last executing test programs:

8.333734636s ago: executing program 3 (id=1058):
getpid()
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x169, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000080), 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="9fa6cc9078a4d4a74e98d287c82caac53eda90e60c94d8da181892a7fa8fcbf0a1a98fb726569e8de0fce82b0f4a9b678c48928ed16d705fe347d32b7e8183555a571c77fb079c50623893fbba9aa3502809442cae6f4e79b4bd150c1b3f6276774a21f40912a9036ad47ec13a4a4172bc9438e51f94cd8b75beaf584ce4a0ea9c3a339671483b828200980907e55efc3d526e041937e61b08f80f8419dc7f66872128a2491f35b47dbd3ed988", 0xad}, {&(0x7f0000001580)="a94392d6d86d71c32ee3db308f08fab8b2b5bb6e44c2c7f2058d9b82bbe0b6ff12925020aec66f94f0c40d36e24c9a190eeeb0791dc591141200a457549d475f6fc2e257d8f8ef2432595ba14e712a19fb90b8969c7477336357790ae522bfa09918eca0bece80411a03750ec63f684dd2545eef4c6bb7b650d259b27724bb2d40ba28ca29af18b8124192506f", 0x8d}, {&(0x7f0000000180)="66b1cc2d9ebcf7e42d4ecbb2f1605698caeb4f2bad0678374f64923db176b5899a26ae2c0a5bcc7fe8066549f82d7c2b", 0x30}, {&(0x7f0000001640)="c47bffece7719a411b2828ca2c3491987974e325d38356b11f05ea9671deb6ad9f896e3027ba2d6ac57424c324782eb3e96f0417ead9332193088d03b7c02c4259ed6005da3cc649541aac1aa70ce8fa92a5e837001576503ee133204faac3c2c3942ba847f94a0bb301367b648a38a4efa0598ccb6f186b90f63dcf15336f14ef7ec60511e94a226c14eb6288d79c40a3ee4f1e8fc14c", 0x97}], 0x4}}, {{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000001880)="68cd6415d798c355832795c900ee87dc29e27296af5d91a8ffc1e25df7b4edcbf0df6e62d772ece8185858e9ec0d1bec890f98ce42940b1421ddf4189e3a892c9017fe0e03cca86ecd9ddbdb638d223683793db857f9f96179b124dc780533440e1db50acc8432bd39a604c43fa6bd55af2d336db1a32a327910008756687b4b7e003d263d6ebd62639d3281ddc7d1580abf512ef46ebd9fe0c9bbd1a343d22ede1c156f1a21976207235d8ee8fa6265e4cf516cbea0351adba71b448ab31c5b179b157b9d474bd1b4f4c998e077609a2fff7db539d3c3d94ffd8ea7327719863803ed496c77437dc2062beaac648f8c9e80dfb152187b2882545e5fec6df2dc918e9faeeb6ead8661b727b26f178e946d4768a186ed2f742194abb31cde2818ee08019b6b2032b78a7b43e6b4daed626aaa65c64d27926f01e47d620738deb6993c8e30cda77b6270b38054da666e4a0d7a2813ca9c8c0588fd6bb53a8656ac2847416646c78ae14faea16edf0c067d7be51ccaa3144f1686bd92c43f7c468cdd88d507deebec1aed4ca73769b6c5c29313e819ed9daa4c34f7b97e82dc5cc0d7bac965b9a6062361b944d549e465afd0d6f6dd41227a96bcb38c5040e8a2d46fe7c1c8ec4bc2fca23f1dff70746305a9d8f70b6d5ef7cfe3f921da416c8cdb810dc76db80d34de50e6bf3079ecac544c97c4721f3572a6071bb070c7bd012453fe0986acd094a84f2372b263236408cb385870b5b48cb91c0afbb1ef8e871f4b1b29cd8471fac6ad9fd7797453436d4642efbfec549e0b40f8ae634b3dd8a07ce004b7c4bd31a18fe07f7f033e8db16e2ab50afc018cfb3ccc1eb355fd0ed718718f00ab8ef10f2c1ec76ba3c263808f9bdef1c4d76f8aa3320c9922cdd8f65ce948f43d90fc676fdea77fd25b69cf9b7656179be9000ef8e1654671f3e255d99222ece5950c78e90fd21c0ba513e0391472215fb30780d58696bcda7d2973cc85e1c26174e0b43cc178cbf7fd3e5102a254736b167e3c0da2c67468ecbfe106e6ff34792bc15b6d157bffa212c5979ad33bbcdc75ac14a70cb762744c1a8a716207df93b79779ca64a9986a2922e5f3a56bc826e2eb70506a68fc66807e7ba4e1b3f5b8008540ade5a2dc295029b61fc8d062a0474b4ac33c460af08dd97c70338b5b362fd260116be35ac7dbca76205b9157d03fe6b3f5ed406cedf51b1e400ed8a078a987edb2637f8dcbe4917c1f801316eedb0313a3d7d2e34acbda518891374912f68ffa06e718c1730f2f42a0c2af951bcffffd4cec41afb8b011030c2aa624be164c71c278363face03df0cf02a5ed88729b957655c50da362513c277b7bb8e8e994572e76f475c9e1faa559e94f85d6b08a6771cf85b8483d891bdad7aa335f57316b89b4da302a2dae53f5ee00ecd12377f5522694fddcfed29d516339f462e2990dceebe10147d9fbeb61673f48010d4e542d56b5e9810dfd92cdb56d5813e9df8daf6e6ad870c98627549bec2053b0d0693acfbfe448b62babc4e736886fd4259c30836dc0f79de1261335a5ab91a9d6d97bc2dcaa17c9ff1e752ae23e2765e835d7679fa39051fee656987e8e540563a3f8ae156f1c5303dd97484d9788e8a1b1b27b5146378d3820947750239eb002d0f2b44a64ff4cb0ac23a57974534c708edecc6c44ed45617f2dc134a2254b12883ee02c8c3dbab756615f02517b7a82c7b33dc169cf07e2e1d8056d3f905874388a3b0f1643a1d7578ea1dd8c15d318f946194f5713b20d259231ef451c6066294deffa4b230d8287e517dae682de9c61042543a0a3efdf0cb1c48499a86a626e9365a8bc7e714dc8704229a0bce2c18b15a522ade7c05e00342229d96f9126ec3075e3d3c430ab8c0e53cf654b150b3d7fb5ce62f60e4ec57fffa312fe1ce9cda8e8e6e10c112752881b1438632922a03e255a47d33aaff3c3e1f2092013d539a03f6405240ecda2c80a8e378eda4611889b8a3ebf450a23a668aaeddfd33265eef98642d3110aa95420d387537010143cd60f123fc9c3d107b5fc4ab43900667c1e395a3a0863a28d0661ad4cad39c5ecbd6df870cf37d6d77476f02c7e8e259f86210b35aa586a720f4f7f361f527a1fa3fc832673e478193e37f95c14d165e687c8070824b519503855ae5c69d128a2832ea72b60fd52898a0563581d7312b6ca32e702f42c07872d7d6d833dc191e487da719d7816a6b1bfc800514749335b9a5e6aeb71dc39d7de558831a0fdafa10aa50d007383a07b0f40a189c30a5d6313b3aa61c9aca029b8f406f5972ab8b989e92dba08fc89b9c7641645b17d50f6f40edc54d1cd7da9313906f2ffa084a70b17d5cfaa36213eb42be2e75e4380e0487fd3f5eaf1ce0adcf11ac2057063e85bb97de0b5371edef9cb6430294a8cd6188026db3fe739fbeaf324af9c6fd7ce1bc2c9ab38efba3a0c95b6b3af503174012d894c74accf1e240bffd8ce3041a1f1cc58996ecbede2c233ed2f39ef442e6907fbd0d71f071d93b38b46cda3af3152ccb54c6aa4e3da85db7bf96ff10f08cf106c62e3b75fb28cdc80dedae4274f773302eee5d6040df46d0ec5f7754cccf49e1e1374d0a5488f4cddd36941904caaf2711cf8976e6ac72472e897c94a9e9c56c81b83fa69b856f5c28025250f83a7b3569940d55d65ae529c715806bd1d6245679e07d16dcce36821f9073d92f618a1f69cb3d1019fd20aa89819ecd1f98adedc057a3744750d1a76f7f29cc336aeab75e243b070cdaeefef37acd2184bce3cc68f0707c039f3322f8e53ca89b1315f54618b32ab1aeef3143785d50f163221e6d779dbb7c4c9432390f9c1d9cdff40edcf56985237c912ebd20b331e3a2733a069a4171f0db64a875e404d2b1a3d7c47c493a827bc19dd67c446341fcd6aac06beb00c31ea3c3327283235ddcd76c7803b99b98ed3287c08ff6c0084ad708368ac474f48145c73a32d187194efc977c591f7ece9e38088a9f1a4ce271714b2fa96d212e7a6c07581dbbabf6bcecd43812919d684f3bdba4ddff337dbd9b68eb54bc6475c8be31cd5d933e9ea45f8d3e2e0b5ae822c94e3b968433a982d54838c6878eca9e0f55b3b4995c98ddb9e98df4f891bb353b5afa33a024f00d6e9580c3f8ee3da29c1b5e48761648ca135fcf6ce8c91c1889d0978e00ba3c17dc00db4252e08dcdc54f4e614d8097d1a2e07f1910e9a196befab2a82d479a1224cd236d8c125a22f29e4d5f0426f1c79f3a51355a1c2f619d91a7ab1a8cd24449b645887accda311b03d8d03341e023b8f33583fad6b463e7ff2e6d77864a9dffb0014f5e868d8b3df2755d62fada27579c91dd67834320b474aa3dc1d5da0fef7c4479cb0ff097c960bcf769553007ae4caff643ab5ed6d813b6ef1cdcac83ade3aa565e0788810cf3e9827c41a87530cb87d9a21ca5450f8f1e1cc4e7fb6dfe416e656b05af7127971b623a9d3864220c6a085ffe65770056744d213e068293167b3624af2d40949772fc95f11d3a78940f24d14ec49887b5e263d8d1f82eee79d9bfe9ff95da5f1bf037f1d9e9ada1eb6a967f730a7aee6fd8d0000a90208f90b0d6bc85310278566a31c1e97af4fcdc2b5798931f3511e191c81c35bbbeab5b9341b5d62fbe94b08a8ce7b317e55a3efc6e3ba57e79105c47412d94435345d760bd11b64301081a382df985232a820e8cf6b8d3ba0a2c5cafa610a4ee7c9a91933c1ed9742e855cfa8e42a4978de7b3f89db44d7bc235afed016aab5216a27eb88af716c9f29a0a963a126ab973e025e763e1f6e4bb18dd83e042849c8f7d77465c4ea69deb1c49b1ffa3ee36e7f56aaa7dd439a3e779b22635bf2d1ea9bf41b5c7297e78d17e68743fe927eae366db390cd38cfe692c4965723003bea89353f8bb89470772ca45037592778657ac2c97e50ad2226f288aa2746b9b6cbee5dab1e2154a1119c09214623c98d85a1a0d85b96877ba7c5d729a1a56c1e6d99a8da01435d635bb50703a07de64ffcf0e7ac88c0ad1feb99f3c4e9b4723caf3f625815f5eb96333c86ecd84d1b575f633b4e07196c35d01fbbab25575839747f7b56c09090306ac9879bba3dd026c7db6fbd6fd483e4b11c03d08051b14e8d1343d3c635a8e8e96c60e7010434adf0b19e802b351bb8aa1f1b8680dc06cf8a923e17545ea7f7212bd9e2af6eb2cabe41c1f54bddf91c7526fb68783c57dfe265449e4758dd4d17d4836a99f8aff24bcf65f480972885540e52557810c85ab98c7012187045c1e0b6d05cbe1c3d888ef742b3daad83e9c16f1d861d86d8de574a90a8202faaa4349f633fced11940f9ecb4fd311e08ab1217044df4590331b7b608543aa5895c85f03d06f200b63fc6f7d99a271530a7ecd6132d412e9d683ee38d82ab28b90bc4dc58f64307520c16cdf50cc00c269344193914ecd9f61e5f586f49bad06c7d5c56865fc844ee0889424130d049c2838189e2a31c7d998b117d95a3d9cc377fcefc24ac9efb8230a431030ab6808d907aee31d5f9db4969e14d28a951469a4bc82bc29e65182e3978ab7b0e82e19a479ae7f5d443b9bc9a94685bf4b739753b05caf6a34da385cfbe5da4cd7a8c2f997171d2548044aed05d73baeea3f103c8aef4b8b5f79ebb6099bcebe65137df91736d8f0f61e7650680666ca777c517619b850b3c805c6a465daef5388664c9e81cd0c2c79ac0a204dbee071170c80595c2f89e474c86d8b167256a9921737570ee4a86952af33ba1c9fc376453bc86a7d391274b8768a603e200ad0bd3584be0fd4c86803dfdbd1efa7479142e14ae38304e3b8037b5677bc00030cadf424c1343337f270434635ca1311c43742eac1d38888d832103cd967bf8291e6386eb2219c2c10e601038316f068918ffa216c0cc00db0a221533a8cd1d9c2fc3be7b6a6b83d7e8f5be52a2b8f4013b9f121104102282af1213df83760325cbc93a1d2657089a76f5fff113e302306a0323741905d258d459b4f19e82fbf3e523bfa9aee7ca7a3892fe6e45f3d7d33f45f92f01bc4c503e7d14b12447415bb78570e28c8896ee8479d83c4caca24d3c9063b1e0bda03a5bc04ab3eed341e288a8984d5aa4144d175715e1923ed737830a67355526bfa745b2677bca980baf1212d6a64717f11845d25f46fe4d73a9ce3a7dfd807f618c5551563db60baf71aa3336bfc04f359c2fda3ae61e32c9556b6f699ed204803a7128bb7429547acc4359a5d599f44cb6ceb1bf6c0b7a097ad5471d91affe71b90416b31d4fff6513492526365bda0615c7e3193392003c665600303bd8c0f1e29f2ce4c6dce5f925d2856296938ef2c69f2dab9ff0000ca6ff9700baec237cb43872772f9544e60ce7eb90b3ef0837a752b0a21ed2ecaaa4442cbe0a71daa968e051c037e7f16ee65521df40cae8b12193f739ae458ca33512f0fbace7567e3a3b27ffa7faaa516fc7c9c0fc235290f4baa06e1b10618e2f8679ac60fc4e5cca44b613767a4f2abe89bbe9f8a8c3b5ce082c176dfc3104b326d7293841cd232e98a13ca6a4ac42ab2f3204661a5042282715f45a19a512c0e17338cb82b8ee7ce9b6b2ec4d449d6276dfe4d98d1c8a166465645c3e268bdf1fffdf4da82a1c973d3658c24e0b27144e2d92fd8ffc85f1f602d4d117c3797a415ed45e67aa16864c7c4a94f493310646984c437e0c3f19e7d49040680e013d9a00317fcf1c1b75e8a2fa411ae82a2a0a868323d3aee48b1549aaa99f9cceff0c8902507ff0", 0x1000}, {&(0x7f0000002880)="67e34aebf089da6703a72875f5b1925e9ea463efdbf2aa856832e450ed6b6133a7d7bd2448b26eff4d0e2104f0f0f52f3a19128afcdbbb73ea3ed902f5ab654e6f910d9d0b54735345235a47c6c9955c4224596952226a0482ebeab5f513f44b1cde3bb53d8cbb3897bab5c0d7bba7a771dd895346fa7f3c93e4e524bb8a9ee971c9e22e5a879a6979c19370970606d4fe97452b257c206cde143a004cc3d0c8cce02ff449d59ef1f6a526649942616a9d7c560fc2b4f54fcc2b127df089db434c408bdcc73423ad771e", 0xca}, {&(0x7f0000002980)="464560866369c7bde89c76b0371f48ff46b142a249ba94e2da45963fd6cb741bd2e927a70e06bb2463ff71271832224567e9a1c866f9a905af172532c05e2b8505aa24e49b764b2756dfdb973e7fe967d851bf42658048e901c52fe7fec67243b30a8fdf46c7be30efb2060008fa4581a42967a76aaf577108c2a7039e2de1399cfd16f08d64fa48af999f114f9435f12ea9e61d7a0c4ad83978", 0x9a}, {&(0x7f0000002a40)="6617a7eb85cb23c859739fac3344a10c3f12f6cfa718d833a4b6c249fc8f0737b5b0453e578dd943bc890d1416dabde1cc624bbce774129455e305db55d6bdfdb61bccfde03adc60f9fdfc751b2ee7f488c8db03a6442003526ee42854324662bf19b0f037a75930ef881697e643a04d9d192ffc1273b0ad641f5f7c5a89c43bd316ab16a6fe87e020c2fa44768c7ef590b3101f7f695d11e339b12d0425a72fa8375deb759a7ebc237ff176f9912708410c51276e79900a7c2e9d7827dbbd8b2980bf264f83cd8e49269bc56167cde28db99b", 0xd3}, {&(0x7f0000000480)="61b0e85bf9388923dba82a0cba731251094c2571154ca9541e1dc57a6765fa3b79", 0x21}, {&(0x7f0000002b40)="179c473ac58ae6838d488a8069e73d82bee0bdc813a23ec84a4ec242ef6c7bc872ecba", 0x23}], 0x6}}, {{0x0, 0x0, &(0x7f0000002d80)=[{&(0x7f0000002c40)="cf652ae49830dc5237702184aa61bf8ee140de65b6bfe788c7408bb310aa66e9db1cf01aecb5359430d0eebeaf2f6f4ce1309767fdd2aa770c395701ec5d0222b919d5b4b78af1905879b43853a3ee2e94579ed629858b3d91958a10ffa3de78f7d5f3d1b5beb4f0ea9cf01838f21dae9bd57920c6d9887d5916a298b8837aaa2b007745f1472d69948d40c44f876cd88ad8404df219a44daf4723bdd2dbc2626f0a18b0698ebdda9b2cdce9b576e042bb8fdc8514", 0xb5}, {&(0x7f0000002d00)="50bc46210f13ad83d90cfb0ffc3d96480c077fa4226f9e4b017186a0ab62feafdb", 0x21}, {&(0x7f0000002d40)="633842cfad0bc852e902b1a6df833b575649572a948a00205b2dce73f5b49ac936269ce89b981115ddd1072c", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000002fc0)=[{&(0x7f0000002e80)="f3ba2f61e1144e92402ccba1beb3d435edceb234cf1ed29178e013f5c4f2bcd9cc8eab01dcb09f7862b16974b251853167ce08de13ac34dadedd7f837f4b3b85a56c5295ffd67483f6d37ef16961f7ea387264d333661a216d9dc59660ac19a1c0bec516d146f8ebee586dff231d58c81e8eedb38fd93410c0b074970dc4917b03cf48db268b99524dad235e92537a9a127884c7120ead66c911f1f6e14bf63ae97c55665896d05dc4d6f19aae3aa5e53786f21db18069d27c4600452c2abc88e297acce162867578c96409bd35c71d5c7385c1008945f1f53bb1506592ea46b601201781cbf2163da6312d8", 0xec}, {&(0x7f0000002f80)="8e729c466da27c9a10", 0x9}], 0x2}}, {{0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f00000030c0)="a2034664a00d9041a85060d6f48a23d79f39220e1608a165bfb48b2ecb2739e8f1c098368d606d2e82cbad18d7e911af2af88f26946185829ab2f6e93e55c8a0f72754bed057335a5fbb733136263a6899464370e7e990a471d2172a24959eba65bc56471d1af85f481c4c22e505df6e1d73958b6daf5625287085ce9c6b2b03a0365e633eea971b40f234b270287b4ed14977b714dcf16dd8847474ba35b4e1741d3b2ab8000df4ece54c479db15d3345955baadd4b93ba", 0xb8}], 0x1}}], 0x5, 0x44084)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0)

