last executing test programs:

4m13.446675446s ago: executing program 2 (id=1110):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='.\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000080)=ANY=[@ANYRESOCT=r0], 0x24, 0x0)
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', 0x0, 0x15)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
io_uring_setup(0x3eaf, &(0x7f0000000100)={0x0, 0xfffffffb, 0x0, 0x3, 0x40000})
socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
r3 = socket(0x10, 0x4, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r4, 0xc00c6211, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r5, &(0x7f0000000000), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000900000000000000", @ANYRES32=r5, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m13.081209555s ago: executing program 2 (id=1113):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_kthread_stop\x00', r4}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

4m11.64295746s ago: executing program 2 (id=1120):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
io_setup(0x2006, &(0x7f0000000200)=<r3=>0x0)
r4 = openat$snapshot(0xffffff9c, &(0x7f0000000340), 0x224000, 0x0)
r5 = open(&(0x7f0000000040)='.\x00', 0x160100, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x40)
copy_file_range(r6, 0x0, r5, 0x0, 0x9, 0x0)
io_submit(r3, 0x5, &(0x7f0000000580)=[&(0x7f0000000080)={0x1802, 0x0, 0x0, 0x2, 0x0, r1, 0x0}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0xff72, r2, &(0x7f0000000100)="79752875d2194669fab05c0e32d99a16311869866794ceaddae283e3a330fe7cfbfefeac57535d9b04841d481806aa5095356aac669e422f6e", 0x39, 0x400000, 0x0, 0x2, r2}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x1, r1, &(0x7f0000000240)="64a6c22a72dcbbcf0e35ebe8d6f16e8564b8427b15be51c36bb54b88fce6de7d3425cacba6277dccd07101a326211a8181eb6c3b0b787df6cf44c154f2096ba8c8ea9425880fcc866adf48e00074050b724c3fb3bc8453830607b7b4952e2e29804c37ea0ba2a4ee0777e91ca758b3e19267ce9ec83fccaecf244ec0d9034a1be4d88558767cd120e7a837d2aa324b997e50648ca062aec208aaaf01d5b02f8aa074e9285b438c02ebdd71f398c752e1cf739a0f29fe11af3ce3196d5df55766161ef2a5fcb7a6ef78dd1133c8fd90ae7334081ffcab8cc9b160570c8249a79759a070db11b74a83202d675cecf39c1c1514c3ceeee8b75e0f1af6b4", 0xfc, 0xf547, 0x0, 0x2, r2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0xeeb, r4, &(0x7f0000000380)="186bdebd8b1d0e7965cffedd8d7e5ad5e786c7e6c4370afa850e9cd1f0504a5e3d3c5cfa0fc51dacebbecc5ba4de39b5c8bc212995ee726814928cb69fe79a571a0e7be6f59a081c1b1ee62ff349af40a213b4b74c8d5126793d0631cf4a2d4ccbb23d00802c4c1d2c379fd0d32c141008e735af3c34539f63f5e9cdf70789887737766a6ec6e5d4353a93c7e1ea1ffa03e4bc5a2c71af66799d0a537a16e0e92f5844237241b5102df7b8fd23efd36c1bbc29a064d196d8852e1596f396effb36a04021ee59e48926956569c591e72e0a38e898136d41f490ca70f8b8d85bb9951462ce9bcb05ea", 0xe8, 0x6, 0x0, 0x3, r1}, 0x0])
r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r8 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = open(&(0x7f0000000000)='.\x00', 0x10000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r8, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r10=>r9}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r8, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, r10}, './file0/file0\x00'})
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r7, 0xc0405610, &(0x7f0000000040)={0x2})
splice(r0, 0x0, r2, 0x0, 0x4ff95, 0x0)

4m10.662016083s ago: executing program 2 (id=1127):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000540)='ns/pid\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r0, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file6\x00'})
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$poke(0x5, r1, &(0x7f0000000080), 0xffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff})
bind$unix(r2, &(0x7f0000000100)=@file={0x1, './file1\x00'}, 0x6e)

4m10.582041554s ago: executing program 2 (id=1129):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='.\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000080)=ANY=[@ANYRESOCT=r0], 0x24, 0x0)
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', 0x0, 0x15)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
io_uring_setup(0x3eaf, &(0x7f0000000100)={0x0, 0xfffffffb, 0x0, 0x3, 0x40000})
socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
r3 = socket(0x10, 0x4, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r4, 0xc00c6211, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r5, &(0x7f0000000000), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000900000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m10.352071138s ago: executing program 2 (id=1131):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791090000000000063000001000000009500000000000000"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x4a, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000a8"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x74)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x18, 0x10, &(0x7f0000000480)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0xf, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512\x00'}, 0x58)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x1, 0x0, 0x17, 0x2, 0x1f2, &(0x7f0000000380)})
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
writev(r4, &(0x7f0000000200)=[{&(0x7f00000002c0)="69fcc5d50c23e1a3cb00511e3d68763401579537155bbfd76d65bb1e31ae579cedc8153de70eb61439882b1dc921fb250264f9ad7b188d69eb00e57b8100e775567ceb1373701449a2042c7ecb9d68999591aa7ba0b17f7d7ee09f6fde75a8d19b52b4c7d78380ae4ef0356d7e55ffc53b855606902e53b4c5ff2515368b1c438d25468b11ee46c389dcaeb29a98b8d10037ac0e1efe464d36f00989f9a4ce09ebe1c1e72b3e8a238d17e86125f2b156e4dc17b8d0b25b94992bed75", 0xfee8}, {&(0x7f00000011c0)="ab33b05754304bddef125b9cac54a1dd0bb427d7e517dbb1153e813cb4db7cbd151d5e1a880d6bf428d1706df445a36224462e4892ddedd612584a268fa18dbf7fccd8d4f23202b985519272023724ae11405c5faade2d7d03e52e144a073ad724da5b44d264f97ab915696beb0758d223f32394101f33b70b865b82b7d0fbbfc6297661e0e095361d77b882be713cf4528104530be88c7eb1f1f97832aee66ce0e2210fd6e9b4b8d1e1d6a356f72b02d85565ff5674e90b6f6bbe971925e92c23c2062de15e4aa2d1104080b2071cf0fabc6752a88ab67b633695411c49f584b1bac1231223f88d39dc5e2522001088571454ec9579c6b7a65f6a42f575b31f7ab7be097899ff4892981c9bb8fc40aa905799e32440079e192cbfdc006a65d5392b20ac8f2b1d75b8b36c0d2a708e2f8196d4e8c404eb40a78835dfd8fe109ec400bf564c0f5defa1d8da3eb562d0df45cf59bb7c09a94a1519556f5d42fcc339bf20c18db36a0a", 0x168}], 0x2)

4m10.291637075s ago: executing program 32 (id=1131):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791090000000000063000001000000009500000000000000"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x4a, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000a8"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x74)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x18, 0x10, &(0x7f0000000480)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0xf, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512\x00'}, 0x58)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x1, 0x0, 0x17, 0x2, 0x1f2, &(0x7f0000000380)})
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
writev(r4, &(0x7f0000000200)=[{&(0x7f00000002c0)="69fcc5d50c23e1a3cb00511e3d68763401579537155bbfd76d65bb1e31ae579cedc8153de70eb61439882b1dc921fb250264f9ad7b188d69eb00e57b8100e775567ceb1373701449a2042c7ecb9d68999591aa7ba0b17f7d7ee09f6fde75a8d19b52b4c7d78380ae4ef0356d7e55ffc53b855606902e53b4c5ff2515368b1c438d25468b11ee46c389dcaeb29a98b8d10037ac0e1efe464d36f00989f9a4ce09ebe1c1e72b3e8a238d17e86125f2b156e4dc17b8d0b25b94992bed75", 0xfee8}, {&(0x7f00000011c0)="ab33b05754304bddef125b9cac54a1dd0bb427d7e517dbb1153e813cb4db7cbd151d5e1a880d6bf428d1706df445a36224462e4892ddedd612584a268fa18dbf7fccd8d4f23202b985519272023724ae11405c5faade2d7d03e52e144a073ad724da5b44d264f97ab915696beb0758d223f32394101f33b70b865b82b7d0fbbfc6297661e0e095361d77b882be713cf4528104530be88c7eb1f1f97832aee66ce0e2210fd6e9b4b8d1e1d6a356f72b02d85565ff5674e90b6f6bbe971925e92c23c2062de15e4aa2d1104080b2071cf0fabc6752a88ab67b633695411c49f584b1bac1231223f88d39dc5e2522001088571454ec9579c6b7a65f6a42f575b31f7ab7be097899ff4892981c9bb8fc40aa905799e32440079e192cbfdc006a65d5392b20ac8f2b1d75b8b36c0d2a708e2f8196d4e8c404eb40a78835dfd8fe109ec400bf564c0f5defa1d8da3eb562d0df45cf59bb7c09a94a1519556f5d42fcc339bf20c18db36a0a", 0x168}], 0x2)

4.101394235s ago: executing program 3 (id=2678):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000002140)=0x143f)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

3.920149466s ago: executing program 3 (id=2680):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0xc1205531, &(0x7f0000000040)=""/112)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900"], 0x7c}}, 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000009a65d0860040800dee20102030109021b05000000000009040000f678eaf50009058402"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
openat$mice(0xffffffffffffff9c, &(0x7f0000000300), 0x752f)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_GET_NODES(r1, 0x0, 0x40)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, 0x0, &(0x7f0000017c80))
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@ipv6_newrule={0x30, 0x18, 0x409, 0x70bd2b, 0x3, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x10000}, [@FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x30}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0)

3.339405711s ago: executing program 1 (id=2682):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b5d090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f38306d090890e0879b0a0ac6e70a9b3348959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
r6 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000800000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b702000000000000739a00fe00000000b509000000000000dbaa00fea0000000bf86000000000000070800", @ANYRES32=r5, @ANYBLOB="0000000000000000b7050000080000004618f06da6ff76000000bf9800000000000056080000000000008500000007000000b700000000000000950000000000"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)

3.266982622s ago: executing program 0 (id=2683):
r0 = socket$inet6(0xa, 0x6, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r1, 0x800442d3, &(0x7f00000000c0)={0x10001, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 'pimreg0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCXONC(r5, 0x4b45, 0x3)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[0x0], 0x0, 0x0, 0x0, 0x1})
close_range(r0, 0xffffffffffffffff, 0x0)

2.760020523s ago: executing program 3 (id=2684):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f00000000c0)={0x0, 0x0, "1ec4618f6538ecc26693065a2dcc26d92bb4f1030cd2c1011cdbf894a0839dc2"})
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000040)={0x0, @in={{0xa}}, 0xffff}, 0x90)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x900, &(0x7f00000008c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000001a00210f00000000fc1c0000000000000300"], 0x1c}}, 0x0)

2.759687714s ago: executing program 3 (id=2685):
socket$kcm(0xa, 0x2, 0x73)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="02"], 0x10) (async)
socket$kcm(0xa, 0x2, 0x73) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0xb, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300002ab200008500000021000000b70000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03076044238cb89e14f065de", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.709858108s ago: executing program 3 (id=2686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), r4)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r4, &(0x7f00000003c0)={&(0x7f0000000040), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r5, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x9}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x20040000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000004700))
ioctl$sock_SIOCINQ(r6, 0x541b, &(0x7f0000000400))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000004700)={'team0\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r8, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r9}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r11, &(0x7f0000000180)=[{&(0x7f0000000080)="ea", 0x1}], 0x1)
close_range(r10, 0xffffffffffffffff, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000580))

2.57585357s ago: executing program 0 (id=2689):
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2be84a3e324f34f}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r3, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xf}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x48000)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'team_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9400000013004f0a000200"/20, @ANYRES32=r5, @ANYBLOB="00000000000000000800cfffecc507006c001a8054"], 0x94}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x8f8, 0x0)

2.490007129s ago: executing program 3 (id=2690):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0xea, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000200)={r1})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYBLOB, @ANYRES64], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x47, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x33, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000940)={{0x4, 0x0, 0x3ff, 0xa}, 'syz1\x00', 0x2001b})
ioctl$UI_DEV_CREATE(r2, 0x5501)
getpid()
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
utime(0xffffffffffffffff, &(0x7f00000000c0)={0x8, 0xdfb8})
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r5=>0x0})
r6 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r6, &(0x7f0000000000)={0x1d, r5}, 0x10)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x10000000, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}}}, 0x24}}, 0x40044)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)

2.409730453s ago: executing program 1 (id=2691):
socket$inet6(0xa, 0x6, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(0xffffffffffffffff, 0x800442d3, &(0x7f00000000c0)={0x10001, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 'pimreg0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCXONC(r3, 0x4b45, 0x3)
r4 = shmat(0xffffffffffffffff, &(0x7f000060b000/0x4000)=nil, 0x4000)
shmdt(r4)
syz_open_dev$usbfs(&(0x7f0000000080), 0x73, 0x101301)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000006c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x27)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0)

1.659864669s ago: executing program 0 (id=2694):
r0 = syz_open_dev$vim2m(&(0x7f0000000640), 0x0, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mounts\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008aec1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x129400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000000)=ANY=[])
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x9f9, 0x1, 0x4})
ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc04c5609, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x19)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=ANY=[@ANYBLOB="d002000020336b8b4844d745f5015a08ea24ff42cbb11607e2062c3d785e64854ac144dc4895f4490696cc665d92c28772607f356e362b373942f67261fb0f5e365ab059e795614576ea5cf6502871b6f6b862057773b5e7e4d646eb98f94c2694c0892c10b8c36045b209a376dd68f627ee3facc9467bc46b745d6480688933df7cbbd36dd9614f9bf7a7d10193e72709c176d69f5bbdde63083530cab14309e1942232f5a146aeeb4dfe0a7bfadb132e07cacb29101e62cd09dd7c", @ANYBLOB="000426bd7000fcdbdf250c00000034000980080002000010000008000100fbffffff08000100ffffff7f08000200d63c0000080001000400000008000100090000002c0101800d0001007564703a73797a3200000000380004001400010002004e23ac1e00010000000000000000200002000a004e227ffffffffc00000000000000000000000000000001000080080003000400000038000400200001000a004e2000000009ff020000000000000000000000000001040000001400020002004e240000000000000000000000004c00028008000300ff0100000800040001040000080003000900000008000200f6000000080001001c000000080002000100000008"], 0x2d0}, 0x1, 0x0, 0x0, 0x4048850}, 0x40)
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
pselect6(0x40, &(0x7f0000000000)={0x9}, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r6, &(0x7f0000000040)="e2", 0x12d8)
bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000400)={@map=r5, 0x4, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

1.54016211s ago: executing program 0 (id=2695):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0xa0c80)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, &(0x7f0000000080))
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000006140)={0x2020}, 0x2020)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000280)=<r3=>0x0)
ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, 0x0)
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x1001, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB="2c726f6f746d6f64653d4f3030303030303030303030303030300488968a981d98d9307364720b671609", @ANYRESDEC=r3, @ANYBLOB=',group_id=', @ANYRESDEC=r4, @ANYBLOB="2c6d61785f726561643d3078303030303030303037623530663635362c64656661756c745f7065726d697373696f6e732c6d61785f726561643d3078303030303030303030303030303030322c6673757569643d65383631cc3739542d333239392d633537652d376638612d32313607656360372c00"])
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000480)={'vxcan0\x00', <r9=>0x0})
r10 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r10, &(0x7f0000000080)={0x1d, r9, 0x3, {0x0, 0x0, 0x3}}, 0x18)
sendmsg$TIPC_NL_LINK_SET(r10, &(0x7f0000000200)={0x0, 0x100000, &(0x7f00000001c0)={&(0x7f00000002c0)={0x18, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x4}]}, 0x206c}, 0x1, 0x0, 0x0, 0x4000}, 0x4008802)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
openat$tcp_congestion(0xffffff9c, 0x0, 0x1, 0x0)

1.469884767s ago: executing program 1 (id=2696):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r2=>0x0})
r3 = dup(0xffffffffffffffff)
write$UHID_INPUT(r3, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34393b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c00000000b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa88af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='smaps_rollup\x00')
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r5 = dup(r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x270bd24, 0x25dfdbfc, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x401}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r5, 0x63)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @random="5e1fe141b7f7"}]}, 0x30}, 0x1, 0x0, 0x0, 0x4044}, 0x0)

1.289558511s ago: executing program 1 (id=2698):
r0 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x2000000)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x8200, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2})
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000140))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000280)=0x1000002)
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYBLOB="0000000036ee5f2a"], 0x48)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_GET_REPORT_REPLY(r5, &(0x7f00000000c0)={0xa, {0x0, 0x3, 0x11}}, 0xa)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000000c0))
r6 = openat$sw_sync(0xffffff9c, &(0x7f0000000040), 0x200002, 0x0)
ioctl$SW_SYNC_IOC_INC(r6, 0x40045701, &(0x7f0000000080)=0x4)

349.910129ms ago: executing program 1 (id=2700):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000002140)=0x143f)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4}, 0x18)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

349.276421ms ago: executing program 0 (id=2701):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xf, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r1, 0x6, 0x0, @void}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=r1, 0x13, 0x1, 0x2, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x28, r6, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}]}]}, 0x28}}, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r0, 0xffffffffffffffff, 0x2e, 0x0, @val=@netkit={@void, @value=r5, @void, @void, r3}}, 0x1c)
close_range(r1, r2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000002100010000000000000000000a0000000000000000000000050019"], 0x24}}, 0x0)
r8 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r8, &(0x7f0000000000)='.', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

