
[  451.526161][T11270]  <TASK>
[  451.527304][T11270]  dump_stack_lvl+0x16c/0x1f0
[  451.529149][T11270]  should_fail_ex+0x497/0x5b0
[  451.530951][T11270]  ? fs_reclaim_acquire+0xae/0x160
[  451.532878][T11270]  should_failslab+0xc2/0x120
[  451.534606][T11270]  __kmalloc_cache_noprof+0x6b/0x310
[  451.536625][T11270]  ? sctp_association_new+0x97/0x28b0
[  451.538454][T11270]  ? sctp_add_bind_addr+0x2c3/0x3e0
[  451.540257][T11270]  sctp_association_new+0x97/0x28b0
[  451.542038][T11270]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  451.544333][T11270]  sctp_connect_new_asoc+0x1b7/0x790
[  451.546371][T11270]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  451.548740][T11270]  ? mark_held_locks+0x9f/0xe0
[  451.550782][T11270]  ? sctp_sendmsg+0x112f/0x1f10
[  451.552894][T11270]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  451.554940][T11270]  sctp_sendmsg+0x162a/0x1f10
[  451.556643][T11270]  ? __pfx___lock_acquire+0x10/0x10
[  451.558767][T11270]  ? __pfx_sctp_sendmsg+0x10/0x10
[  451.560895][T11270]  ? __pfx___might_resched+0x10/0x10
[  451.562646][T11270]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  451.564691][T11270]  ? __pfx_aa_sk_perm+0x10/0x10
[  451.566546][T11270]  ? __import_iovec+0x1fd/0x6e0
[  451.568194][T11270]  ? __pfx_sctp_sendmsg+0x10/0x10
[  451.569703][T11270]  inet_sendmsg+0x119/0x140
[  451.571369][T11270]  ____sys_sendmsg+0x90d/0xb50
[  451.573183][T11270]  ? __pfx_____sys_sendmsg+0x10/0x10
[  451.575157][T11270]  ? get_compat_msghdr+0x11b/0x170
[  451.577052][T11270]  ? __pfx___lock_acquire+0x10/0x10
[  451.578902][T11270]  ___sys_sendmsg+0x135/0x1e0
[  451.580727][T11270]  ? __pfx____sys_sendmsg+0x10/0x10
[  451.582847][T11270]  ? __pfx_lock_release+0x10/0x10
[  451.584925][T11270]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  451.587328][T11270]  ? __fget_light+0x173/0x210
[  451.589319][T11270]  __sys_sendmmsg+0x2a5/0x450
[  451.591274][T11270]  ? __pfx___sys_sendmmsg+0x10/0x10
[  451.593696][T11270]  ? vfs_write+0x14d/0x1140
[  451.595549][T11270]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  451.597992][T11270]  ? fput+0x32/0x390
[  451.599646][T11270]  ? ksys_write+0x1ab/0x260
[  451.601071][T11270]  ? __pfx_ksys_write+0x10/0x10
[  451.602981][T11270]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  451.605331][T11270]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  451.608052][T11270]  __do_fast_syscall_32+0x73/0x120
[  451.610171][T11270]  do_fast_syscall_32+0x32/0x80
[  451.611963][T11270]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  451.614591][T11270] RIP: 0023:0xf740e579
[  451.616123][T11270] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  451.623796][T11270] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  451.627256][T11270] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  451.630408][T11270] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  451.633883][T11270] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  451.637514][T11270] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  451.640699][T11270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  451.644011][T11270]  </TASK>
[  451.661627][   T10] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  451.669321][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.675082][   T10] usb 8-1: can't set config #191, error -71
[  451.678725][   T10] usb 8-1: USB disconnect, device number 31
[  451.738097][T11275] random: crng reseeded on system resumption
[  451.747966][T11276] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1531'.
[  451.762110][T11276] Κό: entered promiscuous mode
[  451.919942][T11289] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  452.202185][   T57] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  452.342284][  T833] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  452.414318][   T57] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  452.419073][   T57] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  452.423973][   T57] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  452.428138][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.433667][T11294] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  452.439144][   T57] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  452.542345][  T833] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  452.546044][  T833] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  452.550370][  T833] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  452.555303][  T833] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  452.563868][  T833] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  452.567465][  T833] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  452.570776][  T833] usb 7-1: Product: syz
[  452.572907][  T833] usb 7-1: Manufacturer: syz
[  452.578809][  T833] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  452.649707][T11294] FAULT_INJECTION: forcing a failure.
[  452.649707][T11294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  452.656180][T11294] CPU: 0 UID: 0 PID: 11294 Comm: syz.3.1537 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  452.660806][T11294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  452.665483][T11294] Call Trace:
[  452.666922][T11294]  <TASK>
[  452.668193][T11294]  dump_stack_lvl+0x16c/0x1f0
[  452.670169][T11294]  should_fail_ex+0x497/0x5b0
[  452.672234][T11294]  strncpy_from_user+0x38/0x320
[  452.674451][T11294]  getname_flags.part.0+0x8f/0x550
[  452.676722][T11294]  getname+0x8d/0xe0
[  452.678471][T11294]  do_sys_openat2+0x104/0x1e0
[  452.680532][T11294]  ? __pfx_do_sys_openat2+0x10/0x10
[  452.682703][T11294]  __ia32_compat_sys_open+0x147/0x1e0
[  452.684957][T11294]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  452.687436][T11294]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  452.690249][T11294]  __do_fast_syscall_32+0x73/0x120
[  452.692520][T11294]  do_fast_syscall_32+0x32/0x80
[  452.694668][T11294]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.697461][T11294] RIP: 0023:0xf73ee579
[  452.699256][T11294] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  452.706817][T11294] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  452.710284][T11294] RAX: ffffffffffffffda RBX: 0000000020000780 RCX: 000000000014117e
[  452.713563][T11294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  452.716516][T11294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  452.719141][T11294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  452.721806][T11294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  452.724851][T11294]  </TASK>
[  452.732933][  T833] usb 8-1: USB disconnect, device number 32
[  452.839736][ T5399] usb 7-1: USB disconnect, device number 41
[  452.922046][   T10] usb 6-1: new low-speed USB device number 42 using dummy_hcd
[  452.995027][T11323] random: crng reseeded on system resumption
[  453.112731][   T10] usb 6-1: too many configurations: 17, using maximum allowed: 8
[  453.118593][   T10] usb 6-1: config index 0 descriptor too short (expected 55712, got 92)
[  453.121460][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.125000][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.129419][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.135622][   T10] usb 6-1: config index 1 descriptor too short (expected 55712, got 92)
[  453.139111][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.143611][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.147959][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.153128][   T10] usb 6-1: config index 2 descriptor too short (expected 55712, got 92)
[  453.156302][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.159581][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.163665][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.178593][   T10] usb 6-1: config index 3 descriptor too short (expected 55712, got 92)
[  453.182252][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.186272][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.190665][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.196034][   T10] usb 6-1: config index 4 descriptor too short (expected 55712, got 92)
[  453.199694][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.203529][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.207858][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.216954][   T10] usb 6-1: config index 5 descriptor too short (expected 55712, got 92)
[  453.220319][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.223934][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.228201][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.235691][   T10] usb 6-1: config index 6 descriptor too short (expected 55712, got 92)
[  453.239076][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.242819][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.247009][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.252082][   T10] usb 6-1: config index 7 descriptor too short (expected 55712, got 92)
[  453.253744][T11326] ipvlan0: entered allmulticast mode
[  453.255473][   T10] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  453.259177][T11326] veth0_vlan: entered allmulticast mode
[  453.261248][   T10] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  453.268161][   T10] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  453.288011][T11326] ptrace attach of "/syz-executor exec"[9690] was attempted by "/syz-executor exec"[11326]
[  453.320600][T11328] team0: Port device team_slave_1 removed
[  453.340027][T11328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1548'.
[  453.463387][T11335] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  454.503308][T11349] FAULT_INJECTION: forcing a failure.
[  454.503308][T11349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.522033][T11349] CPU: 2 UID: 0 PID: 11349 Comm: syz.3.1553 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  454.526825][T11349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  454.531565][T11349] Call Trace:
[  454.533082][T11349]  <TASK>
[  454.534409][T11349]  dump_stack_lvl+0x16c/0x1f0
[  454.536537][T11349]  should_fail_ex+0x497/0x5b0
[  454.538634][T11349]  _copy_from_user+0x30/0xf0
[  454.540728][T11349]  move_addr_to_kernel+0x68/0x160
[  454.542975][T11349]  __sys_sendto+0x169/0x4e0
[  454.545025][T11349]  ? __pfx___sys_sendto+0x10/0x10
[  454.547265][T11349]  ? __might_fault+0x13b/0x190
[  454.549385][T11349]  ? __pfx_lock_release+0x10/0x10
[  454.551630][T11349]  __do_compat_sys_socketcall+0x5e2/0x700
[  454.554145][T11349]  ? __pfx___do_compat_sys_socketcall+0x10/0x10
[  454.556932][T11349]  ? fput+0x32/0x390
[  454.558715][T11349]  __do_fast_syscall_32+0x73/0x120
[  454.561015][T11349]  do_fast_syscall_32+0x32/0x80
[  454.563187][T11349]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  454.566011][T11349] RIP: 0023:0xf73ee579
[  454.567840][T11349] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  454.576258][T11349] RSP: 002b:00000000f56f5440 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  454.579939][T11349] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f56f5454
[  454.583373][T11349] RDX: 0000000000000000 RSI: 00000000f56f5570 RDI: 00000000f73e0ff4
[  454.586850][T11349] RBP: 00000000f56f5570 R08: 0000000000000000 R09: 0000000000000000
[  454.590305][T11349] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  454.593786][T11349] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  454.597302][T11349]  </TASK>
[  455.320359][T11355] random: crng reseeded on system resumption
[  455.351270][   T10] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  455.355146][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.372891][   T10] usb 6-1: can't set config #191, error -71
[  455.393125][   T10] usb 6-1: USB disconnect, device number 42
[  456.109674][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.114490][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.118084][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.121539][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.127732][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.131975][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.134550][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.137649][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.140349][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.143721][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.147006][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.150221][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.152941][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.156073][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.161551][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.164996][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.171697][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.192058][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.195287][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.198108][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.206182][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.208707][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.211664][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.220263][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.223094][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.225679][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.229905][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.235157][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.238874][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.242408][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.246677][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.251045][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.254025][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.257103][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.260281][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.264106][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.267532][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.271088][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.274455][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.277675][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.281052][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.285979][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.287384][T11375] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  456.289290][ T1168] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  456.307929][ T1168] hid-generic 0000:0000:0000.0009: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  456.313459][T11372] FAULT_INJECTION: forcing a failure.