7.395571987s ago: executing program 3 (id=1061):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r2, 0xffffffffffffffff, 0x0, 0x0, @void}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200))
r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
read$midi(r3, 0x0, 0x49)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0xac041, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r7}, 0x8)
bpf$LINK_DETACH(0xf, &(0x7f0000000080)=r7, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(0xffffffffffffffff, 0x100000001)
socket$inet6_sctp(0xa, 0x0, 0x84)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

6.504585711s ago: executing program 3 (id=1062):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000f52b1475aabc1d00000000000000000000000095c0ec790b24d1a8e5992c709d2ca8426721b4865b605ae69313dadedf2ca399076716b0ba4ebc9791bd184a22f09afda5b48653887608467868793eee923efeea8add8d9d2a352ae9fc2f484ffccc7adfd9"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0xffffffff}}, 0x2e)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r5, 0x111, 0x3, 0x20000000, 0x4)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000b320a2cd0000000000e7000000ffff00e700000007"])
r7 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
ioctl$NBD_SET_BLKSIZE(r7, 0xab01, 0xef1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000002c0)=0x16)
r9 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000001140), 0x20402, 0x0)
write$P9_RXATTRCREATE(r9, 0x0, 0x12)
r10 = openat$ppp(0xffffff9c, &(0x7f0000000180), 0xc0000, 0x0)
ioctl$PPPIOCCONNECT(r10, 0x4004743a, &(0x7f00000001c0)=0x4)
r11 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r11, 0x0, 0x0)
syz_usb_control_io(r11, &(0x7f0000000780)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r12 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x800)
ioctl$HIDIOCGUSAGE(r12, 0x4018480c, &(0x7f00000000c0)={0x2})
ioctl$TIOCSTI(r9, 0x5412, &(0x7f00000003c0)=0x8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r13 = getpgid(0x0)
syz_pidfd_open(r13, 0x0)

4.2994401s ago: executing program 3 (id=1070):
socket$l2tp(0x2, 0x2, 0x73)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
creat(0x0, 0x0)
io_setup(0x1, &(0x7f0000000200))
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setlease(r2, 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810)
pipe2(&(0x7f0000000140), 0x8880)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r5=>0x0)
io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0)

4.234473125s ago: executing program 0 (id=1071):
pipe2$watch_queue(&(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f00000004c0)=0x1, &(0x7f0000000500)=0x4)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001040), 0x2, 0x0)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0xc1000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',cache=loose,privport,cache=fscache,fscache,access=user,noextend,access=client,posixacl,version=9p2000.L,subj_user=\x00,subj_user=\x00,fscontext=staff_u,smackfstransmute=\x00,fowner=', @ANYRESDEC=r2, @ANYBLOB="2c7065726d69745f640100056374696f2c00"])
move_mount(r1, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x45)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000440), r4, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast2}, r4}}, 0x48)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x64, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x4}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r6 = io_uring_setup(0x53d6, &(0x7f0000000240)={0x0, 0xfb9, 0x2, 0x2, 0x107})
io_uring_enter(r6, 0x59b6, 0x944e, 0x12, &(0x7f0000000080)={[0x10d00000000000]}, 0x8)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x18, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x14, 0x1, "8c7457ff8f99b8233ba7d81496e1da69"}]}]}]}]}], {0x14, 0x10}}, 0xd0}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r10=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r11=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00', <r12=>0x0})
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_MACVLAN_FLAGS={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r12}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000003c0)={0x7, 0x8, 0xfa00, {r4, 0x6}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r13=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {0x0, r13, r1}}, 0x18)

4.233540007s ago: executing program 1 (id=1072):
socket$l2tp(0x2, 0x2, 0x73)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
creat(0x0, 0x0)
io_setup(0x1, &(0x7f0000000200))
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setlease(r2, 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810)
pipe2(&(0x7f0000000140), 0x8880)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r5=>0x0)
io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0)

4.102513027s ago: executing program 2 (id=1073):
unshare(0x68060200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x400000a, 0x10, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x82, &(0x7f00000000c0)={'nat\x00', 0x1000000, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x78)

4.026357809s ago: executing program 0 (id=1074):
socket$l2tp(0x2, 0x2, 0x73)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
creat(0x0, 0x0)
io_setup(0x1, &(0x7f0000000200))
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setlease(r2, 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810)
pipe2(&(0x7f0000000140), 0x8880)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r5=>0x0)
io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0)

3.834359679s ago: executing program 2 (id=1075):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet(0xa, 0x801, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200))
r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
read$midi(r3, 0x0, 0x49)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0xac041, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r7}, 0x8)
bpf$LINK_DETACH(0xf, &(0x7f0000000080)=r7, 0x4)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0x100000001)
socket$inet6_sctp(0xa, 0x0, 0x84)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

3.115739833s ago: executing program 3 (id=1076):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket(0x40000000002, 0x3, 0x2)
socket(0x40000000002, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f00000000c0)=0x101, &(0x7f0000000240)=0x2)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140), 0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
io_uring_setup(0x664c, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x8000002, 0xffffffff})
r3 = socket(0x40000000015, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000008c0)=0x1, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)}, {&(0x7f0000000900)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e", 0x43e}], 0x2}, 0x8050)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
io_uring_setup(0x5357, &(0x7f0000000240))
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
readv(r4, &(0x7f0000000180)=[{&(0x7f0000000400)=""/68}], 0x32)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)

3.00324106s ago: executing program 1 (id=1077):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000})
syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x4}, &(0x7f0000000440), &(0x7f0000000480)) (fail_nth: 8)

2.864364405s ago: executing program 2 (id=1078):
openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000700)=""/75, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
rt_sigaction(0xd, &(0x7f0000000500)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0x0, 0x0, {[0x9]}}, 0x0, 0x8, &(0x7f0000000300))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x4, &(0x7f0000000540)=0x1, 0xffffffaf)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90)
syz_open_dev$usbfs(0x0, 0x7, 0x581803)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@bloom_filter={0x1e, 0xfffffffc, 0x7, 0x8, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x4, 0x3}, 0x48)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0})
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffffffffffff4, &(0x7f00000001c0)={0x0, 0xfffffffffffffd44}, 0x1, 0x0, 0x0, 0x800}, 0x20004051)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x38}}, 0x0)

2.827250735s ago: executing program 0 (id=1079):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xa, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b031000e0ff030002004788aa96a13bb1000000000008000500", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3373526a01e35"], 0x1c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r9, 0x5, &(0x7f00000005c0)='fd', 0x0, r8)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000600)={0x130, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x21}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x366}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x4}], @NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1f2}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x27}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}], @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xf7}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1ff}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x411c635c}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3dd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x12}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6000000}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x800}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}], @NL80211_ATTR_OPER_CLASS={0x5}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15f4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x35}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xff}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x27e}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x815d}]]}, 0x130}, 0x1, 0x0, 0x0, 0x40080}, 0x44000)
r11 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000080)=@ethtool_test={0xf, 0x0, 0x0, 0xa, [0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0xabca, 0x9]}})
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
r12 = syz_open_procfs(0x0, &(0x7f0000000080)='coredump_filter\x00')
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)={@local, @remote, @val={@void, {0x8100, 0x6, 0x0, 0x3}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f11b8c", 0x14, 0x6, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
preadv(r12, &(0x7f0000000000), 0xc, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x4, 0xd6, 0x5, 0xa}, {0x3, 0x2, 0x0, 0x8}, {0x1, 0x1, 0x6, 0x2}, {0x5, 0x2f, 0x1f}, {0x4, 0x0, 0x3, 0x3}, {0x6, 0x0, 0x2b, 0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r12, 0xc0182101, &(0x7f0000000000)={0x0, 0x2332, 0x1})

2.744161307s ago: executing program 1 (id=1080):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(0x0, 0x1d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, 0x0, 0x0}, 0x90)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x191102)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e20, 0x0, @local}, {0xa, 0x4e24, 0x0, @empty}, 0x0, {[0xfffffffc]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xcd, &(0x7f0000000400)={{0xa, 0x8004, 0x0, @private0, 0x1}, {0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1}, 0x5c)
fsopen(&(0x7f0000000140)='erofs\x00', 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
dup2(r2, r3)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$full(0xffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x560f, &(0x7f0000000000)={0x1, 0x2, 0x15, 0x0, 0x1, 0x0})
ioctl$TCFLSH(r4, 0x40384708, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)

2.585380409s ago: executing program 2 (id=1081):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r2}, 0x10)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180), 0x48)
r3 = socket$inet6(0xa, 0x2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[], 0x0)
connect$inet6(r3, &(0x7f00000002c0), 0x1c)
sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x80fe)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007911c00000000000850000008e00000095000000f8000000"], &(0x7f00000000c0)='syzkaller\x00', 0x5, 0xe4, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x50}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x0, 0x0})
clock_getres(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r6, 0x1, 0x0, 0x0, {0x5}}, 0x14}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)

2.325982687s ago: executing program 2 (id=1082):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8}, 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0xa}, 0x1c)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, &(0x7f0000000280)=""/239, 0xef)
write$char_usb(r2, &(0x7f0000000240)="96", 0x1)
read$char_usb(r2, 0x0, 0x0)
write$char_usb(r2, 0x0, 0x0)
syz_usb_disconnect(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x8}, @chandef_params, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x28}}, 0x0)
socket$rds(0x15, 0x5, 0x0)
syz_80211_inject_frame(&(0x7f0000000100)=@device_b, &(0x7f0000000140)=ANY=[@ANYBLOB="8080000008021100000100021100000150505050505020000000000000000000000000006400000001"], 0x7b)
r7 = openat$fuse(0xffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r7, &(0x7f0000000400)={0x2a, 0x6, 0x0, {0x5, 0x2, 0x1, 0x0, '\x00'}}, 0x2a)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r8=>0x0})
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, 0x0, &(0x7f0000000300)=0xa)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000002c0)={0x1c, 0x0, 0x303, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)

2.205990331s ago: executing program 3 (id=1083):
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0xb6, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x48000, 0x0)
symlinkat(&(0x7f0000000280)='./file2\x00', r2, &(0x7f0000000100)='./file2\x00')
lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r2], 0x20, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019340)={0x8, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000003000000000950050aaf926c15d00"/40], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000180)=0x2)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_RELDISP(r3, 0x5605)
r4 = socket$inet(0x2, 0x0, 0x2)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$dsp(r6, &(0x7f0000000440)="ed", 0x1)
write$UHID_INPUT(r6, &(0x7f00000029c0)={0xc, {"a2e3ad214fc752f91b25470987f70e06d038e7ff7fc6e5539b3264078b089b3b083468060890e0878f0e1ac6e70a9b3368959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0xf13)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x74, 0x40001)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000019300)=ANY=[@ANYRESHEX=r7], 0x10)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00'}, 0x10)

1.892515644s ago: executing program 0 (id=1084):
r0 = timerfd_create(0x7, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000240)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, 0x0)
io_submit(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
unshare(0x22020400)
r3 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600))
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r4, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x32}, 0x9c)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000080)={0x0, @loopback, 0x2000, 0x0, 'sh\x00', 0x0, 0x0, 0x24}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd1, 0x0, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x5cb820, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r7 = socket(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000300)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
connect$vsock_stream(r7, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x2, &(0x7f0000000140)=[{0x16}, {0x6}]})

1.495859088s ago: executing program 1 (id=1085):
socket$l2tp(0x2, 0x2, 0x73)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
creat(0x0, 0x0)
io_setup(0x1, &(0x7f0000000200))
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setlease(r2, 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810)
pipe2(&(0x7f0000000140), 0x8880)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r5=>0x0)
io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0)

936.744832ms ago: executing program 0 (id=1086):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet(0xa, 0x801, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200))
r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
read$midi(r3, 0x0, 0x49)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0xac041, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r7}, 0x8)
bpf$LINK_DETACH(0xf, &(0x7f0000000080)=r7, 0x4)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0x100000001)
socket$inet6_sctp(0xa, 0x0, 0x84)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

735.961397ms ago: executing program 2 (id=1087):
r0 = socket$rds(0x15, 0x5, 0x0)
mknod(&(0x7f0000000140)='./file0\x00', 0x8001420, 0x4)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x2, 0x0)
splice(r0, 0x0, r1, 0x0, 0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00')
read$FUSE(r3, &(0x7f0000006040)={0x2020}, 0x8f5)
recvmmsg(r2, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x0, 0x0)
r4 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$CAPI_GET_SERIAL(r4, 0xc0044308, &(0x7f0000000240)=0x5)
setsockopt$inet_int(r2, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4)
socket(0x10, 0x80002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@xdp={0x2c, 0x4, 0x0, 0x3d}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRES64], 0x10}, 0x8000)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000340)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r7})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000002780)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={r8, 0x3, r6, 0x5})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
syz_emit_ethernet(0xfdef, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff08004500002800000000003c907800"/38, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000290780000"], 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d0000000008000850000"], &(0x7f0000000100)='GPL\x00', 0x81, 0x0, 0x0, 0x40f00, 0x17, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r9}, 0x10)
socket(0x10, 0x3, 0x0)

355.959057ms ago: executing program 1 (id=1088):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000002c0)={0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x71}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}]}, 0x4c}}, 0x0)

272.987644ms ago: executing program 1 (id=1089):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x2e)
fsmount(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
creat(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x200000b, 0x10, r0, 0x0)
syz_usbip_server_init(0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000576000/0xd000)=nil, 0xd000}})
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000000000000feefffff"], 0xc8)
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r3=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000280)={0x7, 0x8, 0xfa00, {r3}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x10, 0xfa00, {0x0}}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f0000000200)={{}, 0xbf})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, &(0x7f0000000240)=ANY=[], 0xff2e)
r6 = syz_open_pts(r5, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x17)