348.975152ms ago: executing program 0 (id=2702):
membarrier(0x4, 0x0)
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c40), 0x0, 0x0, 0x0)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f0000000100)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0x0, 0xa, 0x0, 0x51}]}, &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00')
read$FUSE(r7, &(0x7f0000006480)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r8 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r8, &(0x7f0000000300), 0x4)
truncate(&(0x7f0000000080)='./file0\x00', 0x800)
syz_open_dev$vim2m(&(0x7f0000000300), 0x7fffffff, 0x2)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r11=>0x0})
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x2c, r12, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1590}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x80}]}, 0x2c}}, 0x0)

262.917818ms ago: executing program 4 (id=2703):
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=ANY=[@ANYBLOB="d002000020336b8b4844d745f5015a08ea24ff42cbb11607e2062c3d785e64854ac144dc4895f4490696cc665d92c28772607f356e362b373942f67261fb0f5e365ab059e795614576ea5cf6502871b6f6b862057773b5e7e4d646eb98f94c2694c0892c10b8c36045b209a376dd68f627ee3facc9467bc46b745d6480688933df7cbbd36dd9614f9bf7a7d10193e72709c176d69f5bbdde63083530cab14309e1942232f5a146aeeb4dfe0a7bfadb132e07cacb29101e62cd09dd7c", @ANYBLOB="000426bd7000fcdbdf250c00000034000980080002000010000008000100fbffffff08000100ffffff7f08000200d63c0000080001000400000008000100090000002c0101800d0001007564703a73797a3200000000380004001400010002004e23ac1e00010000000000000000200002000a004e227ffffffffc00000000000000000000000000000001000080080003000400000038000400200001000a004e2000000009ff020000000000000000000000000001040000001400020002004e240000000000000000000000004c00028008000300ff0100000800040001040000080003000900000008000200f6000000080001001c000000080002000100000008"], 0x2d0}, 0x1, 0x0, 0x0, 0x4048850}, 0x40)
r0 = getuid()
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)=<r2=>0x0)
r3 = fcntl$getown(0xffffffffffffffff, 0x9)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000b40)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@private}, 0x0, @in=@remote}}, &(0x7f0000000240)=0xe4)
r5 = syz_open_dev$hiddev(&(0x7f0000000280), 0x101, 0x200)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)=@kern={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)=[{&(0x7f0000000940)={0x1dc, 0x22, 0x1, 0x70bd26, 0x25dfdbff, "", [@typed={0xc, 0x12b, 0x0, 0x0, @u64=0xd}, @typed={0x8, 0x15, 0x0, 0x0, @uid=r0}, @typed={0x8, 0xc4, 0x0, 0x0, @pid=r1}, @nested={0x190, 0x4b, 0x0, 0x1, [@generic="330a00f2bb58694f391626d34675ba98ac58d2de4118c18043dd8c9a5885ffb56070433b29f3a81b7943b431d5088bcdfa2ce58aa5075e87cc1ec858ba370726634286fbc6b60a3a723c29fe9c40c8994d2257f3563374c1aabd4d2889729fd05089ff865973f630b797694264625350bf813d", @nested={0x4, 0x53}, @generic="95a5b5a9c9edf26d8c4be8cc786afdb00be6425ded7b58afc821af7e352493d5ca23455400048987d0aad46ab1a4f4ca47f324b9d03c4c2be582c6bf41cece5b8e73d375d8e6cc41a492840329d2078b212f3cf9511e801acb759cf92e4fdb3fc7f8942d13aaa8012023ff9d922277475895bc26e09cb535f0bc7d817a10029968255460d7287ccb473231281495223c3f277de3e5d28e082f74", @typed={0xb, 0x137, 0x0, 0x0, @str='\\\\&+.+\x00'}, @generic="01a74707e63130b57f19f04ba37a7dd8b0803a4e342cf30611e4cf27340076c83ca67414229c31deef4a1abde684aae21d40bff40daa6d9e8c89d5b52316646e5d3d6fcc1d1175dedaca98d0ad821a458415c5c64bf62c72e5b5375f712366ac25d2b7", @typed={0x8, 0xa0, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x4, 0xf5}]}, @typed={0x8, 0x106, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x149, 0x0, 0x0, @pid=r2}, @nested={0xd, 0x70, 0x0, 0x1, [@typed={0x8, 0x27, 0x0, 0x0, @u32=0x3}, @generic='j']}]}, 0x1dc}], 0x1, &(0x7f0000000440)=[@cred={{0x18, 0x1, 0x2, {r3, r4}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r5, 0xffffffffffffffff]}}], 0x30, 0x4004000}, 0x80)
r6 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r7, &(0x7f0000000040)="e2", 0x12d8)
write$UHID_CREATE2(r6, &(0x7f0000001b40)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0xb2, 0x2, 0x1, 0x200, 0x1, 0x6, "e37c621310800e64da5b7f02d5d51a0ce807a69993a561a14e3b21bcb67e5e7267987c4ee85c1e05efe83a5e99b22f0c852918990d5cc7d003ef835a5fc22ef762759369fe87bd4e4722b27d893738144b10c79c26471cb6f3f0edc97501202158d3e0e9808a7c8ac6c85a370d43924a0840850602fcc2cd5da40025e82d697fdb90d0caae7018880e9ed0f17d062fdd8971db5d05a2b227bd20bf015882098d2e4817cc562bd2dd85cf75b059ee1526f5eb"}}, 0x1ca)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b0400000000000000000200005e1800048014000180090001006d61737100000000040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a084128af4227b0e7a9ae7caa2c9d130ed9a18b0c2e3b481822c0f068a57ac525d6ab2b28692ec8235e3980845ba3ab698ed07923594e6da72aa9dde9c96b8bcd30241dbb264d52d6772c20"], 0x6c}}, 0x0)
r9 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r9, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000f00)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a015939a8d10b07a05e99e5772b4b9329275cef8de2b066d4e4d421e4a0a69cdd8f674b12f5b3fa764e4b1e9f4d767e252e37477813a03f18da16d598fddcf4be590d9f65f64c647cb2f330a614fe688d3d80182ed8aa59905a1cb0d3f034d927e070d71f56ee8e5c5bdf23c4f85c7a17834467bd6cf58218868fe53e3675c130bbe44bea271fa67999a0dc3dbf7c40dbba6e7d6cc0936bd8d466a1f041883c093a3a60743d0549b1a989a2fa41ff978388014434909053e279a21e7866bd4efb4a9f46b7a8b0d1d84d83020e9e68936ca3de030269784aa29a3e25146cd5b03d21ca82f961be925c9ad487fb24b1e35c2d043ee4b6a4aaf811c4308a6ced6b4c45e7513a3f0e1421cb3b0fd8571a7085c9a4b454e4ee8b44767428666cd108b78369b871ab32f36943e24976f4bb6bd4068cc19585a2de791e3f950d220b28f4ba268d8c9dbccc1a705b1b1c30881babdbc8cc4cf97b801e4d410fd7c61b34b1f126e6df1b0e9c676d1ab5", 0x5c9}, {&(0x7f0000000600)="3001fb90647586f4601659c5ad2644b99bfd65452e947b394c96c29278d097c5f170d77283a744139d2ce2a2f4bb5bb37e7396e7bac14056f25d17145e73bc2461b20ea3fce771f1b32d1585e8a456763cfafcf7189145a6e261af6232014cbf8a0f898bf6d14136874b6a1fd7caf8ec9966b0419be0420dc6e247d1a44f038ae29eb4bc67d6a04e80dfb7715ebafaa20fcbc57ade23cba05da1fbe4bba675b742472eebaabf356adc99866930e146125a272cef5baf5dfad4a28a01208d9908183ab2085a781e531f1bed4ac9c245ec19be383047656a7d857d364e6f69eccea5aca3964f", 0xe5}, {&(0x7f0000000cc0)="79dfe4263f037de282e588f3c773eca5f0c383e7425d1573aa90a44223bfeced3ff85afe9d0c0b3b5a7ed7fcdb96a3934fe7af73ee25d5d36ba42e2a858c3d134299abc0393e031db435ae156e55eb2b2b2e2300e0706dfc5c4ec73ba929ffe8a7bb7ce55d95fb6e58560c45d96a58a13aa944b98c481a82927ec071b272b4592616116116527fd2dbc0dfd58c572f714f6852063afc8358fb33ccb8a95460b32b4e26bea604e534d8983790b5e2a180fed88108b0f5a499d5f80b4e4047d9ecc03d21856a4ec0d0d41496d99dddfa9098d327d9559e82fceb2b1b1ca4b45c9e22b2de", 0xe3}, {&(0x7f0000000380)="c58cf2a0f0f863621a483b19e7ecfce0d34e53fbf2959272146847c314ac0cdfd79dc1815274c3ee57068b3793c243bc98585fab48eb353478689f452328afb023f75f93227bbe5a4aa3fea049ec0862c493e14eb44aacf27f9060bc2c826383c904750402dd05d1e8c3a549a06e280ca4eaf77b4aed57a0c5f6120d25a3d5121895638ec5e2e6", 0x87}, {&(0x7f0000000700)="15c84609b06c6d85a5ca6f3a9a242f214aee4e7093161b717090c0c852a05393abd8992d91576f57bbd3488e85d8456d6c6c09de5c5228ee18819665861f01a2823a7cfa8e9260a5fe3921638db2dc5156149f86916810f913a944e1c8cd7fccb63f37900c5b287016e512b050ca214125b2217260c9ce3019e88b80985402ff7ca34be17e0dbda4f028cec9973a2b9eed83eee86f35f2c0adf50a04296e99c0f709fb3990aa5d0e74a125971357630b6f3eb4fb4064c42c2b2519a1c77824df6f0653fb116149fcb5c7e46fce32b1de7f511951d4b1ae47781250afdb11680684c1d2854810a90dbe10016823346663fdf1df6200a0dc3cafe8ec225fda47", 0xff}, {&(0x7f0000000800)="3a0846cacd7448e2015cc9a09c5f5608265e1e0fe02aa9077d7ddd960ba112fe1c64f57cba71e7ad8bbdc06a3299398e39498fc459bc1745e3d21a7ca987a4f4b774fe331d20dab2e846a721ff43b0491dc4cb32e16330e0d7d520f4887da0d6f356f8ef230b9b2374095ca6f14a6d13e03375c7029e28592c419bfb8957ac024ba8dc90ab15427410b870f3035ff95146d6e29f9b56ac096281d2f2b249f20c9fdc3239f838acc6b3433571d3043d", 0xaf}, {&(0x7f0000000500)="8700144add194dc92e62bfdc1de91e98227f67410fae0aa2958eeb11856055f582d7ed3b9ca5bf48d2e97becf8673e1532a8", 0x32}, {&(0x7f00000008c0)="6aa7e221ef79afca996dde651fad6b8f1085c4567b3af29b90b3221f98f93ce7f8d32156d842e64f2dd8e9b969c22d076b5dbfb714449b009ff42ec0e2a2c1785d5129", 0x43}, {&(0x7f0000000dc0)="e94b02666c07000080", 0x9}], 0x9}, 0x0)

260.127851ms ago: executing program 4 (id=2704):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b704000000000000850000003900000095"], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5453, 0x2)

180.063906ms ago: executing program 1 (id=2705):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x2040, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000002c0)={0x3, "421ae3753785259249154c944122ad063ff47d3bd7a8a45d6bb4c78a3ab4c981", <r1=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3)
sendmsg$NL80211_CMD_DEL_PMKSA(r6, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, r7, 0x100, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x10001, 0x28}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "aaf46e3e17381fa7812ac9f1fd2d1151"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x29}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4000800)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="ad4300000000009c260821"], 0x14}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[], 0x34}}, 0x4004010)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0)
poll(&(0x7f0000000200)=[{r1, 0x102}], 0x1, 0x0)
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000180)=0x8)

179.8106ms ago: executing program 4 (id=2706):
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000380)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24)
listen(0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
lseek(r2, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r1, r0, 0x4, r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x10, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRES32=r1], &(0x7f0000000000)='GPL\x00', 0x6, 0xac, &(0x7f0000000140)=""/172, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x108, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x6, 0x4, 0x3, 0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0xfff, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x204040, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0xb15, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x1a, &(0x7f0000000300)={0x0}, 0x1)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000001600), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, 0x0)

119.728042ms ago: executing program 4 (id=2707):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
creat(0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000001ac0)=[{&(0x7f00000007c0)="6e5fb47cf1340fb15f920d2d0923f7b30bb80e241072eef5439352f1475ff4d935dfbf9489058dbe238f0e57bad466dbef2735aaf71d72412b4581c515843eb6dd3f0fad4d17b05540d4c8b553fba0d3b185333f30656a5f91cfdeb7b9dbaf3e94a84c5cb66ce0247e65547b0b18cb5365ca9760ccc7ba062bc2e9b37954cff16f0b92b260b4343be89abfe1b0dabf2f8f8b7875e43d58845297953a7735d6f9c0591db22113083fac1dac8ed5d23debfd23f6c68c4ed6e9046c2766973d38b538082449f90ad808c26d4f529ad1c2846bc74d76e8a307917beb5b630e60d3638a68702b788de4015533e4cc5beb365bb7b1fc784262f4d04ac074750a07ef55d658228dd4179e446ac3ef3f3dac86ad00776842920888d646a9dc612ce6a82da27827d462df695201dc4c3da15f617368144ab5c3f0fbffedf00b2d62d6470382ef13297c95f808806d6a369ed05f6c2515569b19d21e53398e07e3cd2eae79107a2340893b9364562f1ca6e262f7cc82079b77703e6b1566c7cfd1e772a1866d3cb77a98cc4e8795052711d1c586f86c2e2bc47e7c0e8f9716f8575849726fdae3fa7163aee7ee68790b0b42c43c473109c4c64618fcf9681a87686d695d6a1493fea0aca84ad51376f10c2e85f3a03c7a32197e2853d28cfc7a7221702d6c71c9be1e2df5a65b00983c4e57fec608eb6b5706b5b23ae9b0d451745c7b9ce93eba2cfcc8cdff593564dd286634d09c7c83fab14be5424a6a2fcdd43a49d387c6a02bf9f0b92b5bba41fba50d53493bdcdaea8af1cf684465181c403005b23965f4f7e5a912bac7355e8ae18365933d6dd332da731c6323eef41d4326d2d8cecbda9248cf28837ee647bb1007c4e2ba311e9f33b37731d6f8a9216405d73c2dab419c257cfdfd8fa5741e8aa64e4e90ada2e6af970a0e7acd16ca3d95107c63387bdc78dc2ed14e6460cc4b53f81d23f50e222bd7cd0d79be4631c4e6f102d0ef7d667a32263d7b5ebd96938139bcc234abf3ca6767af7697fc2a6b61fd7763acce2d93cdb2643c6d4bde2b4ce19fbdf8e93ea35b867af9f396d3b4832df88661081e7819bdf2e7075c6326469966990c3581b94b9fb603c65dca75659fe908a5a1ccf4bc24ee04b7b98267a6fcce3f4f1416139df74ba64715a40a06e1b6d4a34d056218d6d1bd7749e5772c66606aeb626c3a479ee20587aad394e973ba6a95906006f11161cde6dd335af0ad80d845331c245058ffca27c2a9e8f7aff2843259f201131cca32b345e6c2c3664aa441f5f6601578fceb7fb0a28161ed52d080c1cc634490138ee7374d690df47ca1788e17f54bfa820bdd6c44997902722d9e184fab666a3264a9dbec1326debe85d88bf5d6b99e3ca3422e8e7d0622bf2afeeb268c97b6ee447bbe0efb31e7f6e391d793ab0fdb42fb5265a33674be507aa0f35ba1514374e272ffa11578bf74299026cf659116b65a028ec4d190a4037b2c0ad52d629674c979b769f9fa593f2583d7ba4b1c10f67a01322ca4d8d4693f080d32440943534b3f8364fc09cce9a140fb54bb1553bf8192c9bd42f2c84f9f24185e350747f7186a65d23ac9b90f37ed9041acec335ccbfdb4b26ea3c3344678702c0cde7cb4b90c2368b63b41eace5f1ce4e4d17b61304bcf8517c8769faf9939dba072d03f3249099225e6f42ac0a4b29b407fa7b30182047a743be5c2477c0bd6e71ecf786952987d4b5e5cbda44c3e4b022397412a0dca3ff1ea620b69c775b072d3b72ee11761b834cc54b36ccde59bbd96a530bb5a46fba30bad4a2e5f6e506fdae12aa75c1fb0f72f92e24588c31e326f5fbd3228a4c387077b9064a7f6a1028cce9115179821460a4d6638271fd53d95110c0cc6a422caf671bcebf4b06a87fd804c63c6e05d78857792612947b08eca833d47e11237e72a02524baa5e736d78073ac7ddf5ef04db59615cd4a5d1aad5bd4abd7535da38d9b2c2b4d8ba84fdd0db3814847f1c596a7202835b8f83ca042922fbcfb12e6e97f2158e1c647ffcbaa239d9793147b17d28e08a120673223e55d6c7dd1d9e7b99a15ebf5005b98d52e0759adfb65e6a21bcbd077b982f273f1e9a9f2bfb8174fb50e0effd3f3f5f1feecaf46ff48d025835074c5fbed5c6eacfa2ae92bae21a221f25332d9948df4da93317f3a8af0898874fc3bd77649b695cec0713a1b82af9a1bf805ed76e859ca2c3660e15b7ea66c50169f058df5aa1c871d343a6162769c97765234dab6df3835588cad49f54b2ed554ec3875c7963407c9fc86a17d237d6f2325484e901d13e65b0468327b0a79f2ce2717ac404832f623c55a2c680a8dfd48d67aad334404a87c475df2ed49219d8458c9205a00ec6553946b123f42dd3b20a918dd38d0e5874627e33ad373a81945589702095507a23cba23673397acdc804a2703c7b6a366e412daf586735a9d84c4f91b1a5c1aeab734e9124022d56033678a8a50da3f4d7a6c393b2bdb5e51f3f0ce12311da801e15c4f50b5578f8e5a0863a5e47972a02ebb724e0c90e4cdfc9e6c9d9c78701abb61c6e1cebee5bcfcbce945e836ae2c53fa090ed1786b6450cbea9da921ddecdd1314d07a24d712ec8dfa10e9f11cfaa8934fcdbe27c1c36454abf0b4212233fb0cec678ab01fc1cb4bc13f6365b8de7d9be79614664191c7bf573b758608e718e540a0b2e2c3803d4d9127d50d215447ad477e8d0cd0f17fcad3ce768454c564d6898aa25464e05ccf6f61a03215a2a1c1aa429a96cbf35db51411c9e104b9f5674b61bd73a8dcc3fb4fcde989c8a4100c0923a4e93db299caa741b1139b4f4e37608e8311af75db106d38f8180fac230f36bea8e7530d95ec6fc72a937c6efa657f10249afcb743ca48cdedeb4145a98460ba7897e5882f7a7f95d9d9d6ef2df0956a0796a6d0c2fcf9f572ba7fc9b8a6c7bd93ea7ab634a64febc9ea10482f13b2204e86767a6434b", 0x841}], 0x1, 0x2)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38)
landlock_restrict_self(0xffffffffffffffff, 0x0)
setfsgid(0xee01)
faccessat(0xffffffffffffff9c, 0x0, 0x0)