[  456.313459][T11372] name failslab, interval 1, probability 0, space 0, times 0
[  456.318175][T11372] CPU: 0 UID: 0 PID: 11372 Comm: syz.3.1558 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  456.322344][T11372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.326721][T11372] Call Trace:
[  456.327997][T11372]  <TASK>
[  456.328911][T11372]  dump_stack_lvl+0x16c/0x1f0
[  456.330491][T11372]  should_fail_ex+0x497/0x5b0
[  456.332301][T11372]  ? fs_reclaim_acquire+0xae/0x160
[  456.334411][T11372]  should_failslab+0xc2/0x120
[  456.336428][T11372]  __kmalloc_noprof+0xcb/0x410
[  456.338458][T11372]  kobject_get_path+0xcb/0x230
[  456.340549][T11372]  kobject_uevent_env+0x289/0x1670
[  456.342803][T11372]  ? __pfx_dev_uevent_name+0x10/0x10
[  456.345118][T11372]  ? kobject_put+0xab/0x5a0
[  456.347076][T11372]  device_del+0x623/0x9f0
[  456.348729][T11372]  ? __pfx_enable_work+0x10/0x10
[  456.350551][T11372]  ? __pfx_device_del+0x10/0x10
[  456.352315][T11372]  ? mark_held_locks+0x9f/0xe0
[  456.354293][T11372]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  456.356677][T11372]  hid_destroy_device+0xe5/0x150
[  456.358977][T11372]  uhid_char_write+0xbf4/0x1110
[  456.360965][T11372]  ? rw_verify_area+0xb1/0x6c0
[  456.362685][T11372]  ? __pfx_uhid_char_write+0x10/0x10
[  456.364970][T11372]  vfs_write+0x29a/0x1140
[  456.366578][T11372]  ? __pfx_vfs_write+0x10/0x10
[  456.368587][T11372]  ? __fget_files+0x256/0x400
[  456.370576][T11372]  ? __fget_light+0x173/0x210
[  456.372575][T11372]  ksys_write+0x1f8/0x260
[  456.374362][T11372]  ? __pfx_ksys_write+0x10/0x10
[  456.376517][T11372]  __do_fast_syscall_32+0x73/0x120
[  456.378559][T11372]  do_fast_syscall_32+0x32/0x80
[  456.380509][T11372]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.382917][T11372] RIP: 0023:0xf73ee579
[  456.384714][T11372] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.392223][T11372] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  456.395732][T11372] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080
[  456.399091][T11372] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  456.402484][T11372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  456.405884][T11372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  456.409239][T11372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.412568][T11372]  </TASK>
[  456.602039][   T57] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  456.793778][   T57] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  456.798042][   T57] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  456.801483][   T57] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  456.807554][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  456.816149][T11374] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  456.826301][   T57] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  456.859961][  T833] usb 6-1: new low-speed USB device number 43 using dummy_hcd
[  457.088445][  T833] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  457.100957][T11367] netlink: 'syz.3.1558': attribute type 10 has an invalid length.
[  457.104643][  T833] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[  457.112104][  T833] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[  457.114841][T11367] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1558'.
[  457.120889][T11367] bond0: entered promiscuous mode
[  457.130071][T11367] bond_slave_0: entered promiscuous mode
[  457.133175][T11367] bond_slave_1: entered promiscuous mode
[  457.135990][  T833] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  457.140014][  T833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.143513][T11367] bridge0: port 3(bond0) entered blocking state
[  457.143674][T11367] bridge0: port 3(bond0) entered disabled state
[  457.143823][T11367] bond0: entered allmulticast mode
[  457.146818][  T833] usb 6-1: Product: 䀁
[  457.149610][T11367] bond_slave_0: entered allmulticast mode
[  457.152194][  T833] usb 6-1: SerialNumber: ఁ
[  457.153924][T11367] bond_slave_1: entered allmulticast mode
[  457.161087][T11378] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  457.206309][T11367] bridge0: port 3(bond0) entered blocking state
[  457.208906][T11367] bridge0: port 3(bond0) entered forwarding state
[  457.241602][   T57] usb 8-1: USB disconnect, device number 33
[  457.279628][   T39] kauditd_printk_skb: 11 callbacks suppressed
[  457.279696][   T39] audit: type=1804 audit(1725009370.468:838): pid=11386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1563" name="/newroot/317/bus/bus" dev="overlay" ino=1740 res=1 errno=0
[  457.290677][T11386] Invalid ELF header magic: != ELF
[  457.379140][  T833] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found
[  457.385497][  T833] cdc_ncm 6-1:1.0: bind() failure
[  457.392771][  T833] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  457.395801][  T833] cdc_ncm 6-1:1.1: bind() failure
[  457.399548][  T833] usb 6-1: USB disconnect, device number 43
[  457.473270][T11390] random: crng reseeded on system resumption
[  457.862107][  T834] usb 7-1: new low-speed USB device number 42 using dummy_hcd
[  457.873532][T11396] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  457.887557][   T39] audit: type=1804 audit(1725009371.078:839): pid=11396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1567" name="/newroot/252/bus/bus" dev="overlay" ino=40704 res=1 errno=0
[  457.889874][T11396] Invalid ELF header magic: != ELF
[  457.943310][T11396] Process accounting resumed
[  458.010468][T11401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1569'.
[  458.014657][T11401] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1569'.
[  458.062893][  T834] usb 7-1: too many configurations: 17, using maximum allowed: 8
[  458.072678][  T834] usb 7-1: config index 0 descriptor too short (expected 55712, got 92)
[  458.076217][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.080196][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.084936][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.090536][  T834] usb 7-1: config index 1 descriptor too short (expected 55712, got 92)
[  458.096916][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.101757][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.106867][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.113663][  T834] usb 7-1: config index 2 descriptor too short (expected 55712, got 92)
[  458.117349][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.122805][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.127360][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.135955][  T834] usb 7-1: config index 3 descriptor too short (expected 55712, got 92)
[  458.141010][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.145716][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.150213][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.157108][  T834] usb 7-1: config index 4 descriptor too short (expected 55712, got 92)
[  458.160686][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.165285][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.169914][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.176531][  T834] usb 7-1: config index 5 descriptor too short (expected 55712, got 92)
[  458.180041][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.187729][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.195241][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.201420][  T834] usb 7-1: config index 6 descriptor too short (expected 55712, got 92)
[  458.205286][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.208928][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.213344][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  458.218061][  T834] usb 7-1: config index 7 descriptor too short (expected 55712, got 92)
[  458.220876][  T834] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  458.224533][  T834] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  458.228624][  T834] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  459.586156][T11415] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  459.603389][T11414] netlink: 'syz.1.1580': attribute type 4 has an invalid length.
[  460.205746][T11425] random: crng reseeded on system resumption
[  460.406555][  T834] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  460.416402][  T834] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.447226][  T834] usb 7-1: can't set config #191, error -71
[  460.451010][  T834] usb 7-1: USB disconnect, device number 42
[  460.665595][   T39] audit: type=1326 audit(1725009373.838:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.676827][   T39] audit: type=1326 audit(1725009373.838:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.692065][   T39] audit: type=1326 audit(1725009373.838:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.729382][   T39] audit: type=1326 audit(1725009373.838:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.752442][   T39] audit: type=1326 audit(1725009373.838:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.772065][   T39] audit: type=1326 audit(1725009373.838:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.791559][   T39] audit: type=1326 audit(1725009373.838:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.812582][   T39] audit: type=1326 audit(1725009373.838:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11431 comm="syz.1.1577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[  460.843693][T11446] overlay: Unknown parameter 'fsuuid'
[  461.475011][T11453] fuse: Bad value for 'fd'
[  461.597179][T11456] random: crng reseeded on system resumption
[  461.714722][T11460] xt_limit: Overflow, try lower: 4294965249/4
[  461.722585][T11460] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1583'.
[  461.964063][T11470] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1587'.
[  462.138663][T11478] ERROR: device name not specified.
[  462.146627][T11478] overlayfs: missing 'lowerdir'
[  462.172362][   T57] usb 5-1: new low-speed USB device number 29 using dummy_hcd
[  462.283009][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  462.283024][   T39] audit: type=1326 audit(1725009375.478:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.3.1590" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  462.298031][   T39] audit: type=1326 audit(1725009375.488:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.3.1590" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  462.307981][   T39] audit: type=1326 audit(1725009375.488:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.3.1590" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  462.382914][   T57] usb 5-1: too many configurations: 17, using maximum allowed: 8
[  462.387743][   T57] usb 5-1: config index 0 descriptor too short (expected 55712, got 92)
[  462.391394][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.395473][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.398947][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.402870][   T57] usb 5-1: config index 1 descriptor too short (expected 55712, got 92)
[  462.405777][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.409344][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.413393][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.418846][   T57] usb 5-1: config index 2 descriptor too short (expected 55712, got 92)
[  462.422202][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.425383][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.428377][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.432232][   T57] usb 5-1: config index 3 descriptor too short (expected 55712, got 92)
[  462.435643][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.439455][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.444462][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.450829][   T57] usb 5-1: config index 4 descriptor too short (expected 55712, got 92)
[  462.454579][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.458404][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.462839][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.467634][   T57] usb 5-1: config index 5 descriptor too short (expected 55712, got 92)
[  462.470751][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.474366][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.477980][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.481901][   T57] usb 5-1: config index 6 descriptor too short (expected 55712, got 92)
[  462.484891][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.488133][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.491544][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.497087][   T57] usb 5-1: config index 7 descriptor too short (expected 55712, got 92)
[  462.499830][   T57] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  462.502801][   T57] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  462.506234][   T57] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  462.797755][T11497] random: crng reseeded on system resumption
[  462.844324][T11499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1595'.
[  462.847821][T11499] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1595'.
[  462.851381][T11499] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1595'.
[  462.908884][T11502] trusted_key: encrypted_key: insufficient parameters specified
[  463.061630][T11519] usb usb8: usbfs: process 11519 (syz.3.1602) did not claim interface 0 before use
[  463.324526][  T834] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  463.448191][T11526] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1603'.
[  463.482091][  T834] usb 6-1: device descriptor read/64, error -71
[  463.770813][  T834] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  463.855477][   T39] audit: type=1326 audit(1725009377.048:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.866086][   T39] audit: type=1326 audit(1725009377.048:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.874622][   T39] audit: type=1326 audit(1725009377.048:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.877950][T11536] random: crng reseeded on system resumption
[  463.884448][   T39] audit: type=1326 audit(1725009377.048:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.895538][   T39] audit: type=1326 audit(1725009377.048:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.904619][   T39] audit: type=1326 audit(1725009377.048:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.913249][   T39] audit: type=1326 audit(1725009377.058:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.2.1604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  463.922027][  T834] usb 6-1: device descriptor read/64, error -71
[  464.045235][  T834] usb usb6-port1: attempt power cycle
[  464.452084][  T834] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  464.492907][  T834] usb 6-1: device descriptor read/8, error -71
[  464.748802][   T57] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  464.757770][   T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.764029][   T57] usb 5-1: can't set config #191, error -71
[  464.768224][   T57] usb 5-1: USB disconnect, device number 29
[  464.782147][  T834] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  464.812783][  T834] usb 6-1: device descriptor read/8, error -71
[  464.943874][  T834] usb usb6-port1: unable to enumerate USB device
[  465.213260][T11557] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  465.267310][T11558] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  466.008429][T11571] random: crng reseeded on system resumption
[  466.782224][ T5414] usb 5-1: new low-speed USB device number 30 using dummy_hcd
[  466.973994][ T5414] usb 5-1: too many configurations: 17, using maximum allowed: 8
[  466.978438][ T5414] usb 5-1: config index 0 descriptor too short (expected 55712, got 92)
[  466.981907][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  466.990540][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  466.994869][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  466.999976][ T5414] usb 5-1: config index 1 descriptor too short (expected 55712, got 92)
[  467.003399][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.006671][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.010629][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.029424][ T5414] usb 5-1: config index 2 descriptor too short (expected 55712, got 92)
[  467.033798][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.037464][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.041894][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.054299][ T5414] usb 5-1: config index 3 descriptor too short (expected 55712, got 92)
[  467.057894][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.061717][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.082728][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.087092][ T5414] usb 5-1: config index 4 descriptor too short (expected 55712, got 92)
[  467.090083][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.102179][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.106623][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.112314][ T5414] usb 5-1: config index 5 descriptor too short (expected 55712, got 92)
[  467.115958][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.119787][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.123685][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.123825][T11589] xt_bpf: check failed: parse error
[  467.132506][ T5414] usb 5-1: config index 6 descriptor too short (expected 55712, got 92)
[  467.135256][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.138345][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.142895][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.147834][ T5414] usb 5-1: config index 7 descriptor too short (expected 55712, got 92)
[  467.151005][ T5414] usb 5-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  467.155562][ T5414] usb 5-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  467.159821][ T5414] usb 5-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  467.191069][T11589] netlink: 'syz.1.1620': attribute type 10 has an invalid length.