0s ago: executing program 0 (id=1090):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
connect(r1, &(0x7f0000000380)=@caif=@dgm={0x25, 0x8, 0xd}, 0x80)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000400000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d77d551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba05c001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5b0384222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09b15c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d5264cb454df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c56f273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56070049d9ea955a5f0dec1b3ccd35364600000000000000000032100000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc201cd07af1491ef060cd4403a099f32448f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c49fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86ecb838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd1119b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65af167f8f13cd0fdbca9c645989c7be25679a34ba2850fe18990087360185f89c7911765497d0f919aeddefde84c13174b679a2e6ae991b6658d204f743b89eb5d580f6ac5a7f255cb8205a32b2bf38d144a6bdd3c72d403bfa7b103b418a540b1329b2b5d8fef2fc8c6634aeecb5614495b450a8fd510f06416fb0cfe99e47c52371055b9a0800805aea58d352e0a1da7b774f4af58837fe71371a6ca1b62898f454090772be7b18bd606f46ec1a04ce219cee23e6cf325df46f7d64a4099119997112c32ccbe59c5455f45f7f028a600421fe7443b96d699b50a981bdc3aa4e9e628eae35d6c064abe0445afc0ec479231c940e874b597a22bd3f4ed3141b5c2c98513ea39ed73b83db70216dc4847ad52ae91eb73ef98c504c230359a4c281ed94fa6ab5f0c140c20e8b30fdff2cb51"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd03}, 0x90)
syz_emit_ethernet(0x11dc0, &(0x7f0000000a00)=ANY=[@ANYBLOB="aaaaaaaaaaaaaf5c520a041c86dd60"], 0x0)

kernel console output (not intermixed with test programs):

