last executing test programs:

13.590455933s ago: executing program 0 (id=856):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000a00), &(0x7f0000000a40)=0x8)

13.590041929s ago: executing program 0 (id=857):
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@gettfilter={0x24, 0x2e, 0x105, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, 0x0, 0x0, 0x0, 0xfffffdcc, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x80000)
accept4$inet(r3, 0x0, &(0x7f0000000300), 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x0, &(0x7f0000000100))
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r6, &(0x7f0000000040)=ANY=[], 0xffffff6a)
tee(r5, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
splice(r5, 0x0, 0xffffffffffffffff, 0x0, 0x9aa7, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001c40)={0x2020}, 0x2020)
getdents(0xffffffffffffffff, 0x0, 0x0)

10.519958683s ago: executing program 0 (id=871):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x20}, 0x14)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300006773da2085000000040000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0xe1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_split\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kvm_userspace_exit\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x2, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}]}, 0x1c}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
dup(r7)
fsopen(&(0x7f00000001c0)='qnx4\x00', 0x1)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0x40, 0x0, 0x8, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x404d}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x48844}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='block_split\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r8, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000040)={0x28, 0x140e, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_PDN={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}]}, 0x28}}, 0x0)

10.390180487s ago: executing program 0 (id=872):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) (async)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) (async)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) (async)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0xfffffff6, &(0x7f0000003840)=[{&(0x7f0000000180)="4f657f07da674c79be900dd4b36b03ca3513a320ebab75751d7d7e40d6ede2dcec43dc605632fa0df345f1fe1fd7e8e5d0da647d921b0f102b0b2fa24e5cef12d89e0db21f0cb28f5588c4b231abad294f049cbfa56b7402fa06d644b298a4922e5a0b0f2de53fca098c15a02df417cf592b8bf00ac06d56a3a286048ba59dc0fd69debc9d0f024476d9345c2b008df031d796e5581b0318fe281599f8b39d447257422eb55f1c87406e20b2f16d946f0ab156903d46d6ab54d6656307a0de7b83d35e818d8d048f784a9c87076fa4c6e9cfe38f88a77e789c9d4bea96f7b072d754fd17da475552965113151882c6dd91d1394342b8b3e4e74a82c2412507b0793cdb9656150e8b1e134ab1dd7888f6039f8de7056990800d9b9eab54171ad9879ee00fd157b3e54527f2a2356008cf524e72cf74fe0c307a920dd67d12a0846e921a88aead6edd3a5bd3da023856de8338adfa26345f5403319d336dd45efe3e407cc35b0e022f3e81de786ea6a3917a07e2f6fbe73adfd975c2236b937fda47b6c89cd0f4f64f8b93d73ce3d32b5162c7a318ee6e9bc08b32743c7b9e66fe6a1014836526ed55cca4d679ec24321ea888e61de0bea104b0a8edfcb5d18df2190b8a9113118acda5bdfadf7f404df0fbd39dd3fec06c4449fbde4ea7ccde27c44c63633c06e4559857637d037cad122a9fda4509805092ca0350d9f73b061eb153026730bda9ecc461473230438f135091a521240b6b4273b230af2057bb27f56b7851e13fb4d9c27d757bff9d8281fc9990afc8861356998c77560850828d7c6537faf470ca94889c14e28e1e8c6c73b6756ae380f8c15dded00616cc66a5440240876173ae1ee41005519e709f9412e260686ed18320acbdc2b465508390d456683928f5f42e25cb73e1fb53794fb4ab345bb8df04225bba362598d3e603f06f7ac324a0fef1494fe4a5e829c8b50207cfbaef7d29e85ca3e9891291b66179b39713032089ab90c6481bf0cca0e61da5fc955280682e702bc186851d014a59d9903be30104e31d7d57094e34bd10fe5b31bb7f3f1fe37eaef05b31a1c1206a6cce8fa425089001eab642478caa11cf08e43fad0668fdc22ac54ed30fbf13e6af1232af289ae48c0f3a371ec41ea5f7d9fb01f860b751760d680c72af1059d5fab16bf61dd8aaa7ada290d8cf2d135eb5a879b3a754b1de0a5e550895ce05a84f4dcc80f10b16d5a78fad7f9ec36945d1e946f1f1f3bbb983bc5a68b94a2633f3f232bf22b6c9479f60f7146e20d5df4726dc3835266fc132a1f0f49bd8e8e1cf34e20826bc3e7e2e95385eeeb2693b9d69a0f884f50122e783517a462707f67fca2ac8f2ac68693a1b5730b52231685caa92fb3e00622052eab3af70a6e89de641cc8949cff3c14767a55ab06f6312fdf27eaa7ec28f1591bad3a7b433272013de3ae26c95eb885528dd7f64bf69a8508aaf4d4629b838efe76c13d47ec31c5a9af75138d40ebabd09448e20ffbae7848211f31b6ce4df6b5ee103fdece3f15a3c3708ddb550a8d98b6b8920c23af9af40baeb47b0a2adf78699cbdfeddf67611dd9365c941913263d8f9998a81f964d7071d7eb347ec90556af053ac6b9d5be23cb85a5cab6392fffbbf8ea3a47c0c3a2bab8d3785055bff6694897fb9d3a16421a4d02caae0bd5152f0e80074b9f573a176200e81a1c4e35ab05c493f66b7c25ca13a6a3da12283821c119db39e957e739fb4c1259252cef81a8b346f787d195d388f06d252e9433e50728bf5b94d141f9ac8e6b2aaef86d007940b45fd28cc0171fa8700bdff936a2fc706a352ff0ceceb70c54f18f71de3a6e36c5391d3f648dd0d6f1b97f810ad838b4bb9c6919f0ec78b96644397c448f628f6b589477bf6512f7fe8a623674ac16c00deb3e2316bb7727c034fe9935bc0d4a402ca7c83fe4dff3d7b18d6439cd2576f0bde84ba1cbdf9f5a5743d874119e59ab8fcfa9801f9972cfc18e033c757423dfbd92d1bf1b2b3cf741c4a13b726b08441041712f98d8917d20fef74fcf3876ab5953e38ff6c2a2b3a8b96a2b1ec4dd86b09aec23ba096d16bdc1acfcb44ac82ed8c855c217bc07625c5dce82a0db0b400e2cdb89a75bb2155af9862304efc989253eadadcd08ae5f2e58cf842880df11a12ac8b3492069ccea594