[  467.204136][T11589] macvlan0: entered promiscuous mode
[  467.206498][T11589] macvlan0: entered allmulticast mode
[  467.215669][T11589] veth1_vlan: entered allmulticast mode
[  467.220736][T11589] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  468.008374][T11599] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  469.109135][T11612] random: crng reseeded on system resumption
[  469.327815][ T5414] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  469.331719][ T5414] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.442337][ T5414] usb 5-1: can't set config #191, error -71
[  469.452160][ T5414] usb 5-1: USB disconnect, device number 30
[  469.512164][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  469.512179][   T39] audit: type=1326 audit(1725009382.698:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.552248][   T39] audit: type=1326 audit(1725009382.698:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.582064][   T39] audit: type=1326 audit(1725009382.708:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.595356][   T39] audit: type=1326 audit(1725009382.708:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.605912][   T39] audit: type=1326 audit(1725009382.708:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.615215][   T39] audit: type=1326 audit(1725009382.708:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.623278][T11625] jfs: Unrecognized mount option "
" or missing value
[  469.624141][   T39] audit: type=1326 audit(1725009382.708:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.635742][   T39] audit: type=1326 audit(1725009382.718:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11613 comm="syz.3.1626" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  469.654581][T11625] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1629'.
[  469.771444][T11630] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1631'.
[  469.812806][T11632] xt_bpf: check failed: parse error
[  469.847830][T11632] netlink: 'syz.0.1632': attribute type 10 has an invalid length.
[  469.853149][T11632] macvlan0: entered promiscuous mode
[  469.855218][T11632] macvlan0: entered allmulticast mode
[  469.867512][T11632] veth1_vlan: entered allmulticast mode
[  469.873341][T11632] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  470.125160][T11641] random: crng reseeded on system resumption
[  470.180855][T11637] geneve0: entered allmulticast mode
[  470.547792][T11651] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  470.862157][ T5393] usb 6-1: new low-speed USB device number 48 using dummy_hcd
[  471.029174][   T39] audit: type=1326 audit(1725009384.218:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11664 comm="syz.0.1643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  471.037757][   T39] audit: type=1326 audit(1725009384.218:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11664 comm="syz.0.1643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  471.065902][ T5393] usb 6-1: too many configurations: 17, using maximum allowed: 8
[  471.070889][ T5393] usb 6-1: config index 0 descriptor too short (expected 55712, got 92)
[  471.074673][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.078743][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.086130][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.091809][ T5393] usb 6-1: config index 1 descriptor too short (expected 55712, got 92)
[  471.096661][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.100738][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.105453][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.112050][ T5393] usb 6-1: config index 2 descriptor too short (expected 55712, got 92)
[  471.115850][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.119850][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.130364][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.138995][ T5393] usb 6-1: config index 3 descriptor too short (expected 55712, got 92)
[  471.142845][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.151171][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.156799][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.162547][ T5393] usb 6-1: config index 4 descriptor too short (expected 55712, got 92)
[  471.165904][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.169358][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.174134][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.178853][T11673] random: crng reseeded on system resumption
[  471.179049][ T5393] usb 6-1: config index 5 descriptor too short (expected 55712, got 92)
[  471.184890][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.187994][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.195632][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.201157][ T5393] usb 6-1: config index 6 descriptor too short (expected 55712, got 92)
[  471.207153][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.210718][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.214907][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  471.219255][ T5393] usb 6-1: config index 7 descriptor too short (expected 55712, got 92)
[  471.223147][ T5393] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  471.226368][ T5393] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  471.229900][ T5393] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  472.088363][T11699] random: crng reseeded on system resumption
[  472.428168][T11706] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  473.419775][T11730] random: crng reseeded on system resumption
[  473.457774][ T5393] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  473.461617][ T5393] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.467317][ T5393] usb 6-1: can't set config #191, error -71
[  473.470833][ T5393] usb 6-1: USB disconnect, device number 48
[  473.981460][T11740] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1665'.
[  474.363131][T11760] random: crng reseeded on system resumption
[  474.670748][   T39] kauditd_printk_skb: 12 callbacks suppressed
[  474.670764][   T39] audit: type=1326 audit(1725009387.858:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.683447][   T39] audit: type=1326 audit(1725009387.858:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.692237][   T39] audit: type=1326 audit(1725009387.868:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.701079][   T39] audit: type=1326 audit(1725009387.868:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.709812][   T39] audit: type=1326 audit(1725009387.868:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.718123][   T39] audit: type=1326 audit(1725009387.868:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.725296][   T39] audit: type=1326 audit(1725009387.868:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.733203][   T39] audit: type=1326 audit(1725009387.868:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11763 comm="syz.3.1675" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  474.882262][ T5414] usb 7-1: new low-speed USB device number 43 using dummy_hcd
[  475.044255][T11774] netlink: 'syz.0.1677': attribute type 10 has an invalid length.
[  475.047765][T11774] FAULT_INJECTION: forcing a failure.
[  475.047765][T11774] name failslab, interval 1, probability 0, space 0, times 0
[  475.053954][T11774] CPU: 2 UID: 0 PID: 11774 Comm: syz.0.1677 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  475.058608][T11774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  475.063215][T11774] Call Trace:
[  475.064651][T11774]  <TASK>
[  475.065854][T11774]  dump_stack_lvl+0x16c/0x1f0
[  475.067869][T11774]  should_fail_ex+0x497/0x5b0
[  475.069646][T11774]  ? fs_reclaim_acquire+0xae/0x160
[  475.071794][T11774]  should_failslab+0xc2/0x120
[  475.073506][T11774]  kmem_cache_alloc_node_noprof+0x71/0x310
[  475.075594][T11774]  ? __alloc_skb+0x2b3/0x380
[  475.077284][T11774]  __alloc_skb+0x2b3/0x380
[  475.078872][T11774]  ? __pfx___alloc_skb+0x10/0x10
[  475.080845][T11774]  ? devlink_nl_port_handle_size+0xd5/0x150
[  475.081398][T11776] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1678'.
[  475.083331][T11774]  ? if_nlmsg_size+0x451/0xa60
[  475.083356][T11774]  rtmsg_ifinfo_build_skb+0x81/0x280
[  475.083382][T11774]  rtnetlink_event+0xf3/0x1f0
[  475.093601][T11774]  notifier_call_chain+0xb9/0x410
[  475.095773][T11774]  ? __pfx_rtnetlink_event+0x10/0x10
[  475.098030][T11774]  call_netdevice_notifiers_info+0xbe/0x140
[  475.100594][T11774]  dev_set_mac_address+0x370/0x4a0
[  475.102795][T11774]  ? __pfx_dev_set_mac_address+0x10/0x10
[  475.105212][T11774]  ? lockdep_init_map_type+0x16d/0x7d0
[  475.107446][T11774]  bond_enslave+0x9b6/0x5e50
[  475.109448][T11774]  ? __pfx_bond_enslave+0x10/0x10
[  475.111584][T11774]  ? __dev_change_flags+0x1f3/0x720
[  475.113803][T11774]  ? __pfx_lock_release+0x10/0x10
[  475.116144][T11774]  ? mark_held_locks+0x9f/0xe0
[  475.118036][T11774]  ? __dev_change_flags+0x1f3/0x720
[  475.120058][T11774]  ? __pfx___dev_change_flags+0x10/0x10
[  475.122204][T11774]  ? console_unlock+0x248/0x290
[  475.124250][T11774]  ? __pfx_bond_enslave+0x10/0x10
[  475.126219][T11774]  do_set_master+0x1bc/0x230
[  475.128026][T11774]  do_setlink+0xa82/0x3ec0
[  475.129906][T11774]  ? __wake_up_klogd.part.0+0x99/0xf0
[  475.132179][T11774]  ? vprintk_emit+0x1a2/0x600
[  475.134179][T11774]  ? __pfx_do_setlink+0x10/0x10
[  475.136250][T11774]  ? vprintk+0x86/0xa0
[  475.137894][T11774]  ? _printk+0xc8/0x100
[  475.139375][T11774]  ? __pfx__printk+0x10/0x10
[  475.141236][T11774]  ? ___ratelimit+0x24c/0x580
[  475.143213][T11774]  ? __pfx____ratelimit+0x10/0x10
[  475.145017][T11774]  ? __kernel_text_address+0xd/0x40
[  475.146853][T11774]  ? unwind_get_return_address+0x45/0xe0
[  475.148875][T11774]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  475.151310][T11774]  ? __nla_validate_parse+0x605/0x2b10
[  475.153244][T11774]  ? __pfx___nla_validate_parse+0x10/0x10
[  475.155207][T11774]  ? stack_trace_save+0x95/0xd0
[  475.157128][T11774]  ? __pfx_stack_trace_save+0x10/0x10
[  475.159526][T11774]  ? hlock_class+0x4e/0x130
[  475.161550][T11774]  ? stack_depot_save_flags+0x28/0x900
[  475.163456][T11774]  ? __nla_parse+0x40/0x60
[  475.165175][T11774]  __rtnl_newlink+0xc3a/0x1920
[  475.166987][T11774]  ? __pfx___rtnl_newlink+0x10/0x10
[  475.169108][T11774]  rtnl_newlink+0x67/0xa0
[  475.170649][T11774]  ? __pfx_rtnl_newlink+0x10/0x10
[  475.172468][T11774]  rtnetlink_rcv_msg+0x3c7/0xea0
[  475.174450][T11774]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  475.176703][T11774]  ? __pfx___dev_queue_xmit+0x10/0x10
[  475.178841][T11774]  netlink_rcv_skb+0x165/0x410
[  475.180777][T11774]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  475.182929][T11774]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  475.185112][T11774]  ? netlink_deliver_tap+0x1ae/0xcf0
[  475.187209][T11774]  netlink_unicast+0x53c/0x7f0
[  475.189326][T11774]  ? __pfx_netlink_unicast+0x10/0x10
[  475.191721][T11774]  ? __phys_addr_symbol+0x30/0x80
[  475.194411][T11774]  ? __check_object_size+0x497/0x720
[  475.196814][T11774]  netlink_sendmsg+0x8b8/0xd70
[  475.198968][T11774]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.201359][T11774]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  475.203816][T11774]  ____sys_sendmsg+0x9b4/0xb50
[  475.206261][T11774]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.209038][T11774]  ? get_compat_msghdr+0x11b/0x170
[  475.211271][T11774]  ? __pfx___lock_acquire+0x10/0x10
[  475.213561][T11774]  ___sys_sendmsg+0x135/0x1e0
[  475.215584][T11774]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.217994][T11774]  ? ksys_write+0x21c/0x260
[  475.220059][T11774]  ? __fget_light+0x173/0x210
[  475.222640][T11774]  __sys_sendmsg+0x117/0x1f0
[  475.224607][T11774]  ? __pfx___sys_sendmsg+0x10/0x10
[  475.226785][T11774]  __do_fast_syscall_32+0x73/0x120
[  475.228941][T11774]  do_fast_syscall_32+0x32/0x80
[  475.230993][T11774]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  475.233634][T11774] RIP: 0023:0xf740e579
[  475.235359][T11774] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  475.242827][T11774] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  475.246228][T11774] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600
[  475.249789][T11774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  475.249804][T11774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  475.249814][T11774] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  475.249825][T11774] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  475.249847][T11774]  </TASK>
[  475.260621][T11774] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  475.273272][ T5414] usb 7-1: too many configurations: 17, using maximum allowed: 8
[  475.280082][T11776] Κό: entered promiscuous mode
[  475.282434][ T5414] usb 7-1: config index 0 descriptor too short (expected 55712, got 92)
[  475.282457][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.282475][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.282491][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.285334][ T5414] usb 7-1: config index 1 descriptor too short (expected 55712, got 92)
[  475.301970][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.305291][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.309178][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.314098][ T5414] usb 7-1: config index 2 descriptor too short (expected 55712, got 92)
[  475.317415][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.321039][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.326863][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.327722][T11787] input: syz0 as /devices/virtual/input/input20
[  475.330375][T11784] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1680'.