63.980698ms ago: executing program 4 (id=2708):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) (async)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)={0x38, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x24, 0x11, 0x0, 0x1, [@generic="2fe5afbf24fbcccc554cd9761e79b8dad8a2018544a3f855448c77987d9d7a52"]}]}, 0x38}], 0x1}, 0x0) (async)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) (async)
listen(r3, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
close(r4) (async)
r6 = semget$private(0x0, 0x207, 0x480)
semctl$SEM_STAT_ANY(r6, 0x2, 0x14, &(0x7f0000000500)=""/77)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0205710, &(0x7f0000000040)={0x0, 0x7, 0x0, 0x1, 0xffff})

0s ago: executing program 4 (id=2709):
membarrier(0x4, 0x0)
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c40), 0x0, 0x0, 0x0)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00')
read$FUSE(r7, &(0x7f0000006480)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r8 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r8, &(0x7f0000000300), 0x4)
truncate(&(0x7f0000000080)='./file0\x00', 0x800) (fail_nth: 6)
syz_open_dev$vim2m(&(0x7f0000000300), 0x7fffffff, 0x2)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r11=>0x0})
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x2c, r12, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1590}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x80}]}, 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):

21, bcdDevice=86.66
[  421.396107][ T5898] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  421.399400][ T5898] usb 6-1: Product: syz
[  421.400635][ T5898] usb 6-1: Manufacturer: syz
[  421.401988][ T5898] usb 6-1: SerialNumber: syz
[  421.407330][ T5898] usb 6-1: config 0 descriptor??
[  421.409025][   T39] audit: type=1326 audit(1736651494.897:246): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=14197 comm="syz.0.2310" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  421.411481][ T5898] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  421.415399][   T39] audit: type=1326 audit(1736651494.897:247): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=14197 comm="syz.0.2310" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  421.431314][ T5898] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  421.436851][T14199] ceph: No mds server is up or the cluster is laggy
[  421.773261][   T63] libceph: connect (1)[c::]:6789 error -101
[  421.775522][   T63] libceph: mon0 (1)[c::]:6789 connect error
[  421.779740][   T63] libceph: connect (1)[c::]:6789 error -101
[  421.781918][   T63] libceph: mon0 (1)[c::]:6789 connect error
[  421.856320][T13142] usb 8-1: new low-speed USB device number 18 using dummy_hcd
[  421.870135][    C2] ldusb 6-1:0.0: usb_submit_urb failed (-19)
[  421.870168][   T63] usb 6-1: USB disconnect, device number 21
[  421.891502][   T63] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  422.037568][ T6001] libceph: connect (1)[c::]:6789 error -101
[  422.042445][ T6001] libceph: mon0 (1)[c::]:6789 connect error
[  422.050426][T13142] usb 8-1: config index 0 descriptor too short (expected 1307, got 27)
[  422.052901][T13142] usb 8-1: config 0 has an invalid interface number: 0 but max is -1
[  422.055795][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0
[  422.058514][T13142] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  422.061751][T13142] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  422.064693][T13142] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  422.072750][T13142] usb 8-1: string descriptor 0 read error: -22
[  422.076393][T13142] usb 8-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  422.079070][T13142] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.084281][T13142] usb 8-1: config 0 descriptor??
[  422.086518][T14220] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  422.093806][T13142] hub 8-1:0.0: bad descriptor, ignoring hub
[  422.095667][T13142] hub 8-1:0.0: probe with driver hub failed with error -5
[  422.101809][T13142] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input23
[  422.328116][T14222] ceph: No mds server is up or the cluster is laggy
[  423.269829][   T39] audit: type=1326 audit(1736651496.757:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14232 comm="syz.0.2317" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x0
[  424.100435][T14242] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  424.118986][T14242] option changes via remount are deprecated (pid=14240 comm=syz.0.2320)
[  424.135500][T14247] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  424.637799][  T976] usb 8-1: USB disconnect, device number 18
[  424.696552][T14247] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  424.699374][T14247] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  424.701919][T14247] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  424.704464][T14247] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  424.707486][T14247] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  424.715360][T14247] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  424.991264][T13142] libceph: connect (1)[c::]:6789 error -13
[  424.993063][T13142] libceph: mon0 (1)[c::]:6789 connect error
[  425.246524][T13142] libceph: connect (1)[c::]:6789 error -13
[  425.248408][T13142] libceph: mon0 (1)[c::]:6789 connect error
[  425.538865][T14264] ceph: No mds server is up or the cluster is laggy
[  426.066363][ T5979] usb 9-1: new low-speed USB device number 22 using dummy_hcd
[  426.347712][ T5979] usb 9-1: config index 0 descriptor too short (expected 1307, got 27)
[  426.351148][ T5979] usb 9-1: config 0 has an invalid interface number: 0 but max is -1
[  426.353746][ T5979] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 0
[  426.359824][ T5979] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  426.366088][ T5979] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  426.375195][ T5979] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  426.385992][ T5979] usb 9-1: string descriptor 0 read error: -22
[  426.387922][ T5979] usb 9-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  426.390506][ T5979] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.394005][ T5979] usb 9-1: config 0 descriptor??
[  426.396086][T14283] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  426.401695][ T5979] hub 9-1:0.0: bad descriptor, ignoring hub
[  426.403468][ T5979] hub 9-1:0.0: probe with driver hub failed with error -5
[  426.411267][ T5979] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input24
[  426.610170][    C2] usb_acecad 9-1:0.0: can't resubmit intr, dummy_hcd.4-1/input0, status -1
[  426.626152][T14299] netlink: 192 bytes leftover after parsing attributes in process `syz.3.2334'.
[  426.638068][T14299] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2334'.
[  426.641602][T14299] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2334'.
[  426.716576][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout
[  426.718235][ T5940] Bluetooth: hci1: command 0x0405 tx timeout
[  426.720064][ T5947] Bluetooth: hci3: command 0x0406 tx timeout
[  426.720508][ T5940] Bluetooth: hci0: command 0x0406 tx timeout
[  428.106612][T14329] netlink: 'syz.1.2338': attribute type 1 has an invalid length.
[  428.111934][T14329] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2338'.
[  428.499892][T14331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2339'.
[  428.522781][T14333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2340'.
[  428.793245][    T9] usb 9-1: USB disconnect, device number 22
[  428.797764][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout
[  429.268698][T14341] FAULT_INJECTION: forcing a failure.
[  429.268698][T14341] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  429.278318][T14341] CPU: 0 UID: 0 PID: 14341 Comm: syz.4.2343 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  429.281217][T14341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  429.284106][T14341] Call Trace:
[  429.284998][T14341]  <TASK>
[  429.285816][T14341]  dump_stack_lvl+0x16c/0x1f0
[  429.287129][T14341]  should_fail_ex+0x497/0x5b0
[  429.288390][T14341]  ? fs_reclaim_acquire+0xae/0x150
[  429.289857][T14341]  should_fail_alloc_page+0xe7/0x130
[  429.291344][T14341]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  429.293074][T14341]  __alloc_pages_noprof+0x190/0x25b0
[  429.294580][T14341]  ? hlock_class+0x4e/0x130
[  429.295835][T14341]  ? __lock_acquire+0x15a9/0x3c40
[  429.297178][T14341]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  429.298747][T14341]  ? __pfx___lock_acquire+0x10/0x10
[  429.300186][T14341]  ? lock_acquire.part.0+0x11b/0x380
[  429.301681][T14341]  ? find_held_lock+0x2d/0x110
[  429.303009][T14341]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  429.304572][T14341]  ? policy_nodemask+0xea/0x4e0
[  429.305937][T14341]  alloc_pages_mpol_noprof+0x2c9/0x610
[  429.307440][T14341]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  429.309013][T14341]  ? do_raw_spin_unlock+0x172/0x230
[  429.310430][T14341]  ? _raw_spin_unlock+0x28/0x50
[  429.311784][T14341]  ? swap_swapcount+0x13c/0x220
[  429.313112][T14341]  ? __pfx_swap_swapcount+0x10/0x10
[  429.314597][T14341]  folio_alloc_mpol_noprof+0x36/0xd0
[  429.316065][T14341]  __read_swap_cache_async+0x50a/0x660
[  429.317553][T14341]  ? __pfx___read_swap_cache_async+0x10/0x10
[  429.319216][T14341]  ? mpol_shared_policy_lookup+0xf6/0x150
[  429.320760][T14341]  ? __pfx_shmem_get_policy+0x10/0x10
[  429.322326][T14341]  read_swap_cache_async+0xc1/0x1b0
[  429.323822][T14341]  ? __pfx_read_swap_cache_async+0x10/0x10
[  429.325502][T14341]  ? xas_pause+0x21e/0x3f0
[  429.326804][T14341]  madvise_vma_behavior+0x111c/0x1da0
[  429.328349][T14341]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  429.329990][T14341]  ? find_vma_prev+0xdb/0x160
[  429.331346][T14341]  ? __pfx_find_vma_prev+0x10/0x10
[  429.332817][T14341]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  429.334405][T14341]  ? do_madvise+0x25b/0x770
[  429.335705][T14341]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  429.337285][T14341]  madvise_walk_vmas+0x1cf/0x2c0
[  429.338667][T14341]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  429.340232][T14341]  do_madvise+0x30e/0x770
[  429.341486][T14341]  ? find_held_lock+0x2d/0x110
[  429.342873][T14341]  ? __pfx_do_madvise+0x10/0x10
[  429.344285][T14341]  ? __might_fault+0x13b/0x190
[  429.345681][T14341]  ? __pfx_lock_release+0x10/0x10
[  429.347136][T14341]  ? lock_acquire+0x2f/0xb0
[  429.348456][T14341]  ? __might_fault+0xe3/0x190
[  429.349827][T14341]  ? __might_fault+0xe3/0x190
[  429.351188][T14341]  __ia32_sys_madvise+0xa7/0x110
[  429.352622][T14341]  __do_fast_syscall_32+0x73/0x120
[  429.354109][T14341]  do_fast_syscall_32+0x32/0x80
[  429.355517][T14341]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  429.357335][T14341] RIP: 0023:0xf7f84579
[  429.358516][T14341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  429.363964][T14341] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[  429.366426][T14341] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000060005f
[  429.368688][T14341] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[  429.370958][T14341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  429.373207][T14341] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  429.375481][T14341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  429.377762][T14341]  </TASK>
[  429.566546][T14329] vivid-003: disconnect
[  430.087530][T14327] vivid-003: reconnect
[  430.090630][  T976] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  430.139720][T14369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2350'.
[  430.156545][    T9] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  430.237161][  T976] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  430.240954][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.244335][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.248211][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.250971][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.253587][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.256781][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.259513][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.262195][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.265258][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.268044][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.270567][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.273750][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.276566][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.279106][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.282161][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.284959][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.287904][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.290969][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.293631][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.296303][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.299370][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.302029][  T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  430.304572][  T976] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  430.305147][T14373] random: crng reseeded on system resumption
[  430.307899][  T976] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.313200][  T976] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  430.315776][  T976] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  430.315779][T14373] FAULT_INJECTION: forcing a failure.
[  430.315779][T14373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  430.318420][  T976] usb 5-1: Product: syz
[  430.323823][T14373] CPU: 2 UID: 0 PID: 14373 Comm: syz.1.2351 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  430.324667][  T976] usb 5-1: Manufacturer: syz
[  430.327987][T14373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.327998][T14373] Call Trace:
[  430.328002][T14373]  <TASK>
[  430.328008][T14373]  dump_stack_lvl+0x16c/0x1f0
[  430.328026][T14373]  should_fail_ex+0x497/0x5b0
[  430.328042][T14373]  _copy_from_iter+0x29b/0x1400
[  430.328057][T14373]  ? trace_lock_acquire+0x14e/0x1f0
[  430.328072][T14373]  ? __alloc_skb+0x200/0x380
[  430.328087][T14373]  ? __pfx__copy_from_iter+0x10/0x10
[  430.329573][    T9] usb 8-1: Using ep0 maxpacket: 32
[  430.332506][T14373]  ? __virt_addr_valid+0x1a4/0x590
[  430.333610][  T976] usb 5-1: SerialNumber: syz
[  430.334330][T14373]  ? __virt_addr_valid+0x5e/0x590
[  430.334346][T14373]  ? __phys_addr_symbol+0x30/0x80
[  430.334358][T14373]  ? __check_object_size+0x488/0x710
[  430.334375][T14373]  netlink_sendmsg+0x813/0xd70
[  430.337260][    T9] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  430.338613][T14373]  ? __pfx_netlink_sendmsg+0x10/0x10
[  430.344073][  T976] usb 5-1: config 0 descriptor??
[  430.344486][T14373]  ____sys_sendmsg+0x9ae/0xb40
[  430.346081][    T9] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  430.347327][T14373]  ? __pfx_____sys_sendmsg+0x10/0x10
[  430.347342][T14373]  ? get_compat_msghdr+0x11b/0x170
[  430.347358][T14373]  ___sys_sendmsg+0x135/0x1e0
[  430.347374][T14373]  ? __pfx____sys_sendmsg+0x10/0x10
[  430.347394][T14373]  ? __pfx_lock_release+0x10/0x10
[  430.347404][T14373]  ? trace_lock_acquire+0x14e/0x1f0
[  430.347422][T14373]  ? __fget_files+0x206/0x3a0
[  430.347438][T14373]  __sys_sendmsg+0x16e/0x220
[  430.347453][T14373]  ? __pfx___sys_sendmsg+0x10/0x10
[  430.347475][T14373]  __do_fast_syscall_32+0x73/0x120
[  430.349162][    T9] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  430.350330][T14373]  do_fast_syscall_32+0x32/0x80
[  430.350347][T14373]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.350363][T14373] RIP: 0023:0xf713e579
[  430.350373][T14373] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.350383][T14373] RSP: 002b:00000000f513055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  430.350394][T14373] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000200016c0
[  430.350401][T14373] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  430.353706][  T976] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  430.355593][T14373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.355602][T14373] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.355609][T14373] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.355621][T14373]  </TASK>
[  430.357593][    T9] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  430.414705][    T9] usb 8-1: config 0 interface 0 has no altsetting 0
[  430.420572][    T9] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  430.423355][    T9] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  430.425812][    T9] usb 8-1: Product: syz
[  430.427268][    T9] usb 8-1: Manufacturer: syz
[  430.428701][    T9] usb 8-1: SerialNumber: syz
[  430.431494][    T9] usb 8-1: config 0 descriptor??
[  430.434842][    T9] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  430.438319][    T9] ldusb 8-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  430.562207][    T9] usb 5-1: USB disconnect, device number 22
[  430.564703][    T9] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  430.605148][T14379] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  430.877139][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout
[  431.063043][   T63] usb 8-1: USB disconnect, device number 19
[  431.066043][   T63] ldusb 8-1:0.0: LD USB Device #1 now disconnected
[  431.158371][T14389] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  431.415292][T14378] Process accounting resumed
[  432.109475][T14401] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2359'.
[  433.146403][T13142] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  433.297144][T13142] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  433.301210][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.303903][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.307267][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.310214][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.312827][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.315966][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.322003][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.324727][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.328126][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.331560][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.338018][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.341215][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.344006][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.347756][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.350971][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.353667][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.359239][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.362415][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.365086][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.369056][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.372222][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.374892][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  433.379724][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  433.384976][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  433.390517][T13142] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  433.393867][T13142] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  433.399038][T13142] usb 8-1: Product: syz
[  433.401246][T13142] usb 8-1: Manufacturer: syz
[  433.404941][T13142] usb 8-1: SerialNumber: syz
[  433.410275][T13142] usb 8-1: config 0 descriptor??
[  433.419842][T13142] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  433.621250][T13142] usb 8-1: USB disconnect, device number 20
[  433.623784][T13142] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  434.216876][T14438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2370'.
[  434.301009][T14443] IPv6: NLM_F_CREATE should be specified when creating new route
[  434.557408][T14452] FAULT_INJECTION: forcing a failure.
[  434.557408][T14452] name failslab, interval 1, probability 0, space 0, times 0
[  434.561033][T14452] CPU: 2 UID: 0 PID: 14452 Comm: syz.3.2373 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  434.564100][T14452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.567200][T14452] Call Trace:
[  434.568173][T14452]  <TASK>
[  434.569035][T14452]  dump_stack_lvl+0x16c/0x1f0
[  434.570417][T14452]  should_fail_ex+0x497/0x5b0
[  434.571810][T14452]  ? fs_reclaim_acquire+0xae/0x150
[  434.573314][T14452]  should_failslab+0xc2/0x120
[  434.574701][T14452]  __kmalloc_cache_noprof+0x68/0x420
[  434.576239][T14452]  nf_tables_newflowtable+0x623/0x2270
[  434.577852][T14452]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[  434.579513][T14452]  ? __pfx___nla_validate_parse+0x10/0x10
[  434.581158][T14452]  ? net_generic+0xea/0x2a0
[  434.582490][T14452]  ? __pfx_lock_release+0x10/0x10
[  434.583954][T14452]  ? __nla_parse+0x40/0x60
[  434.585276][T14452]  nfnetlink_rcv_batch+0x1a2a/0x24e0
[  434.586839][T14452]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  434.588572][T14452]  ? __pfx_lock_release+0x10/0x10
[  434.590028][T14452]  ? __local_bh_enable_ip+0xa4/0x120
[  434.591562][T14452]  ? lockdep_hardirqs_on+0x7c/0x110
[  434.593077][T14452]  ? __pfx___dev_queue_xmit+0x10/0x10
[  434.594748][T14452]  ? __nla_parse+0x40/0x60
[  434.596053][T14452]  nfnetlink_rcv+0x3c3/0x430
[  434.597425][T14452]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  434.598923][T14452]  netlink_unicast+0x53c/0x7f0
[  434.600326][T14452]  ? __pfx_netlink_unicast+0x10/0x10
[  434.601866][T14452]  ? __phys_addr_symbol+0x30/0x80
[  434.603331][T14452]  ? __check_object_size+0x488/0x710
[  434.604878][T14452]  netlink_sendmsg+0x8b8/0xd70
[  434.606458][T14452]  ? __pfx_netlink_sendmsg+0x10/0x10
[  434.607990][T14452]  ____sys_sendmsg+0x9ae/0xb40
[  434.609390][T14452]  ? __pfx_____sys_sendmsg+0x10/0x10
[  434.610949][T14452]  ? get_compat_msghdr+0x11b/0x170
[  434.612435][T14452]  ___sys_sendmsg+0x135/0x1e0
[  434.613822][T14452]  ? __pfx____sys_sendmsg+0x10/0x10
[  434.615342][T14452]  ? __pfx_lock_release+0x10/0x10
[  434.616794][T14452]  ? trace_lock_acquire+0x14e/0x1f0
[  434.618306][T14452]  ? __fget_files+0x206/0x3a0
[  434.619674][T14452]  __sys_sendmsg+0x16e/0x220
[  434.621023][T14452]  ? __pfx___sys_sendmsg+0x10/0x10
[  434.622528][T14452]  __do_fast_syscall_32+0x73/0x120
[  434.624019][T14452]  do_fast_syscall_32+0x32/0x80
[  434.625427][T14452]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.627281][T14452] RIP: 0023:0xf7fd5579
[  434.628457][T14452] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  434.633903][T14452] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  434.636274][T14452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  434.638552][T14452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  434.640789][T14452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.643032][T14452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  434.645279][T14452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.647556][T14452]  </TASK>
[  434.717090][T14459] random: crng reseeded on system resumption
[  434.928932][T14467] 9pnet_fd: Insufficient options for proto=fd
[  434.965463][T14470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2380'.
[  435.036315][   T63] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  435.039607][T13142] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  435.098559][T14473] vlan0: entered promiscuous mode
[  435.108975][T14473] team0: Port device vlan0 added
[  435.114528][T14473] tipc: Started in network mode
[  435.117978][T14473] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  435.120524][T14473] tipc: Enabled bearer <eth:team0>, priority 0
[  435.133512][ T5947] Bluetooth: hci2: sending frame failed (-49)
[  435.140129][ T5940] Bluetooth: hci2: Opcode 0x1003 failed: -49