430ccee2baaf0fc3b2db99c14aa93f2624ab0e9237760b5fa1a96c16474be2cabc90ff091672e95c8d25fccd039110c6934b948de9c5983aae57a3547ad288ca1219e3fd1f27d5687f66ae4d487141b1d091c6049e72eff1d5df8280c1248892677b520cdb4e97c31778c2b09ac10a174d04da2a43a0d178242f203b3ae14154d1d03319d14921352ba733b0656ae2cece53f736006d117cf08c7f9e18d9f1b500dc5922d423dbf822c1ae089332b1884901aae255612bb70bcc65257bbc6cef6f9c5b76dfd1dfd0b5dfba63eece0c2185c01ef11810497eb2047bc87be9b8b5c897b8a155200d2ce96427bd4036b19f0ef6c9cea67c43b80c8fbd0d25d6b046efe93a9872bb0f964e016490883e9388ef035908221166c2206415f3feebdbc2a830ccac55d61b79d3316e2d3be9aea1c2c72c23688efff2b9b5a4f39f667a5404e3ce2083a302bc4a49208a0725c20f9a19adff430c50a169f151355df660d52c0068cca7f171ecdec15047dfea2ba6861e5ece606d228e0bf47631cc32b91ab4c09015d40a326086ebaac6af8e79059dc7f929cf6a80ad3b8cd6b3a91b8e5a199fb00814b45f42e8b7feeb9158c39510c1a10d35aea06fe660b0eb73bc0905252b6919fe23e5d5c3c9c66adaefe9e4307981e63fdcdc67e2bf76d75ff7be4fe8dd025cece14d556074c84b3c8833dc7cff583ce25947101676fd3f8f4016368bf27e24744bba7cb768b9d837b16d5308dc3712f37c69d1d1ee98360c6449634433afebe5bea6b2e39c249c29c4c8c3fca5f180ad4893c41458fc9f82db8200e201b3c4b5cc69dadf9a409af684f372a68cf1cf3aa64f9de0ec5fcd58acca051c590c689e42d0037cf3b2abee9d2c85803a929032b35113963ad79793b2a4d8377517654149b9afb408b189d2ecf95c66594e79db6c34e0c82a30259938589b2f81c50851a4d30013d9da1f24eacd5efbdf945e8af4a625126b38c01029fb2b0062de8c4bcd61c7d8b9215bac8dc35609ff45acbadfac0a04e3f5014c1c34cbb46393633f6102080f266fec4242c67c93e01312ba0e6e3dd1e002d1253e4d34a8d6122c60ce5169d1c47f807230d86f4836e4c385aff2c6492c9e2584a4a0dcff544316f4c35d1fb19c4277041885df236324b80c3f2d58c76f64a075d27a916ba55746b0aa758d383c063cd6447a80f7abd06a310974765a8c977671a6dbe35be115747a4a3c9d9f558ce7fbfc35b91875612e89f505007792f7b197ba5fc4c65cd6f8765e2d2454f4681381325477af63a88fe4313c7365690c50f05d40fe302479d21cee188f29f8b4475b6b37e2a4dd710814a2463cf1650f281595cff95f549c4c4ffcd184e672b308aa4bc071395f214ee97e5b7dbc5efaed8e65a878169a0529b6ed4022e5bfaaa49fc521c283bd9d62ddc00e4d84d5da18f7c0acd00c53e827c7194146e5d0cb9439e8c35e0659d347cb012e47da92aff33c8b45fd9aa140d2f76b75c6800f8769057e88d156714a82e3d12b4fdf2863a27eb2587ebc25b011a949849dcd9faaa128b9bef780b3d239a007ca9c04256b858cfc7b068365c044a5eb863bdf0454cf37df09d4cf930408f0d41c1e8c278b994c455f89ecb85156ed20b7f89c9c2f1176508e4c7ab7ed74311a12317d4193eaef0333368963286e4c5e0c0c0db5f3f2d5e3cff77b21e3b4786c8c096b89b60cf41560544ba1361f4af4b5b330b410edc5421b5023f1f4df0f910067bfbe0a46cb5f1407f650c47288a31e0f767de8ddca77b20ed16513e095fbce085d25d543dce850515458c5ef07a0c012175ef50ef3c52f98afa0b2631c7d3e63b22e90ebce2513d3b0d4d62f153cc90700fbee5c80ffd14fece05e0ba293758aaa7510d3853a4a4d44e9e479e3f5d92a663f14b5f5452efc6ecf387a100787667dd060cfdf75ee57dda2e042f7f171ac5083a5ddc6656bb34d683955f4a8a1cf687d29e963d8abf93912aa08dc4df3cdaaceae9fa1d21472ed01705d861a798f57f14ca4f3f0e1e9f1c20e9e2eb6974a7d838e7a2f69943ad259cd6967c0c46698952c65a9a1d72be890a66dfea4fa1b5ee861b1f929ce78c9bcdfb0145ff52d462865a8a81506e1bd0afa6b2d3cc5556c17c19b891fc6c36b9ed0b8b3c516836872ced92b1b65e2334b3730deae7af801016d30af14daf53ec550da914dedc18726871a94c3ce8efd4bfcf25ffdf224d665374b279ea65d32e213bfad60aa8555fbe97cb22977f7e9f20a04e8e2c65b3a5519a098b70cce0ad25cb239e2335e0040481c86a2153b5056e70f83515e7d3739749ab8a2c3e4a1b0faab4426495c4f0076d2590c52f6548e3b20b17a6f21deefe63f67fcba027a83959dd9f79dc2f61e712d41fa50c0a89d1329a70aa8471f02a2755ea2f872adc3fbaea5e017a0a2ae7344ee0ca36afd646444a38696ceeca997321ab37642ea71be0758b3bb311b13cce0cc5881c97549ebf9366171a99a8f3b754f6e42970002b09ebc56402693fd2d06bfc114396c75a4bcfb02e114170fafad5ab7e671b70e51461f6916a674d4abcf47011e8598144c5cb013f280e21afc936055b1d2e0bbf29a4b969cadf754ac62bb6020f33ed9b3e46428496d0de29ff0b6fb13710f98f688e9185126c0b154530a045abcf54f4be1a63ac4ec02ba038cb1b510abd82532cfcc7684c977e00fe81d2d4a483d5cf7d23a5c4fd6a299edb436f519a6efc37b79b249feec6f0d7983a321f4021ac4766270f6bf9fe10733313e6116178fd271eb4d0ac6158e16f3a01795932f15b6df70c25dad7fd9f8932bf6bd651094d6c83cf0accfa978f575e535e86e44f17a23802bdba0bcb17899d76a5bb083061a4ddceb105333a828ade21c99dbc6257a322a22f73899f3fd64eddb1669b965d21f468416eb81ca750e54976616ced379078b149822d38634f90bb4644746eb40cc6153a1c0fd7b4d482958c5c1d9a47c3512510f022b8eb00861794ed8a3c207f4cf5a565b94a44eb14e6baefc24ee30380b53ee4726779b429240cb8b71340fd41fa0352810d90519f18ee69b85d3134cc16619a966ed378d608292834631aa1f215a324641d0b772d08a822f6ec0905c22768044c13911476bc70122345a274b1887ac471676f09a849faba85f9c2a8b24af21ac7700395b29f963d493a5f81febc3b8a23bbafaba0d9b288c5506c44ec4f6f327433f06cf6d72f8de7cc61ecc1de0fc743ddfeb2fa47fa17ab3257b68e0c56dce273f56de9724b809b4df30d0dc8a4a97db38674242ea7e81571dda16c2dd2ae5d82b51b719181db901409170504ecfd94de74315c554462dbc90d749f2d2d54b6b7ca6c287979b5cc1ec651af17891359628abc6c8329d88351966c4ffd23b7a729453ec0c064210b3234f8657747a84bc0b236a89a35f412395805c942392b61a2bd5a88a5740b97c31d5bd8857f2b7a0cb999a48d0b395c21ff58e7349939f542470a829db9e033ef7b719453ad7a705829d74416011ce17839618f1534c9859c08a8d5c49a0478074ceea47ab23fb24570011684733bc01f0adca5a48139f54c598bee0f2a704b5fbc10c209121c675aa7f40981236948e61890023d50fcb67d8be7e71f000000000000000000", 0xfe7c}, {&(0x7f00000011c0)="010081a11f176468b7737c66f4b8a055e35cb6fcaecfeedd25629949468a4adb4e8a12163e7cbe12a7ddd3a0471c6013065050ee2043ab896bf576a6c3be0f7fd4b0119b2b44899b996df7f6", 0x1}, {&(0x7f0000003300)="9a", 0x1}], 0x3}}], 0x4000000000002e4, 0x4000000)