[  475.331526][ T5414] usb 7-1: config index 3 descriptor too short (expected 55712, got 92)
[  475.339633][ T5393] kernel read not supported for file /uinput (pid: 5393 comm: kworker/2:4)
[  475.339682][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.348391][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.354029][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.359174][ T5414] usb 7-1: config index 4 descriptor too short (expected 55712, got 92)
[  475.363838][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.367382][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.367401][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.376911][ T5414] usb 7-1: config index 5 descriptor too short (expected 55712, got 92)
[  475.380377][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.383542][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.387754][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.402701][ T5414] usb 7-1: config index 6 descriptor too short (expected 55712, got 92)
[  475.405872][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.409585][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.421978][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.427519][ T5414] usb 7-1: config index 7 descriptor too short (expected 55712, got 92)
[  475.431150][ T5414] usb 7-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  475.435479][ T5414] usb 7-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  475.440115][ T5414] usb 7-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  475.440856][T11796] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1681'.
[  475.452949][T11797] random: crng reseeded on system resumption
[  477.411750][ T5414] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  477.415687][ T5414] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.442385][ T5414] usb 7-1: can't set config #191, error -71
[  477.450366][ T5414] usb 7-1: USB disconnect, device number 43
[  477.696217][   T39] audit: type=1326 audit(1725009390.888:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11826 comm="syz.3.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  477.706240][   T39] audit: type=1326 audit(1725009390.888:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11826 comm="syz.3.1692" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  477.710026][T11828] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1692'.
[  478.056221][T11837] random: crng reseeded on system resumption
[  478.784528][T11866] geneve0: entered allmulticast mode
[  478.905898][T11870] netlink: 'syz.3.1705': attribute type 23 has an invalid length.
[  478.942084][ T6184] usb 6-1: new low-speed USB device number 49 using dummy_hcd
[  479.054068][T11872] FAULT_INJECTION: forcing a failure.
[  479.054068][T11872] name failslab, interval 1, probability 0, space 0, times 0
[  479.059947][T11872] CPU: 3 UID: 0 PID: 11872 Comm: syz.3.1706 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  479.065002][T11872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  479.070084][T11872] Call Trace:
[  479.071675][T11872]  <TASK>
[  479.073272][T11872]  dump_stack_lvl+0x16c/0x1f0
[  479.075582][T11872]  should_fail_ex+0x497/0x5b0
[  479.077780][T11872]  ? fs_reclaim_acquire+0xae/0x160
[  479.080246][T11872]  should_failslab+0xc2/0x120
[  479.082526][T11872]  __kmalloc_node_noprof+0xd1/0x440
[  479.084948][T11872]  ? __vmalloc_node_range_noprof+0x3de/0x14e0
[  479.087840][T11872]  __vmalloc_node_range_noprof+0x3de/0x14e0
[  479.090923][T11872]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  479.093334][T11872]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  479.096469][T11872]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  479.098828][T11872]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  479.101427][T11872]  vmalloc_user_noprof+0x6b/0x90
[  479.103825][T11872]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  479.106309][T11872]  vb2_vmalloc_alloc+0x11e/0x3d0
[  479.108618][T11872]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  479.111211][T11872]  __vb2_queue_alloc+0x896/0x1220
[  479.113649][T11872]  vb2_core_reqbufs+0xa73/0xfb0
[  479.116017][T11872]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  479.118432][T11872]  __vb2_init_fileio+0x3f3/0x1110
[  479.120864][T11872]  ? trace_contention_end+0xea/0x140
[  479.123425][T11872]  ? __pfx_mark_lock+0x10/0x10
[  479.125772][T11872]  __vb2_perform_fileio+0x9e7/0x1620
[  479.128343][T11872]  ? __pfx___vb2_perform_fileio+0x10/0x10
[  479.131114][T11872]  ? iovec_from_user.part.0+0x7e/0x130
[  479.133639][T11872]  vb2_fop_read+0x21f/0x3e0
[  479.135868][T11872]  v4l2_read+0x22c/0x360
[  479.137857][T11872]  ? __pfx_v4l2_read+0x10/0x10
[  479.140195][T11872]  vfs_readv+0x6cb/0x8a0
[  479.142271][T11872]  ? __pfx_vfs_readv+0x10/0x10
[  479.144505][T11872]  ? find_held_lock+0x2d/0x110
[  479.146839][T11872]  ? __pfx_lock_release+0x10/0x10
[  479.149281][T11872]  ? vfs_write+0x14d/0x1140
[  479.151416][T11872]  ? do_preadv+0x1b2/0x260
[  479.153595][T11872]  do_preadv+0x1b2/0x260
[  479.155576][T11872]  ? __pfx_do_preadv+0x10/0x10
[  479.157908][T11872]  ? ksys_write+0x1ab/0x260
[  479.160029][T11872]  ? __pfx_ksys_write+0x10/0x10
[  479.162389][T11872]  __ia32_compat_sys_preadv2+0x121/0x1b0
[  479.162906][ T6184] usb 6-1: too many configurations: 17, using maximum allowed: 8
[  479.165084][T11872]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  479.171220][T11872]  __do_fast_syscall_32+0x73/0x120
[  479.172122][ T6184] usb 6-1: config index 0 descriptor too short (expected 55712, got 92)
[  479.173742][T11872]  do_fast_syscall_32+0x32/0x80
[  479.177325][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.179677][T11872]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  479.183216][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.186033][T11872] RIP: 0023:0xf73ee579
[  479.186052][T11872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  479.190493][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.192342][T11872] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000017a
[  479.192364][T11872] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  479.192376][T11872] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  479.192387][T11872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  479.200890][ T6184] usb 6-1: config index 1 descriptor too short (expected 55712, got 92)
[  479.203578][T11872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  479.203592][T11872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  479.203632][T11872]  </TASK>
[  479.206656][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.215919][T11872] syz.3.1706: vmalloc error: size 118784, failed to allocated page array size 232, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  479.216999][T11874] random: crng reseeded on system resumption
[  479.217457][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.220888][T11872] ,cpuset=
[  479.234138][T11872] syz3
[  479.242396][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.247873][T11872] ,mems_allowed=0-1
[  479.249713][ T6184] usb 6-1: config index 2 descriptor too short (expected 55712, got 92)
[  479.254941][T11872] 
[  479.257835][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.258707][T11872] CPU: 3 UID: 0 PID: 11872 Comm: syz.3.1706 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  479.264659][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.264677][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.266060][ T6184] usb 6-1: config index 3 descriptor too short (expected 55712, got 92)
[  479.266078][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.266094][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.266108][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.267018][T11872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  479.267033][T11872] Call Trace:
[  479.267041][T11872]  <TASK>
[  479.267049][T11872]  dump_stack_lvl+0x16c/0x1f0
[  479.267082][T11872]  warn_alloc+0x24d/0x3a0
[  479.267108][T11872]  ? __pfx_warn_alloc+0x10/0x10
[  479.267922][ T6184] usb 6-1: config index 4 descriptor too short (expected 55712, got 92)
[  479.267942][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.267958][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.267978][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.269048][ T6184] usb 6-1: config index 5 descriptor too short (expected 55712, got 92)
[  479.269065][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.269079][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.269094][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.270117][ T6184] usb 6-1: config index 6 descriptor too short (expected 55712, got 92)
[  479.270135][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.270151][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.270167][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.271229][ T6184] usb 6-1: config index 7 descriptor too short (expected 55712, got 92)
[  479.271247][ T6184] usb 6-1: config 191 has too many interfaces: 219, using maximum allowed: 32
[  479.271262][ T6184] usb 6-1: config 191 has an invalid descriptor of length 227, skipping remainder of the config
[  479.271276][ T6184] usb 6-1: config 191 has 0 interfaces, different from the descriptor's value: 219
[  479.283172][T11872]  ? dump_stack_lvl+0x1a1/0x1f0
[  479.283204][T11872]  ? dump_stack_lvl+0x1a3/0x1f0
[  479.376292][T11872]  ? rcu_is_watching+0x12/0xc0
[  479.378544][T11872]  ? __kmalloc_node_noprof+0x22f/0x440
[  479.381297][T11872]  __vmalloc_node_range_noprof+0xfe8/0x14e0
[  479.384489][T11872]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  479.386870][T11872]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  479.389996][T11872]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  479.392376][T11872]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  479.394965][T11872]  vmalloc_user_noprof+0x6b/0x90
[  479.397365][T11872]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  479.399825][T11872]  vb2_vmalloc_alloc+0x11e/0x3d0
[  479.402126][T11872]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  479.404728][T11872]  __vb2_queue_alloc+0x896/0x1220
[  479.407177][T11872]  vb2_core_reqbufs+0xa73/0xfb0
[  479.409566][T11872]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  479.412194][T11872]  __vb2_init_fileio+0x3f3/0x1110
[  479.414428][T11872]  ? trace_contention_end+0xea/0x140
[  479.416715][T11872]  ? __pfx_mark_lock+0x10/0x10
[  479.418977][T11872]  __vb2_perform_fileio+0x9e7/0x1620
[  479.421490][T11872]  ? __pfx___vb2_perform_fileio+0x10/0x10
[  479.424155][T11872]  ? iovec_from_user.part.0+0x7e/0x130
[  479.426634][T11872]  vb2_fop_read+0x21f/0x3e0
[  479.428913][T11872]  v4l2_read+0x22c/0x360
[  479.430917][T11872]  ? __pfx_v4l2_read+0x10/0x10
[  479.433312][T11872]  vfs_readv+0x6cb/0x8a0
[  479.435307][T11872]  ? __pfx_vfs_readv+0x10/0x10
[  479.437632][T11872]  ? find_held_lock+0x2d/0x110
[  479.439967][T11872]  ? __pfx_lock_release+0x10/0x10
[  479.442287][T11872]  ? vfs_write+0x14d/0x1140
[  479.444522][T11872]  ? do_preadv+0x1b2/0x260
[  479.446611][T11872]  do_preadv+0x1b2/0x260
[  479.448699][T11872]  ? __pfx_do_preadv+0x10/0x10
[  479.450917][T11872]  ? ksys_write+0x1ab/0x260
[  479.453162][T11872]  ? __pfx_ksys_write+0x10/0x10
[  479.455514][T11872]  __ia32_compat_sys_preadv2+0x121/0x1b0