[  435.187316][   T63] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  435.190603][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.194107][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.198821][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.201941][T13142] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  435.205895][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.210126][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.213603][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.221564][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.225952][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.233630][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.247611][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.251228][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.255397][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.260958][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.263631][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.267631][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.271091][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.275230][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.279417][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.282187][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.284856][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.288362][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.291210][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.294692][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.298994][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.301586][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.304365][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.308663][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.311420][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.314961][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.319264][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.323320][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.326968][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.331225][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.331280][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.336411][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.339889][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.342836][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.345497][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.349126][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.351321][   T63] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.353880][   T63] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.357137][   T63] usb 6-1: config 0 interface 0 has no altsetting 0
[  435.359762][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.362333][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.365433][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.370684][T13142] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  435.373503][T13142] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  435.377853][T13142] usb 8-1: config 0 interface 0 has no altsetting 0
[  435.380448][   T63] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  435.383785][   T63] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  435.387112][   T63] usb 6-1: Product: syz
[  435.388756][   T63] usb 6-1: Manufacturer: syz
[  435.390679][   T63] usb 6-1: SerialNumber: syz
[  435.393472][T13142] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  435.399272][   T63] usb 6-1: config 0 descriptor??
[  435.401104][T13142] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  435.404248][T13142] usb 8-1: Product: syz
[  435.405776][T13142] usb 8-1: Manufacturer: syz
[  435.409077][T13142] usb 8-1: SerialNumber: syz
[  435.422722][   T63] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  435.432790][T13142] usb 8-1: config 0 descriptor??
[  435.447244][T13142] yurex 8-1:0.0: USB YUREX device now attached to Yurex #1
[  435.617758][T13142] usb 6-1: USB disconnect, device number 22
[  435.621297][T13142] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  435.811281][T14027] usb 8-1: USB disconnect, device number 21
[  435.815172][T14027] yurex 8-1:0.0: USB YUREX #1 now disconnected
[  436.170075][T13142] IPVS: starting estimator thread 0...
[  436.266820][T14493] IPVS: using max 18 ests per chain, 43200 per kthread
[  436.293611][T13142] tipc: Node number set to 11578026
[  436.573267][T14504] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2390'.
[  436.823473][T14509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2391'.
[  437.190756][T14532] vivid-007: disconnect
[  437.366415][ T5898] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  437.481486][T14531] vivid-007: reconnect
[  437.541147][ T5898] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  437.544491][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.547669][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.551248][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.554587][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.558142][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.561734][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.564409][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.567578][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.571158][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.573799][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.576626][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.579781][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.582687][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.585532][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.593303][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.596078][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.599530][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.602752][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.605494][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.608546][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.611607][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.614401][ T5898] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  437.617303][ T5898] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  437.620578][ T5898] usb 9-1: config 0 interface 0 has no altsetting 0
[  437.624071][ T5898] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  437.627247][ T5898] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  437.629705][ T5898] usb 9-1: Product: syz
[  437.630925][ T5898] usb 9-1: Manufacturer: syz
[  437.632675][ T5898] usb 9-1: SerialNumber: syz
[  437.634947][ T5898] usb 9-1: config 0 descriptor??
[  437.643037][ T5898] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  437.651283][T14544] FAULT_INJECTION: forcing a failure.
[  437.651283][T14544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.655129][T14544] CPU: 2 UID: 0 PID: 14544 Comm: syz.1.2402 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  437.658250][T14544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.661538][T14544] Call Trace:
[  437.662861][T14544]  <TASK>
[  437.664034][T14544]  dump_stack_lvl+0x16c/0x1f0
[  437.665955][T14544]  should_fail_ex+0x497/0x5b0
[  437.667860][T14544]  _copy_to_iter+0x29b/0x1400
[  437.669770][T14544]  ? trace_lock_acquire+0x14e/0x1f0
[  437.671871][T14544]  ? __pfx__copy_to_iter+0x10/0x10
[  437.673940][T14544]  ? __virt_addr_valid+0x1a4/0x590
[  437.675988][T14544]  ? __virt_addr_valid+0x5e/0x590
[  437.678010][T14544]  ? __phys_addr_symbol+0x30/0x80
[  437.679921][T14544]  ? __check_object_size+0x488/0x710
[  437.681435][T14544]  seq_read_iter+0xd00/0x12b0
[  437.682794][T14544]  proc_reg_read_iter+0x21d/0x310
[  437.684246][T14544]  vfs_read+0x87f/0xbe0
[  437.685441][T14544]  ? __pfx_vfs_read+0x10/0x10
[  437.686811][T14544]  ksys_read+0x12b/0x250
[  437.688149][T14544]  ? __pfx_ksys_read+0x10/0x10
[  437.689619][T14544]  __do_fast_syscall_32+0x73/0x120
[  437.691092][T14544]  do_fast_syscall_32+0x32/0x80
[  437.692489][T14544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  437.694323][T14544] RIP: 0023:0xf713e579
[  437.695497][T14544] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  437.700944][T14544] RSP: 002b:00000000f513055c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  437.703325][T14544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  437.706450][T14544] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  437.709571][T14544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.712697][T14544] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  437.715842][T14544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.719025][T14544]  </TASK>
[  437.752905][T14546] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2403'.
[  437.800126][T14548] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  437.846137][ T5979] usb 9-1: USB disconnect, device number 23
[  437.849179][ T5979] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  437.960830][T14555] FAULT_INJECTION: forcing a failure.
[  437.960830][T14555] name failslab, interval 1, probability 0, space 0, times 0
[  437.964307][T14555] CPU: 0 UID: 0 PID: 14555 Comm: syz.1.2406 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  437.967317][T14555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.970414][T14555] Call Trace:
[  437.971404][T14555]  <TASK>
[  437.972267][T14555]  dump_stack_lvl+0x16c/0x1f0
[  437.973653][T14555]  should_fail_ex+0x497/0x5b0
[  437.975028][T14555]  ? fs_reclaim_acquire+0xae/0x150
[  437.976504][T14555]  should_failslab+0xc2/0x120
[  437.977888][T14555]  __kmalloc_noprof+0xce/0x4f0
[  437.979286][T14555]  ? tomoyo_realpath_from_path+0xbf/0x710
[  437.980952][T14555]  tomoyo_realpath_from_path+0xbf/0x710
[  437.982599][T14555]  ? tomoyo_path_number_perm+0x235/0x5b0
[  437.984274][T14555]  tomoyo_path_number_perm+0x248/0x5b0
[  437.985888][T14555]  ? tomoyo_path_number_perm+0x235/0x5b0
[  437.987537][T14555]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  437.989300][T14555]  ? inode_to_bdi+0x9e/0x160
[  437.990666][T14555]  ? file_ra_state_init+0x39/0xe0
[  437.992132][T14555]  ? generic_file_open+0x89/0xb0
[  437.993582][T14555]  ? do_dentry_open+0xa56/0x1ea0
[  437.995022][T14555]  ? __pfx_shmem_file_open+0x10/0x10
[  437.996577][T14555]  security_file_ioctl+0x9b/0x240
[  437.998096][T14555]  ovl_security_fileattr+0xf6/0x170
[  437.999617][T14555]  ? __pfx_ovl_fileattr_get+0x10/0x10
[  438.001184][T14555]  ovl_fileattr_get+0xe2/0x300
[  438.002586][T14555]  ? __pfx_ovl_fileattr_get+0x10/0x10
[  438.004179][T14555]  ? tomoyo_path_number_perm+0x190/0x5b0
[  438.005813][T14555]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  438.007636][T14555]  ? __pfx_ovl_fileattr_get+0x10/0x10
[  438.009199][T14555]  do_vfs_ioctl+0x8c0/0x1950
[  438.010565][T14555]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  438.012048][T14555]  ? __pfx_lock_release+0x10/0x10
[  438.013532][T14555]  ? trace_lock_acquire+0x14e/0x1f0
[  438.015058][T14555]  ? __fget_files+0x206/0x3a0
[  438.016447][T14555]  __do_compat_sys_ioctl+0x148/0x2c0
[  438.017999][T14555]  __do_fast_syscall_32+0x73/0x120
[  438.019501][T14555]  do_fast_syscall_32+0x32/0x80
[  438.020925][T14555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  438.022775][T14555] RIP: 0023:0xf713e579
[  438.023983][T14555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  438.029517][T14555] RSP: 002b:00000000f513055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  438.031914][T14555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000801c581f
[  438.034206][T14555] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  438.036480][T14555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  438.038809][T14555] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  438.041075][T14555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  438.043358][T14555]  </TASK>
[  438.045439][T14555] ERROR: Out of memory at tomoyo_realpath_from_path.
[  438.380802][T14582] FAULT_INJECTION: forcing a failure.
[  438.380802][T14582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.384490][T14582] CPU: 3 UID: 0 PID: 14582 Comm: syz.4.2416 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  438.387509][T14582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  438.390542][T14582] Call Trace:
[  438.391506][T14582]  <TASK>
[  438.392367][T14582]  dump_stack_lvl+0x16c/0x1f0
[  438.393810][T14582]  should_fail_ex+0x497/0x5b0
[  438.395211][T14582]  _copy_from_user+0x2e/0xd0
[  438.396543][T14582]  video_usercopy+0xc64/0x1520
[  438.397924][T14582]  ? __pfx___video_do_ioctl+0x10/0x10
[  438.399430][T14582]  ? __pfx_video_usercopy+0x10/0x10
[  438.400929][T14582]  v4l2_ioctl+0x1ba/0x250
[  438.402150][T14582]  ? __fget_files+0x1f1/0x3a0
[  438.403444][T14582]  v4l2_compat_ioctl32+0x214/0x2c0
[  438.404915][T14582]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  438.406518][T14582]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  438.407980][T14582]  __do_fast_syscall_32+0x73/0x120
[  438.409415][T14582]  do_fast_syscall_32+0x32/0x80
[  438.410791][T14582]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  438.412526][T14582] RIP: 0023:0xf7f84579
[  438.413684][T14582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  438.418960][T14582] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  438.421242][T14582] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0d05605
[  438.423486][T14582] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  438.425661][T14582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  438.427859][T14582] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  438.430077][T14582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  438.432302][T14582]  </TASK>
[  438.534533][T14596] FAULT_INJECTION: forcing a failure.
[  438.534533][T14596] name failslab, interval 1, probability 0, space 0, times 0
[  438.538810][T14596] CPU: 3 UID: 0 PID: 14596 Comm: syz.1.2420 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  438.541624][T14596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  438.544369][T14596] Call Trace:
[  438.545237][T14596]  <TASK>
[  438.546025][T14596]  dump_stack_lvl+0x16c/0x1f0
[  438.547290][T14596]  should_fail_ex+0x497/0x5b0
[  438.548513][T14596]  ? fs_reclaim_acquire+0xae/0x150
[  438.549867][T14596]  should_failslab+0xc2/0x120
[  438.551099][T14596]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  438.552486][T14596]  ? do_epoll_ctl+0x1185/0x35d0
[  438.553780][T14596]  do_epoll_ctl+0x1185/0x35d0
[  438.555019][T14596]  ? find_held_lock+0x2d/0x110
[  438.556304][T14596]  ? __pfx_do_epoll_ctl+0x10/0x10
[  438.557637][T14596]  ? __might_fault+0xe3/0x190
[  438.558868][T14596]  ? __ia32_sys_epoll_ctl+0x15c/0x1e0
[  438.560293][T14596]  __ia32_sys_epoll_ctl+0x15c/0x1e0
[  438.561675][T14596]  ? __pfx___ia32_sys_epoll_ctl+0x10/0x10
[  438.563172][T14596]  __do_fast_syscall_32+0x73/0x120
[  438.564533][T14596]  do_fast_syscall_32+0x32/0x80
[  438.565899][T14596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  438.567600][T14596] RIP: 0023:0xf713e579
[  438.568646][T14596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  438.573633][T14596] RSP: 002b:00000000f513055c EFLAGS: 00000296 ORIG_RAX: 00000000000000ff
[  438.575775][T14596] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000001
[  438.577826][T14596] RDX: 0000000000000005 RSI: 0000000020000100 RDI: 0000000000000000
[  438.579894][T14596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  438.581947][T14596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  438.583986][T14596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  438.586033][T14596]  </TASK>
[  438.617354][T14599] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2421'.
[  439.170297][T14613] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2427'.
[  439.352817][   T39] audit: type=1326 audit(1736651512.837:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.3.2429" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd5579 code=0x0
[  439.406702][T14620] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  439.437493][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  440.223263][T14644] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2437'.
[  440.272793][T14645] netlink: 'syz.4.2436': attribute type 39 has an invalid length.
[  441.053870][ T5947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  441.060355][ T5947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  441.063234][ T5947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  441.072262][ T5947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  441.077909][ T5947] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  441.080342][ T5947] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  441.100176][   T64] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.130738][T14657] 8021q: adding VLAN 0 to HW filter on device bond2
[  441.133175][T14657] bridge0: port 3(bond2) entered blocking state
[  441.135081][T14657] bridge0: port 3(bond2) entered disabled state
[  441.137451][T14657] bond2: entered allmulticast mode
[  441.139602][T14657] bond2: entered promiscuous mode
[  441.141553][T14657] bridge0: port 3(bond2) entered blocking state
[  441.143669][T14657] bridge0: port 3(bond2) entered forwarding state
[  441.185167][T14660] kvm: MWAIT instruction emulated as NOP!
[  441.206873][   T64] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.298182][   T64] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.314661][T14654] chnl_net:caif_netlink_parms(): no params data found
[  441.385733][   T64] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.390349][T14674] block nbd4: Device being setup by another task
[  441.479764][T14654] bridge0: port 1(bridge_slave_0) entered blocking state
[  441.482596][T14654] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.484713][T14654] bridge_slave_0: entered allmulticast mode
[  441.487436][T14654] bridge_slave_0: entered promiscuous mode
[  441.490234][T14654] bridge0: port 2(bridge_slave_1) entered blocking state
[  441.492384][T14654] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.494468][T14654] bridge_slave_1: entered allmulticast mode
[  441.496777][T14654] bridge_slave_1: entered promiscuous mode
[  441.529739][T14654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  441.535392][T14654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  441.610855][T14654] team0: Port device team_slave_0 added
[  441.614067][T14654] team0: Port device team_slave_1 added
[  441.634909][T14654] batman_adv: batadv0: Adding interface: batadv_slave_0
[  441.637565][T14654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.644972][T14654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  441.648537][   T64] bridge_slave_1: left allmulticast mode
[  441.650555][   T64] bridge_slave_1: left promiscuous mode
[  441.653885][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.660094][   T64] bridge_slave_0: left promiscuous mode
[  441.661813][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.868698][T14654] batman_adv: batadv0: Adding interface: batadv_slave_1
[  441.870865][T14654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  441.879863][T14654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.925268][T14654] hsr_slave_0: entered promiscuous mode
[  441.938472][T14654] hsr_slave_1: entered promiscuous mode
[  441.940499][T14654] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  441.942722][T14654] Cannot create hsr debugfs directory
[  442.037230][ T5947] block nbd4: Receive control failed (result -32)
[  442.037979][T14664] block nbd4: shutting down sockets
[  442.100572][ T1139] bridge0: port 3(bond2) entered disabled state
[  442.149263][T14692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2446'.
[  442.300206][   T64] hsr_slave_0: left promiscuous mode
[  442.302270][   T64] hsr_slave_1: left promiscuous mode
[  442.304368][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.308382][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.311243][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.313647][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.343762][   T64] bridge_slave_0: left allmulticast mode
[  442.345625][   T64] veth1_macvtap: left promiscuous mode
[  442.348495][   T64] veth0_macvtap: left promiscuous mode
[  442.350130][   T64] veth1_vlan: left promiscuous mode
[  442.351690][   T64] veth0_vlan: left promiscuous mode
[  442.824403][T14717] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  442.836167][T14717] FAULT_INJECTION: forcing a failure.
[  442.836167][T14717] name failslab, interval 1, probability 0, space 0, times 0
[  442.842372][T14717] CPU: 3 UID: 0 PID: 14717 Comm: syz.3.2450 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  442.846381][T14717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  442.850491][T14717] Call Trace:
[  442.851809][T14717]  <TASK>
[  442.852959][T14717]  dump_stack_lvl+0x16c/0x1f0
[  442.854814][T14717]  should_fail_ex+0x497/0x5b0
[  442.856675][T14717]  ? fs_reclaim_acquire+0xae/0x150
[  442.858689][T14717]  should_failslab+0xc2/0x120
[  442.860574][T14717]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  442.862669][T14717]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  442.865084][T14717]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  442.867447][T14717]  mmu_topup_memory_caches+0x22/0xd0
[  442.869557][T14717]  kvm_mmu_load+0xda/0x21f0
[  442.871337][T14717]  ? kvm_apic_has_interrupt+0xb6/0x190
[  442.873437][T14717]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  442.875701][T14717]  ? vmx_get_rflags+0x100/0x420
[  442.877609][T14717]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  442.879790][T14717]  ? __pfx_kvm_mmu_load+0x10/0x10
[  442.881750][T14717]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  442.883715][T14717]  ? kvm_check_and_inject_events+0x725/0x12e0
[  442.886151][T14717]  ? record_steal_time+0x51/0xbe0
[  442.888100][T14717]  vcpu_run+0x2e2e/0x4c00
[  442.889788][T14717]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  442.891920][T14717]  ? __pfx_vcpu_run+0x10/0x10
[  442.893690][T14717]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  442.895783][T14717]  ? rcu_is_watching+0x12/0xc0
[  442.897649][T14717]  ? trace_lock_acquire+0x14e/0x1f0
[  442.899634][T14717]  ? __local_bh_enable_ip+0xa4/0x120
[  442.901617][T14717]  ? lockdep_hardirqs_on+0x7c/0x110
[  442.903505][T14717]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  442.905561][T14717]  ? lock_acquire+0x2f/0xb0
[  442.907181][T14717]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  442.909227][T14717]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  442.911289][T14717]  kvm_vcpu_ioctl+0x6ce/0x1520
[  442.913079][T14717]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  442.915185][T14717]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  442.917082][T14717]  ? tomoyo_path_number_perm+0x190/0x5b0
[  442.919189][T14717]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  442.921496][T14717]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  442.923734][T14717]  ? do_vfs_ioctl+0x513/0x1950
[  442.925583][T14717]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  442.927527][T14717]  ? __pfx_lock_release+0x10/0x10
[  442.929451][T14717]  ? trace_lock_acquire+0x14e/0x1f0
[  442.931417][T14717]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  442.933390][T14717]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  442.935634][T14717]  ? __fget_files+0x206/0x3a0
[  442.937505][T14717]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  442.939706][T14717]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  442.941705][T14717]  __do_fast_syscall_32+0x73/0x120
[  442.943674][T14717]  do_fast_syscall_32+0x32/0x80
[  442.945569][T14717]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  442.947979][T14717] RIP: 0023:0xf7fd5579
[  442.949548][T14717] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  442.956660][T14717] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  442.959789][T14717] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000000ae80
[  442.962696][T14717] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  442.965646][T14717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  442.968576][T14717] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  442.971485][T14717] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  442.974442][T14717]  </TASK>
[  443.118775][ T5947] Bluetooth: hci2: command tx timeout
[  443.452455][   T64] team0 (unregistering): Port device team_slave_1 removed
[  443.550446][   T64] team0 (unregistering): Port device team_slave_0 removed
[  444.115889][T14738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2455'.