10.38958855s ago: executing program 0 (id=873):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000bdc000/0x13000)=nil, 0x13000, 0x16)
r2 = syz_clone(0x0, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)
r3 = socket$inet(0x2, 0x6, 0x0)
prlimit64(r2, 0x0, &(0x7f0000000200)={0x1}, &(0x7f0000000240))
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
r4 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r4)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f00000004c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f0000000380)=0x3, 0x4)
sendto(0xffffffffffffffff, &(0x7f0000000180)='%', 0x300000, 0x840, 0x0, 0x60)
mount$9p_fd(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f00000003c0), 0xb68e2a9771539e86, &(0x7f0000000100)=ANY=[])
connect$inet(r3, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
r6 = syz_open_dev$hidraw(&(0x7f0000000140), 0x0, 0x8a00)
read$hidraw(r6, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/96, 0x60}, 0x10000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000400000000000000000000000009500"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='cachefiles_read\x00', r7}, 0x10)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0)
r9 = accept4(r8, 0x0, 0x0, 0xa3476183b88aab85)
sendmsg$tipc(r9, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000001c0)='I', 0x1}, {&(0x7f00000002c0)='Z', 0x1}], 0x2}, 0x0)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r10, &(0x7f0000000080)="29000000140005b7ff000000040860eb01cb02fcb2e4e6589b3e0ed7283f14b912685e684c42b9eeb9", 0x29)