][ T4646] Bluetooth: hci4: command 0x0405 tx timeout
[  149.287497][ T6828] FAULT_INJECTION: forcing a failure.
[  149.287497][ T6828] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.296299][ T6828] CPU: 2 PID: 6828 Comm: syz.0.477 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  149.301242][ T6828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.308272][ T6828] Call Trace:
[  149.310046][ T6828]  <TASK>
[  149.311384][ T6828]  dump_stack_lvl+0x16c/0x1f0
[  149.313246][ T6828]  should_fail_ex+0x497/0x5b0
[  149.315546][ T6828]  _copy_to_user+0x30/0xc0
[  149.317712][ T6828]  bpf_test_finish.isra.0+0x5b6/0x6b0
[  149.320238][ T6828]  ? find_held_lock+0x2d/0x110
[  149.322405][ T6828]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  149.324839][ T6828]  ? bpf_test_timer_leave+0xb3/0x170
[  149.327017][ T6828]  ? ktime_get+0xfb/0x1a0
[  149.329768][ T6828]  bpf_prog_test_run_sk_lookup+0xa9e/0xcf0
[  149.332411][ T6828]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  149.335169][ T6828]  ? fput+0x32/0x390
[  149.337006][ T6828]  ? __bpf_prog_get+0xa0/0x2f0
[  149.339174][ T6828]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  149.341700][ T6828]  __sys_bpf+0x141f/0x5600
[  149.343529][ T6828]  ? __pfx___sys_bpf+0x10/0x10
[  149.345638][ T6828]  ? ksys_write+0x12f/0x260
[  149.347616][ T6828]  ? find_held_lock+0x2d/0x110
[  149.349759][ T6828]  ? ksys_write+0x21c/0x260
[  149.351756][ T6828]  ? __pfx_lock_release+0x10/0x10
[  149.353809][ T6828]  ? vfs_write+0x14d/0x1140
[  149.356036][ T4646] Bluetooth: hci2: ACL packet for unknown connection handle 3287
[  149.356883][ T6828]  ? __mutex_unlock_slowpath+0x164/0x650
[  149.360327][ T4646] Bluetooth: Unexpected start frame (len 12)
[  149.362625][ T6828]  ? fput+0x32/0x390
[  149.367039][ T6828]  ? ksys_write+0x1ab/0x260
[  149.368895][ T6828]  ? __pfx_ksys_write+0x10/0x10
[  149.371128][ T6828]  __ia32_sys_bpf+0x76/0xe0
[  149.373156][ T6828]  __do_fast_syscall_32+0x73/0x120
[  149.375458][ T6828]  do_fast_syscall_32+0x32/0x80
[  149.377422][ T6828]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.380358][ T6828] RIP: 0023:0xf741e579
[  149.382181][ T6828] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.390771][ T6828] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  149.394028][ T6828] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000440
[  149.397378][ T6828] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  149.401006][ T6828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.404903][ T6828] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.408258][ T6828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.411856][ T6828]  </TASK>
[  149.414299][    C2] hpet: Lost 7 RTC interrupts
[  149.807460][ T5218] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  149.997846][ T5218] usb 5-1: Using ep0 maxpacket: 8
[  150.002383][ T5218] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  150.007336][ T5218] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  150.022437][ T5218] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  150.034085][ T5218] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  150.057478][ T5218] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  150.062930][ T5218] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  150.080964][ T5218] usb 5-1: string descriptor 0 read error: -22
[  150.094264][ T5218] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  150.119279][ T5218] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.140582][ T5218] adutux 5-1:168.0: interrupt endpoints not found
[  150.346265][ T5218] usb 5-1: USB disconnect, device number 18
[  150.559129][ T6834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.827476][   T30] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  150.939440][ T6860] x_tables: duplicate underflow at hook 1
[  151.007586][   T30] usb 8-1: Using ep0 maxpacket: 16
[  151.014432][   T30] usb 8-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config
[  151.019278][   T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  151.023613][   T30] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  151.033316][   T30] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  151.037693][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.041734][   T30] usb 8-1: Product: syz
[  151.043968][   T30] usb 8-1: Manufacturer: syz
[  151.046251][   T30] usb 8-1: SerialNumber: syz
[  151.060866][   T30] cdc_ncm 8-1:1.0: NCM or ECM functional descriptors missing
[  151.064468][   T30] cdc_ncm 8-1:1.0: bind() failure
[  151.268873][ T6846] netlink: 'syz.3.482': attribute type 10 has an invalid length.
[  151.296182][ T6846] batman_adv: batadv0: Adding interface: team0
[  151.299305][ T6846] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  151.311393][ T6846] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  151.317545][ T6849] netlink: 'syz.3.482': attribute type 10 has an invalid length.
[  151.321298][ T6849] netlink: 2 bytes leftover after parsing attributes in process `syz.3.482'.
[  151.325415][ T6849] team0: entered promiscuous mode
[  151.327910][ T6849] team_slave_0: entered promiscuous mode
[  151.330823][ T6849] team_slave_1: entered promiscuous mode
[  151.337987][ T6849] 8021q: adding VLAN 0 to HW filter on device team0
[  151.342536][ T6849] batman_adv: batadv0: Interface activated: team0
[  151.346149][ T6849] batman_adv: batadv0: Interface deactivated: team0
[  151.349359][ T6849] batman_adv: batadv0: Removing interface: team0
[  151.354432][ T6849] bridge0: port 3(team0) entered blocking state
[  151.358810][ T6849] bridge0: port 3(team0) entered disabled state
[  151.364330][ T6849] team0: entered allmulticast mode
[  151.366519][ T6849] team_slave_0: entered allmulticast mode
[  151.369331][ T6849] team_slave_1: entered allmulticast mode
[  151.376757][ T6849] bridge0: port 3(team0) entered blocking state
[  151.380565][ T6849] bridge0: port 3(team0) entered forwarding state
[  151.394180][  T969] usb 8-1: USB disconnect, device number 15
[  151.499347][ T5258] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  151.697609][ T5258] usb 5-1: Using ep0 maxpacket: 32
[  151.710968][ T5258] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.715620][ T5258] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  151.720124][ T5258] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  151.725084][ T5258] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  151.730384][ T5258] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  151.740775][ T5258] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  151.745278][ T5258] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.749231][ T5258] usb 5-1: Product: syz
[  151.751336][ T5258] usb 5-1: Manufacturer: syz
[  151.753235][ T5258] usb 5-1: SerialNumber: syz
[  151.986726][ T5258] cdc_ncm 5-1:1.0: bind() failure
[  152.011629][ T5258] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  152.014359][ T5258] cdc_ncm 5-1:1.1: bind() failure
[  152.027280][ T5258] usb 5-1: USB disconnect, device number 19
[  152.373481][ T6875] input: syz0 as /devices/virtual/input/input20
[  152.790277][ T6885] kcapi: manufacturer command 14 unknown.
[  152.958771][ T6891] x_tables: duplicate underflow at hook 1
[  153.461067][ T6899] nft_compat: unsupported protocol 5
[  153.595231][    C2] hpet: Lost 1 RTC interrupts
[  153.997664][ T5218] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  154.193725][ T5218] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.198961][ T5218] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.203447][ T5218] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  154.208279][ T5218] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.213899][ T5218] usb 6-1: config 0 descriptor??
[  154.639845][ T5218] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  154.666381][ T5218] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0926:3333.0006/input/input21
[  154.825012][ T5218] keytouch 0003:0926:3333.0006: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  154.856000][ T6914] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT
[  154.878605][ T5218] usb 6-1: USB disconnect, device number 9
[  156.197894][ T6944] FAULT_INJECTION: forcing a failure.
[  156.197894][ T6944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.206089][ T6944] CPU: 2 PID: 6944 Comm: syz.0.510 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  156.210304][ T6944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.214924][ T6944] Call Trace:
[  156.216390][ T6944]  <TASK>
[  156.217707][ T6944]  dump_stack_lvl+0x16c/0x1f0
[  156.219856][ T6944]  should_fail_ex+0x497/0x5b0
[  156.221947][ T6944]  _copy_from_user+0x30/0xf0
[  156.224061][ T6944]  vhost_net_ioctl+0x47e/0x16f0
[  156.226229][ T6944]  ? __pfx_vhost_net_ioctl+0x10/0x10
[  156.228362][ T6944]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  156.230642][ T6944]  ? __fget_files+0x256/0x400
[  156.232586][ T6944]  ? __pfx_vhost_net_ioctl+0x10/0x10
[  156.234695][ T6944]  compat_ptr_ioctl+0x71/0xb0
[  156.236741][ T6944]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  156.239015][ T6944]  __do_compat_sys_ioctl+0x2c3/0x330
[  156.241282][ T6944]  __do_fast_syscall_32+0x73/0x120
[  156.243460][ T6944]  do_fast_syscall_32+0x32/0x80
[  156.245559][ T6944]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.248195][ T6944] RIP: 0023:0xf741e579
[  156.249914][ T6944] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.257917][ T6944] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  156.261424][ T6944] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000004008af30
[  156.264796][ T6944] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  156.268167][ T6944] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.271521][ T6944] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.274810][ T6944] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.278194][ T6944]  </TASK>
[  156.280038][    C2] hpet: Lost 3 RTC interrupts
[  156.867144][ T6958] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  156.870501][ T6958] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  156.879260][ T6958] vhci_hcd vhci_hcd.0: Device attached
[  157.097591][ T5218] vhci_hcd: vhci_device speed not set
[  157.167506][ T5218] usb 15-1: new full-speed USB device number 2 using vhci_hcd
[  157.691986][ T6959] vhci_hcd: connection reset by peer
[  157.697712][  T105] vhci_hcd: stop threads
[  157.700179][  T105] vhci_hcd: release socket
[  157.723562][  T105] vhci_hcd: disconnect device
[  158.051169][ T6980] input: syz0 as /devices/virtual/input/input22
[  159.733005][ T7015] FAULT_INJECTION: forcing a failure.
[  159.733005][ T7015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.747628][ T7015] CPU: 0 PID: 7015 Comm: syz.0.527 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  159.751804][ T7015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.756550][ T7015] Call Trace:
[  159.758111][ T7015]  <TASK>
[  159.759516][ T7015]  dump_stack_lvl+0x16c/0x1f0
[  159.761694][ T7015]  should_fail_ex+0x497/0x5b0
[  159.763802][ T7015]  _copy_from_user+0x30/0xf0
[  159.765912][ T7015]  get_compat_msghdr+0xa8/0x170
[  159.768012][ T7015]  ? __pfx_get_compat_msghdr+0x10/0x10
[  159.770557][ T7015]  ? kfree+0x245/0x3b0
[  159.772328][ T7015]  ___sys_sendmsg+0x1b0/0x1e0
[  159.774424][ T7015]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.776540][ T7015]  ? __pfx_lock_release+0x10/0x10
[  159.778439][ T7015]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  159.780988][ T7015]  ? __pfx___might_resched+0x10/0x10
[  159.783230][ T7015]  ? __fget_light+0x173/0x210
[  159.785242][ T7015]  __sys_sendmmsg+0x2a5/0x450
[  159.787709][ T7015]  ? __pfx___sys_sendmmsg+0x10/0x10
[  159.790071][ T7015]  ? vfs_write+0x14d/0x1140
[  159.792059][ T7015]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  159.794662][ T7015]  ? fput+0x32/0x390
[  159.796455][ T7015]  ? ksys_write+0x1ab/0x260
[  159.798260][ T7015]  ? __pfx_ksys_write+0x10/0x10
[  159.800211][ T7015]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  159.802431][ T7015]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  159.805035][ T7015]  __do_fast_syscall_32+0x73/0x120
[  159.807021][ T7015]  do_fast_syscall_32+0x32/0x80
[  159.809304][ T7015]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  159.812139][ T7015] RIP: 0023:0xf741e579
[  159.813895][ T7015] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  159.821556][ T7015] RSP: 002b:00000000f5d1556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  159.824997][ T7015] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200038c0
[  159.827670][ T7015] RDX: 00000000ffffff06 RSI: 0000000000000000 RDI: 0000000000000000
[  159.831394][ T7015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  159.835557][ T7015] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  159.840480][ T7015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  159.845399][ T7015]  </TASK>
[  160.131864][ T7022] Driver unsupported XDP return value 0 on prog  (id 207) dev N/A, expect packet loss!
[  161.103227][ T7048] input: syz0 as /devices/virtual/input/input23
[  162.277520][ T5218] vhci_hcd: vhci_device speed not set
[  162.397673][   T59] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  162.619424][   T59] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  162.624883][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.633694][   T59] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  162.639411][   T59] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  162.643078][   T59] usb 5-1: Manufacturer: syz
[  162.648476][   T59] usb 5-1: config 0 descriptor??
[  162.694874][   T39] audit: type=1326 audit(1721402595.082:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7fc00000
[  162.728648][   T59] rc_core: IR keymap rc-hauppauge not found
[  162.732213][   T59] Registered IR keymap rc-empty
[  162.748270][   T59] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  162.757289][   T59] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input24
[  162.873430][ T5000] usb 5-1: USB disconnect, device number 20
[  163.460180][ T7087] input: syz0 as /devices/virtual/input/input25
[  164.802170][ T7112] netlink: 'syz.3.558': attribute type 2 has an invalid length.
[  164.805722][ T7112] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.558'.
[  164.814534][ T4646] Bluetooth: hci2: Malformed Event: 0x02
[  165.050801][ T7119] netlink: 32 bytes leftover after parsing attributes in process `syz.0.560'.
[  165.271108][   T39] audit: type=1326 audit(1721402597.662:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.279574][   T39] audit: type=1326 audit(1721402597.662:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.288668][   T39] audit: type=1326 audit(1721402597.662:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.296745][   T39] audit: type=1326 audit(1721402597.662:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.305019][   T39] audit: type=1326 audit(1721402597.662:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.312608][   T39] audit: type=1326 audit(1721402597.662:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.320612][   T39] audit: type=1326 audit(1721402597.662:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.329359][   T39] audit: type=1326 audit(1721402597.662:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.337265][   T39] audit: type=1326 audit(1721402597.662:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  165.705412][ T7136] input: syz0 as /devices/virtual/input/input27
[  165.829650][ T7138] input: syz0 as /devices/virtual/input/input28
[  167.030584][ T7163] fuse: Bad value for 'group_id'
[  167.032913][ T7163] fuse: Bad value for 'group_id'
[  167.747676][ T5218] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  167.949877][ T5218] usb 8-1: config 0 has no interfaces?
[  167.954007][ T5218] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  167.958039][ T5218] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  167.961454][ T5218] usb 8-1: Manufacturer: syz
[  167.968941][ T5218] usb 8-1: config 0 descriptor??
[  168.096033][ T7184] input: syz0 as /devices/virtual/input/input30
[  168.222009][ T5218] usb 8-1: USB disconnect, device number 16
[  168.817661][ T5218] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  169.028467][ T5218] usb 8-1: Using ep0 maxpacket: 16
[  169.034527][ T5218] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  169.039761][ T5218] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  169.047618][ T5218] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.056021][ T5218] usb 8-1: config 0 descriptor??
[  169.065312][ T5211] kernel write not supported for file /stat (pid: 5211 comm: kworker/1:3)
[  169.065438][ T5218] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input31
[  169.139491][ T7212] input: syz0 as /devices/virtual/input/input32
[  169.318828][ T4686] bcm5974 8-1:0.0: could not read from device
[  169.334527][ T7169] bcm5974 8-1:0.0: could not read from device
[  169.336621][ T5218] usb 8-1: USB disconnect, device number 17
[  169.348775][ T4686] bcm5974 8-1:0.0: could not read from device
[  170.187412][    C2] hpet_rtc_timer_reinit: 15 callbacks suppressed
[  170.187430][    C2] hpet: Lost 1 RTC interrupts
[  170.320696][ T7245] input: syz0 as /devices/virtual/input/input33
[  170.323341][ T7244] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  170.326719][ T7244] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  170.349541][ T7244] vhci_hcd vhci_hcd.0: Device attached
[  170.378638][ T7243] FAULT_INJECTION: forcing a failure.
[  170.378638][ T7243] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.384577][ T7243] CPU: 3 PID: 7243 Comm: syz.3.607 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  170.388481][ T7243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.393368][ T7243] Call Trace:
[  170.395673][ T7243]  <TASK>
[  170.397037][ T7243]  dump_stack_lvl+0x16c/0x1f0
[  170.399024][ T7243]  should_fail_ex+0x497/0x5b0
[  170.402950][ T7243]  _copy_from_user+0x30/0xf0
[  170.403621][ T7226] cdrom: dropping to single frame dma
[  170.404788][ T7243]  input_event_from_user+0x22d/0x3b0
[  170.404826][ T7243]  ? __pfx_input_event_from_user+0x10/0x10
[  170.404838][ T7243]  ? input_inject_event+0x193/0x370
[  170.404851][ T7243]  evdev_write+0x374/0x750
[  170.416275][ T7243]  ? __pfx_evdev_write+0x10/0x10
[  170.418530][ T7243]  ? bpf_lsm_file_permission+0x9/0x10
[  170.420826][ T7243]  ? security_file_permission+0x98/0xc0
[  170.423394][ T7243]  ? __pfx_evdev_write+0x10/0x10
[  170.425538][ T7243]  vfs_write+0x29a/0x1140
[  170.426861][ T7243]  ? __pfx_vfs_write+0x10/0x10
[  170.428691][ T7243]  ? __fget_files+0x256/0x400
[  170.430576][ T7243]  ? __fget_light+0x173/0x210
[  170.433110][ T7243]  ksys_write+0x1f8/0x260
[  170.435197][ T7243]  ? __pfx_ksys_write+0x10/0x10
[  170.437518][ T7243]  __do_fast_syscall_32+0x73/0x120
[  170.440033][ T7243]  do_fast_syscall_32+0x32/0x80
[  170.442226][ T7243]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.445045][ T7243] RIP: 0023:0xf7f03579
[  170.446989][ T7243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.454898][ T7243] RSP: 002b:00000000f5cb656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  170.458386][ T7243] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[  170.462026][ T7243] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000
[  170.465895][ T7243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  170.469591][ T7243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  170.475017][ T7243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.477733][ T7243]  </TASK>
[  170.479153][    C3] vkms_vblank_simulate: vblank timer overrun
[  170.577786][ T5258] vhci_hcd: vhci_device speed not set
[  170.657481][ T5258] usb 15-1: new full-speed USB device number 3 using vhci_hcd
[  171.120204][ T7246] vhci_hcd: connection reset by peer
[  171.122976][   T45] vhci_hcd: stop threads
[  171.125607][   T45] vhci_hcd: release socket
[  171.128051][   T45] vhci_hcd: disconnect device
[  171.271893][ T7257] input: syz0 as /devices/virtual/input/input34
[  171.657791][   T10] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  171.808255][   T10] usb 7-1: device descriptor read/64, error -71
[  172.038955][ T7262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.613'.
[  172.056309][ T7262] fuse: Unknown parameter '0xffffffffffffffff'
[  172.087640][   T10] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  172.223872][ T7270] netlink: 'syz.3.616': attribute type 2 has an invalid length.
[  172.228038][ T7270] netlink: 4 bytes leftover after parsing attributes in process `syz.3.616'.
[  172.239207][   T10] usb 7-1: device descriptor read/64, error -71
[  172.342787][ T7277] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  172.346680][ T7277] overlayfs: failed to set xattr on upper
[  172.353973][ T7277] overlayfs: ...falling back to redirect_dir=nofollow.
[  172.356972][ T7277] overlayfs: ...falling back to index=off.
[  172.358433][   T10] usb usb7-port1: attempt power cycle
[  172.362511][ T7277] overlayfs: ...falling back to uuid=null.
[  172.382049][ T7277] netlink: 240 bytes leftover after parsing attributes in process `syz.3.620'.
[  172.624104][ T7289] delete_channel: no stack
[  172.772533][ T7296] input: syz0 as /devices/virtual/input/input35
[  172.778931][   T10] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  172.802119][ T5000] libceph: connect (1)[c::]:6789 error -101
[  172.819151][ T5000] libceph: mon0 (1)[c::]:6789 connect error
[  172.858613][   T10] usb 7-1: device descriptor read/8, error -71
[  172.977545][ T7300] netlink: 16 bytes leftover after parsing attributes in process `syz.0.626'.
[  173.059955][ T7299] overlay: ./file0 is not a directory
[  173.079777][ T5000] libceph: connect (1)[c::]:6789 error -101
[  173.082509][ T5000] libceph: mon0 (1)[c::]:6789 connect error
[  173.187515][   T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  173.219394][   T10] usb 7-1: device descriptor read/8, error -71
[  173.343608][   T10] usb usb7-port1: unable to enumerate USB device
[  173.560327][ T7292] ceph: No mds server is up or the cluster is laggy
[  173.589528][ T5000] libceph: connect (1)[c::]:6789 error -101
[  173.593793][ T5000] libceph: mon0 (1)[c::]:6789 connect error
[  173.879287][ T7324] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  173.881996][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  173.893988][ T7324] vhci_hcd vhci_hcd.0: Device attached
[  174.514787][ T7344] input: syz0 as /devices/virtual/input/input36
[  174.656660][ T7325] vhci_hcd: connection closed
[  174.658572][   T13] vhci_hcd: stop threads
[  174.662158][   T13] vhci_hcd: release socket
[  174.667681][   T13] vhci_hcd: disconnect device
[  174.681847][ T7346] input: syz0 as /devices/virtual/input/input37
[  175.608249][ T7364] netlink: 48 bytes leftover after parsing attributes in process `syz.3.642'.