[  444.197031][T14724] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2452'.
[  444.202164][T14734] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2454'.
[  444.275291][T14742] usb usb4: usbfs: process 14742 (syz.3.2456) did not claim interface 0 before use
[  444.279646][T14742] FAULT_INJECTION: forcing a failure.
[  444.279646][T14742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  444.284582][T14742] CPU: 0 UID: 0 PID: 14742 Comm: syz.3.2456 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  444.288500][T14742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  444.292384][T14742] Call Trace:
[  444.293642][T14742]  <TASK>
[  444.294826][T14742]  dump_stack_lvl+0x16c/0x1f0
[  444.296627][T14742]  should_fail_ex+0x497/0x5b0
[  444.298414][T14742]  _copy_to_user+0x32/0xd0
[  444.300062][T14742]  simple_read_from_buffer+0xd0/0x160
[  444.301967][T14742]  proc_fail_nth_read+0x198/0x270
[  444.303922][T14742]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  444.306055][T14742]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  444.308134][T14742]  vfs_read+0x1df/0xbe0
[  444.309705][T14742]  ? __fget_files+0x1fc/0x3a0
[  444.311467][T14742]  ? __pfx___mutex_lock+0x10/0x10
[  444.313341][T14742]  ? __pfx_vfs_read+0x10/0x10
[  444.315113][T14742]  ? __fget_files+0x206/0x3a0
[  444.316841][T14742]  ksys_read+0x12b/0x250
[  444.318337][T14742]  ? __pfx_ksys_read+0x10/0x10
[  444.320134][T14742]  __do_fast_syscall_32+0x73/0x120
[  444.322053][T14742]  do_fast_syscall_32+0x32/0x80
[  444.323911][T14742]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.326285][T14742] RIP: 0023:0xf7fd5579
[  444.327810][T14742] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  444.334858][T14742] RSP: 002b:00000000f5126590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  444.337926][T14742] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5126620
[  444.340838][T14742] RDX: 000000000000000f RSI: 00000000f7463ff4 RDI: 0000000000000000
[  444.343770][T14742] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  444.346701][T14742] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  444.349678][T14742] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.351969][T14742]  </TASK>
[  444.618260][T14654] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  444.620981][T13142] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[  444.639952][T14654] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  444.651490][T14654] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  444.664992][T14654] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  444.688886][T14778] netlink: 'syz.0.2465': attribute type 4 has an invalid length.
[  444.696554][T14778] netlink: 'syz.0.2465': attribute type 4 has an invalid length.
[  444.723051][T14654] 8021q: adding VLAN 0 to HW filter on device bond0
[  444.739803][T14654] 8021q: adding VLAN 0 to HW filter on device team0
[  444.745323][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.747482][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  444.754539][T14783] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  444.771025][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.773120][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.779615][T13142] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.782727][T13142] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.787069][T13142] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  444.791715][T13142] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  444.794303][T13142] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.798120][T13142] usb 9-1: config 0 descriptor??
[  444.819006][T14783] ieee802154 phy1 wpan1: encryption failed: -22
[  444.859659][T14795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2467'.
[  444.907419][T14654] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.924419][T14654] veth0_vlan: entered promiscuous mode
[  444.929822][T14654] veth1_vlan: entered promiscuous mode
[  444.943009][T14654] veth0_macvtap: entered promiscuous mode
[  444.950129][T14654] veth1_macvtap: entered promiscuous mode
[  444.961958][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.965140][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.969028][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.972012][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.974782][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.978253][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.981118][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.984166][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.987841][T14654] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.992328][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.995489][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.998621][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  445.001547][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.004324][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  445.007427][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.010193][T14654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  445.013123][T14654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  445.024158][T14654] batman_adv: batadv0: Interface activated: batadv_slave_1
[  445.033290][T14654] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.035839][T14654] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  445.038542][T14654] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  445.041063][T14654] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  445.072600][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.074865][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.087607][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.089865][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.184282][T14814] FAULT_INJECTION: forcing a failure.
[  445.184282][T14814] name failslab, interval 1, probability 0, space 0, times 0
[  445.188358][T14814] CPU: 3 UID: 0 PID: 14814 Comm: syz.3.2472 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  445.191468][T14814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.194526][T14814] Call Trace:
[  445.195599][T14814]  <TASK>
[  445.196380][ T5947] Bluetooth: hci2: command tx timeout
[  445.196449][T14814]  dump_stack_lvl+0x16c/0x1f0
[  445.199423][T14814]  should_fail_ex+0x497/0x5b0
[  445.200837][T14814]  ? fs_reclaim_acquire+0xae/0x150
[  445.202321][T14814]  should_failslab+0xc2/0x120
[  445.203701][T14814]  __kmalloc_noprof+0xce/0x4f0
[  445.205126][T14814]  ? d_absolute_path+0x137/0x1b0
[  445.206616][T14814]  ? tomoyo_encode2+0x100/0x3e0
[  445.208036][T14814]  tomoyo_encode2+0x100/0x3e0
[  445.209628][T14814]  tomoyo_realpath_from_path+0x1a7/0x710
[  445.211707][T14814]  tomoyo_path_perm+0x276/0x480
[  445.213599][T14814]  ? tomoyo_path_perm+0x262/0x480
[  445.215588][T14814]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  445.217691][T14814]  ? lock_acquire.part.0+0x11b/0x380
[  445.219784][T14814]  ? do_raw_spin_lock+0x12d/0x2c0
[  445.221796][T14814]  ? simple_lookup+0x12c/0x180
[  445.223693][T14814]  ? lookup_one_qstr_excl+0x39/0x190
[  445.225812][T14814]  tomoyo_path_symlink+0x98/0xe0
[  445.227793][T14814]  ? __pfx_tomoyo_path_symlink+0x10/0x10
[  445.228796][T13142] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  445.230009][T14814]  ? get_current_fs_domain+0x184/0x1f0
[  445.234193][T14814]  security_path_symlink+0x152/0x2e0
[  445.234904][T13142] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  445.236217][T14814]  do_symlinkat+0x10e/0x310
[  445.236248][T14814]  ? __pfx_do_symlinkat+0x10/0x10
[  445.236272][T14814]  ? getname_flags.part.0+0x1c5/0x550
[  445.236306][T14814]  __ia32_sys_symlinkat+0x93/0xc0
[  445.236332][T14814]  __do_fast_syscall_32+0x73/0x120
[  445.244700][T13142] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  445.245863][T14814]  do_fast_syscall_32+0x32/0x80
[  445.253633][T14814]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.256007][T14814] RIP: 0023:0xf7fd5579
[  445.257650][T14814] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  445.264873][T14814] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000130
[  445.268032][T14814] RAX: ffffffffffffffda RBX: 0000000020000440 RCX: 0000000000000005
[  445.271036][T14814] RDX: 0000000020000340 RSI: 0000000000000000 RDI: 0000000000000000
[  445.274061][T14814] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  445.277038][T14814] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  445.279998][T14814] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  445.283173][T14814]  </TASK>
[  445.297117][T14814] ERROR: Out of memory at tomoyo_realpath_from_path.
[  445.421021][T14027] IPVS: starting estimator thread 0...
[  445.428859][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  445.432776][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  445.436944][ T5940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  445.449497][ T5940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  445.465457][ T5940] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  445.467964][ T5940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  445.506747][T14821] IPVS: using max 38 ests per chain, 91200 per kthread
[  445.593334][T14820] chnl_net:caif_netlink_parms(): no params data found
[  445.692492][T14820] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.694759][T14820] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.698113][T14820] bridge_slave_0: entered allmulticast mode
[  445.700556][T14820] bridge_slave_0: entered promiscuous mode
[  445.704286][T14820] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.706759][T14820] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.708910][T14820] bridge_slave_1: entered allmulticast mode
[  445.711333][T14820] bridge_slave_1: entered promiscuous mode
[  445.766894][T14820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.774879][T14820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  445.912161][T14820] team0: Port device team_slave_0 added
[  445.919621][T14820] team0: Port device team_slave_1 added
[  445.920089][T14838] overlayfs: failed to resolve './file0': -2
[  445.957708][T14820] batman_adv: batadv0: Adding interface: batadv_slave_0
[  445.959863][T14820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  445.968928][T14820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  445.972891][T14820] batman_adv: batadv0: Adding interface: batadv_slave_1
[  445.974929][T14820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  445.984745][T14820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  445.993290][T14842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2477'.
[  446.008702][T14820] hsr_slave_0: entered promiscuous mode
[  446.011385][T14820] hsr_slave_1: entered promiscuous mode
[  446.013530][T14820] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  446.017306][T14820] Cannot create hsr debugfs directory
[  446.092296][T14820] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.172766][T14820] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.261251][T14820] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.351815][T14820] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.523183][T14820] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  446.530936][T14820] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  446.534508][T14820] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  446.544197][T14820] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  446.589726][T14820] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.601016][T14820] 8021q: adding VLAN 0 to HW filter on device team0
[  446.609175][T14872] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.611282][T14872] bridge0: port 1(bridge_slave_0) entered forwarding state
[  446.617702][T14872] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.619740][T14872] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.711854][T14820] 8021q: adding VLAN 0 to HW filter on device batadv0
[  446.732482][T14820] veth0_vlan: entered promiscuous mode
[  446.737515][T14820] veth1_vlan: entered promiscuous mode
[  446.748792][T14820] veth0_macvtap: entered promiscuous mode
[  446.753471][T14820] veth1_macvtap: entered promiscuous mode
[  446.759531][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  446.762487][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.765312][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  446.768649][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.771988][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  446.775502][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.779797][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  446.783304][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.786886][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  446.790377][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.794514][T14820] batman_adv: batadv0: Interface activated: batadv_slave_0
[  446.800384][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  446.804006][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.807934][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  446.811454][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.814755][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  446.818392][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.821684][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  446.825192][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.828732][T14820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  446.831751][T14820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  446.835195][T14820] batman_adv: batadv0: Interface activated: batadv_slave_1
[  446.841787][T14820] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  446.844195][T14820] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  446.847131][T14820] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  446.850146][T14820] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  446.882762][T14875] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  446.885400][T14875] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  446.895965][T14870] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  446.898594][T14870] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  447.210638][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2485'.
[  447.276292][ T5940] Bluetooth: hci2: command tx timeout
[  447.416879][T14907] overlay: Unknown parameter '/'
[  447.420012][T14027] usb 9-1: USB disconnect, device number 24
[  447.452925][T14907] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  447.456867][T14907] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  447.460666][T14907] overlayfs: missing 'lowerdir'
[  447.516426][ T5940] Bluetooth: hci3: command tx timeout
[  447.873424][T13459] libceph: connect (1)[c::]:6789 error -13
[  447.875240][T13459] libceph: mon0 (1)[c::]:6789 connect error
[  447.884223][T14914] usb 2-1: USB disconnect, device number 2
[  447.908645][T14916] ceph: No mds server is up or the cluster is laggy
[  447.910955][T14027] usb 9-1: new low-speed USB device number 25 using dummy_hcd
[  447.985856][T13459] libceph: connect (1)[c::]:6789 error -13
[  447.989810][T13459] libceph: mon0 (1)[c::]:6789 connect error
[  448.003320][T14921] ceph: No mds server is up or the cluster is laggy
[  448.059464][T14027] usb 9-1: config index 0 descriptor too short (expected 1307, got 27)
[  448.066395][T14027] usb 9-1: config 0 has an invalid interface number: 0 but max is -1
[  448.069513][T14027] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 0
[  448.072845][T14027] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  448.090010][T14027] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  448.095539][T14027] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  448.109279][T14027] usb 9-1: string descriptor 0 read error: -22
[  448.111700][T14027] usb 9-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  448.126251][T14027] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.131434][T14027] usb 9-1: config 0 descriptor??
[  448.134125][T14912] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  448.139658][T14027] hub 9-1:0.0: bad descriptor, ignoring hub
[  448.141829][T14027] hub 9-1:0.0: probe with driver hub failed with error -5
[  448.146106][T14027] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input25
[  448.323479][T14939] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2494'.
[  448.539514][T14946] FAULT_INJECTION: forcing a failure.
[  448.539514][T14946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  448.544488][T14946] CPU: 0 UID: 0 PID: 14946 Comm: syz.3.2495 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  448.548587][T14946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  448.552792][T14946] Call Trace:
[  448.554117][T14946]  <TASK>
[  448.555273][T14946]  dump_stack_lvl+0x16c/0x1f0
[  448.557124][T14946]  should_fail_ex+0x497/0x5b0
[  448.558988][T14946]  _copy_to_user+0x32/0xd0
[  448.560735][T14946]  simple_read_from_buffer+0xd0/0x160
[  448.562805][T14946]  proc_fail_nth_read+0x198/0x270
[  448.564824][T14946]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  448.567012][T14946]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  448.569104][T14946]  vfs_read+0x1df/0xbe0
[  448.570764][T14946]  ? __fget_files+0x1fc/0x3a0
[  448.572692][T14946]  ? __pfx___mutex_lock+0x10/0x10
[  448.574713][T14946]  ? __pfx_vfs_read+0x10/0x10
[  448.576621][T14946]  ? __fget_files+0x206/0x3a0
[  448.578454][T14946]  ksys_read+0x12b/0x250
[  448.580011][T14946]  ? __pfx_ksys_read+0x10/0x10
[  448.581862][T14946]  __do_fast_syscall_32+0x73/0x120
[  448.583952][T14946]  do_fast_syscall_32+0x32/0x80
[  448.585898][T14946]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  448.588416][T14946] RIP: 0023:0xf7fd5579
[  448.589991][T14946] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  448.597630][T14946] RSP: 002b:00000000f5126590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  448.600747][T14946] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5126620
[  448.603760][T14946] RDX: 000000000000000f RSI: 00000000f7463ff4 RDI: 0000000000000000
[  448.606792][T14946] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  448.609725][T14946] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  448.612860][T14946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  448.615996][T14946]  </TASK>
[  448.829321][T14956] FAULT_INJECTION: forcing a failure.
[  448.829321][T14956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  448.834274][T14956] CPU: 1 UID: 0 PID: 14956 Comm: syz.3.2499 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  448.838228][T14956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  448.842233][T14956] Call Trace:
[  448.843522][T14956]  <TASK>
[  448.844668][T14956]  dump_stack_lvl+0x16c/0x1f0
[  448.846476][T14956]  should_fail_ex+0x497/0x5b0
[  448.848259][T14956]  _copy_to_user+0x32/0xd0
[  448.849954][T14956]  simple_read_from_buffer+0xd0/0x160
[  448.851965][T14956]  proc_fail_nth_read+0x198/0x270
[  448.853872][T14956]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  448.855946][T14956]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  448.858049][T14956]  vfs_read+0x1df/0xbe0
[  448.859623][T14956]  ? __fget_files+0x1fc/0x3a0
[  448.861415][T14956]  ? __pfx___mutex_lock+0x10/0x10
[  448.863298][T14956]  ? __pfx_vfs_read+0x10/0x10
[  448.865099][T14956]  ? __fget_files+0x206/0x3a0
[  448.866878][T14956]  ksys_read+0x12b/0x250
[  448.868459][T14956]  ? __pfx_ksys_read+0x10/0x10
[  448.870263][T14956]  __do_fast_syscall_32+0x73/0x120
[  448.872211][T14956]  do_fast_syscall_32+0x32/0x80
[  448.874040][T14956]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  448.876388][T14956] RIP: 0023:0xf7fd5579
[  448.878060][T14956] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  448.885219][T14956] RSP: 002b:00000000f5126590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  448.888350][T14956] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5126620
[  448.891298][T14956] RDX: 000000000000000f RSI: 00000000f7463ff4 RDI: 0000000000000000
[  448.894238][T14956] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  448.897176][T14956] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  448.900113][T14956] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  448.903074][T14956]  </TASK>
[  449.356453][ T5940] Bluetooth: hci2: command tx timeout
[  449.596344][ T5940] Bluetooth: hci3: command tx timeout
[  450.024950][T14969] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  450.207846][T14972] FAULT_INJECTION: forcing a failure.
[  450.207846][T14972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.212293][T14972] CPU: 2 UID: 0 PID: 14972 Comm: syz.1.2504 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  450.215374][T14972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.218461][T14972] Call Trace:
[  450.219421][T14972]  <TASK>
[  450.220338][T14972]  dump_stack_lvl+0x16c/0x1f0
[  450.221843][T14972]  should_fail_ex+0x497/0x5b0
[  450.223330][T14972]  _copy_to_user+0x32/0xd0
[  450.224606][T14972]  sg_ioctl+0x1e58/0x26b0
[  450.225839][T14972]  ? __pfx_sg_ioctl+0x10/0x10
[  450.227198][T14972]  ? __pfx_lock_release+0x10/0x10
[  450.228601][T14972]  ? trace_lock_acquire+0x14e/0x1f0
[  450.230116][T14972]  ? __fget_files+0x206/0x3a0
[  450.231508][T14972]  ? __pfx_sg_ioctl+0x10/0x10
[  450.232845][T14972]  compat_ptr_ioctl+0x6b/0xa0
[  450.234355][T14972]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  450.235886][T14972]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  450.237393][T14972]  __do_fast_syscall_32+0x73/0x120
[  450.238818][T14972]  do_fast_syscall_32+0x32/0x80
[  450.240200][T14972]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  450.241987][T14972] RIP: 0023:0xf7f55579
[  450.243168][T14972] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.248751][T14972] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  450.251137][T14972] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000002286
[  450.253400][T14972] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  450.255891][T14972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  450.259006][T14972] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  450.261927][T14972] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.264793][T14972]  </TASK>
[  450.352358][T14974] random: crng reseeded on system resumption
[  450.584102][ T5939] usb 9-1: USB disconnect, device number 25
[  451.570435][T15014] syz.0.2515: attempt to access beyond end of device
[  451.570435][T15014] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  451.574319][T15014] efs: cannot read volume header
[  451.686862][ T5940] Bluetooth: hci3: command tx timeout
[  452.150888][T13142] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  452.303415][T13142] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  452.305947][T13142] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  452.309622][T13142] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  452.312715][T13142] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  452.316008][T13142] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  452.320411][T13142] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  452.331597][T13142] usb 5-1: string descriptor 0 read error: -22
[  452.333853][T13142] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  452.337680][T13142] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.350210][T13142] usb 5-1: config 0 descriptor??
[  452.355256][T15017] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  452.362730][T13142] hub 5-1:0.0: bad descriptor, ignoring hub
[  452.364581][T13142] hub 5-1:0.0: probe with driver hub failed with error -5
[  452.368317][T13142] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input27
[  452.644032][T15077] overlayfs: missing 'lowerdir'
[  452.698285][T15079] FAULT_INJECTION: forcing a failure.
[  452.698285][T15079] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  452.701972][T15079] CPU: 2 UID: 0 PID: 15079 Comm: syz.1.2523 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  452.704991][T15079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  452.708141][T15079] Call Trace:
[  452.709502][T15079]  <TASK>
[  452.710697][T15079]  dump_stack_lvl+0x16c/0x1f0