10.207417559s ago: executing program 0 (id=874):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001808ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socketpair(0x0, 0x1, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000600)='kfree\x00', r1}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000600)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e03010000000000640500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000070600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000340)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0xff}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1}]}]}}, 0x0, 0x5a}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001200000000000000000000000000000120a01040000000020000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000007140000001100010000000000000000000000000a"], 0x64}}, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) (async)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0)
r6 = socket(0x10, 0x3, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000040)={0x1d, r8}, 0x18)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r8}, 0x18) (async)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r8}, 0x18)
r9 = dup(r7)
sendmsg$nl_generic(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="c000bc9af800"], 0x33fe0}}, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) (async)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
connect$can_j1939(r7, &(0x7f0000000000)={0x1d, r8, 0x2, {}, 0xfd}, 0x18)
write(r6, &(0x7f0000000000)="2400000011005f0414f9f4070009040081000000160000000000000008000f0001000000", 0x24) (async)
write(r6, &(0x7f0000000000)="2400000011005f0414f9f4070009040081000000160000000000000008000f0001000000", 0x24)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000140)={@my=0x1}) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f00000000c0)={{@my=0x1, 0x4}, @local, 0x0, 0x0, 0x8001, 0x0, 0xfffffffffffffffc}) (async)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f00000000c0)={{@my=0x1, 0x4}, @local, 0x0, 0x0, 0x8001, 0x0, 0xfffffffffffffffc})