[  479.458220][T11872]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  479.461334][T11872]  __do_fast_syscall_32+0x73/0x120
[  479.464141][T11872]  do_fast_syscall_32+0x32/0x80
[  479.466499][T11872]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  479.469558][T11872] RIP: 0023:0xf73ee579
[  479.471473][T11872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  479.480467][T11872] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000017a
[  479.484410][T11872] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  479.488075][T11872] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  479.491834][T11872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  479.495509][T11872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  479.498842][T11872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  479.502522][T11872]  </TASK>
[  479.509399][T11872] Mem-Info:
[  479.510867][T11872] active_anon:6126 inactive_anon:89 isolated_anon:0
[  479.510867][T11872]  active_file:17847 inactive_file:25634 isolated_file:0
[  479.510867][T11872]  unevictable:768 dirty:299 writeback:0
[  479.510867][T11872]  slab_reclaimable:4844 slab_unreclaimable:57303
[  479.510867][T11872]  mapped:17240 shmem:4188 pagetables:645
[  479.510867][T11872]  sec_pagetables:324 bounce:0
[  479.510867][T11872]  kernel_misc_reclaimable:0
[  479.510867][T11872]  free:99909 free_pcp:7633 free_cma:0
[  479.534789][T11872] Node 0 active_anon:0kB inactive_anon:484kB active_file:36kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:7720kB dirty:16kB writeback:0kB shmem:4416kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9836kB pagetables:1912kB sec_pagetables:1264kB all_unreclaimable? no
[  479.547058][T11872] Node 1 active_anon:24516kB inactive_anon:0kB active_file:71352kB inactive_file:102532kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:61440kB dirty:1184kB writeback:0kB shmem:12336kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:980kB pagetables:668kB sec_pagetables:32kB all_unreclaimable? no
[  479.561029][T11872] Node 0 DMA free:912kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:256kB local_pcp:4kB free_cma:0kB
[  479.571981][T11872] lowmem_reserve[]: 0 369 0 0 0
[  479.574241][T11872] Node 0 DMA32 free:30336kB boost:0kB min:18816kB low:23520kB high:28224kB reserved_highatomic:2048KB active_anon:136kB inactive_anon:160kB active_file:36kB inactive_file:4kB unevictable:1536kB writepending:16kB present:1032192kB managed:405656kB mlocked:0kB bounce:0kB free_pcp:1124kB local_pcp:420kB free_cma:0kB
[  479.585882][T11872] lowmem_reserve[]: 0 0 0 0 0
[  479.587985][T11872] Node 1 DMA32 free:369064kB boost:0kB min:47052kB low:58812kB high:70572kB reserved_highatomic:0KB active_anon:24516kB inactive_anon:0kB active_file:71352kB inactive_file:102532kB unevictable:1536kB writepending:1184kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:29444kB local_pcp:1272kB free_cma:0kB
[  479.600921][T11872] lowmem_reserve[]: 0 0 0 0 0
[  479.603195][T11872] Node 0 DMA: 20*4kB (U) 24*8kB (U) 37*16kB (U) 2*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 928kB
[  479.609198][T11872] Node 0 DMA32: 412*4kB (UMH) 362*8kB (UMEH) 222*16kB (UMEH) 95*32kB (UMEH) 43*64kB (UMEH) 34*128kB (UME) 17*256kB (UME) 11*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 30272kB
[  479.620880][T11872] Node 1 DMA32: 116*4kB (UME) 428*8kB (UME) 340*16kB (UME) 263*32kB (UME) 366*64kB (UME) 124*128kB (UM) 47*256kB (UME) 36*512kB (UM) 9*1024kB (UME) 9*2048kB (UM) 62*4096kB (UME) = 369104kB
[  479.628826][T11872] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  479.633077][T11872] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  479.636783][T11872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  479.640843][T11872] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  479.645243][T11872] 48104 total pagecache pages
[  479.647241][T11872] 435 pages in swap cache
[  479.647251][T11872] Free swap  = 102180kB
[  479.647258][T11872] Total swap = 124996kB
[  479.647266][T11872] 524155 pages RAM
[  479.647272][T11872] 0 pages HighMem/MovableOnly
[  479.647279][T11872] 182349 pages reserved
[  479.647285][T11872] 0 pages cma reserved
[  479.742217][T11878] 9pnet_virtio: no channels available for device 
[  479.817882][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  479.821351][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  479.829263][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  479.839454][T11881] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  479.856739][T11881] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  479.909377][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  479.922157][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  479.926495][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  479.949089][T11881] ip6gretap0 speed is unknown, defaulting to 1000
[  481.222247][   T39] kauditd_printk_skb: 51 callbacks suppressed
[  481.222263][   T39] audit: type=1326 audit(1725009394.408:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.237018][   T39] audit: type=1326 audit(1725009394.418:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.246760][   T39] audit: type=1326 audit(1725009394.418:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.255979][   T39] audit: type=1326 audit(1725009394.418:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.265275][   T39] audit: type=1326 audit(1725009394.418:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.274573][   T39] audit: type=1326 audit(1725009394.418:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.283898][   T39] audit: type=1326 audit(1725009394.418:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.293540][   T39] audit: type=1326 audit(1725009394.418:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.3.1716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  481.464040][ T6184] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  481.468492][ T6184] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.474404][ T6184] usb 6-1: can't set config #191, error -71
[  481.478067][ T6184] usb 6-1: USB disconnect, device number 49
[  482.016596][ T6184] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  482.212206][ T6184] usb 6-1: Using ep0 maxpacket: 8
[  482.218344][ T6184] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  482.225236][ T6184] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  482.237732][ T6184] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  482.245875][ T6184] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  482.257483][ T6184] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  482.268492][ T6184] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.517906][ T6184] usb 6-1: usb_control_msg returned -32
[  482.520341][ T6184] usbtmc 6-1:16.0: can't read capabilities
[  482.812008][   T35] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  482.905420][T11937] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  483.045126][   T35] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  483.048639][   T35] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  483.052310][   T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  483.055365][   T35] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  483.062775][   T35] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  483.066631][   T35] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  483.070515][   T35] usb 5-1: Product: syz
[  483.072261][   T35] usb 5-1: Manufacturer: syz
[  483.078081][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  483.079985][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  483.082390][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  483.084719][   T35] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  483.242088][ T5358] Bluetooth: hci4: command 0x0406 tx timeout
[  483.339461][ T5414] usb 5-1: USB disconnect, device number 31
[  483.977323][   T39] audit: type=1326 audit(1725009397.168:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11945 comm="syz.3.1728" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  483.990401][   T39] audit: type=1326 audit(1725009397.168:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11945 comm="syz.3.1728" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ee579 code=0x7ffc0000
[  484.648535][   T10] usb 6-1: USB disconnect, device number 50
[  485.082973][   T10] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  485.259144][T11971] input: syz0 as /devices/virtual/input/input21
[  485.265963][T11971] FAULT_INJECTION: forcing a failure.
[  485.265963][T11971] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.271760][T11971] CPU: 3 UID: 0 PID: 11971 Comm: syz.3.1734 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  485.276530][T11971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  485.281256][T11971] Call Trace:
[  485.282758][T11971]  <TASK>
[  485.284101][T11971]  dump_stack_lvl+0x16c/0x1f0
[  485.286273][T11971]  should_fail_ex+0x497/0x5b0
[  485.288442][T11971]  _copy_from_user+0x30/0xf0
[  485.290563][T11971]  input_event_from_user+0x22d/0x3b0
[  485.292969][T11971]  ? __pfx_input_event_from_user+0x10/0x10
[  485.295615][T11971]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  485.298250][T11971]  ? input_event+0x8e/0xa0
[  485.300254][T11971]  uinput_write+0xbc2/0x12c0
[  485.302366][T11971]  ? __pfx_uinput_write+0x10/0x10
[  485.304650][T11971]  ? bpf_lsm_file_permission+0x9/0x10
[  485.307073][T11971]  ? security_file_permission+0x98/0xc0
[  485.309570][T11971]  ? __pfx_uinput_write+0x10/0x10
[  485.311846][T11971]  vfs_write+0x29a/0x1140
[  485.312193][   T10] usb 6-1: Using ep0 maxpacket: 32
[  485.313808][T11971]  ? __pfx_vfs_write+0x10/0x10
[  485.317720][T11971]  ? __fget_files+0x256/0x400
[  485.319866][T11971]  ? __fget_light+0x173/0x210
[  485.321986][T11971]  ksys_write+0x1f8/0x260
[  485.323927][T11971]  ? __pfx_ksys_write+0x10/0x10
[  485.326075][T11971]  __do_fast_syscall_32+0x73/0x120
[  485.328407][T11971]  do_fast_syscall_32+0x32/0x80
[  485.330551][T11971]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.333281][T11971] RIP: 0023:0xf73ee579
[  485.335065][T11971] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  485.343409][T11971] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  485.347073][T11971] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000a40
[  485.350509][T11971] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000
[  485.353641][T11971] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  485.356973][T11971] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  485.360384][T11971] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  485.363916][T11971]  </TASK>
[  485.367701][   T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  485.377162][   T10] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  485.381085][   T10] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  485.384726][   T10] usb 6-1: Product: syz
[  485.387005][   T10] usb 6-1: Manufacturer: syz
[  485.389061][   T10] usb 6-1: SerialNumber: syz
[  485.393020][   T10] usb 6-1: config 0 descriptor??
[  485.396067][T11957] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  485.613836][   T10] usb 6-1: USB disconnect, device number 51
[  485.759610][T11979] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  486.120610][T11993] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1739'.
[  486.124076][T11993] FAULT_INJECTION: forcing a failure.