[  452.712131][T15079]  should_fail_ex+0x497/0x5b0
[  452.713503][T15079]  _copy_to_user+0x32/0xd0
[  452.714791][T15079]  simple_read_from_buffer+0xd0/0x160
[  452.716351][T15079]  proc_fail_nth_read+0x198/0x270
[  452.717808][T15079]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  452.719446][T15079]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  452.721032][T15079]  vfs_read+0x1df/0xbe0
[  452.722247][T15079]  ? __fget_files+0x1fc/0x3a0
[  452.723602][T15079]  ? __pfx___mutex_lock+0x10/0x10
[  452.725059][T15079]  ? __pfx_vfs_read+0x10/0x10
[  452.726427][T15079]  ? __fget_files+0x206/0x3a0
[  452.727782][T15079]  ksys_read+0x12b/0x250
[  452.729412][T15079]  ? __pfx_ksys_read+0x10/0x10
[  452.730794][T15079]  __do_fast_syscall_32+0x73/0x120
[  452.732589][T15079]  do_fast_syscall_32+0x32/0x80
[  452.734555][T15079]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.737026][T15079] RIP: 0023:0xf7f55579
[  452.738673][T15079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  452.746273][T15079] RSP: 002b:00000000f50a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  452.749546][T15079] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50a6620
[  452.752502][T15079] RDX: 000000000000000f RSI: 00000000f73e3ff4 RDI: 0000000000000000
[  452.754754][T15079] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  452.756985][T15079] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  452.759627][T15079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  452.761995][T15079]  </TASK>
[  452.788333][T15081] overlay: Unknown parameter 'uid'
[  453.756350][ T5940] Bluetooth: hci3: command tx timeout
[  454.632013][    T8] usb 5-1: USB disconnect, device number 23
[  454.724295][T15106] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2530'.
[  454.923390][T13142] libceph: connect (1)[c::]:6789 error -13
[  454.925510][T13142] libceph: mon0 (1)[c::]:6789 connect error
[  454.929349][T13142] libceph: connect (1)[c::]:6789 error -13
[  454.931919][T13142] libceph: mon0 (1)[c::]:6789 connect error
[  455.186643][T13142] libceph: connect (1)[c::]:6789 error -13
[  455.189387][T13142] libceph: mon0 (1)[c::]:6789 connect error
[  455.525597][T15115] ceph: No mds server is up or the cluster is laggy
[  455.611535][T15133] FAULT_INJECTION: forcing a failure.
[  455.611535][T15133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.616636][T15133] CPU: 3 UID: 0 PID: 15133 Comm: syz.0.2539 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  455.620594][T15133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.624559][T15133] Call Trace:
[  455.625935][T15133]  <TASK>
[  455.627107][T15133]  dump_stack_lvl+0x16c/0x1f0
[  455.628877][T15133]  should_fail_ex+0x497/0x5b0
[  455.630646][T15133]  _copy_to_user+0x32/0xd0
[  455.632299][T15133]  simple_read_from_buffer+0xd0/0x160
[  455.634155][T15133]  proc_fail_nth_read+0x198/0x270
[  455.636197][T15133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  455.638274][T15133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  455.640316][T15133]  vfs_read+0x1df/0xbe0
[  455.641878][T15133]  ? __fget_files+0x1fc/0x3a0
[  455.643631][T15133]  ? __pfx___mutex_lock+0x10/0x10
[  455.645551][T15133]  ? __pfx_vfs_read+0x10/0x10
[  455.647338][T15133]  ? __fget_files+0x206/0x3a0
[  455.649158][T15133]  ksys_read+0x12b/0x250
[  455.650871][T15133]  ? __pfx_ksys_read+0x10/0x10
[  455.652736][T15133]  __do_fast_syscall_32+0x73/0x120
[  455.654723][T15133]  do_fast_syscall_32+0x32/0x80
[  455.656566][T15133]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  455.658904][T15133] RIP: 0023:0xf710e579
[  455.660457][T15133] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  455.667671][T15133] RSP: 002b:00000000f5100590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  455.670551][T15133] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f5100620
[  455.672801][T15133] RDX: 000000000000000f RSI: 00000000f7443ff4 RDI: 0000000000000000
[  455.675093][T15133] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  455.677369][T15133] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  455.679629][T15133] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  455.681910][T15133]  </TASK>
[  456.006541][T13459] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  456.157254][T13459] usb 5-1: device descriptor read/64, error -71
[  456.278712][T15174] netlink: 'syz.3.2554': attribute type 4 has an invalid length.
[  456.290444][T15174] netlink: 'syz.3.2554': attribute type 4 has an invalid length.
[  456.319019][T15176] unsupported nla_type 256
[  456.396730][T13459] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  456.526312][T13459] usb 5-1: device descriptor read/64, error -71
[  456.638255][T13459] usb usb5-port1: attempt power cycle
[  456.811504][T15185] FAULT_INJECTION: forcing a failure.
[  456.811504][T15185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.816153][T15185] CPU: 2 UID: 0 PID: 15185 Comm: syz.4.2558 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  456.819646][T15185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.822615][T15185] Call Trace:
[  456.823601][T15185]  <TASK>
[  456.824447][T15185]  dump_stack_lvl+0x16c/0x1f0
[  456.825788][T15185]  should_fail_ex+0x497/0x5b0
[  456.827118][T15185]  _copy_to_user+0x32/0xd0
[  456.828434][T15185]  simple_read_from_buffer+0xd0/0x160
[  456.830075][T15185]  proc_fail_nth_read+0x198/0x270
[  456.831581][T15185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  456.833264][T15185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  456.834904][T15185]  vfs_read+0x1df/0xbe0
[  456.836135][T15185]  ? __fget_files+0x1fc/0x3a0
[  456.837744][T15185]  ? __pfx___mutex_lock+0x10/0x10
[  456.839226][T15185]  ? __pfx_vfs_read+0x10/0x10
[  456.840601][T15185]  ? __fget_files+0x206/0x3a0
[  456.842049][T15185]  ksys_read+0x12b/0x250
[  456.843342][T15185]  ? __pfx_ksys_read+0x10/0x10
[  456.844889][T15185]  __do_fast_syscall_32+0x73/0x120
[  456.846311][T15185]  do_fast_syscall_32+0x32/0x80
[  456.847655][T15185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.849544][T15185] RIP: 0023:0xf7f84579
[  456.850724][T15185] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.856066][T15185] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  456.858583][T15185] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50d6620
[  456.860822][T15185] RDX: 000000000000000f RSI: 00000000f7413ff4 RDI: 0000000000000000
[  456.863031][T15185] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  456.865187][T15185] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  456.867144][T15185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.869378][T15185]  </TASK>
[  456.986771][T13459] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  457.006671][T13459] usb 5-1: device descriptor read/8, error -71
[  457.023814][T15190] ubi: mtd0 is already attached to ubi0
[  457.201730][T15205] overlayfs: missing 'lowerdir'
[  457.266348][T13459] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  457.286840][T13459] usb 5-1: device descriptor read/8, error -71
[  457.339827][T15214] FAULT_INJECTION: forcing a failure.
[  457.339827][T15214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  457.343889][T15214] CPU: 1 UID: 0 PID: 15214 Comm: syz.3.2569 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  457.347349][T15214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  457.350630][T15214] Call Trace:
[  457.351810][T15214]  <TASK>
[  457.352763][T15214]  dump_stack_lvl+0x16c/0x1f0
[  457.354473][T15214]  should_fail_ex+0x497/0x5b0
[  457.356194][T15214]  _copy_to_user+0x32/0xd0
[  457.357513][T15214]  simple_read_from_buffer+0xd0/0x160
[  457.359183][T15214]  proc_fail_nth_read+0x198/0x270
[  457.360817][T15214]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  457.362447][T15214]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  457.364046][T15214]  vfs_read+0x1df/0xbe0
[  457.365425][T15214]  ? __fget_files+0x1fc/0x3a0
[  457.366855][T15214]  ? __pfx___mutex_lock+0x10/0x10
[  457.368500][T15214]  ? __pfx_vfs_read+0x10/0x10
[  457.369931][T15214]  ? __fget_files+0x206/0x3a0
[  457.371297][T15214]  ksys_read+0x12b/0x250
[  457.372563][T15214]  ? __pfx_ksys_read+0x10/0x10
[  457.373962][T15214]  __do_fast_syscall_32+0x73/0x120
[  457.375457][T15214]  do_fast_syscall_32+0x32/0x80
[  457.376871][T15214]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  457.378685][T15214] RIP: 0023:0xf7fd5579
[  457.379858][T15214] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  457.385286][T15214] RSP: 002b:00000000f5126590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  457.387770][T15214] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5126620
[  457.390003][T15214] RDX: 000000000000000f RSI: 00000000f7463ff4 RDI: 0000000000000000
[  457.392269][T15214] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  457.394894][T15214] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  457.396391][T13459] usb usb5-port1: unable to enumerate USB device
[  457.397870][T15214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  457.397916][T15214]  </TASK>
[  458.005602][T15219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2571'.
[  458.010081][T15219] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2571'.
[  458.013736][T15219] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2571'.
[  458.201239][   T39] audit: type=1326 audit(1736651531.687:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.209789][   T39] audit: type=1326 audit(1736651531.687:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.218457][   T39] audit: type=1326 audit(1736651531.707:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.227761][   T39] audit: type=1326 audit(1736651531.707:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.236165][   T39] audit: type=1326 audit(1736651531.707:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.244779][   T39] audit: type=1326 audit(1736651531.707:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.253307][   T39] audit: type=1326 audit(1736651531.707:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.261731][   T39] audit: type=1326 audit(1736651531.707:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.270100][   T39] audit: type=1326 audit(1736651531.707:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  458.278539][   T39] audit: type=1326 audit(1736651531.707:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15228 comm="syz.4.2574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  459.039020][T15270] netlink: 344 bytes leftover after parsing attributes in process `syz.3.2587'.
[  459.218097][T15280] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2591'.
[  459.296592][T15281] netlink: 'syz.4.2591': attribute type 4 has an invalid length.
[  459.299151][T15281] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2591'.
[  459.376293][ T5981] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  459.506340][ T5981] usb 8-1: device descriptor read/64, error -71
[  459.746753][ T5981] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  459.886344][ T5981] usb 8-1: device descriptor read/64, error -71
[  460.006487][ T5981] usb usb8-port1: attempt power cycle
[  460.046369][T14027] usb 5-1: new low-speed USB device number 28 using dummy_hcd
[  460.051586][T15296] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  460.198608][T14027] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  460.202066][T14027] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  460.205372][T14027] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  460.208694][T14027] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  460.211954][T14027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  460.214850][T14027] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  460.222033][T14027] usb 5-1: string descriptor 0 read error: -22
[  460.224615][T14027] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  460.228368][T14027] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.237004][T14027] usb 5-1: config 0 descriptor??
[  460.239024][T15289] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  460.241942][T14027] hub 5-1:0.0: bad descriptor, ignoring hub
[  460.243700][T14027] hub 5-1:0.0: probe with driver hub failed with error -5
[  460.246875][T14027] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input30
[  460.278414][    C3] usb_acecad 5-1:0.0: can't resubmit intr, dummy_hcd.0-1/input0, status -1
[  460.366377][ T5981] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  460.396898][ T5981] usb 8-1: device descriptor read/8, error -71
[  460.452370][T14027] usb 5-1: USB disconnect, device number 28
[  460.466393][T13459] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  460.628666][T13459] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  460.632394][T13459] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  460.635816][T13459] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  460.640516][T13459] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  460.645545][T13459] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  460.649358][T13459] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  460.652796][ T5981] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  460.652888][T13459] usb 6-1: config 0 descriptor??
[  460.666879][ T5981] usb 8-1: device descriptor read/8, error -71
[  460.779043][ T5981] usb usb8-port1: unable to enumerate USB device
[  461.211901][T15316] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2603'.
[  461.277965][T15317] netlink: 'syz.0.2603': attribute type 4 has an invalid length.
[  461.280564][T15317] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2603'.
[  461.408090][T13459] usbhid 6-1:0.0: can't add hid device: -71
[  461.409928][T13459] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  461.415180][T13459] usb 6-1: USB disconnect, device number 23
[  462.106423][T13459] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  462.243495][T15332] FAULT_INJECTION: forcing a failure.
[  462.243495][T15332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  462.247301][T15332] CPU: 1 UID: 0 PID: 15332 Comm: syz.3.2609 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  462.251158][T15332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  462.254960][T15332] Call Trace:
[  462.255908][T15332]  <TASK>
[  462.256789][T15332]  dump_stack_lvl+0x16c/0x1f0
[  462.258144][T15332]  should_fail_ex+0x497/0x5b0
[  462.259443][T15332]  strncpy_from_user+0x3b/0x2d0
[  462.261010][T15332]  getname_flags.part.0+0x8f/0x550
[  462.262902][T15332]  getname+0x8d/0xe0
[  462.264398][T15332]  do_sys_openat2+0x104/0x1e0
[  462.266181][T15332]  ? __pfx_do_sys_openat2+0x10/0x10
[  462.268109][T15332]  ? __pfx___seccomp_filter+0x10/0x10
[  462.269822][T15332]  __ia32_compat_sys_open+0x147/0x1e0
[  462.271317][T15332]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  462.272987][T15332]  ? __secure_computing+0x273/0x3f0
[  462.274460][T15332]  __do_fast_syscall_32+0x73/0x120
[  462.275913][T15332]  do_fast_syscall_32+0x32/0x80
[  462.277328][T15332]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  462.279112][T15332] RIP: 0023:0xf7fd5579
[  462.280260][T15332] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  462.285641][T15332] RSP: 002b:00000000f510555c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  462.287978][T15332] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000000000000
[  462.290212][T15332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  462.292427][T15332] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  462.294611][T15332] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  462.296851][T15332] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  462.299071][T15332]  </TASK>
[  462.436322][ T5978] usb 5-1: new low-speed USB device number 29 using dummy_hcd
[  462.587704][ T5978] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  462.590337][ T5978] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  462.592780][ T5978] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  462.595445][ T5978] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  462.599107][ T5978] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  462.602705][ T5978] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  462.609095][ T5978] usb 5-1: string descriptor 0 read error: -22
[  462.611194][ T5978] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  462.613916][ T5978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.622080][ T5978] usb 5-1: config 0 descriptor??
[  462.624045][T15329] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  462.628245][ T5978] hub 5-1:0.0: bad descriptor, ignoring hub
[  462.630308][ T5978] hub 5-1:0.0: probe with driver hub failed with error -5
[  462.634204][ T5978] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input31
[  462.832045][ T5981] usb 5-1: USB disconnect, device number 29
[  463.096988][T15342] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  463.099023][T15342] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  463.103028][T15342] vhci_hcd vhci_hcd.0: Device attached
[  463.356413][T13459] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  463.397113][T15356] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2617'.
[  463.414192][T15356] bridge0: port 1(bridge_slave_0) entered disabled state
[  463.712803][T15362] program syz.0.2619 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  463.928023][T15343] vhci_hcd: connection reset by peer
[  463.933014][T14868] vhci_hcd: stop threads
[  463.935359][T14868] vhci_hcd: release socket
[  463.938145][T14868] vhci_hcd: disconnect device
[  464.392503][T13142] libceph: connect (1)[c::]:6789 error -13
[  464.394513][T13142] libceph: mon0 (1)[c::]:6789 connect error
[  464.450516][T15374] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  464.534572][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2623'.
[  464.610910][T15368] ceph: No mds server is up or the cluster is laggy
[  464.870359][T15387] random: crng reseeded on system resumption
[  464.876491][ T4447] usb 8-1: new low-speed USB device number 27 using dummy_hcd
[  464.893294][T15390] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2627'.
[  464.958673][T15387] ebtables: wrong size: *len 80, entries_size 48, replsz 48
[  465.038968][ T4447] usb 8-1: config index 0 descriptor too short (expected 1307, got 27)
[  465.042694][ T4447] usb 8-1: config 0 has an invalid interface number: 0 but max is -1
[  465.045981][ T4447] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0
[  465.049836][ T4447] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  465.053871][ T4447] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  465.057485][ T4447] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  465.063880][ T4447] usb 8-1: string descriptor 0 read error: -22
[  465.066391][ T4447] usb 8-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  465.068929][ T4447] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.073005][ T4447] usb 8-1: config 0 descriptor??
[  465.075419][T15383] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  465.079111][ T4447] hub 8-1:0.0: bad descriptor, ignoring hub
[  465.081921][ T4447] hub 8-1:0.0: probe with driver hub failed with error -5
[  465.084967][ T4447] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input32
[  465.088338][T15393] fuse: Bad value for 'user_id'
[  465.089743][T15393] fuse: Bad value for 'user_id'
[  465.147331][T15395] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2629'.
[  465.331022][ T5981] usb 8-1: USB disconnect, device number 27
[  466.166386][T15420] input: syz1 as /devices/virtual/input/input33
[  467.245857][T13142] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  467.376800][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  467.376816][   T39] audit: type=1326 audit(1736651540.867:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.386337][T13142] usb 8-1: device descriptor read/64, error -71
[  467.386966][   T39] audit: type=1326 audit(1736651540.867:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.396685][   T39] audit: type=1326 audit(1736651540.867:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.404548][   T39] audit: type=1326 audit(1736651540.867:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.409797][T15457] tipc: Failed to remove unknown binding: 66,1,1/0:1938129391/1938129393
[  467.417924][T15457] tipc: Failed to remove unknown binding: 66,1,1/0:1938129391/1938129393
[  467.423036][   T39] audit: type=1326 audit(1736651540.867:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.431512][   T39] audit: type=1326 audit(1736651540.867:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.439715][   T39] audit: type=1326 audit(1736651540.867:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.447670][   T39] audit: type=1326 audit(1736651540.867:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.449755][T15460] netlink: 'syz.1.2648': attribute type 10 has an invalid length.
[  467.455384][   T39] audit: type=1326 audit(1736651540.867:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.455415][   T39] audit: type=1326 audit(1736651540.867:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15433 comm="syz.1.2641" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7fc00000
[  467.480107][T15460] team0: Cannot enslave team device to itself
[  467.626345][T13142] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  467.756329][T13142] usb 8-1: device descriptor read/64, error -71
[  467.866352][T13142] usb usb8-port1: attempt power cycle
[  468.216342][T13142] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  468.237292][T13142] usb 8-1: device descriptor read/8, error -71
[  468.282637][T15474] fuse: Bad value for 'fd'
[  468.284869][T15476] fuse: Bad value for 'fd'
[  468.440830][T15466] uprobe: syz.4.2650:15466 failed to unregister, leaking uprobe
[  468.486414][T13142] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  468.486438][T13459] vhci_hcd: vhci_device speed not set
[  468.711914][T13142] usb 8-1: device descriptor read/8, error -71
[  469.138279][T13142] usb usb8-port1: unable to enumerate USB device
[  469.462424][T15497] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2659'.
[  470.017463][T15509] netlink: 'syz.3.2663': attribute type 4 has an invalid length.
[  470.019607][T15509] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2663'.
[  470.226342][ T5981] usb 9-1: new low-speed USB device number 26 using dummy_hcd
[  470.377515][ T5981] usb 9-1: config index 0 descriptor too short (expected 1307, got 27)
[  470.379872][ T5981] usb 9-1: config 0 has an invalid interface number: 0 but max is -1
[  470.382213][ T5981] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 0
[  470.384711][ T5981] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  470.388425][ T5981] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  470.391205][ T5981] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  470.498581][ T5981] usb 9-1: string descriptor 0 read error: -22
[  470.500409][ T5981] usb 9-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  470.502856][ T5981] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.505823][ T5981] usb 9-1: config 0 descriptor??
[  470.508585][T15507] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  470.513092][ T5981] hub 9-1:0.0: bad descriptor, ignoring hub
[  470.514755][ T5981] hub 9-1:0.0: probe with driver hub failed with error -5
[  470.517898][ T5981] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input35
[  470.721250][T13459] usb 9-1: USB disconnect, device number 26
[  472.136306][T13459] usb 5-1: new low-speed USB device number 30 using dummy_hcd
[  472.287929][T13459] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  472.290613][T13459] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  472.292913][T13459] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  472.295343][T13459] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  472.298829][T13459] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  472.301624][T13459] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  472.308238][T13459] usb 5-1: string descriptor 0 read error: -22
[  472.310210][T13459] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  472.312696][T13459] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.315756][T13459] usb 5-1: config 0 descriptor??