[  175.798162][ T5258] vhci_hcd: vhci_device speed not set
[  175.829690][ T7373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.469450][ T7387] netlink: 24 bytes leftover after parsing attributes in process `syz.0.651'.
[  176.600827][ T7392] input: syz0 as /devices/virtual/input/input38
[  177.292303][ T5218] IPVS: starting estimator thread 0...
[  177.387571][ T7402] IPVS: using max 20 ests per chain, 48000 per kthread
[  177.426669][ T7406] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  177.429425][ T7406] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  177.433668][ T7406] vhci_hcd vhci_hcd.0: Device attached
[  177.648466][ T5218] vhci_hcd: vhci_device speed not set
[  177.739108][ T5218] usb 15-1: new full-speed USB device number 4 using vhci_hcd
[  178.204786][ T7407] vhci_hcd: connection reset by peer
[  178.213701][ T1148] vhci_hcd: stop threads
[  178.215555][ T1148] vhci_hcd: release socket
[  178.217422][ T1148] vhci_hcd: disconnect device
[  180.105934][ T7438] input: syz0 as /devices/virtual/input/input39
[  180.299189][ T7440] input: syz0 as /devices/virtual/input/input40
[  180.863690][ T7448] input: syz0 as /devices/virtual/input/input41
[  181.077508][ T5210] Bluetooth: hci2: command 0x0406 tx timeout
[  182.043649][ T7464] syzkaller0: entered promiscuous mode
[  182.047061][ T7464] syzkaller0: entered allmulticast mode
[  182.056518][ T7470] fuse: Bad value for 'user_id'
[  182.062847][ T7470] fuse: Bad value for 'user_id'
[  182.081348][ T7470] netlink: 28 bytes leftover after parsing attributes in process `syz.3.673'.
[  182.321250][ T7474] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  182.324004][ T7474] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  182.330070][ T7474] vhci_hcd vhci_hcd.0: Device attached
[  182.557545][ T5261] vhci_hcd: vhci_device speed not set
[  182.636680][ T5261] usb 19-1: new full-speed USB device number 2 using vhci_hcd
[  182.847889][ T5218] vhci_hcd: vhci_device speed not set
[  183.052316][ T7482] input: syz0 as /devices/virtual/input/input42
[  183.127148][ T7475] vhci_hcd: connection reset by peer
[  183.137968][ T1148] vhci_hcd: stop threads
[  183.183986][ T1148] vhci_hcd: release socket
[  183.186027][ T1148] vhci_hcd: disconnect device
[  184.035633][ T7491] input: syz0 as /devices/virtual/input/input43
[  185.762832][ T7524] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  185.765782][ T7524] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  185.772561][ T7524] vhci_hcd vhci_hcd.0: Device attached
[  185.827478][ T5258] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  186.052441][ T7530] input: syz0 as /devices/virtual/input/input44
[  186.056127][ T5258] usb 6-1: config 0 has no interfaces?
[  186.067447][ T5258] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  186.076445][ T5258] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  186.080691][ T5258] usb 6-1: Manufacturer: syz
[  186.089779][ T5258] usb 6-1: config 0 descriptor??
[  186.363396][ T5258] usb 6-1: USB disconnect, device number 10
[  186.535271][ T7525] vhci_hcd: connection closed
[  186.547732][   T45] vhci_hcd: stop threads
[  186.551692][   T45] vhci_hcd: release socket
[  186.562930][   T45] vhci_hcd: disconnect device
[  186.772465][ T7535] input: syz0 as /devices/virtual/input/input45
[  187.200151][ T7540] x_tables: duplicate underflow at hook 1
[  187.561768][ T7543] x_tables: duplicate underflow at hook 1
[  187.758798][ T7546] input: syz0 as /devices/virtual/input/input48
[  187.797523][ T5261] vhci_hcd: vhci_device speed not set
[  188.825290][ T7551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.693'.
[  188.830195][ T7551] FAULT_INJECTION: forcing a failure.
[  188.830195][ T7551] name failslab, interval 1, probability 0, space 0, times 0
[  188.836292][ T7551] CPU: 1 PID: 7551 Comm: syz.2.693 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  188.840281][ T7551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.845021][ T7551] Call Trace:
[  188.846480][ T7551]  <TASK>
[  188.847769][ T7551]  dump_stack_lvl+0x16c/0x1f0
[  188.849654][ T7551]  should_fail_ex+0x497/0x5b0
[  188.851614][ T7551]  should_failslab+0x9/0x20
[  188.853538][ T7551]  __kmalloc_cache_noprof+0x6b/0x310
[  188.855805][ T7551]  ? alloc_netdev_mqs+0xddb/0x1290
[  188.857945][ T7551]  alloc_netdev_mqs+0xddb/0x1290
[  188.860073][ T7551]  rtnl_create_link+0xbed/0xf10
[  188.862204][ T7551]  __rtnl_newlink+0x10b3/0x1960
[  188.864356][ T7551]  ? __pfx___rtnl_newlink+0x10/0x10
[  188.866678][ T7551]  rtnl_newlink+0x67/0xa0
[  188.868694][ T7551]  ? __pfx_rtnl_newlink+0x10/0x10
[  188.871124][ T7551]  rtnetlink_rcv_msg+0x3c7/0xea0
[  188.873366][ T7551]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  188.876127][ T7551]  ? __pfx___dev_queue_xmit+0x10/0x10
[  188.878564][ T7551]  netlink_rcv_skb+0x165/0x410
[  188.880626][ T7551]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  188.883122][ T7551]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  188.885496][ T7551]  ? netlink_deliver_tap+0x1ae/0xcf0
[  188.887897][ T7551]  netlink_unicast+0x544/0x830
[  188.890069][ T7551]  ? __pfx_netlink_unicast+0x10/0x10
[  188.892463][ T7551]  ? __phys_addr_symbol+0x30/0x80
[  188.894642][ T7551]  ? __check_object_size+0x4a7/0x720
[  188.896999][ T7551]  netlink_sendmsg+0x8b8/0xd70
[  188.899297][ T7551]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.902154][ T7551]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  188.904818][ T7551]  ____sys_sendmsg+0x9b4/0xb50
[  188.907095][ T7551]  ? __pfx_____sys_sendmsg+0x10/0x10
[  188.909903][ T7551]  ? get_compat_msghdr+0x11b/0x170
[  188.912307][ T7551]  ? __pfx___lock_acquire+0x10/0x10
[  188.914619][ T7551]  ___sys_sendmsg+0x135/0x1e0
[  188.916422][ T7551]  ? __pfx____sys_sendmsg+0x10/0x10
[  188.918680][ T7551]  ? ksys_write+0x21c/0x260
[  188.920837][ T7551]  ? __fget_light+0x173/0x210
[  188.922942][ T7551]  __sys_sendmsg+0x117/0x1f0
[  188.924748][ T7551]  ? __pfx___sys_sendmsg+0x10/0x10
[  188.926582][ T7551]  __do_fast_syscall_32+0x73/0x120
[  188.928618][ T7551]  do_fast_syscall_32+0x32/0x80
[  188.930701][ T7551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  188.933404][ T7551] RIP: 0023:0xf7f47579
[  188.935207][ T7551] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  188.942633][ T7551] RSP: 002b:00000000f5cf656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  188.946081][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0
[  188.949561][ T7551] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  188.953509][ T7551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  188.957087][ T7551] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  188.960701][ T7551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  188.963924][ T7551]  </TASK>
[  189.676802][ T7562] netlink: 18 bytes leftover after parsing attributes in process `syz.0.697'.
[  189.696320][ T7563] input: syz0 as /devices/virtual/input/input49
[  189.696384][ T7562] netlink: 5572 bytes leftover after parsing attributes in process `syz.0.697'.
[  189.704176][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.697'.
[  189.708674][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.697'.
[  190.251166][ T7572] input: syz0 as /devices/virtual/input/input50
[  190.257470][ T5255] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  190.294484][    C2] hpet: Lost 1 RTC interrupts
[  190.461920][ T5255] usb 5-1: config 0 has no interfaces?
[  190.470829][ T5255] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  190.474527][ T5255] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  190.477992][ T5255] usb 5-1: Manufacturer: syz
[  190.488213][ T5255] usb 5-1: config 0 descriptor??
[  190.758956][ T5218] usb 5-1: USB disconnect, device number 21
[  190.854871][ T7581] input: syz0 as /devices/virtual/input/input51
[  190.917938][ T5258] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  191.117551][ T5258] usb 6-1: Using ep0 maxpacket: 8
[  191.124891][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  191.133638][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  191.142858][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  191.147937][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  191.155809][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  191.160845][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  191.163030][ T7587] x_tables: duplicate underflow at hook 1
[  191.170125][ T5258] usb 6-1: string descriptor 0 read error: -22
[  191.173232][ T5258] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  191.177120][ T5258] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.195367][ T5258] adutux 6-1:168.0: interrupt endpoints not found
[  191.209341][    C2] hpet: Lost 1 RTC interrupts
[  191.395882][ T5258] usb 6-1: USB disconnect, device number 11
[  191.616190][ T7578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.954953][ T7592] x_tables: duplicate underflow at hook 1
[  192.793074][ T7598] x_tables: duplicate underflow at hook 1
[  193.605784][ T5255] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  193.810371][ T5255] usb 7-1: config 0 has no interfaces?
[  193.814735][ T5255] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  193.821935][ T5255] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  193.825377][ T5255] usb 7-1: Manufacturer: syz
[  193.830260][ T5255] usb 7-1: config 0 descriptor??
[  193.872398][ T7620] input: syz0 as /devices/virtual/input/input55
[  194.071157][ T5255] usb 7-1: USB disconnect, device number 14
[  194.834434][    C2] hpet: Lost 1 RTC interrupts
[  195.148054][ T7630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.177544][ T5255] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  195.247472][ T5000] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  195.377521][ T5255] usb 5-1: Using ep0 maxpacket: 8
[  195.384496][ T5255] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  195.397513][ T5000] usb 7-1: device descriptor read/64, error -71
[  195.401499][ T5255] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  195.409682][ T5255] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  195.415453][ T5255] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  195.424209][ T5255] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  195.429081][ T5255] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  195.444871][ T5255] usb 5-1: string descriptor 0 read error: -22
[  195.449267][ T5255] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  195.453704][ T5255] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.465599][ T5255] adutux 5-1:168.0: interrupt endpoints not found
[  195.542385][ T7636] x_tables: duplicate underflow at hook 1
[  195.690049][ T5255] usb 5-1: USB disconnect, device number 22
[  195.692811][ T5000] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  195.847746][ T5000] usb 7-1: device descriptor read/64, error -71
[  195.896317][ T7624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.977512][ T5000] usb usb7-port1: attempt power cycle
[  196.203626][    C2] hpet: Lost 1 RTC interrupts
[  196.397531][ T5000] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  196.428263][ T5000] usb 7-1: device descriptor read/8, error -71
[  196.521488][   T39] audit: type=1326 audit(1721402628.912:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.533332][   T39] audit: type=1326 audit(1721402628.912:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.545177][   T39] audit: type=1326 audit(1721402628.912:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.558458][   T39] audit: type=1326 audit(1721402628.912:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.568794][   T39] audit: type=1326 audit(1721402628.912:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.579423][   T39] audit: type=1326 audit(1721402628.912:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.591641][   T39] audit: type=1326 audit(1721402628.912:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.603272][   T39] audit: type=1326 audit(1721402628.912:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.610843][ T7649] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  196.613165][   T39] audit: type=1326 audit(1721402628.912:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  196.642495][ T7649] kvm: pic: non byte read
[  196.646040][ T7649] kvm: pic: level sensitive irq not supported
[  196.647009][ T7649] kvm: pic: non byte read
[  196.651334][ T5252] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  196.657670][ T7649] kvm: pic: level sensitive irq not supported
[  196.658466][ T7649] kvm: pic: non byte read
[  196.666604][ T7649] kvm: pic: level sensitive irq not supported
[  196.667041][ T7649] kvm: pic: non byte read
[  196.707499][ T5000] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  196.748271][ T5000] usb 7-1: device descriptor read/8, error -71
[  196.857520][ T5252] usb 6-1: config 0 has no interfaces?
[  196.862188][ T5252] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  196.867878][ T5000] usb usb7-port1: unable to enumerate USB device
[  196.877426][ T5252] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  196.883893][ T5252] usb 6-1: Manufacturer: syz
[  196.898363][ T5252] usb 6-1: config 0 descriptor??
[  197.138120][ T5000] usb 6-1: USB disconnect, device number 12
[  197.415157][ T7660] netlink: 23 bytes leftover after parsing attributes in process `syz.3.730'.
[  197.639458][ T7666] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  197.642447][ T7666] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  197.650376][ T7667] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(9)
[  197.653241][ T7667] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  197.657868][ T7667] vhci_hcd vhci_hcd.0: Device attached
[  197.664575][ T7666] vhci_hcd vhci_hcd.0: Device attached
[  197.681396][ T4646] Bluetooth: hci2: unexpected event for opcode 0x0c22
[  197.767840][ T5000] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  197.795766][ T7668] vhci_hcd: connection closed
[  197.798271][   T11] vhci_hcd: stop threads
[  197.802343][   T11] vhci_hcd: release socket
[  197.805309][   T11] vhci_hcd: disconnect device
[  197.808766][ T7669] vhci_hcd: connection closed
[  197.809579][   T13] vhci_hcd: stop threads
[  197.818185][   T13] vhci_hcd: release socket
[  197.820255][   T13] vhci_hcd: disconnect device
[  197.869867][ T5258] vhci_hcd: vhci_device speed not set
[  197.957725][ T5000] usb 6-1: Using ep0 maxpacket: 16
[  197.965114][ T5000] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  197.971310][ T5000] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  197.976759][ T5000] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.000483][ T5000] usb 6-1: config 0 descriptor??
[  198.019947][ T5000] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input57
[  198.284252][ T5255] usb 6-1: USB disconnect, device number 13
[  198.284955][ T4686] bcm5974 6-1:0.0: could not read from device
[  198.292713][ T6765] bcm5974 6-1:0.0: could not read from device
[  198.478182][ T5000] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  198.687462][ T5000] usb 7-1: Using ep0 maxpacket: 8
[  198.692226][ T5000] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  198.697028][ T5000] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  198.709824][ T5000] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  198.714610][ T5000] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  198.724541][ T5000] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  198.730617][ T5000] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  198.742238][ T5000] usb 7-1: string descriptor 0 read error: -22
[  198.745114][ T5000] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  198.750065][ T5000] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.756785][ T5000] adutux 7-1:168.0: interrupt endpoints not found
[  198.971545][ T5255] usb 7-1: USB disconnect, device number 19
[  199.217498][ T7678] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.335314][ T7688] x_tables: duplicate underflow at hook 1
[  199.502546][ T1356] ieee802154 phy0 wpan0: encryption failed: -22
[  199.507984][ T1356] ieee802154 phy1 wpan1: encryption failed: -22
[  199.541959][   T13] bridge_slave_1: left allmulticast mode
[  199.545379][   T13] bridge_slave_1: left promiscuous mode
[  199.550536][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.614900][   T13] bridge_slave_0: left allmulticast mode
[  199.617538][   T13] bridge_slave_0: left promiscuous mode
[  199.620079][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.963047][ T7692] FAULT_INJECTION: forcing a failure.
[  199.963047][ T7692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.042496][ T7692] CPU: 0 PID: 7692 Comm: syz.3.739 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  200.056734][ T7692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.062004][ T7692] Call Trace:
[  200.063950][ T7692]  <TASK>
[  200.066064][ T7692]  dump_stack_lvl+0x16c/0x1f0
[  200.070349][ T7692]  should_fail_ex+0x497/0x5b0
[  200.073459][ T7692]  _copy_from_user+0x30/0xf0
[  200.075568][ T7692]  do_compat_sigaltstack+0xf7/0x2f0
[  200.078168][ T7692]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  200.081299][ T7692]  ? ia32_restore_sigcontext+0x416/0x5d0
[  200.085175][ T7692]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  200.088412][ T7692]  ? _raw_spin_unlock_irq+0x23/0x50
[  200.090810][ T7692]  ? lockdep_hardirqs_on+0x7c/0x110
[  200.093123][ T7692]  compat_restore_altstack+0x17/0x40
[  200.095248][ T7692]  __do_compat_sys_rt_sigreturn+0x18c/0x1f0
[  200.097953][ T7692]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  200.100674][ T7692]  do_int80_emulation+0x104/0x200
[  200.102650][ T7692]  asm_int80_emulation+0x1a/0x20
[  200.105471][ T7692] RIP: 0023:0xf7f03577
[  200.107391][ T7692] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  200.119594][ T7692] RSP: 002b:00000000f5cb656c EFLAGS: 00000296
[  200.123281][ T7692] RAX: 000000000000013b RBX: 0000000000000005 RCX: 0000000000000004
[  200.128634][ T7692] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  200.132641][ T7692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  200.135991][ T7692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  200.139450][ T7692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  200.142813][ T7692]  </TASK>
[  200.767462][ T5258] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  200.923512][ T4646] Bluetooth: hci4: command 0x0405 tx timeout
[  200.969839][ T5258] usb 8-1: Using ep0 maxpacket: 32
[  200.973925][ T5258] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.982589][ T5258] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  201.002962][ T5258] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  201.006703][ T5258] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  201.010444][ T5258] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  201.029617][ T5258] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  201.033616][ T5258] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.037277][ T5258] usb 8-1: Product: syz
[  201.039275][ T5258] usb 8-1: Manufacturer: syz
[  201.041522][ T5258] usb 8-1: SerialNumber: syz
[  201.168034][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.187957][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.211157][   T13] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  201.225459][   T13] bond0 (unregistering): Released all slaves
[  201.337484][   T25] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  201.489281][   T25] usb 7-1: device descriptor read/64, error -71
[  201.757492][   T25] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  201.907485][   T25] usb 7-1: device descriptor read/64, error -71
[  201.937589][   T13] hsr_slave_0: left promiscuous mode
[  201.967276][   T13] hsr_slave_1: left promiscuous mode
[  201.972782][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.975730][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.980968][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.993030][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.037952][   T25] usb usb7-port1: attempt power cycle
[  202.090019][   T13] veth1_macvtap: left promiscuous mode
[  202.108636][   T13] veth0_macvtap: left promiscuous mode
[  202.111113][   T13] veth1_vlan: left promiscuous mode
[  202.113677][   T13] veth0_vlan: left promiscuous mode
[  202.457565][   T25] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  202.490746][   T25] usb 7-1: device descriptor read/8, error -71
[  202.757532][   T25] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  202.788201][   T25] usb 7-1: device descriptor read/8, error -71
[  202.907796][   T25] usb usb7-port1: unable to enumerate USB device
[  203.265134][ T5258] cdc_ncm 8-1:1.0: bind() failure
[  203.300821][ T5258] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  203.303625][ T5258] cdc_ncm 8-1:1.1: bind() failure
[  203.348677][ T5258] usb 8-1: USB disconnect, device number 18
[  203.468639][ T7706] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  203.471384][ T7706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  203.481493][ T7706] vhci_hcd vhci_hcd.0: Device attached
[  203.499462][    C2] hpet_rtc_timer_reinit: 55 callbacks suppressed
[  203.499476][    C2] hpet: Lost 1 RTC interrupts
[  203.696661][ T5255] vhci_hcd: vhci_device speed not set
[  203.769102][ T5255] usb 19-1: new low-speed USB device number 4 using vhci_hcd
[  203.876782][   T13] team0 (unregistering): Port device team_slave_1 removed
[  203.890787][ T7712] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  203.893839][ T7712] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  203.898081][ T7712] vhci_hcd vhci_hcd.0: Device attached
[  204.038711][   T13] team0 (unregistering): Port device team_slave_0 removed
[  204.097518][ T1272] vhci_hcd: vhci_device speed not set
[  204.177475][ T1272] usb 13-1: new full-speed USB device number 2 using vhci_hcd
[  204.249630][ T7707] vhci_hcd: connection reset by peer
[  204.253505][ T1148] vhci_hcd: stop threads
[  204.255837][ T1148] vhci_hcd: release socket
[  204.261991][ T1148] vhci_hcd: disconnect device
[  204.637570][ T5258] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  204.703753][ T7713] vhci_hcd: connection reset by peer
[  204.752622][   T45] vhci_hcd: stop threads
[  204.754528][   T45] vhci_hcd: release socket
[  204.757020][   T45] vhci_hcd: disconnect device
[  204.839693][ T5258] usb 7-1: config 0 has no interfaces?
[  204.844962][ T5258] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  204.853289][ T5258] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  204.864280][ T5258] usb 7-1: Manufacturer: syz
[  204.870853][ T5258] usb 7-1: config 0 descriptor??
[  205.135615][ T5258] usb 7-1: USB disconnect, device number 24
[  205.487063][    C2] hpet: Lost 1 RTC interrupts
[  205.627918][ T5258] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  205.701313][   T13] IPVS: stop unused estimator thread 0...