[  486.124076][T11993] name failslab, interval 1, probability 0, space 0, times 0
[  486.129833][T11993] CPU: 0 UID: 0 PID: 11993 Comm: syz.3.1739 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  486.134280][T11993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.138953][T11993] Call Trace:
[  486.140444][T11993]  <TASK>
[  486.141766][T11993]  dump_stack_lvl+0x16c/0x1f0
[  486.143883][T11993]  should_fail_ex+0x497/0x5b0
[  486.145616][T11993]  should_failslab+0xc2/0x120
[  486.147603][T11993]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  486.149887][T11993]  ? skb_clone+0x190/0x3f0
[  486.151807][T11993]  skb_clone+0x190/0x3f0
[  486.153848][T11993]  netlink_deliver_tap+0xb26/0xcf0
[  486.156074][T11993]  netlink_unicast+0x6b4/0x7f0
[  486.158188][T11993]  ? __pfx_netlink_unicast+0x10/0x10
[  486.160326][T11993]  ? genl_rcv_msg+0x4bd/0x800
[  486.162350][T11993]  netlink_ack+0x6a5/0xb20
[  486.164276][T11993]  netlink_rcv_skb+0x327/0x410
[  486.165968][T11993]  ? __pfx_genl_rcv_msg+0x10/0x10
[  486.167940][T11993]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  486.170178][T11993]  ? down_read+0xc9/0x330
[  486.172025][T11993]  ? __pfx_down_read+0x10/0x10
[  486.173895][T11993]  ? netlink_deliver_tap+0x1ae/0xcf0
[  486.175828][T11993]  genl_rcv+0x28/0x40
[  486.177542][T11993]  netlink_unicast+0x53c/0x7f0
[  486.179725][T11993]  ? __pfx_netlink_unicast+0x10/0x10
[  486.182065][T11993]  ? __phys_addr_symbol+0x30/0x80
[  486.184203][T11993]  ? __check_object_size+0x4b0/0x720
[  486.186495][T11993]  netlink_sendmsg+0x8b8/0xd70
[  486.188516][T11993]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.190590][T11993]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  486.192882][T11993]  ____sys_sendmsg+0x9b4/0xb50
[  486.195099][T11993]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.197375][T11993]  ? get_compat_msghdr+0x11b/0x170
[  486.199701][T11993]  ? __pfx___lock_acquire+0x10/0x10
[  486.202007][T11993]  ___sys_sendmsg+0x135/0x1e0
[  486.204122][T11993]  ? __pfx____sys_sendmsg+0x10/0x10
[  486.206442][T11993]  ? ksys_write+0x21c/0x260
[  486.208607][T11993]  ? __fget_light+0x173/0x210
[  486.210543][T11993]  __sys_sendmsg+0x117/0x1f0
[  486.218946][T11993]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.221072][T11993]  __do_fast_syscall_32+0x73/0x120
[  486.222968][T11993]  do_fast_syscall_32+0x32/0x80
[  486.225015][T11993]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.227334][T11993] RIP: 0023:0xf73ee579
[  486.228726][T11993] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.235997][T11993] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  486.239387][T11993] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  486.242801][T11993] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  486.245758][T11993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.248899][T11993] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  486.252085][T11993] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.255262][T11993]  </TASK>
[  486.256604][    C0] vkms_vblank_simulate: vblank timer overrun
[  486.371114][T11999] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_0, syncid = 0, id = 0
[  486.852076][ T5415] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  487.062502][ T5415] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  487.066578][ T5415] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  487.071195][ T5415] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  487.075346][ T5415] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  487.084189][ T5415] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  487.088216][ T5415] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  487.091879][ T5415] usb 6-1: Product: syz
[  487.093897][ T5415] usb 6-1: Manufacturer: syz
[  487.105188][ T5415] cdc_wdm 6-1:1.0: skipping garbage
[  487.107565][ T5415] cdc_wdm 6-1:1.0: skipping garbage
[  487.109913][ T5415] cdc_wdm 6-1:1.0: skipping garbage
[  487.112399][ T5415] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  487.369672][  T833] usb 6-1: USB disconnect, device number 52
[  487.826106][T12016] FAULT_INJECTION: forcing a failure.
[  487.826106][T12016] name failslab, interval 1, probability 0, space 0, times 0
[  487.831740][T12016] CPU: 0 UID: 0 PID: 12016 Comm: syz.3.1746 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  487.836467][T12016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.841264][T12016] Call Trace:
[  487.842790][T12016]  <TASK>
[  487.844153][T12016]  dump_stack_lvl+0x16c/0x1f0
[  487.846327][T12016]  should_fail_ex+0x497/0x5b0
[  487.848482][T12016]  ? fs_reclaim_acquire+0xae/0x160
[  487.850808][T12016]  should_failslab+0xc2/0x120
[  487.852986][T12016]  kmem_cache_alloc_node_noprof+0x71/0x310
[  487.855616][T12016]  ? __alloc_skb+0x2b3/0x380
[  487.857729][T12016]  __alloc_skb+0x2b3/0x380
[  487.859761][T12016]  ? __pfx___alloc_skb+0x10/0x10
[  487.862005][T12016]  ? genl_rcv_msg+0x4bd/0x800
[  487.864160][T12016]  netlink_ack+0x164/0xb20
[  487.866215][T12016]  netlink_rcv_skb+0x327/0x410
[  487.868408][T12016]  ? __pfx_genl_rcv_msg+0x10/0x10
[  487.870691][T12016]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  487.873108][T12016]  ? down_read+0xc9/0x330
[  487.875075][T12016]  ? __pfx_down_read+0x10/0x10
[  487.877268][T12016]  ? netlink_deliver_tap+0x1ae/0xcf0
[  487.879659][T12016]  genl_rcv+0x28/0x40
[  487.881374][T12016]  netlink_unicast+0x53c/0x7f0
[  487.883518][T12016]  ? __pfx_netlink_unicast+0x10/0x10
[  487.886010][T12016]  ? __phys_addr_symbol+0x30/0x80
[  487.888273][T12016]  ? __check_object_size+0x4b0/0x720
[  487.890429][T12016]  netlink_sendmsg+0x8b8/0xd70
[  487.892386][T12016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  487.894517][T12016]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  487.896670][T12016]  ____sys_sendmsg+0x9b4/0xb50
[  487.898608][T12016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  487.900891][T12016]  ? get_compat_msghdr+0x11b/0x170
[  487.903232][T12016]  ? __pfx___lock_acquire+0x10/0x10
[  487.905676][T12016]  ___sys_sendmsg+0x135/0x1e0
[  487.907878][T12016]  ? __pfx____sys_sendmsg+0x10/0x10
[  487.910385][T12016]  ? ksys_write+0x21c/0x260
[  487.912499][T12016]  ? __fget_light+0x173/0x210
[  487.914480][T12016]  __sys_sendmsg+0x117/0x1f0
[  487.916545][T12016]  ? __pfx___sys_sendmsg+0x10/0x10
[  487.919017][T12016]  __do_fast_syscall_32+0x73/0x120
[  487.921391][T12016]  do_fast_syscall_32+0x32/0x80
[  487.923632][T12016]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  487.926495][T12016] RIP: 0023:0xf73ee579
[  487.928368][T12016] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  487.937019][T12016] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  487.940799][T12016] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200000c0
[  487.944360][T12016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  487.947500][T12016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  487.950786][T12016] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  487.954106][T12016] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  487.957713][T12016]  </TASK>
[  487.959272][    C0] vkms_vblank_simulate: vblank timer overrun
[  488.163219][T12027] FAULT_INJECTION: forcing a failure.
[  488.163219][T12027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.169258][T12027] CPU: 1 UID: 0 PID: 12027 Comm: syz.3.1749 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  488.174286][T12027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  488.179179][T12027] Call Trace:
[  488.180739][T12027]  <TASK>
[  488.182121][T12027]  dump_stack_lvl+0x16c/0x1f0
[  488.184391][T12027]  should_fail_ex+0x497/0x5b0
[  488.186637][T12027]  _copy_to_user+0x30/0xc0
[  488.188704][T12027]  simple_read_from_buffer+0xd0/0x160
[  488.191236][T12027]  proc_fail_nth_read+0x19e/0x280
[  488.193644][T12027]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  488.196286][T12027]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  488.198845][T12027]  vfs_read+0x1d4/0xbd0
[  488.200925][T12027]  ? __fdget_pos+0xeb/0x180
[  488.203140][T12027]  ? __pfx_vfs_read+0x10/0x10
[  488.205341][T12027]  ? __pfx___mutex_lock+0x10/0x10
[  488.207750][T12027]  ? __fget_files+0x256/0x400
[  488.209912][T12027]  ksys_read+0x12f/0x260
[  488.211969][T12027]  ? __pfx_ksys_read+0x10/0x10
[  488.214281][T12027]  __do_fast_syscall_32+0x73/0x120
[  488.216623][T12027]  do_fast_syscall_32+0x32/0x80
[  488.218954][T12027]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  488.221890][T12027] RIP: 0023:0xf73ee579
[  488.223770][T12027] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  488.232694][T12027] RSP: 002b:00000000f56f65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  488.236595][T12027] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56f6620
[  488.240253][T12027] RDX: 000000000000000f RSI: 00000000f73e0ff4 RDI: 0000000000000000
[  488.244024][T12027] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  488.247743][T12027] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  488.251320][T12027] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  488.255017][T12027]  </TASK>
[  488.325053][   T39] kauditd_printk_skb: 12 callbacks suppressed
[  488.325068][   T39] audit: type=1326 audit(1725009401.518:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.338046][   T39] audit: type=1326 audit(1725009401.518:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.347454][   T39] audit: type=1326 audit(1725009401.518:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.357286][   T39] audit: type=1326 audit(1725009401.518:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.367659][   T39] audit: type=1326 audit(1725009401.518:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.377016][   T39] audit: type=1326 audit(1725009401.518:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.386866][   T39] audit: type=1326 audit(1725009401.518:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.396384][   T39] audit: type=1326 audit(1725009401.518:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12028 comm="syz.0.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  488.432677][T12039] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  488.928185][T12044] input: syz0 as /devices/virtual/input/input23
[  489.154866][T12046] tipc: Started in network mode
[  489.157141][T12046] tipc: Node identity e2b68b594977, cluster identity 4711
[  489.160436][T12046] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  489.165434][T12046] ͺͺͺͺͺͺ: renamed from syzkaller0
[  489.167708][T12046] FAULT_INJECTION: forcing a failure.