[  472.317804][T15546] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  472.320271][T13459] hub 5-1:0.0: bad descriptor, ignoring hub
[  472.322187][T13459] hub 5-1:0.0: probe with driver hub failed with error -5
[  472.325511][T13459] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input36
[  472.541652][ T5898] usb 5-1: USB disconnect, device number 30
[  472.636357][T13459] usb 8-1: new low-speed USB device number 32 using dummy_hcd
[  472.787424][T13459] usb 8-1: config index 0 descriptor too short (expected 1307, got 27)
[  472.789799][T13459] usb 8-1: config 0 has an invalid interface number: 0 but max is -1
[  472.792476][T13459] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0
[  472.795015][T13459] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  472.798323][T13459] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  472.801204][T13459] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  472.807448][T13459] usb 8-1: string descriptor 0 read error: -22
[  472.809246][T13459] usb 8-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  472.811844][T13459] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.814969][T13459] usb 8-1: config 0 descriptor??
[  472.817252][T15565] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  472.820693][T13459] hub 8-1:0.0: bad descriptor, ignoring hub
[  472.822986][T13459] hub 8-1:0.0: probe with driver hub failed with error -5
[  472.826646][T13459] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input37
[  473.027045][T13459] usb 8-1: USB disconnect, device number 32
[  473.999868][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  474.006772][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  474.011598][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  474.021873][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  474.024943][ T5947] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  474.033742][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  474.096580][T15597] chnl_net:caif_netlink_parms(): no params data found
[  474.203780][T15597] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.206012][T15597] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.208715][T15597] bridge_slave_0: entered allmulticast mode
[  474.211133][T15597] bridge_slave_0: entered promiscuous mode
[  474.213900][T15597] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.216056][T15597] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.219480][T15597] bridge_slave_1: entered allmulticast mode
[  474.223063][T15597] bridge_slave_1: entered promiscuous mode
[  474.270246][T15597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  474.274206][T15597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  474.302000][T15597] team0: Port device team_slave_0 added
[  474.305791][T15597] team0: Port device team_slave_1 added
[  474.332354][T15597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  474.334416][T15597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.343560][T15597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  474.351094][T15597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  474.353732][T15597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.361393][T15597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  474.393816][T15597] hsr_slave_0: entered promiscuous mode
[  474.397855][T15597] hsr_slave_1: entered promiscuous mode
[  474.401488][T15597] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  474.404046][T15597] Cannot create hsr debugfs directory
[  474.498440][T15597] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.595349][T15597] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.664284][T15597] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.710735][T15615] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2693'.
[  474.714473][T15615] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2693'.
[  474.729846][T15597] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.829846][T15597] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  474.833362][T15597] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  474.838502][T15597] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  474.847614][T15597] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  474.888798][T15597] 8021q: adding VLAN 0 to HW filter on device bond0
[  474.898714][T15597] 8021q: adding VLAN 0 to HW filter on device team0
[  474.902612][T14872] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.904604][T14872] bridge0: port 1(bridge_slave_0) entered forwarding state
[  474.912333][T14870] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.914529][T14870] bridge0: port 2(bridge_slave_1) entered forwarding state
[  475.002644][T15597] 8021q: adding VLAN 0 to HW filter on device batadv0
[  475.019618][T15597] veth0_vlan: entered promiscuous mode
[  475.023334][T15597] veth1_vlan: entered promiscuous mode
[  475.036538][T15597] veth0_macvtap: entered promiscuous mode
[  475.039444][T15597] veth1_macvtap: entered promiscuous mode
[  475.045552][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.049727][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.052504][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.055487][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.058409][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.061257][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.063850][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.067238][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.070848][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.073711][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.076659][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.079551][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.083426][T15597] batman_adv: batadv0: Interface activated: batadv_slave_0
[  475.088003][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  475.090872][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.093549][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  475.097230][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.099930][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  475.102775][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.105486][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  475.108682][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.111434][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  475.114400][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.117843][T15597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  475.120799][T15597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.124036][T15597] batman_adv: batadv0: Interface activated: batadv_slave_1
[  475.132162][T15597] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  475.134664][T15597] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  475.137256][T15597] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  475.139580][T15597] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  475.190530][T14872] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  475.193513][T14872] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.218070][T14872] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  475.222791][T14872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.993205][T15647] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2701'.
[  476.421000][T15669] FAULT_INJECTION: forcing a failure.
[  476.421000][T15669] name failslab, interval 1, probability 0, space 0, times 0
[  476.425063][T15669] CPU: 2 UID: 0 PID: 15669 Comm: syz.4.2709 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  476.428115][T15669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  476.431035][T15669] Call Trace:
[  476.431981][T15669]  <TASK>
[  476.432809][T15669]  dump_stack_lvl+0x16c/0x1f0
[  476.434149][T15669]  should_fail_ex+0x497/0x5b0
[  476.435525][T15669]  ? fs_reclaim_acquire+0xae/0x150
[  476.437033][T15669]  should_failslab+0xc2/0x120
[  476.438394][T15669]  __kmalloc_cache_noprof+0x68/0x420
[  476.439909][T15669]  ? __pfx___folio_start_writeback+0x10/0x10
[  476.441633][T15669]  ? do_raw_spin_lock+0x12d/0x2c0
[  476.443087][T15669]  netfs_buffer_make_space+0x432/0x6b0
[  476.444654][T15669]  netfs_buffer_append_folio+0x298/0x360
[  476.446224][T15669]  netfs_write_folio+0x540/0x1930
[  476.447632][T15669]  netfs_writepages+0x29a/0x8f0
[  476.448995][T15669]  ? __pfx_netfs_writepages+0x10/0x10
[  476.450488][T15669]  ? is_bpf_text_address+0x30/0x1a0
[  476.451949][T15669]  ? __pfx___lock_acquire+0x10/0x10
[  476.453392][T15669]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  476.455094][T15669]  ? is_bpf_text_address+0x94/0x1a0
[  476.456562][T15669]  ? __pfx_netfs_writepages+0x10/0x10
[  476.458067][T15669]  do_writepages+0x1b3/0x820
[  476.459365][T15669]  ? __pfx_do_writepages+0x10/0x10
[  476.460886][T15669]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  476.462613][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.464026][T15669]  ? do_raw_spin_lock+0x12d/0x2c0
[  476.465447][T15669]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  476.466978][T15669]  ? lock_acquire+0x2f/0xb0
[  476.468250][T15669]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  476.469926][T15669]  ? do_raw_spin_unlock+0x172/0x230
[  476.471371][T15669]  filemap_fdatawrite_wbc+0x104/0x160
[  476.472852][T15669]  __filemap_fdatawrite_range+0xb3/0xf0
[  476.474384][T15669]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  476.476122][T15669]  ? v9fs_fid_lookup+0xe9/0xec0
[  476.477493][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.478924][T15669]  v9fs_vfs_setattr+0x93a/0xab0
[  476.480315][T15669]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  476.481845][T15669]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  476.483554][T15669]  ? evm_inode_setattr+0x65/0x680
[  476.484974][T15669]  ? __pfx_make_vfsgid+0x10/0x10
[  476.486367][T15669]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  476.487877][T15669]  notify_change+0x6a6/0x1230
[  476.489228][T15669]  do_truncate+0x15c/0x220
[  476.490526][T15669]  ? __pfx_do_truncate+0x10/0x10
[  476.491925][T15669]  ? get_current_fs_domain+0x184/0x1f0
[  476.493453][T15669]  vfs_truncate+0x3ef/0x4e0
[  476.494744][T15669]  __ia32_compat_sys_truncate+0x173/0x1e0
[  476.496392][T15669]  ? __pfx___ia32_compat_sys_truncate+0x10/0x10
[  476.498187][T15669]  __do_fast_syscall_32+0x73/0x120
[  476.499657][T15669]  do_fast_syscall_32+0x32/0x80
[  476.501030][T15669]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  476.502932][T15669] RIP: 0023:0xf7f84579
[  476.504501][T15669] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  476.511684][T15669] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 000000000000005c
[  476.513995][T15669] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000800
[  476.516217][T15669] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  476.518357][T15669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  476.520552][T15669] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  476.522803][T15669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  476.524990][T15669]  </TASK>
[  476.537448][T15669] ------------[ cut here ]------------
[  476.539049][T15669] WARNING: CPU: 2 PID: 15669 at lib/iov_iter.c:255 _copy_from_iter+0x39b/0x1400
[  476.541678][T15669] Modules linked in:
[  476.543116][T15669] CPU: 2 UID: 0 PID: 15669 Comm: syz.4.2709 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  476.547916][T15669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  476.550866][T15669] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  476.552485][T15669] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 c6 3b 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 b8 3b 02 fd 89 de bf 01 00 00 00 e8 4c
[  476.559677][T15669] RSP: 0018:ffffc900044e6f40 EFLAGS: 00010293
[  476.561420][T15669] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84970f58
[  476.563636][T15669] RDX: ffff888021360000 RSI: ffffffff8497123a RDI: 0000000000000001
[  476.566118][T15669] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000000
[  476.568445][T15669] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880795701a0
[  476.570679][T15669] R13: ffff88806c454e30 R14: ffff8880795701a0 R15: 0000000000000004
[  476.572922][T15669] FS:  0000000000000000(0000) GS:ffff88802b600000(0063) knlGS:00000000f50b5b40
[  476.575501][T15669] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  476.577530][T15669] CR2: 0000000020241000 CR3: 0000000029174000 CR4: 0000000000352ef0
[  476.579826][T15669] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  476.582106][T15669] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  476.584377][T15669] Call Trace:
[  476.585434][T15669]  <TASK>
[  476.586652][T15669]  ? __warn+0xea/0x3c0
[  476.587874][T15669]  ? _copy_from_iter+0x39b/0x1400
[  476.589430][T15669]  ? report_bug+0x3c0/0x580
[  476.590767][T15669]  ? handle_bug+0x54/0xa0
[  476.592035][T15669]  ? exc_invalid_op+0x17/0x50
[  476.593427][T15669]  ? asm_exc_invalid_op+0x1a/0x20
[  476.594901][T15669]  ? _copy_from_iter+0xb8/0x1400
[  476.596502][T15669]  ? _copy_from_iter+0x39a/0x1400
[  476.597985][T15669]  ? _copy_from_iter+0x39b/0x1400
[  476.599455][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.600905][T15669]  ? trace_lock_acquire+0x14e/0x1f0
[  476.602442][T15669]  ? __pfx__copy_from_iter+0x10/0x10
[  476.603932][T15669]  ? __virt_addr_valid+0x1a4/0x590
[  476.605603][T15669]  ? __virt_addr_valid+0x5e/0x590
[  476.607544][T15669]  ? __phys_addr_symbol+0x30/0x80
[  476.609117][T15669]  ? __check_object_size+0x488/0x710
[  476.610584][T15669]  p9pdu_vwritef+0x2cb/0x21d0
[  476.611938][T15669]  ? p9pdu_writef+0xc4/0x100
[  476.613279][T15669]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  476.614741][T15669]  ? __pfx_p9_tag_alloc+0x10/0x10
[  476.616264][T15669]  p9_client_prepare_req+0x244/0x4d0
[  476.617887][T15669]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  476.619467][T15669]  ? hlock_class+0x4e/0x130
[  476.620782][T15669]  ? mark_lock+0xb5/0xc60
[  476.622047][T15669]  p9_client_rpc+0x1c3/0xc10
[  476.623386][T15669]  ? mark_lock+0xb5/0xc60
[  476.624651][T15669]  ? __pfx_p9_client_rpc+0x10/0x10
[  476.626159][T15669]  ? __pfx_register_lock_class+0x10/0x10
[  476.627843][T15669]  ? __pfx_mark_lock+0x10/0x10
[  476.629451][T15669]  ? hlock_class+0x4e/0x130
[  476.630801][T15669]  ? __lock_acquire+0x15a9/0x3c40
[  476.632251][T15669]  p9_client_write+0x31f/0x680
[  476.633642][T15669]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  476.635320][T15669]  ? __pfx_p9_client_write+0x10/0x10
[  476.637017][T15669]  ? find_held_lock+0x2d/0x110
[  476.638400][T15669]  v9fs_issue_write+0xe4/0x1b0
[  476.639769][T15669]  ? __pfx_v9fs_issue_write+0x10/0x10
[  476.641340][T15669]  ? rcu_is_watching+0x12/0xc0
[  476.642709][T15669]  netfs_do_issue_write+0x92/0x110
[  476.644176][T15669]  netfs_advance_write+0x384/0xc80
[  476.645671][T15669]  netfs_write_folio+0xc19/0x1930
[  476.647309][T15669]  netfs_writepages+0x29a/0x8f0
[  476.648704][T15669]  ? __pfx_netfs_writepages+0x10/0x10
[  476.650454][T15669]  ? is_bpf_text_address+0x30/0x1a0
[  476.652505][T15669]  ? __pfx___lock_acquire+0x10/0x10
[  476.654590][T15669]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  476.657128][T15669]  ? is_bpf_text_address+0x94/0x1a0
[  476.659178][T15669]  ? __pfx_netfs_writepages+0x10/0x10
[  476.661122][T15669]  do_writepages+0x1b3/0x820
[  476.662451][T15669]  ? __pfx_do_writepages+0x10/0x10
[  476.663929][T15669]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  476.665659][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.667159][T15669]  ? do_raw_spin_lock+0x12d/0x2c0
[  476.668612][T15669]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  476.670180][T15669]  ? lock_acquire+0x2f/0xb0
[  476.671530][T15669]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  476.673236][T15669]  ? do_raw_spin_unlock+0x172/0x230
[  476.674727][T15669]  filemap_fdatawrite_wbc+0x104/0x160
[  476.676334][T15669]  __filemap_fdatawrite_range+0xb3/0xf0
[  476.677947][T15669]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  476.679737][T15669]  ? v9fs_fid_lookup+0xe9/0xec0
[  476.681181][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.682651][T15669]  v9fs_vfs_setattr+0x93a/0xab0
[  476.684055][T15669]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  476.685592][T15669]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  476.687411][T15669]  ? evm_inode_setattr+0x65/0x680
[  476.688856][T15669]  ? __pfx_make_vfsgid+0x10/0x10
[  476.690292][T15669]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  476.691851][T15669]  notify_change+0x6a6/0x1230
[  476.693244][T15669]  do_truncate+0x15c/0x220
[  476.694525][T15669]  ? __pfx_do_truncate+0x10/0x10
[  476.695963][T15669]  ? get_current_fs_domain+0x184/0x1f0
[  476.697562][T15669]  vfs_truncate+0x3ef/0x4e0
[  476.698871][T15669]  __ia32_compat_sys_truncate+0x173/0x1e0
[  476.700505][T15669]  ? __pfx___ia32_compat_sys_truncate+0x10/0x10
[  476.702324][T15669]  __do_fast_syscall_32+0x73/0x120
[  476.703912][T15669]  do_fast_syscall_32+0x32/0x80
[  476.705309][T15669]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  476.707403][T15669] RIP: 0023:0xf7f84579
[  476.708591][T15669] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  476.714033][T15669] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 000000000000005c
[  476.716709][T15669] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000800
[  476.718977][T15669] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  476.721224][T15669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  476.723468][T15669] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  476.725901][T15669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  476.728196][T15669]  </TASK>
[  476.729107][T15669] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  476.731157][T15669] CPU: 2 UID: 0 PID: 15669 Comm: syz.4.2709 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0
[  476.734168][T15669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  476.737258][T15669] Call Trace:
[  476.738211][T15669]  <TASK>
[  476.739061][T15669]  dump_stack_lvl+0x3d/0x1f0
[  476.740388][T15669]  panic+0x71d/0x800
[  476.741521][T15669]  ? __pfx_panic+0x10/0x10
[  476.742811][T15669]  ? show_trace_log_lvl+0x29d/0x3d0
[  476.744214][T15669]  ? check_panic_on_warn+0x1f/0xb0
[  476.745746][T15669]  ? _copy_from_iter+0x39b/0x1400
[  476.747312][T15669]  check_panic_on_warn+0xab/0xb0
[  476.748730][T15669]  __warn+0xf6/0x3c0
[  476.749872][T15669]  ? _copy_from_iter+0x39b/0x1400
[  476.751314][T15669]  report_bug+0x3c0/0x580
[  476.752553][T15669]  handle_bug+0x54/0xa0
[  476.753763][T15669]  exc_invalid_op+0x17/0x50
[  476.755087][T15669]  asm_exc_invalid_op+0x1a/0x20
[  476.756675][T15669] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  476.758329][T15669] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 c6 3b 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 b8 3b 02 fd 89 de bf 01 00 00 00 e8 4c
[  476.763749][T15669] RSP: 0018:ffffc900044e6f40 EFLAGS: 00010293
[  476.765498][T15669] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84970f58
[  476.767876][T15669] RDX: ffff888021360000 RSI: ffffffff8497123a RDI: 0000000000000001
[  476.770120][T15669] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000000
[  476.772343][T15669] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880795701a0
[  476.774589][T15669] R13: ffff88806c454e30 R14: ffff8880795701a0 R15: 0000000000000004
[  476.776829][T15669]  ? _copy_from_iter+0xb8/0x1400
[  476.778302][T15669]  ? _copy_from_iter+0x39a/0x1400
[  476.779765][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.781220][T15669]  ? trace_lock_acquire+0x14e/0x1f0
[  476.782750][T15669]  ? __pfx__copy_from_iter+0x10/0x10
[  476.784253][T15669]  ? __virt_addr_valid+0x1a4/0x590
[  476.785734][T15669]  ? __virt_addr_valid+0x5e/0x590
[  476.787191][T15669]  ? __phys_addr_symbol+0x30/0x80
[  476.788736][T15669]  ? __check_object_size+0x488/0x710
[  476.790308][T15669]  p9pdu_vwritef+0x2cb/0x21d0
[  476.791662][T15669]  ? p9pdu_writef+0xc4/0x100
[  476.792998][T15669]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  476.794460][T15669]  ? __pfx_p9_tag_alloc+0x10/0x10
[  476.795922][T15669]  p9_client_prepare_req+0x244/0x4d0
[  476.797439][T15669]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  476.799159][T15669]  ? hlock_class+0x4e/0x130
[  476.800467][T15669]  ? mark_lock+0xb5/0xc60
[  476.801727][T15669]  p9_client_rpc+0x1c3/0xc10
[  476.803013][T15669]  ? mark_lock+0xb5/0xc60
[  476.804225][T15669]  ? __pfx_p9_client_rpc+0x10/0x10
[  476.805625][T15669]  ? __pfx_register_lock_class+0x10/0x10
[  476.807215][T15669]  ? __pfx_mark_lock+0x10/0x10
[  476.808544][T15669]  ? hlock_class+0x4e/0x130
[  476.809885][T15669]  ? __lock_acquire+0x15a9/0x3c40
[  476.811418][T15669]  p9_client_write+0x31f/0x680
[  476.812804][T15669]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  476.814480][T15669]  ? __pfx_p9_client_write+0x10/0x10
[  476.815960][T15669]  ? find_held_lock+0x2d/0x110
[  476.817300][T15669]  v9fs_issue_write+0xe4/0x1b0
[  476.818674][T15669]  ? __pfx_v9fs_issue_write+0x10/0x10
[  476.820227][T15669]  ? rcu_is_watching+0x12/0xc0
[  476.822039][T15669]  netfs_do_issue_write+0x92/0x110
[  476.824027][T15669]  netfs_advance_write+0x384/0xc80
[  476.825700][T15669]  netfs_write_folio+0xc19/0x1930
[  476.827160][T15669]  netfs_writepages+0x29a/0x8f0
[  476.828545][T15669]  ? __pfx_netfs_writepages+0x10/0x10
[  476.830093][T15669]  ? is_bpf_text_address+0x30/0x1a0
[  476.831627][T15669]  ? __pfx___lock_acquire+0x10/0x10
[  476.833120][T15669]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  476.834846][T15669]  ? is_bpf_text_address+0x94/0x1a0
[  476.836337][T15669]  ? __pfx_netfs_writepages+0x10/0x10
[  476.837864][T15669]  do_writepages+0x1b3/0x820
[  476.839184][T15669]  ? __pfx_do_writepages+0x10/0x10
[  476.840628][T15669]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  476.842459][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.843913][T15669]  ? do_raw_spin_lock+0x12d/0x2c0
[  476.845365][T15669]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  476.846808][T15669]  ? lock_acquire+0x2f/0xb0
[  476.848053][T15669]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  476.849632][T15669]  ? do_raw_spin_unlock+0x172/0x230
[  476.851077][T15669]  filemap_fdatawrite_wbc+0x104/0x160
[  476.852644][T15669]  __filemap_fdatawrite_range+0xb3/0xf0
[  476.854230][T15669]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  476.856032][T15669]  ? v9fs_fid_lookup+0xe9/0xec0
[  476.857426][T15669]  ? __pfx_lock_release+0x10/0x10
[  476.858865][T15669]  v9fs_vfs_setattr+0x93a/0xab0
[  476.860255][T15669]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  476.861804][T15669]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  476.863624][T15669]  ? evm_inode_setattr+0x65/0x680
[  476.865199][T15669]  ? __pfx_make_vfsgid+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  476.866645][T15669]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  476.868346][T15669]  notify_change+0x6a6/0x1230
[  476.869704][T15669]  do_truncate+0x15c/0x220
[  476.870943][T15669]  ? __pfx_do_truncate+0x10/0x10
[  476.872348][T15669]  ? get_current_fs_domain+0x184/0x1f0
[  476.873957][T15669]  vfs_truncate+0x3ef/0x4e0
[  476.875505][T15669]  __ia32_compat_sys_truncate+0x173/0x1e0
[  476.877178][T15669]  ? __pfx___ia32_compat_sys_truncate+0x10/0x10
[  476.878955][T15669]  __do_fast_syscall_32+0x73/0x120
[  476.880420][T15669]  do_fast_syscall_32+0x32/0x80
[  476.881771][T15669]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  476.883564][T15669] RIP: 0023:0xf7f84579
[  476.884696][T15669] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  476.890171][T15669] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 000000000000005c
[  476.892506][T15669] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000800
[  476.894772][T15669] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  476.897145][T15669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  476.899380][T15669] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  476.901528][T15669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  476.903607][T15669]  </TASK>
[  476.904991][T15669] Kernel Offset: disabled
[  476.906349][T15669] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:12:30  Registers:
info registers vcpu 0