[  205.808247][ T5258] usb 7-1: Using ep0 maxpacket: 16
[  205.820693][ T5258] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  205.825709][ T5258] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  205.832346][ T5258] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.839446][ T5258] usb 7-1: config 0 descriptor??
[  205.860885][ T5258] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input59
[  206.113587][ T4686] bcm5974 7-1:0.0: could not read from device
[  206.119136][ T7717] bcm5974 7-1:0.0: could not read from device
[  206.125138][ T5258] usb 7-1: USB disconnect, device number 25
[  206.915726][ T7727] input: syz0 as /devices/virtual/input/input60
[  208.939432][ T5255] vhci_hcd: vhci_device speed not set
[  209.337538][ T1272] vhci_hcd: vhci_device speed not set
[  209.407810][ T4646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  209.409368][ T4646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  209.411111][ T4646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  209.439397][ T4646] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  209.452574][ T4646] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  209.460981][ T4646] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  209.690004][ T7754] chnl_net:caif_netlink_parms(): no params data found
[  209.959467][ T7754] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.959571][ T7754] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.959665][ T7754] bridge_slave_0: entered allmulticast mode
[  209.960628][ T7754] bridge_slave_0: entered promiscuous mode
[  209.962956][ T7754] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.963052][ T7754] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.963165][ T7754] bridge_slave_1: entered allmulticast mode
[  209.964494][ T7754] bridge_slave_1: entered promiscuous mode
[  210.097710][ T7754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.110802][ T7754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.127719][ T5261] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  210.185193][ T7754] team0: Port device team_slave_0 added
[  210.194358][ T7754] team0: Port device team_slave_1 added
[  210.279719][ T7754] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.283013][ T7754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.294521][ T7754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.306092][ T7754] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.309644][ T7754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.309788][ T5261] usb 5-1: config 0 has no interfaces?
[  210.320893][ T7754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.331629][ T5261] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  210.338255][ T5261] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  210.352226][ T5261] usb 5-1: Manufacturer: syz
[  210.373665][ T5261] usb 5-1: config 0 descriptor??
[  210.523643][ T7774] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  210.526387][ T7774] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  210.530095][ T7774] vhci_hcd vhci_hcd.0: Device attached
[  210.564625][ T7754] hsr_slave_0: entered promiscuous mode
[  210.573579][ T7754] hsr_slave_1: entered promiscuous mode
[  210.598870][ T7754] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.602591][ T7754] Cannot create hsr debugfs directory
[  210.646038][ T5255] usb 5-1: USB disconnect, device number 23
[  210.732050][ T7781] input: syz0 as /devices/virtual/input/input61
[  210.746165][ T1272] vhci_hcd: vhci_device speed not set
[  210.817521][ T1272] usb 17-1: new full-speed USB device number 2 using vhci_hcd
[  211.207245][ T7754] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.257561][ T5255] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  211.277562][ T7775] vhci_hcd: connection reset by peer
[  211.282888][   T11] vhci_hcd: stop threads
[  211.284838][   T11] vhci_hcd: release socket
[  211.286852][   T11] vhci_hcd: disconnect device
[  211.289788][ T7754] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.431551][ T7754] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.437508][ T5255] usb 5-1: Using ep0 maxpacket: 16
[  211.441987][ T5255] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  211.446129][ T5255] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  211.472168][ T5255] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.513277][ T5255] usb 5-1: config 0 descriptor??
[  211.529539][ T5255] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input62
[  211.557533][ T5210] Bluetooth: hci3: command tx timeout
[  211.579328][ T7754] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.785352][ T7754] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  211.793980][ T4686] bcm5974 5-1:0.0: could not read from device
[  211.809145][ T7754] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  211.840465][ T5255] usb 5-1: USB disconnect, device number 24
[  211.890807][ T7754] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  211.908574][ T7754] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  212.060368][ T7754] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.085899][ T7754] 8021q: adding VLAN 0 to HW filter on device team0
[  212.097021][  T969] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.102051][  T969] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.122661][  T969] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.126496][  T969] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.348816][ T7786] input: syz0 as /devices/virtual/input/input63
[  212.368661][ T7754] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.421883][ T7754] veth0_vlan: entered promiscuous mode
[  212.431009][ T7754] veth1_vlan: entered promiscuous mode
[  212.472176][ T7754] veth0_macvtap: entered promiscuous mode
[  212.484571][ T7754] veth1_macvtap: entered promiscuous mode
[  212.507280][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.512086][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.517147][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.523340][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.532573][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.540585][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.545202][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.551451][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.557294][ T7754] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.569067][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.574027][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.579956][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.585992][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.594165][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.600033][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.604452][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.618314][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.631105][ T7754] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.643755][ T7754] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.647941][ T7754] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.652017][ T7754] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.656510][ T7754] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.720775][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.724230][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.765771][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.770709][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.931014][ T7798] x_tables: duplicate underflow at hook 1
[  213.569743][ T7808] netlink: 828 bytes leftover after parsing attributes in process `syz.2.761'.
[  213.637702][ T5210] Bluetooth: hci3: command tx timeout
[  214.162744][    C2] hpet: Lost 1 RTC interrupts
[  214.469181][ T7811] overlay: Unknown parameter './bus'
[  214.475988][ T7813] Invalid ELF header len 18
[  214.652349][   T39] audit: type=1326 audit(1721402647.042:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.2.763" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  215.014974][    C2] hpet: Lost 1 RTC interrupts
[  215.057528][ T5255] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  215.270478][ T5255] usb 5-1: config 0 has no interfaces?
[  215.274905][ T5255] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  215.279217][ T5255] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  215.282966][ T5255] usb 5-1: Manufacturer: syz
[  215.290248][ T5255] usb 5-1: config 0 descriptor??
[  215.573395][   T30] usb 5-1: USB disconnect, device number 25
[  215.605738][ T7825] FAULT_INJECTION: forcing a failure.
[  215.605738][ T7825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.612478][ T7825] CPU: 1 PID: 7825 Comm: syz.2.766 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  215.616287][ T7825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.620370][ T7825] Call Trace:
[  215.621764][ T7825]  <TASK>
[  215.623221][ T7825]  dump_stack_lvl+0x16c/0x1f0
[  215.625065][ T7825]  should_fail_ex+0x497/0x5b0
[  215.627047][ T7825]  _copy_from_user+0x30/0xf0
[  215.629098][ T7825]  get_compat_msghdr+0xa8/0x170
[  215.630814][ T7825]  ? __pfx_get_compat_msghdr+0x10/0x10
[  215.632717][ T7825]  ? kfree+0x245/0x3b0
[  215.634215][ T7825]  ___sys_sendmsg+0x1b0/0x1e0
[  215.636053][ T7825]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.638148][ T7825]  ? __pfx_lock_release+0x10/0x10
[  215.640500][ T7825]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  215.643361][ T7825]  ? __pfx___might_resched+0x10/0x10
[  215.645715][ T7825]  ? __fget_light+0x173/0x210
[  215.647841][ T7825]  __sys_sendmmsg+0x2a5/0x450
[  215.650313][ T7825]  ? __pfx___sys_sendmmsg+0x10/0x10
[  215.652960][ T7825]  ? vfs_write+0x14d/0x1140
[  215.654986][ T7825]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  215.657787][ T7825]  ? fput+0x32/0x390
[  215.659441][ T7825]  ? ksys_write+0x1ab/0x260
[  215.661292][ T7825]  ? __pfx_ksys_write+0x10/0x10
[  215.663181][ T7825]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  215.665732][ T7825]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  215.669453][ T7825]  __do_fast_syscall_32+0x73/0x120
[  215.671899][ T7825]  do_fast_syscall_32+0x32/0x80
[  215.673997][ T7825]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.677194][ T7825] RIP: 0023:0xf7f47579
[  215.679478][ T7825] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  215.690330][ T7825] RSP: 002b:00000000f5cd556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  215.694727][ T7825] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200038c0
[  215.698361][ T7825] RDX: 00000000ffffff06 RSI: 0000000000000000 RDI: 0000000000000000
[  215.701953][ T7825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.704902][ T7825] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  215.708565][ T7825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.712145][ T7825]  </TASK>
[  215.722247][ T5210] Bluetooth: hci3: command tx timeout
[  215.958076][ T1272] vhci_hcd: vhci_device speed not set
[  216.187622][   T30] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  216.387491][   T30] usb 5-1: Using ep0 maxpacket: 16
[  216.395691][   T30] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  216.400480][   T30] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  216.404620][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.425115][   T30] usb 5-1: config 0 descriptor??
[  216.464701][   T30] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input65
[  216.563024][    C2] hpet: Lost 1 RTC interrupts
[  216.744622][ T4686] bcm5974 5-1:0.0: could not read from device
[  216.776167][ T7819] bcm5974 5-1:0.0: could not read from device
[  216.786553][   T30] usb 5-1: USB disconnect, device number 26
[  216.803493][ T4686] bcm5974 5-1:0.0: could not read from device
[  216.848122][ T4686] bcm5974 5-1:0.0: could not read from device
[  216.857166][ T4686] bcm5974 5-1:0.0: could not read from device
[  217.077985][ T7835] tun0: tun_chr_ioctl cmd 1074025678
[  217.080462][ T7835] tun0: group set to 0
[  217.412599][ T7840] netlink: 4 bytes leftover after parsing attributes in process `syz.2.771'.
[  217.444165][ T7843] netlink: 'syz.3.772': attribute type 3 has an invalid length.
[  217.448382][ T7843] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.772'.
[  217.499168][ T7843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.772'.
[  217.653599][ T7843] fuse: Bad value for 'fd'
[  217.799410][ T5210] Bluetooth: hci3: command tx timeout
[  217.999054][ T7858] random: crng reseeded on system resumption
[  218.466381][   T39] audit: type=1326 audit(1721402650.852:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.2.779" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  218.959768][ T7884] input: syz0 as /devices/virtual/input/input67
[  219.522883][    C2] hpet: Lost 1 RTC interrupts
[  219.557485][ T1150] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  219.588568][ T5261] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  219.627532][ T7885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.780'.
[  219.707516][ T1150] usb 5-1: device descriptor read/64, error -71
[  219.789563][ T5261] usb 8-1: config 0 has no interfaces?
[  219.793783][ T5261] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  219.799516][ T5261] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  219.803809][ T5261] usb 8-1: Manufacturer: syz
[  219.810173][ T5261] usb 8-1: config 0 descriptor??
[  219.998267][ T1150] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  220.046654][    C2] hpet: Lost 1 RTC interrupts
[  220.093143][ T5261] usb 8-1: USB disconnect, device number 19
[  220.148601][ T1150] usb 5-1: device descriptor read/64, error -71
[  220.268076][ T1150] usb usb5-port1: attempt power cycle
[  220.437594][ T7906] x_tables: duplicate underflow at hook 1
[  220.607461][ T5261] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  220.677499][ T1150] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  220.718139][ T1150] usb 5-1: device descriptor read/8, error -71
[  220.799249][ T5261] usb 8-1: Using ep0 maxpacket: 16
[  220.805871][ T5261] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  220.818808][ T5261] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  220.831028][ T5261] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.846751][ T5261] usb 8-1: config 0 descriptor??
[  220.866788][ T5261] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input69
[  221.007470][ T1150] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  221.039042][ T1150] usb 5-1: device descriptor read/8, error -71
[  221.151278][ T4686] bcm5974 8-1:0.0: could not read from device
[  221.155657][ T7887] bcm5974 8-1:0.0: could not read from device
[  221.167954][ T1150] usb usb5-port1: unable to enumerate USB device
[  221.173768][ T4686] bcm5974 8-1:0.0: could not read from device
[  221.192988][ T5261] usb 8-1: USB disconnect, device number 20
[  222.630638][    C2] hpet: Lost 1 RTC interrupts
[  222.944710][ T7926] random: crng reseeded on system resumption
[  223.085745][ T7927] input: syz0 as /devices/virtual/input/input70
[  225.547238][ T7976] input: syz0 as /devices/virtual/input/input71
[  225.718046][ T7981] input: syz0 as /devices/virtual/input/input72
[  225.877518][  T969] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  226.059707][  T969] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  226.079997][  T969] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  226.097930][  T969] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  226.105461][  T969] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  226.110649][  T969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.167863][  T969] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2
[  226.243599][ T6709] udevd[6709]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  226.284074][ T7985] x_tables: duplicate underflow at hook 1
[  226.350775][   T25] usb 5-1: USB disconnect, device number 31
[  227.867599][ T1150] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  228.057505][   T10] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  228.057517][ T1150] usb 8-1: Using ep0 maxpacket: 32
[  228.073107][ T1150] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.078889][ T1150] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  228.084556][ T1150] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  228.090403][ T1150] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  228.096026][ T1150] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  228.105097][ T1150] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  228.117955][ T1150] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.123994][ T1150] usb 8-1: Product: syz
[  228.126217][ T1150] usb 8-1: Manufacturer: syz
[  228.129411][ T1150] usb 8-1: SerialNumber: syz
[  228.273350][   T10] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  228.277053][   T10] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  228.291053][   T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  228.296622][   T10] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  228.319710][   T10] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  228.323770][   T10] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  228.329578][   T10] usb 6-1: Product: syz
[  228.331392][   T10] usb 6-1: Manufacturer: syz
[  228.339469][   T10] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  229.349139][ T5252] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  229.530109][ T5252] usb 7-1: config 0 has no interfaces?
[  229.535032][ T5252] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  229.539760][ T5252] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  229.543451][ T5252] usb 7-1: Manufacturer: syz
[  229.550299][ T5252] usb 7-1: config 0 descriptor??
[  229.787461][ T1272] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  229.814178][  T969] usb 7-1: USB disconnect, device number 26
[  229.967460][ T1272] usb 5-1: Using ep0 maxpacket: 8
[  229.977793][ T1272] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  229.982503][ T1272] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  229.990260][ T1272] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  229.995164][ T1272] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  230.003583][ T1272] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  230.008524][ T1272] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  230.018656][ T1272] usb 5-1: string descriptor 0 read error: -22
[  230.021548][ T1272] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  230.025600][ T1272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.034263][ T1272] adutux 5-1:168.0: interrupt endpoints not found
[  230.238654][  T969] usb 5-1: USB disconnect, device number 32
[  230.301049][   T30] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  230.429220][ T1150] cdc_ncm 8-1:1.0: bind() failure
[  230.443657][ T1150] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  230.455848][ T1150] cdc_ncm 8-1:1.1: bind() failure
[  230.467530][ T8046] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  230.467904][ T1150] usb 8-1: USB disconnect, device number 21
[  230.477513][   T30] usb 7-1: Using ep0 maxpacket: 16
[  230.495513][   T30] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.512904][   T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  230.520238][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.525478][   T30] usb 7-1: config 0 descriptor??
[  230.534514][   T30] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input74
[  230.693964][ T5210] Bluetooth: hci2: Malformed Event: 0x2f
[  230.759091][   T39] audit: type=1326 audit(1721402663.152:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8018 comm="syz.1.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7fc00000
[  230.780383][ T1150] usb 6-1: USB disconnect, device number 14
[  230.786689][ T4686] bcm5974 7-1:0.0: could not read from device
[  230.798026][ T8044] bcm5974 7-1:0.0: could not read from device
[  230.803301][   T30] usb 7-1: USB disconnect, device number 27
[  232.997529][  T969] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  233.187845][  T969] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  233.192335][  T969] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  233.202443][  T969] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  233.206447][  T969] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  233.236935][  T969] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  233.244251][  T969] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  233.248225][  T969] usb 6-1: Product: syz
[  233.250825][  T969] usb 6-1: Manufacturer: syz
[  233.264096][  T969] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  233.307733][   T30] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  233.472143][ T8100] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  233.474514][ T8100] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  233.478220][ T8100] vhci_hcd vhci_hcd.0: Device attached
[  233.518461][   T30] usb 8-1: Using ep0 maxpacket: 8
[  233.523098][   T30] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  233.526583][   T30] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  233.531008][ T1150] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  233.539295][   T30] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  233.542850][   T30] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  233.551526][   T30] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  233.555054][   T30] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  233.564670][   T30] usb 8-1: string descriptor 0 read error: -22
[  233.566867][   T30] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  233.570553][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.585351][   T30] adutux 8-1:168.0: interrupt endpoints not found
[  233.687559][   T10] vhci_hcd: vhci_device speed not set
[  233.724926][ T1150] usb 5-1: config 0 has no interfaces?
[  233.732259][ T1150] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  233.736563][ T1150] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  233.740376][ T1150] usb 5-1: Manufacturer: syz
[  233.755774][ T1150] usb 5-1: config 0 descriptor??
[  233.767618][   T10] usb 17-1: new full-speed USB device number 3 using vhci_hcd
[  233.792535][ T1150] usb 8-1: USB disconnect, device number 22
[  234.013542][ T8091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.028446][   T35] usb 5-1: USB disconnect, device number 33
[  234.307681][ T8101] vhci_hcd: connection reset by peer
[  234.311530][   T13] vhci_hcd: stop threads
[  234.313064][   T13] vhci_hcd: release socket
[  234.314663][   T13] vhci_hcd: disconnect device
[  234.657464][   T35] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  234.877451][   T35] usb 5-1: Using ep0 maxpacket: 16