[  489.167708][T12046] name failslab, interval 1, probability 0, space 0, times 0
[  489.174804][T12046] CPU: 1 UID: 0 PID: 12046 Comm: syz.0.1754 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  489.179029][T12046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  489.183256][T12046] Call Trace:
[  489.184772][T12046]  <TASK>
[  489.186024][T12046]  dump_stack_lvl+0x16c/0x1f0
[  489.188225][T12046]  should_fail_ex+0x497/0x5b0
[  489.190353][T12046]  ? fs_reclaim_acquire+0xae/0x160
[  489.192609][T12046]  should_failslab+0xc2/0x120
[  489.194606][T12046]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  489.197294][T12046]  ? kstrdup_const+0x63/0x80
[  489.198913][T12046]  kstrdup+0x3c/0x80
[  489.200446][T12046]  kstrdup_const+0x63/0x80
[  489.202428][T12046]  kernfs_rename_ns+0x37a/0x600
[  489.204607][T12046]  sysfs_rename_dir_ns+0x6a/0xa0
[  489.206942][T12046]  kobject_rename+0x15b/0x260
[  489.209358][T12046]  ? __pfx_kobject_rename+0x10/0x10
[  489.211809][T12046]  device_rename+0x131/0x1e0
[  489.213867][T12046]  dev_change_name+0x32c/0x9c0
[  489.216148][T12046]  ? __pfx_dev_change_name+0x10/0x10
[  489.218508][T12046]  ? __pfx___mutex_trylock_common+0x10/0x10
[  489.221131][T12046]  ? netdev_name_node_lookup+0xf0/0x140
[  489.223586][T12046]  dev_ifsioc+0x6a5/0x10b0
[  489.225618][T12046]  ? __pfx_dev_ifsioc+0x10/0x10
[  489.227851][T12046]  ? __pfx_aa_get_newest_label+0x10/0x10
[  489.231054][T12046]  ? dev_ioctl+0x3ed/0x10c0
[  489.232858][T12046]  ? __pfx___mutex_lock+0x10/0x10
[  489.234834][T12046]  ? bpf_lsm_capable+0x9/0x10
[  489.236677][T12046]  ? security_capable+0x98/0xd0
[  489.238570][T12046]  dev_ioctl+0x3fe/0x10c0
[  489.240552][T12046]  sock_do_ioctl+0x19e/0x280
[  489.242643][T12046]  ? __pfx_sock_do_ioctl+0x10/0x10
[  489.244926][T12046]  ? __pfx_do_vfs_ioctl+0x1/0x10
[  489.247102][T12046]  ? __pfx_lock_release+0x10/0x10
[  489.249348][T12046]  compat_sock_ioctl+0x31e/0x7f0
[  489.251539][T12046]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  489.254073][T12046]  ? __fget_files+0x256/0x400
[  489.256595][T12046]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  489.259017][T12046]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  489.261472][T12046]  __do_compat_sys_ioctl+0x2c3/0x330
[  489.263843][T12046]  __do_fast_syscall_32+0x73/0x120
[  489.266233][T12046]  do_fast_syscall_32+0x32/0x80
[  489.268451][T12046]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  489.271142][T12046] RIP: 0023:0xf740e579
[  489.272922][T12046] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  489.281245][T12046] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  489.284891][T12046] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008923
[  489.288757][T12046] RDX: 0000000020002280 RSI: 0000000000000000 RDI: 0000000000000000
[  489.292187][T12046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  489.297059][T12046] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  489.300722][T12046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  489.304902][T12046]  </TASK>
[  489.340555][T12045] tipc: Disabling bearer <eth:syzkaller0>
[  489.444891][T12052] FAULT_INJECTION: forcing a failure.
[  489.444891][T12052] name failslab, interval 1, probability 0, space 0, times 0
[  489.450925][T12052] CPU: 0 UID: 0 PID: 12052 Comm: syz.0.1757 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  489.455541][T12052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  489.460174][T12052] Call Trace:
[  489.461629][T12052]  <TASK>
[  489.462940][T12052]  dump_stack_lvl+0x16c/0x1f0
[  489.465033][T12052]  should_fail_ex+0x497/0x5b0
[  489.467051][T12052]  ? fs_reclaim_acquire+0xae/0x160
[  489.469332][T12052]  should_failslab+0xc2/0x120
[  489.471420][T12052]  __kmalloc_node_noprof+0xd1/0x440
[  489.473683][T12052]  ? __kvmalloc_node_noprof+0x9d/0x1a0
[  489.476034][T12052]  __kvmalloc_node_noprof+0x9d/0x1a0
[  489.478334][T12052]  hash_ipport_create+0x8bb/0x1a00
[  489.480602][T12052]  ? __pfx_hash_ipport_create+0x10/0x10
[  489.483016][T12052]  ? __pfx_hash_ipport_create+0x10/0x10
[  489.484543][T12054] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  489.485365][T12052]  ? ip_set_create+0x62a/0x1400
[  489.489795][T12054] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  489.490890][T12052]  ? ip_set_create+0x523/0x1400
[  489.495942][T12052]  ip_set_create+0x62a/0x1400
[  489.497995][T12052]  ? build_sched_domains+0x2ee3/0x52e0
[  489.500364][T12052]  ? __pfx_ip_set_create+0x10/0x10
[  489.502576][T12052]  ? rcu_is_watching+0x12/0xc0
[  489.504758][T12052]  nfnetlink_rcv_msg+0x9c3/0x11e0
[  489.507011][T12052]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  489.509445][T12052]  ? kfree_skbmem+0x1a4/0x1f0
[  489.511557][T12052]  ? find_held_lock+0x2d/0x110
[  489.513741][T12052]  netlink_rcv_skb+0x165/0x410
[  489.515878][T12052]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  489.518339][T12052]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  489.520745][T12052]  ? bpf_lsm_capable+0x9/0x10
[  489.522677][T12052]  ? security_capable+0x98/0xd0
[  489.524834][T12052]  ? ns_capable+0xd7/0x110
[  489.526808][T12052]  nfnetlink_rcv+0x1b4/0x430
[  489.528908][T12052]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  489.531202][T12052]  ? netlink_deliver_tap+0x1ae/0xcf0
[  489.533594][T12052]  netlink_unicast+0x53c/0x7f0
[  489.535779][T12052]  ? __pfx_netlink_unicast+0x10/0x10
[  489.538142][T12052]  ? __phys_addr_symbol+0x30/0x80
[  489.540361][T12052]  ? __check_object_size+0x497/0x720
[  489.542758][T12052]  netlink_sendmsg+0x8b8/0xd70
[  489.544955][T12052]  ? __pfx_netlink_sendmsg+0x10/0x10
[  489.547309][T12052]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  489.549431][T12052]  ____sys_sendmsg+0x9b4/0xb50
[  489.551459][T12052]  ? __pfx_____sys_sendmsg+0x10/0x10
[  489.553777][T12052]  ? get_compat_msghdr+0x11b/0x170
[  489.556062][T12052]  ? __pfx___lock_acquire+0x10/0x10
[  489.558341][T12052]  ___sys_sendmsg+0x135/0x1e0
[  489.560444][T12052]  ? __pfx____sys_sendmsg+0x10/0x10
[  489.562805][T12052]  ? ksys_write+0x21c/0x260
[  489.564901][T12052]  ? __fget_light+0x173/0x210
[  489.567036][T12052]  __sys_sendmsg+0x117/0x1f0
[  489.569150][T12052]  ? __pfx___sys_sendmsg+0x10/0x10
[  489.571479][T12052]  __do_fast_syscall_32+0x73/0x120
[  489.573824][T12052]  do_fast_syscall_32+0x32/0x80
[  489.576016][T12052]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  489.578797][T12052] RIP: 0023:0xf740e579
[  489.580623][T12052] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  489.589098][T12052] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  489.592858][T12052] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  489.596411][T12052] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  489.599943][T12052] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  489.603489][T12052] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  489.607071][T12052] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  489.610618][T12052]  </TASK>
[  489.612093][    C0] vkms_vblank_simulate: vblank timer overrun
[  489.862378][T12064] random: crng reseeded on system resumption
[  490.668625][T12068] netlink: 'syz.0.1763': attribute type 1 has an invalid length.
[  490.673194][T12068] netlink: 9352 bytes leftover after parsing attributes in process `syz.0.1763'.
[  490.677205][T12068] netlink: 'syz.0.1763': attribute type 1 has an invalid length.
[  490.680620][T12068] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1763'.
[  490.692114][T12072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1766'.
[  490.768384][T12073] netlink: 'syz.1.1764': attribute type 32 has an invalid length.
[  490.771893][T12073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1764'.
[  490.782011][T12073] netlink: 'syz.1.1764': attribute type 32 has an invalid length.
[  490.820841][T12075] Invalid option length (1048255) for dns_resolver key
[  490.928939][ T5358] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  490.934823][ T5358] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  490.938321][ T5358] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  490.943433][ T5358] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  490.949023][ T5358] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  490.957151][ T5358] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  490.996987][T12077] ip6gretap0 speed is unknown, defaulting to 1000
[  491.165594][T12077] chnl_net:caif_netlink_parms(): no params data found
[  491.351105][   T65] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.371714][T12077] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.378622][T12077] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.390752][T12077] bridge_slave_0: entered allmulticast mode
[  491.395186][T12077] bridge_slave_0: entered promiscuous mode
[  491.401443][T12077] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.408054][T12077] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.411238][T12077] bridge_slave_1: entered allmulticast mode
[  491.416505][T12077] bridge_slave_1: entered promiscuous mode
[  491.507236][   T65] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.524169][T12077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  491.530183][T12077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  491.640447][   T65] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.654799][T12077] team0: Port device team_slave_0 added
[  491.660440][T12077] team0: Port device team_slave_1 added
[  491.736973][T12077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.740213][T12077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.751352][   T35] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  491.752291][T12077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  491.778932][   T65] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.787548][T12077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  491.790428][T12077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.799684][T12077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  491.812969][T12093] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  491.816244][T12093] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  491.855297][T12077] hsr_slave_0: entered promiscuous mode
[  491.858389][T12077] hsr_slave_1: entered promiscuous mode
[  491.861237][T12077] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  491.864476][T12077] Cannot create hsr debugfs directory
[  491.943743][   T35] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  491.946813][   T35] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  491.950384][   T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  491.954641][   T35] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  491.961496][   T35] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  491.965153][   T35] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  491.968148][   T35] usb 5-1: Product: syz
[  491.969660][   T35] usb 5-1: Manufacturer: syz
[  491.976210][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  491.978142][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  491.980074][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  491.981731][   T35] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  492.241486][   T35] usb 5-1: USB disconnect, device number 32
[  492.289215][   T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  492.296929][   T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  492.303425][   T65] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  492.307613][   T65] veth1_vlan: left allmulticast mode
[  492.310606][   T65] bond0 (unregistering): Released all slaves
[  492.540278][   T65] IPVS: stopping master sync thread 7688 ...