CPU#0
RAX=00000000000000f6 RBX=0000000000000001 RCX=000000000000083f RDX=0000000000000000
RSI=00000000000000f6 RDI=000000000000003f RBP=0000000000080001 RSP=ffffc900039df718
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000002 R15=ffffc900039df7c0
RIP=ffffffff8147b128 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020035000 CR3=0000000025ac0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000040000000 RBX=ffff88802b52d320 RCX=ffffffff818adc4c RDX=ffff88801d2bc880
RSI=0000000000000000 RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc900005a0fd0
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff819947cb RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f71b0360 CR3=000000005bb26000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85145120 RDI=ffffffff9a667200 RBP=ffffffff9a6671c0 RSP=ffffc900044e6850
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34cce92 R15=dffffc0000000000
RIP=ffffffff85145147 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020241000 CR3=0000000029174000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000b61e29 RBX=0000000000000003 RCX=ffffffff8b1a6899 RDX=0000000000000000
RSI=ffffffff8b4cd300 RDI=ffffffff8bb17140 RBP=ffffed1003a5a488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000001
R12=0000000000000003 R13=ffff88801d2d2440 R14=ffffffff901cf290 R15=0000000000000000
RIP=ffffffff8b1a7c7f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055e684aba000 CR3=000000004f0a4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=d383eee97799a91d ddb5d8f3db23f3de d383eee97799a91d ddb5d8f3db23f3de d383eee97799a91d ddb5d8f3db23f3de d383eee97799a91d ddb5d8f3db23f3de
ZMM18=52d0fb1ab58959e1 6ec4b8517c6ff6a4 52d0fb1ab58959e1 6ec4b8517c6ff6a4 52d0fb1ab58959e1 6ec4b8517c6ff6a4 52d0fb1ab58959e1 6ec4b8517c6ff6a4
ZMM19=6a20000000000000 0000000000000005 6a20000000000000 0000000000000004 6a20000000000000 0000000000000003 6a20000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3 ddb5d8f3ddb5d8f3
ZMM22=7799a91d7799a91d 7799a91d7799a91d 7799a91d7799a91d 7799a91d7799a91d 7799a91d7799a91d 7799a91d7799a91d 7799a91d7799a91d 7799a91d7799a91d
ZMM23=d383eee9d383eee9 d383eee9d383eee9 d383eee9d383eee9 d383eee9d383eee9 d383eee9d383eee9 d383eee9d383eee9 d383eee9d383eee9 d383eee9d383eee9
ZMM24=7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4 7c6ff6a47c6ff6a4
ZMM25=6ec4b8516ec4b851 6ec4b8516ec4b851 6ec4b8516ec4b851 6ec4b8516ec4b851 6ec4b8516ec4b851 6ec4b8516ec4b851 6ec4b8516ec4b851 6ec4b8516ec4b851
ZMM26=b58959e1b58959e1 b58959e1b58959e1 b58959e1b58959e1 b58959e1b58959e1 b58959e1b58959e1 b58959e1b58959e1 b58959e1b58959e1 b58959e1b58959e1
ZMM27=52d0fb1a52d0fb1a 52d0fb1a52d0fb1a 52d0fb1a52d0fb1a 52d0fb1a52d0fb1a 52d0fb1a52d0fb1a 52d0fb1a52d0fb1a 52d0fb1a52d0fb1a 52d0fb1a52d0fb1a
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=6920000069200000 6920000069200000 6920000069200000 6920000069200000 6920000069200000 6920000069200000 6920000069200000 6920000069200000