[  234.883089][   T35] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.887917][   T35] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  234.891800][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.908204][   T35] usb 5-1: config 0 descriptor??
[  234.915542][   T35] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input75
[  235.175124][ T4686] bcm5974 5-1:0.0: could not read from device
[  235.192413][   T35] usb 5-1: USB disconnect, device number 34
[  235.723199][   T39] audit: type=1326 audit(1721402668.112:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.1.836" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7fc00000
[  235.763422][ T5261] usb 6-1: USB disconnect, device number 15
[  236.021968][ T8133] x_tables: duplicate underflow at hook 1
[  236.637740][  T969] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  236.827557][  T969] usb 8-1: Using ep0 maxpacket: 8
[  236.829365][  T969] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  236.829405][  T969] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  236.830509][  T969] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  236.830550][  T969] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  236.831504][  T969] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  236.831527][  T969] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  236.834341][  T969] usb 8-1: string descriptor 0 read error: -22
[  236.834410][  T969] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  236.834421][  T969] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.851617][  T969] adutux 8-1:168.0: interrupt endpoints not found
[  237.056249][   T35] usb 8-1: USB disconnect, device number 23
[  237.286805][ T8141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.917524][   T10] vhci_hcd: vhci_device speed not set
[  239.059379][ T8175] netlink: 'syz.3.859': attribute type 3 has an invalid length.
[  239.062780][ T8175] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.859'.
[  239.128450][   T25] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  239.247522][   T39] audit: type=1326 audit(1721402671.622:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.0.860" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0
[  239.249553][ T8181] input: syz0 as /devices/virtual/input/input77
[  239.321238][   T25] usb 6-1: config 0 has no interfaces?
[  239.324789][   T25] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  239.333631][   T25] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  239.337207][   T25] usb 6-1: Manufacturer: syz
[  239.360364][   T25] usb 6-1: config 0 descriptor??
[  239.628799][   T25] usb 6-1: USB disconnect, device number 16
[  240.197972][   T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  240.377586][   T25] usb 6-1: Using ep0 maxpacket: 16
[  240.379639][   T25] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  240.379683][   T25] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  240.379702][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.381627][   T25] usb 6-1: config 0 descriptor??
[  240.385737][   T25] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input78
[  240.673890][ T4686] bcm5974 6-1:0.0: could not read from device
[  240.696533][   T25] usb 6-1: USB disconnect, device number 17
[  240.696876][ T8166] bcm5974 6-1:0.0: could not read from device
[  241.225945][ T8196] tty tty4: ldisc open failed (-12), clearing slot 3
[  241.424441][ T8203] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  241.425930][ T8206] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  242.250159][ T8230] netlink: 'syz.2.870': attribute type 3 has an invalid length.
[  242.253357][ T8230] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.870'.
[  242.499303][ T8235] netlink: 'syz.2.871': attribute type 3 has an invalid length.
[  242.502630][ T8235] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.871'.
[  242.511243][ T8232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'.
[  242.595651][ T8238] FAULT_INJECTION: forcing a failure.
[  242.595651][ T8238] name failslab, interval 1, probability 0, space 0, times 0
[  242.604813][ T8238] CPU: 0 PID: 8238 Comm: syz.0.873 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  242.609312][ T8238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.614006][ T8238] Call Trace:
[  242.615648][ T8238]  <TASK>
[  242.616996][ T8238]  dump_stack_lvl+0x16c/0x1f0
[  242.618219][ T8235] fuse: Bad value for 'fd'
[  242.619183][ T8238]  should_fail_ex+0x497/0x5b0
[  242.623256][ T8238]  should_failslab+0x9/0x20
[  242.625352][ T8238]  __kmalloc_node_noprof+0xd1/0x440
[  242.627680][ T8238]  ? __kvmalloc_node_noprof+0x9d/0x1a0
[  242.630010][ T8238]  __kvmalloc_node_noprof+0x9d/0x1a0
[  242.632382][ T8238]  snd_pcm_plugin_alloc+0x5e1/0x7d0
[  242.634717][ T8238]  snd_pcm_plug_alloc+0x214/0x330
[  242.637012][ T8238]  snd_pcm_oss_change_params_locked+0x1a29/0x3a50
[  242.639939][ T8238]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  242.642956][ T8238]  ? __mutex_lock+0x1a6/0x9c0
[  242.645122][ T8238]  ? __pfx___mutex_lock+0x10/0x10
[  242.647436][ T8238]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  242.649993][ T8238]  snd_pcm_oss_write+0x4af/0xa10
[  242.651693][ T8238]  ? bpf_lsm_file_permission+0x9/0x10
[  242.653785][ T8238]  ? security_file_permission+0x98/0xc0
[  242.653803][ T8238]  ? rw_verify_area+0xd0/0x6c0
[  242.658486][ T8238]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  242.660831][ T8238]  vfs_write+0x29a/0x1140
[  242.662636][ T8238]  ? __pfx_vfs_write+0x10/0x10
[  242.664628][ T8238]  ? __fget_files+0x256/0x400
[  242.666682][ T8238]  ? __fget_light+0x173/0x210
[  242.668268][ T8238]  ksys_write+0x12f/0x260
[  242.669747][ T8238]  ? __pfx_ksys_write+0x10/0x10
[  242.671530][ T8238]  __do_fast_syscall_32+0x73/0x120
[  242.673648][ T8238]  do_fast_syscall_32+0x32/0x80
[  242.675745][ T8238]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.678175][ T8238] RIP: 0023:0xf741e579
[  242.679971][ T8238] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.687579][ T8238] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  242.690489][ T8238] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000500
[  242.693154][ T8238] RDX: 000000000000fdbc RSI: 0000000000000000 RDI: 0000000000000000
[  242.696281][ T8238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.699530][ T8238] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.702185][ T8238] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.705524][ T8238]  </TASK>
[  243.057516][ T1272] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  243.261687][ T1272] usb 8-1: config 0 has no interfaces?
[  243.266007][ T1272] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  243.270673][ T1272] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  243.272499][ T8255] input: syz0 as /devices/virtual/input/input80
[  243.276667][ T1272] usb 8-1: Manufacturer: syz
[  243.292647][ T1272] usb 8-1: config 0 descriptor??
[  243.557979][  T969] usb 8-1: USB disconnect, device number 24
[  244.127488][  T969] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  244.307481][  T969] usb 8-1: Using ep0 maxpacket: 16
[  244.312375][  T969] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  244.316959][  T969] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  244.321028][  T969] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.327771][  T969] usb 8-1: config 0 descriptor??
[  244.340623][  T969] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input81
[  244.593063][ T4686] bcm5974 8-1:0.0: could not read from device
[  244.593658][   T35] usb 8-1: USB disconnect, device number 25
[  244.607842][ T6709] bcm5974 8-1:0.0: could not read from device
[  245.148127][ T8285] netlink: 'syz.2.884': attribute type 3 has an invalid length.
[  245.148241][ T8285] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.884'.
[  245.152256][ T8284] netlink: 4 bytes leftover after parsing attributes in process `syz.2.884'.
[  245.244987][ T8285] fuse: Bad value for 'fd'
[  246.157543][ T8308] ebtables: wrong size: *len 264, entries_size 144, replsz 144
[  246.197448][ T8308] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20001
[  246.252211][ T8312] input: syz0 as /devices/virtual/input/input83
[  246.807306][ T8320] netlink: 'syz.1.894': attribute type 3 has an invalid length.
[  246.814386][ T8320] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.894'.
[  246.827650][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.894'.
[  246.885944][ T8319] input: syz0 as /devices/virtual/input/input84
[  246.982309][ T8320] fuse: Bad value for 'fd'
[  247.862704][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.900'.
[  249.065554][ T8368] input: syz0 as /devices/virtual/input/input86
[  250.173745][   T39] audit: type=1326 audit(1721402682.562:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.202349][   T39] audit: type=1326 audit(1721402682.562:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.224735][   T39] audit: type=1326 audit(1721402682.562:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.237748][   T39] audit: type=1326 audit(1721402682.562:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.250170][   T39] audit: type=1326 audit(1721402682.562:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.271532][   T39] audit: type=1326 audit(1721402682.562:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.299758][   T39] audit: type=1326 audit(1721402682.562:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.305255][ T8390] ip_tunnel: non-ECT from 172.30.0.3 with TOS=0x2
[  250.314340][   T39] audit: type=1326 audit(1721402682.562:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.324748][   T39] audit: type=1326 audit(1721402682.562:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  250.335020][   T39] audit: type=1326 audit(1721402682.562:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  251.079150][ T8414] input: syz0 as /devices/virtual/input/input87
[  251.292211][ T8420] input: syz0 as /devices/virtual/input/input88
[  252.367502][   T30] IPVS: starting estimator thread 0...
[  252.477522][ T1150] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  252.487490][ T8454] IPVS: using max 18 ests per chain, 43200 per kthread
[  252.674304][ T1150] usb 8-1: Using ep0 maxpacket: 8
[  252.684460][ T1150] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  252.693524][ T1150] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  252.759435][ T1150] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  252.763406][ T1150] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  252.775794][ T1150] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  252.787513][ T1150] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  252.802185][ T1150] usb 8-1: string descriptor 0 read error: -22
[  252.807501][ T1150] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  252.815192][ T1150] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.841532][ T1150] adutux 8-1:168.0: interrupt endpoints not found
[  253.050341][ T1150] usb 8-1: USB disconnect, device number 26
[  253.280778][ T8437] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.535218][ T8468] input: syz0 as /devices/virtual/input/input89
[  253.579920][ T8474] sit0: entered allmulticast mode
[  253.711744][ T8479] input: syz0 as /devices/virtual/input/input90
[  254.043148][ T8486] input: syz0 as /devices/virtual/input/input91
[  254.424716][ T8490] =======================================================
[  254.424716][ T8490] WARNING: The mand mount option has been deprecated and
[  254.424716][ T8490]          and is ignored by this kernel. Remove the mand
[  254.424716][ T8490]          option from the mount to silence this warning.
[  254.424716][ T8490] =======================================================
[  255.127627][ T8505] input: syz0 as /devices/virtual/input/input92
[  255.707653][ T5258] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  255.887580][ T5258] usb 6-1: Using ep0 maxpacket: 8
[  255.890034][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  255.890075][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  255.891206][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  255.891245][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  255.892595][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  255.892636][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  255.896121][ T5258] usb 6-1: string descriptor 0 read error: -22
[  255.896233][ T5258] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  255.896252][ T5258] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.902442][ T5258] adutux 6-1:168.0: interrupt endpoints not found
[  256.117741][ T5258] usb 6-1: USB disconnect, device number 18
[  256.338545][ T8510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.345799][ T8528] input: syz0 as /devices/virtual/input/input93
[  257.542254][    C2] hpet_rtc_timer_reinit: 11 callbacks suppressed
[  257.542272][    C2] hpet: Lost 1 RTC interrupts
[  258.317618][   T10] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  258.412391][ T8568] input: syz0 as /devices/virtual/input/input94
[  258.537750][   T10] usb 5-1: Using ep0 maxpacket: 8
[  258.546139][   T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  258.567447][   T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  258.580430][   T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  258.584929][   T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  258.618780][   T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  258.623532][   T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  258.641012][   T10] usb 5-1: string descriptor 0 read error: -22
[  258.643792][   T10] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  258.648296][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.656388][   T10] adutux 5-1:168.0: interrupt endpoints not found
[  258.866194][   T10] usb 5-1: USB disconnect, device number 35
[  259.096204][ T8554] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.613578][ T8587] binder: 8586:8587 ioctl c0306201 20000580 returned -14
[  259.622722][ T8587] tmpfs: Unknown parameter 'mp'
[  259.624296][ T8587] netlink: 'syz.2.972': attribute type 10 has an invalid length.
[  259.624312][ T8587] ipvlan1: entered promiscuous mode
[  259.635333][ T8587] team0: Device ipvlan1 failed to register rx_handler
[  260.385924][ T8607] netlink: 'syz.2.977': attribute type 10 has an invalid length.
[  260.386013][ T8607] netlink: 40 bytes leftover after parsing attributes in process `syz.2.977'.
[  260.387605][ T8607] ipvlan1: entered allmulticast mode
[  260.387621][ T8607] veth0_vlan: entered allmulticast mode
[  260.390198][ T8607] bridge0: port 3(ipvlan1) entered blocking state
[  260.392056][ T8607] bridge0: port 3(ipvlan1) entered disabled state
[  260.396802][ T8607] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  260.489530][ T8614] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  260.489558][ T8614] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  260.489673][ T8614] vhci_hcd vhci_hcd.0: Device attached
[  260.697500][ T1272] vhci_hcd: vhci_device speed not set
[  260.716336][ T8622] input: syz0 as /devices/virtual/input/input95
[  260.777678][ T1272] usb 13-1: new full-speed USB device number 3 using vhci_hcd
[  260.817542][ T5218] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  260.921838][ T1356] ieee802154 phy0 wpan0: encryption failed: -22
[  260.921938][ T1356] ieee802154 phy1 wpan1: encryption failed: -22
[  261.007626][ T5218] usb 7-1: Using ep0 maxpacket: 8
[  261.019884][ T5218] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  261.019927][ T5218] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  261.022970][ T5218] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  261.023011][ T5218] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  261.024011][ T5218] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  261.024034][ T5218] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  261.027473][ T5218] usb 7-1: string descriptor 0 read error: -22
[  261.027608][ T5218] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  261.027629][ T5218] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.042304][ T5218] adutux 7-1:168.0: interrupt endpoints not found
[  261.259987][ T5218] usb 7-1: USB disconnect, device number 28
[  261.299601][ T8616] vhci_hcd: connection reset by peer
[  261.305032][  T105] vhci_hcd: stop threads
[  261.305086][  T105] vhci_hcd: release socket
[  261.305196][  T105] vhci_hcd: disconnect device
[  261.488955][ T8620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.138450][ T1390] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  262.348262][ T1390] usb 6-1: Using ep0 maxpacket: 32
[  262.365867][ T1390] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.397554][ T1390] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  262.404402][ T1390] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  262.412949][ T1390] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  262.420716][ T1390] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  262.430469][ T1390] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  262.443340][ T1390] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.450600][ T1390] usb 6-1: Product: syz
[  262.452933][ T1390] usb 6-1: Manufacturer: syz
[  262.455377][ T1390] usb 6-1: SerialNumber: syz
[  262.736163][ T1390] cdc_ncm 6-1:1.0: bind() failure
[  262.759844][ T1390] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  262.763553][ T1390] cdc_ncm 6-1:1.1: bind() failure
[  262.787874][ T1390] usb 6-1: USB disconnect, device number 19
[  263.085369][   T39] audit: type=1326 audit(1721402695.472:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.2.990" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0
[  263.393552][ T8651] input: syz0 as /devices/virtual/input/input96
[  263.760719][   T39] audit: type=1326 audit(1721402696.152:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.1.993" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x0
[  264.068902][ T8662] input: syz0 as /devices/virtual/input/input97
[  264.732932][ T5210] Bluetooth: hci3: unexpected event for opcode 0x040e
[  265.253074][ T8694] netlink: 'syz.0.1003': attribute type 3 has an invalid length.
[  265.256169][ T8694] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1003'.
[  265.284407][ T8692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1003'.
[  265.297566][ T1150] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  265.390416][ T8693] input: syz0 as /devices/virtual/input/input98
[  265.413491][ T8697] input: syz0 as /devices/virtual/input/input99
[  265.509048][ T8694] fuse: Bad value for 'fd'
[  265.517483][ T1150] usb 6-1: Using ep0 maxpacket: 32
[  265.530300][    C2] hpet: Lost 1 RTC interrupts
[  265.534305][ T1150] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.549395][ T1150] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  265.611127][ T1150] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  265.616851][ T1150] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  265.641999][ T1150] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  265.662124][ T1150] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  265.667859][ T1150] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.677017][ T1150] usb 6-1: Product: syz
[  265.682184][ T1150] usb 6-1: Manufacturer: syz
[  265.686771][ T1150] usb 6-1: SerialNumber: syz
[  265.887521][ T1272] vhci_hcd: vhci_device speed not set
[  265.968789][ T1150] cdc_ncm 6-1:1.0: bind() failure
[  265.978172][ T1150] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  265.981010][ T1150] cdc_ncm 6-1:1.1: bind() failure
[  265.995191][ T1150] usb 6-1: USB disconnect, device number 20
[  266.416777][ T8711] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1006'.
[  266.422569][ T8711] netlink: zone id is out of range
[  266.425610][ T8711] netlink: del zone limit has 8 unknown bytes
[  266.475229][   T39] audit: type=1326 audit(1721402698.862:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8708 comm="syz.3.1007" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x0
[  267.698027][ T8734] input: syz0 as /devices/virtual/input/input101
[  267.864294][ T8744] input: syz0 as /devices/virtual/input/input102
[  268.047576][ T5324] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  268.179197][ T8750] input: syz0 as /devices/virtual/input/input103
[  268.267514][ T5324] usb 8-1: Using ep0 maxpacket: 32
[  268.277490][ T5324] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.287546][ T5324] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  268.304296][ T5324] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  268.314439][ T5324] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  268.324654][ T5324] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  268.362207][ T5324] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  268.389777][ T5324] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.397642][ T5324] usb 8-1: Product: syz
[  268.400655][ T5324] usb 8-1: Manufacturer: syz
[  268.403398][ T5324] usb 8-1: SerialNumber: syz
[  268.461260][ T8753] netlink: 'syz.2.1020': attribute type 3 has an invalid length.
[  268.464567][ T8753] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1020'.
[  268.477148][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1020'.
[  268.599934][ T8753] fuse: Bad value for 'fd'
[  268.896381][ T8762] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1022'.
[  268.913106][ T8763] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.1021'.
[  268.923472][ T8763] netlink: zone id is out of range
[  268.926006][ T8763] netlink: del zone limit has 8 unknown bytes
[  269.367922][ T8772] x_tables: duplicate underflow at hook 1
[  270.495264][ T8783] input: syz0 as /devices/virtual/input/input106
[  270.660471][ T5324] cdc_ncm 8-1:1.0: bind() failure
[  270.675408][ T5324] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  270.689537][ T5324] cdc_ncm 8-1:1.1: bind() failure
[  270.707865][ T5324] usb 8-1: USB disconnect, device number 27
[  271.723215][ T8797] input: syz0 as /devices/virtual/input/input107
[  272.061335][   T39] audit: type=1326 audit(1721402704.452:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.3.1035" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x0
[  272.696416][ T8810] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  272.699368][ T8810] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  272.704228][ T8810] vhci_hcd vhci_hcd.0: Device attached
[  272.907516][ T5218] vhci_hcd: vhci_device speed not set
[  272.987464][ T5218] usb 15-1: new full-speed USB device number 5 using vhci_hcd
[  273.058493][ T8818] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.1038'.
[  273.062675][ T8818] netlink: zone id is out of range
[  273.064963][ T8818] netlink: del zone limit has 8 unknown bytes