[  492.725620][   T65] hsr_slave_0: left promiscuous mode
[  492.728630][   T65] hsr_slave_1: left promiscuous mode
[  492.731614][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  492.734781][   T65] batman_adv: batadv0: Removing interface: batadv_slave_0
[  492.739652][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  492.744961][   T65] batman_adv: batadv0: Removing interface: batadv_slave_1
[  492.778603][   T65] veth1_macvtap: left promiscuous mode
[  492.780529][   T65] veth0_macvtap: left promiscuous mode
[  492.783126][   T65] veth1_vlan: left promiscuous mode
[  492.785160][   T65] veth0_vlan: left promiscuous mode
[  493.012440][ T5357] Bluetooth: hci1: command tx timeout
[  493.421196][T12098] ------------[ cut here ]------------
[  493.424291][T12098] WARNING: CPU: 0 PID: 12098 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0
[  493.428539][T12098] Modules linked in:
[  493.430338][T12098] CPU: 0 UID: 0 PID: 12098 Comm: syz.1.1772 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  493.437029][T12098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  493.441710][T12098] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0
[  493.444720][T12098] Code: e9 91 fe ff ff e8 56 65 96 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 b5 67 96 ff 48 85 ed 0f 84 85 00 00 00 e8 37 65 96 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 29 65 96 ff eb 69 cc cc cc e8 1f 65 96
[  493.454132][T12098] RSP: 0000:ffffc9000c867a18 EFLAGS: 00010293
[  493.456780][T12098] RAX: 0000000000000000 RBX: ffff8880215cd000 RCX: ffffffff81f4b48b
[  493.459824][T12098] RDX: ffff88801e350000 RSI: ffffffff81f4b499 RDI: 0000000000000007
[  493.463023][T12098] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000
[  493.466228][T12098] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001
[  493.470091][T12098] R13: ffff88802607c280 R14: 0000000000000001 R15: 1ffff9200190cf45
[  493.473558][T12098] FS:  0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000578d1440
[  493.477423][T12098] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  493.480352][T12098] CR2: 00000000200002c0 CR3: 000000001286e000 CR4: 0000000000352ef0
[  493.483915][T12098] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  493.487241][T12098] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  493.490550][T12098] Call Trace:
[  493.492130][T12098]  <TASK>
[  493.493389][T12098]  ? show_regs+0x8c/0xa0
[  493.495164][T12098]  ? __warn+0xe5/0x3c0
[  493.496906][T12098]  ? __page_table_check_ptes_set+0x2fa/0x3e0
[  493.499495][T12098]  ? report_bug+0x3c0/0x580
[  493.501717][T12098]  ? handle_bug+0x3d/0x70
[  493.503667][T12098]  ? exc_invalid_op+0x17/0x50
[  493.506007][T12098]  ? asm_exc_invalid_op+0x1a/0x20
[  493.508449][T12098]  ? __page_table_check_ptes_set+0x2eb/0x3e0
[  493.510950][T12098]  ? __page_table_check_ptes_set+0x2f9/0x3e0
[  493.513479][T12098]  ? __page_table_check_ptes_set+0x2fa/0x3e0
[  493.516078][T12098]  ? __page_table_check_ptes_set+0x2f9/0x3e0
[  493.518815][T12098]  ? find_held_lock+0x2d/0x110
[  493.520923][T12098]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[  493.523770][T12098]  ? rcu_read_unlock+0x17/0x60
[  493.525751][T12098]  set_ptes.constprop.0+0x193/0x1d0
[  493.527835][T12098]  ? __pfx_set_ptes.constprop.0+0x10/0x10
[  493.530425][T12098]  do_swap_page+0x1279/0x3e60
[  493.532411][T12098]  ? __pfx_do_swap_page+0x10/0x10
[  493.534381][T12098]  ? pte_offset_map_nolock+0xfe/0x1c0
[  493.536619][T12098]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[  493.539178][T12098]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  493.541253][T12098]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  493.543601][T12098]  __handle_mm_fault+0x146b/0x5400
[  493.545749][T12098]  ? __pfx_lock_release+0x10/0x10
[  493.547690][T12098]  ? down_read_trylock+0x1ed/0x3f0
[  493.549913][T12098]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  493.552200][T12098]  ? __pfx___handle_mm_fault+0x10/0x10
[  493.554502][T12098]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  493.556985][T12098]  handle_mm_fault+0x498/0xa60
[  493.559118][T12098]  ? spurious_kernel_fault+0x3b1/0x3c0
[  493.561584][T12098]  do_user_addr_fault+0x60d/0x13f0
[  493.564014][T12098]  exc_page_fault+0x5c/0xc0
[  493.566099][T12098]  asm_exc_page_fault+0x26/0x30
[  493.568350][T12098] RIP: 0023:0xf7231341
[  493.570217][T12098] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 <f3> a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24
[  493.579525][T12098] RSP: 002b:00000000ff8dbbbc EFLAGS: 00010202
[  493.582335][T12098] RAX: 00000000f711ad25 RBX: 00000000f73d0ff4 RCX: 0000000000000002
[  493.585642][T12098] RDX: 0000000000000008 RSI: 00000000f6cf03e7 RDI: 00000000200002c0
[  493.588650][T12098] RBP: 00000000ff8dbe28 R08: 0000000000000000 R09: 0000000000000000
[  493.591659][T12098] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  493.594721][T12098] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  493.598075][T12098]  </TASK>
[  493.599433][T12098] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  493.602591][T12098] CPU: 0 UID: 0 PID: 12098 Comm: syz.1.1772 Not tainted 6.11.0-rc5-syzkaller-00148-g3b9dfd9e5936 #0
[  493.607128][T12098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  493.611782][T12098] Call Trace:
[  493.613262][T12098]  <TASK>
[  493.614585][T12098]  dump_stack_lvl+0x3d/0x1f0
[  493.616651][T12098]  panic+0x6dc/0x7c0
[  493.618316][T12098]  ? __pfx_panic+0x10/0x10
[  493.620194][T12098]  ? show_trace_log_lvl+0x363/0x500
[  493.622477][T12098]  ? check_panic_on_warn+0x1f/0xb0
[  493.624728][T12098]  ? __page_table_check_ptes_set+0x2fa/0x3e0
[  493.627232][T12098]  check_panic_on_warn+0xab/0xb0
[  493.629161][T12098]  __warn+0xf1/0x3c0
[  493.630686][T12098]  ? __page_table_check_ptes_set+0x2fa/0x3e0
[  493.633192][T12098]  report_bug+0x3c0/0x580
[  493.635076][T12098]  handle_bug+0x3d/0x70
[  493.636848][T12098]  exc_invalid_op+0x17/0x50
[  493.638925][T12098]  asm_exc_invalid_op+0x1a/0x20
[  493.641115][T12098] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0
[  493.643953][T12098] Code: e9 91 fe ff ff e8 56 65 96 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 b5 67 96 ff 48 85 ed 0f 84 85 00 00 00 e8 37 65 96 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 29 65 96 ff eb 69 cc cc cc e8 1f 65 96
[  493.652307][T12098] RSP: 0000:ffffc9000c867a18 EFLAGS: 00010293
[  493.654917][T12098] RAX: 0000000000000000 RBX: ffff8880215cd000 RCX: ffffffff81f4b48b
[  493.658129][T12098] RDX: ffff88801e350000 RSI: ffffffff81f4b499 RDI: 0000000000000007
[  493.661334][T12098] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000
[  493.664777][T12098] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001
[  493.668168][T12098] R13: ffff88802607c280 R14: 0000000000000001 R15: 1ffff9200190cf45
[  493.671570][T12098]  ? __page_table_check_ptes_set+0x2eb/0x3e0
[  493.674138][T12098]  ? __page_table_check_ptes_set+0x2f9/0x3e0
[  493.676735][T12098]  ? __page_table_check_ptes_set+0x2f9/0x3e0
[  493.679361][T12098]  ? find_held_lock+0x2d/0x110
[  493.681476][T12098]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[  493.684080][T12098]  ? rcu_read_unlock+0x17/0x60
[  493.686217][T12098]  set_ptes.constprop.0+0x193/0x1d0
[  493.688475][T12098]  ? __pfx_set_ptes.constprop.0+0x10/0x10
[  493.690915][T12098]  do_swap_page+0x1279/0x3e60
[  493.693015][T12098]  ? __pfx_do_swap_page+0x10/0x10
[  493.695219][T12098]  ? pte_offset_map_nolock+0xfe/0x1c0
[  493.697509][T12098]  ? __pfx_pte_offset_map_nolock+0x10/0x10
[  493.700006][T12098]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  493.702228][T12098]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  493.704483][T12098]  __handle_mm_fault+0x146b/0x5400
[  493.706759][T12098]  ? __pfx_lock_release+0x10/0x10
[  493.708951][T12098]  ? down_read_trylock+0x1ed/0x3f0
[  493.710962][T12098]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  493.712998][T12098]  ? __pfx___handle_mm_fault+0x10/0x10
[  493.715117][T12098]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  493.717483][T12098]  handle_mm_fault+0x498/0xa60
[  493.719607][T12098]  ? spurious_kernel_fault+0x3b1/0x3c0
[  493.722018][T12098]  do_user_addr_fault+0x60d/0x13f0
[  493.724304][T12098]  exc_page_fault+0x5c/0xc0
[  493.726339][T12098]  asm_exc_page_fault+0x26/0x30
[  493.728490][T12098] RIP: 0023:0xf7231341
[  493.730288][T12098] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 <f3> a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24
[  493.738602][T12098] RSP: 002b:00000000ff8dbbbc EFLAGS: 00010202
[  493.741238][T12098] RAX: 00000000f711ad25 RBX: 00000000f73d0ff4 RCX: 0000000000000002
[  493.744644][T12098] RDX: 0000000000000008 RSI: 00000000f6cf03e7 RDI: 00000000200002c0
[  493.748120][T12098] RBP: 00000000ff8dbe28 R08: 0000000000000000 R09: 0000000000000000
[  493.751617][T12098] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  493.755056][T12098] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  493.758416][T12098]  </TASK>
[  493.760457][T12098] Kernel Offset: disabled
[  493.762981][T12098] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:08:14  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fb6365 RDI=ffffffff9512c3c0 RBP=ffffffff9512c380 RSP=ffffc9000c8673f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000032 R14=ffffffff84fb6300 R15=0000000000000000
RIP=ffffffff84fb638f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000200002c0 CR3=000000001286e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000027400000000 0000000800000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffffff9020c6ec RCX=ffffffff813c8334 RDX=ffff88802078a440
RSI=ffffffff813c82e0 RDI=0000000000000006 RBP=ffffffff9020c6e8 RSP=ffffc90002faf6a8
R8 =0000000000000006 R9 =ffffffff8133c071 R10=ffffffff8133bfc8 R11=0000000000000000
R12=ffffffff8133c071 R13=ffffffff8133bfc8 R14=dffffc0000000000 R15=ffffffff9020c6e8
RIP=ffffffff813c82e0 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020027000 CR3=000000001286e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000003d9383 RBX=0000000000000002 RCX=ffffffff8b075f99 RDX=0000000000000000
RSI=ffffffff8b4cd060 RDI=ffffffff8bb074a0 RBP=ffffed1002cf4000 RSP=ffffc90000487e08
R8 =0000000000000001 R9 =ffffed1005846fd9 R10=ffff88802c237ecb R11=0000000000000000
R12=0000000000000002 R13=ffff8880167a0000 R14=ffffffff9011be18 R15=0000000000000000
RIP=ffffffff8b07738f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb39e324ba0 CR3=000000002bf30000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000027400000000 0000000800000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000003bc093 RBX=0000000000000003 RCX=ffffffff8b075f99 RDX=0000000000000000
RSI=ffffffff8b4cd060 RDI=ffffffff8bb074a0 RBP=ffffed1002cf4488 RSP=ffffc90000497e08
R8 =0000000000000001 R9 =ffffed1005866fd9 R10=ffff88802c337ecb R11=0000000000000000
R12=0000000000000003 R13=ffff8880167a2440 R14=ffffffff9011be18 R15=0000000000000000
RIP=ffffffff8b07738f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2953ef CR3=0000000011e2e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000027400000000 0000000800000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000