[  273.333491][ T1150] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  273.527527][ T1150] usb 5-1: Using ep0 maxpacket: 32
[  273.532003][ T1150] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.540634][ T1150] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  273.546634][ T1150] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  273.554880][ T1150] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  273.562743][ T1150] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  273.564997][ T8811] vhci_hcd: connection reset by peer
[  273.572484][   T76] vhci_hcd: stop threads
[  273.574778][   T76] vhci_hcd: release socket
[  273.576025][ T1150] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  273.577336][   T76] vhci_hcd: disconnect device
[  273.581352][ T1150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.587140][ T1150] usb 5-1: Product: syz
[  273.589174][ T1150] usb 5-1: Manufacturer: syz
[  273.591716][ T1150] usb 5-1: SerialNumber: syz
[  273.767633][   T30] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  273.813796][ T1150] cdc_ncm 5-1:1.0: bind() failure
[  273.819805][ T1150] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  273.822866][ T1150] cdc_ncm 5-1:1.1: bind() failure
[  273.829023][ T1150] usb 5-1: USB disconnect, device number 36
[  273.977532][   T30] usb 7-1: Using ep0 maxpacket: 8
[  273.982849][   T30] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  273.986748][   T30] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  273.998871][   T30] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  274.002629][   T30] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  274.008316][   T30] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  274.011879][   T30] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  274.025240][   T30] usb 7-1: string descriptor 0 read error: -22
[  274.027339][   T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  274.031436][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.049761][   T30] adutux 7-1:168.0: interrupt endpoints not found
[  274.253401][  T969] usb 7-1: USB disconnect, device number 29
[  274.362468][ T8824] overlay: ./file0 is not a directory
[  274.474309][ T8822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.506170][ T8829] x_tables: duplicate underflow at hook 1
[  274.723259][   T39] audit: type=1326 audit(1721402707.112:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.734634][   T39] audit: type=1326 audit(1721402707.122:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.753215][   T39] audit: type=1326 audit(1721402707.122:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.755666][ T8832] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1045'.
[  274.773149][   T39] audit: type=1326 audit(1721402707.122:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.796118][   T39] audit: type=1326 audit(1721402707.122:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.815462][   T39] audit: type=1326 audit(1721402707.122:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.836162][   T39] audit: type=1326 audit(1721402707.122:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.859814][   T39] audit: type=1326 audit(1721402707.122:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  274.880172][   T39] audit: type=1326 audit(1721402707.132:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f03579 code=0x7ffc0000
[  275.153210][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.159226][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.409676][ T8859] FAULT_INJECTION: forcing a failure.
[  276.409676][ T8859] name failslab, interval 1, probability 0, space 0, times 0
[  276.409702][ T8859] CPU: 1 PID: 8859 Comm: syz.0.1052 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  276.409720][ T8859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.409730][ T8859] Call Trace:
[  276.409737][ T8859]  <TASK>
[  276.409744][ T8859]  dump_stack_lvl+0x16c/0x1f0
[  276.409774][ T8859]  should_fail_ex+0x497/0x5b0
[  276.409817][ T8859]  should_failslab+0x9/0x20
[  276.409837][ T8859]  __kmalloc_noprof+0xcb/0x410
[  276.409856][ T8859]  ? __phys_addr+0xc6/0x150
[  276.409892][ T8859]  ? mpi_free_limb_space+0x1f/0x30
[  276.409921][ T8859]  mpi_alloc_limb_space+0x31/0x60
[  276.409944][ T8859]  mpi_powm+0xfe6/0x1be0
[  276.409978][ T8859]  ? __pfx_mpi_powm+0x10/0x10
[  276.410009][ T8859]  ? kasan_save_track+0x14/0x30
[  276.410026][ T8859]  ? __kasan_kmalloc+0xaa/0xb0
[  276.410047][ T8859]  dh_compute_value+0x1b2/0x3b0
[  276.410074][ T8859]  ? __pfx_dh_compute_value+0x10/0x10
[  276.410099][ T8859]  ? trace_kmalloc+0x2d/0xe0
[  276.410122][ T8859]  ? __kmalloc_noprof+0x207/0x410
[  276.410146][ T8859]  __keyctl_dh_compute+0x7d8/0xf50
[  276.410171][ T8859]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  276.410204][ T8859]  ? __pfx_lock_release+0x10/0x10
[  276.410240][ T8859]  compat_keyctl_dh_compute+0x161/0x1d0
[  276.410260][ T8859]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[  276.410290][ T8859]  ? ksys_write+0x1ab/0x260
[  276.410307][ T8859]  ? __pfx_ksys_write+0x10/0x10
[  276.410328][ T8859]  __do_compat_sys_keyctl+0x27b/0x440
[  276.410348][ T8859]  __do_fast_syscall_32+0x73/0x120
[  276.410368][ T8859]  do_fast_syscall_32+0x32/0x80
[  276.410385][ T8859]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  276.410409][ T8859] RIP: 0023:0xf741e579
[  276.410437][ T8859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  276.410459][ T8859] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  276.410476][ T8859] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000100
[  276.410488][ T8859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[  276.410499][ T8859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  276.410510][ T8859] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  276.410521][ T8859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.410544][ T8859]  </TASK>
[  276.759925][ T8865] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1054'.
[  277.044331][ T8868] x_tables: duplicate underflow at hook 1
[  277.460792][ T8880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1057'.
[  278.119067][ T5218] vhci_hcd: vhci_device speed not set
[  278.578802][ T8895] input: syz0 as /devices/virtual/input/input110
[  278.661425][ T8894] input: syz0 as /devices/virtual/input/input111
[  279.647511][   T10] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  279.785473][ T8914] input: syz0 as /devices/virtual/input/input112
[  279.862361][   T10] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  279.875620][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  279.881011][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  279.886087][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  279.888470][   T25] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  279.898316][   T10] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  279.902697][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.922111][   T10] usb 8-1: config 0 descriptor??
[  279.927678][ T8903] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  280.088242][   T25] usb 6-1: Using ep0 maxpacket: 8
[  280.093972][   T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  280.107495][   T25] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  280.119887][   T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  280.125486][   T25] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  280.132499][   T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  280.137180][   T25] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  280.148136][   T25] usb 6-1: string descriptor 0 read error: -22
[  280.151229][   T25] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  280.155595][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.172925][   T25] adutux 6-1:168.0: interrupt endpoints not found
[  280.380007][   T10] plantronics 0003:047F:FFFF.0007: unknown main item tag 0xd
[  280.401033][   T25] usb 6-1: USB disconnect, device number 21
[  280.427193][   T10] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  280.466766][   T10] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  280.664524][ T8912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  280.681913][   T10] usb 8-1: USB disconnect, device number 28
[  281.358200][ T8923] FAULT_INJECTION: forcing a failure.
[  281.358200][ T8923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.363965][ T8923] CPU: 0 PID: 8923 Comm: syz.0.1068 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  281.368153][ T8923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.372938][ T8923] Call Trace:
[  281.374456][ T8923]  <TASK>
[  281.375744][ T8923]  dump_stack_lvl+0x16c/0x1f0
[  281.377780][ T8923]  should_fail_ex+0x497/0x5b0
[  281.379840][ T8923]  _copy_from_user+0x30/0xf0
[  281.381853][ T8923]  copy_from_buffer+0x86/0xb0
[  281.383863][ T8923]  copy_uabi_to_xstate+0x26e/0x670
[  281.387344][ T8923]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  281.387374][ T8923]  ? __pfx_lock_release+0x10/0x10
[  281.387398][ T8923]  ? __fpu_restore_sig+0xc2c/0x1430
[  281.387421][ T8923]  ? __local_bh_enable_ip+0xa4/0x120
[  281.387448][ T8923]  __fpu_restore_sig+0x1070/0x1430
[  281.387475][ T8923]  ? __pfx___fpu_restore_sig+0x10/0x10
[  281.387513][ T8923]  ? __might_fault+0xe3/0x190
[  281.387537][ T8923]  fpu__restore_sig+0x102/0x180
[  281.387562][ T8923]  ia32_restore_sigcontext+0x40f/0x5d0
[  281.387589][ T8923]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  281.387614][ T8923]  ? __pfx_lock_release+0x10/0x10
[  281.387639][ T8923]  ? _raw_spin_unlock_irq+0x23/0x50
[  281.387663][ T8923]  ? lockdep_hardirqs_on+0x7c/0x110
[  281.387691][ T8923]  __do_compat_sys_rt_sigreturn+0x116/0x1f0
[  281.387717][ T8923]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  281.387749][ T8923]  do_int80_emulation+0x104/0x200
[  281.387768][ T8923]  asm_int80_emulation+0x1a/0x20
[  281.387789][ T8923] RIP: 0023:0xf741e577
[  281.387803][ T8923] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  281.387820][ T8923] RSP: 002b:00000000f5d3656c EFLAGS: 00000296
[  281.387841][ T8923] RAX: 0000000000000174 RBX: 0000000000000007 RCX: 0000000020000280
[  281.387856][ T8923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  281.387867][ T8923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.387878][ T8923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  281.387888][ T8923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.387911][ T8923]  </TASK>
[  281.500043][ T8933] veth1_to_hsr: entered promiscuous mode
[  281.503522][ T8933] veth1_to_hsr: left promiscuous mode
[  281.768599][ T8946] input: syz0 as /devices/virtual/input/input115
[  281.777175][ T8940] input: syz0 as /devices/virtual/input/input114
[  281.941342][ T8949] input: syz0 as /devices/virtual/input/input116
[  282.747954][ T8959] FAULT_INJECTION: forcing a failure.
[  282.747954][ T8959] name failslab, interval 1, probability 0, space 0, times 0
[  282.753219][ T8959] CPU: 0 PID: 8959 Comm: syz.1.1077 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  282.757328][ T8959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.761959][ T8959] Call Trace:
[  282.763379][ T8959]  <TASK>
[  282.764725][ T8959]  dump_stack_lvl+0x16c/0x1f0
[  282.766795][ T8959]  should_fail_ex+0x497/0x5b0
[  282.768961][ T8959]  should_failslab+0x9/0x20
[  282.771130][ T8959]  __kmalloc_node_noprof+0xd1/0x440
[  282.773526][ T8959]  ? __kvmalloc_node_noprof+0x9d/0x1a0
[  282.776031][ T8959]  __kvmalloc_node_noprof+0x9d/0x1a0
[  282.778521][ T8959]  io_uring_setup+0x6cf/0x36c0
[  282.780681][ T8959]  ? __pfx_io_uring_setup+0x10/0x10
[  282.783115][ T8959]  ? ksys_write+0x1ab/0x260
[  282.784979][ T8959]  ? __pfx_ksys_write+0x10/0x10
[  282.787020][ T8959]  __ia32_sys_io_uring_setup+0x97/0x140
[  282.789316][ T8959]  __do_fast_syscall_32+0x73/0x120
[  282.791486][ T8959]  do_fast_syscall_32+0x32/0x80
[  282.793612][ T8959]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.796639][ T8959] RIP: 0023:0xf7f53579
[  282.798519][ T8959] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.806516][ T8959] RSP: 002b:00000000f5d0651c EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  282.809915][ T8959] RAX: ffffffffffffffda RBX: 0000000000006866 RCX: 00000000200003c0
[  282.813291][ T8959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  282.816672][ T8959] RBP: 0000000020000440 R08: 0000000000000000 R09: 0000000000000000
[  282.820289][ T8959] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  282.823612][ T8959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.826811][ T8959]  </TASK>
[  282.910120][ T8967] syz.0.1079[8967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.910383][ T8967] syz.0.1079[8967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.969039][   T39] kauditd_printk_skb: 25 callbacks suppressed
[  282.969056][   T39] audit: type=1326 audit(1721402715.352:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.0.1079" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0
[  282.987441][ T8972] random: crng reseeded on system resumption
[  283.657586][ T1150] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  283.837457][ T1150] usb 7-1: Using ep0 maxpacket: 8
[  283.841950][ T1150] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  283.846583][ T1150] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  283.857221][ T1150] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  283.862819][ T1150] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  283.870578][ T1150] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  283.875094][ T1150] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  283.892860][ T1150] usb 7-1: string descriptor 0 read error: -22
[  283.892977][ T1150] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  283.892997][ T1150] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.901127][ T1150] adutux 7-1:168.0: interrupt endpoints not found
[  283.972176][   T39] audit: type=1326 audit(1721402716.362:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1084" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0
[  284.142763][   T25] usb 7-1: USB disconnect, device number 30
[  284.366643][ T8976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  284.428824][ T8991] input: syz0 as /devices/virtual/input/input117
[  285.475145][ T9007] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  285.477481][ T9007] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  285.480934][ T9007] vhci_hcd vhci_hcd.0: Device attached
[  285.687769][   T25] vhci_hcd: vhci_device speed not set
[  285.747951][    C0] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  285.753402][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  285.757638][   T25] usb 15-1: new full-speed USB device number 6 using vhci_hcd
[  285.759579][    C0] CPU: 0 PID: 9012 Comm: syz.0.1090 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  285.759600][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.759610][    C0] RIP: 0010:__dev_flush+0x49/0x1e0
[  285.771617][    C0] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 98 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 2f 48 8d 5d 80 48 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 69 01 00 00 48 8b 45 00 49 39 ef 4c 8d 60 80 0f
[  285.778826][    C0] RSP: 0018:ffffc90000007c90 EFLAGS: 00010246
[  285.781011][    C0] RAX: dffffc0000000000 RBX: ffffffffffffff80 RCX: ffffffff88cfc09b
[  285.783943][    C0] RDX: 0000000000000000 RSI: ffffffff81b49c96 RDI: ffffc90007c77a58
[  285.787295][    C0] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  285.789995][    C0] R10: 0000000000000010 R11: 0000000000000000 R12: ffffc90007c77a48
[  285.792649][    C0] R13: ffff88802c0404c8 R14: ffffc90007c77a58 R15: ffffc90007c77a58
[  285.795432][    C0] FS:  0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000f5d36b40
[  285.798871][    C0] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  285.802102][    C0] CR2: 0000000020012000 CR3: 00000000627ce000 CR4: 0000000000350ef0
[  285.805621][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  285.809036][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  285.812154][    C0] Call Trace:
[  285.813384][    C0]  <IRQ>
[  285.814250][    C0]  ? show_regs+0x8c/0xa0
[  285.815494][    C0]  ? die_addr+0x4f/0xd0
[  285.816711][    C0]  ? exc_general_protection+0x155/0x230
[  285.818340][    C0]  ? asm_exc_general_protection+0x26/0x30
[  285.820272][    C0]  ? xdp_do_check_flushed+0x21b/0x4e0
[  285.822384][    C0]  ? __dev_flush+0x16/0x1e0
[  285.823955][    C0]  ? __dev_flush+0x49/0x1e0
[  285.825485][    C0]  xdp_do_check_flushed+0x26b/0x4e0
[  285.827479][    C0]  __napi_poll.constprop.0+0xd1/0x550
[  285.829685][    C0]  net_rx_action+0xa92/0x1010
[  285.831659][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  285.833865][    C0]  ? __pfx_rcu_is_watching+0x10/0x10
[  285.836046][    C0]  ? trace_rcu_utilization+0x100/0x160
[  285.838089][    C0]  ? run_timer_base+0x11e/0x190
[  285.839713][    C0]  handle_softirqs+0x216/0x8f0
[  285.841301][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  285.843299][    C0]  ? irqtime_account_irq+0x18d/0x2e0
[  285.845242][    C0]  ? tun_get_user+0x1d66/0x3c20
[  285.846885][    C0]  do_softirq+0xb2/0xf0
[  285.848372][    C0]  </IRQ>
[  285.849491][    C0]  <TASK>
[  285.850613][    C0]  __local_bh_enable_ip+0x100/0x120
[  285.852548][    C0]  ? tun_get_user+0x1d66/0x3c20
[  285.854360][    C0]  tun_get_user+0x1d80/0x3c20
[  285.855889][    C0]  ? __pfx_tun_get_user+0x10/0x10
[  285.857536][    C0]  ? find_held_lock+0x2d/0x110
[  285.859155][    C0]  ? __pfx_lock_release+0x10/0x10
[  285.860781][    C0]  tun_chr_write_iter+0xe8/0x210
[  285.862434][    C0]  vfs_write+0x6b6/0x1140
[  285.863880][    C0]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  285.865754][    C0]  ? __pfx_vfs_write+0x10/0x10
[  285.867374][    C0]  ? do_futex+0x123/0x350
[  285.868943][    C0]  ? __fget_files+0x256/0x400
[  285.870746][    C0]  ? __fget_light+0x173/0x210
[  285.872833][    C0]  ksys_write+0x12f/0x260
[  285.874798][    C0]  ? __pfx_ksys_write+0x10/0x10
[  285.876919][    C0]  __do_fast_syscall_32+0x73/0x120
[  285.879127][    C0]  do_fast_syscall_32+0x32/0x80
[  285.881174][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  285.883553][    C0] RIP: 0023:0xf741e579
[  285.885040][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  285.892049][    C0] RSP: 002b:00000000f5d36530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  285.895416][    C0] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000a00
[  285.898425][    C0] RDX: 0000000000011dc0 RSI: 00000000f7409ff4 RDI: 0000000000000000
[  285.901120][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  285.904018][    C0] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  285.906993][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  285.910136][    C0]  </TASK>
[  285.911533][    C0] Modules linked in:
[  285.913406][    C0] ---[ end trace 0000000000000000 ]---
[  285.915846][    C0] RIP: 0010:__dev_flush+0x49/0x1e0
[  285.918295][    C0] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 98 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 2f 48 8d 5d 80 48 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 69 01 00 00 48 8b 45 00 49 39 ef 4c 8d 60 80 0f
[  285.926369][    C0] RSP: 0018:ffffc90000007c90 EFLAGS: 00010246
[  285.929078][    C0] RAX: dffffc0000000000 RBX: ffffffffffffff80 RCX: ffffffff88cfc09b
[  285.932902][    C0] RDX: 0000000000000000 RSI: ffffffff81b49c96 RDI: ffffc90007c77a58
[  285.936147][    C0] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  285.938892][    C0] R10: 0000000000000010 R11: 0000000000000000 R12: ffffc90007c77a48
[  285.941409][    C0] R13: ffff88802c0404c8 R14: ffffc90007c77a58 R15: ffffc90007c77a58
[  285.943852][    C0] FS:  0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000f5d36b40
[  285.947022][    C0] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  285.950085][    C0] CR2: 0000000020012000 CR3: 00000000627ce000 CR4: 0000000000350ef0
[  285.953856][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  285.957349][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  285.960847][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  285.964626][    C0] Kernel Offset: disabled
[  285.966316][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:25:18  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc1315 RDI=ffffffff94da62c0 RBP=ffffffff94da6280 RSP=ffffc900000076f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fc12b0 R15=0000000000000000
RIP=ffffffff84fc133f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020012000 CR3=00000000627ce000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000710bb9 RBX=0000000000000001 RCX=ffffffff8ae47699 RDX=0000000000000000
RSI=ffffffff8b2cc020 RDI=ffffffff8b904c00 RBP=ffffed1002cea910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed1005826fe1 R10=ffff88802c137f0b R11=0000000000000000
R12=0000000000000001 R13=ffff888016754880 R14=ffffffff8fe49ad8 R15=0000000000000000
RIP=ffffffff8ae48a8f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020010000 CR3=000000001cf1a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f7e67002ee6e1f4 b893778e65766809
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ae7d8a5e67ee6d94 7f77abf116f48b19
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a2028673e1790462 202db6c775243485
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1fc35a6187b3eccb 35814a3bdae1d07f
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000400
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ae000000ae 4f2956e25401cf98
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ae000000ae 000000ae00000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ae39ea83e0 3988ed92390fbbc8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 005b7a215414d1a8 000000ae2f8ec6f6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 23e3a6d57b96978e b56edcd043921c46
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c6070a49cccd015c ef5f5b6497efca48
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816f737e RDX=ffff888016784880
RSI=ffffffff816f736c RDI=0000000000000001 RBP=000000000000003b RSP=ffffc90000527690
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff8b2bd820
R12=0000000000000200 R13=ffff888020140000 R14=ffffffff8bba8a40 R15=ffffc900005277e8
RIP=ffffffff816f736e RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000056c934c0 CR3=000000005f722000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff81cb7876 RDX=0000000000000000
RSI=ffffffff81cb7389 RDI=ffff88801a72a884 RBP=000000000000003e RSP=ffffc90000e37810
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=ffff888040ed0000
R12=ffff88801a068e20 R13=000000000000003e R14=000000000000003d R15=ffffc90000e378c8
RIP=ffffffff81cb738e RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f740a230 CR3=000000005fc5e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000