2.801346556s ago: executing program 3 (id=928):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f0000000140)={0x0, 0x0, 0x200a})
write$binfmt_elf64(r0, 0x0, 0x18)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wg2\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x2, 0xfffffffd, 0xfffffffe, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x1}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000180)={{0xa, 0x4e22, 0x0, @private1}, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x24010102}}}, 0x5c)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x4, 0x7ff, 0xa}, &(0x7f0000000040)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x6, 0x7fff, 0xc9}, 0xffffffffffffffae)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="540100001000130700000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414bb0000000000000000000000000000000032000000ac1914aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000d00000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd700000000001c000400070000000000000000000000000000000000000000000000e7662d7b88fed7249af44effb0603567d6e23ea3c2029caaeaa6bd9d19ef13c97951b17eba9d83573373ae652af51796b8a5f4a516763f46724d6bd30f6617168522052e1426e73091bad271c5f78e474d0dd6eff879f6d14623a389e799c64b34546bb7e7966305a5e737b7f7d68640199fb29e51e9b0bc25ea676d850f82ffec51"], 0x154}}, 0x0)
r10 = syz_usbip_server_init(0x3)
r11 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r11, &(0x7f00000000c0)={0x1a, 0x309, 0x0, 0x5, 0x0, 0x0, @remote}, 0x10)
write$usbip_server(r10, &(0x7f0000000980)=@ret_unlink={{0x4, 0x4, 0x0, 0x0, 0x1}, {0x3}}, 0x30)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000011c0)={0x18, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0)
r12 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r12, 0x0, &(0x7f00000000c0))
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040))
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffdfffff})

2.77518651s ago: executing program 2 (id=929):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x10, r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000a00), &(0x7f0000000a40)=0x8)

2.704008615s ago: executing program 2 (id=930):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000"], 0x34}}, 0x0)

2.628464194s ago: executing program 2 (id=931):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000280)=ANY=[])

2.483442393s ago: executing program 2 (id=933):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000780)={0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000007c0)=0x10)
shutdown(r0, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x50009401, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000702030000000000000000000000000000695431b012a9407a989ac03b1348ddfbf6a8b39c7316bf5c"], 0x14}}, 0x0)
syz_io_uring_setup(0x5b49, &(0x7f0000000140)={0x0, 0x0, 0x8}, &(0x7f00000001c0), &(0x7f0000000200))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = dup2(r4, r3)
landlock_create_ruleset(0x0, 0x0, 0x0)
pidfd_send_signal(r5, 0x0, 0x0, 0x2)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000140)=[{0x0}], 0x1)
r7 = inotify_init1(0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x0)
r9 = syz_open_dev$video4linux(&(0x7f0000001380), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r9, 0xc0405626, &(0x7f0000000000))
inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0xa)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f00000026c0)='./file0\x00', 0x0, 0x1bd)
preadv2(r10, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.088955169s ago: executing program 3 (id=934):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000780)={0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000007c0)=0x10)
shutdown(r0, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x50009401, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000702030000000000000000000000000000695431b012a9407a989ac03b1348ddfbf6a8"], 0x14}}, 0x0)
syz_io_uring_setup(0x5b49, &(0x7f0000000140)={0x0, 0x0, 0x8}, &(0x7f00000001c0), &(0x7f0000000200))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = dup2(r4, r3)
landlock_create_ruleset(0x0, 0x0, 0x0)
pidfd_send_signal(r5, 0x0, 0x0, 0x2)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000140)=[{0x0}], 0x1)
r7 = inotify_init1(0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x0)
r9 = syz_open_dev$video4linux(&(0x7f0000001380), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r9, 0xc0405626, &(0x7f0000000000))
inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0xa)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f00000026c0)='./file0\x00', 0x0, 0x1bd)
preadv2(r10, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.569990001s ago: executing program 2 (id=935):
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r2, &(0x7f0000004200)={0x2020}, 0x2020)
chroot(&(0x7f0000000040)='./file0/file0/file0/file0/file0\x00')
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x14, 0x0, 0x223, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000300)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xc000}})
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)
move_mount(r5, &(0x7f0000000000)='./file0/file0/file0/file0/file0\x00', 0xffffffffffffffff, 0x0, 0x0)
memfd_create(&(0x7f00000001c0)='\x00', 0x2)
write$FUSE_INIT(r2, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d56549b})
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000040)={0x8f, 0x0, 0xa})

1.479937541s ago: executing program 1 (id=936):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @dev}}}, 0x9c)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000300)={0x1, {{0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xffffffff}}, 0x1, 0x6, [{{0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x2}}, {{0xa, 0x5, 0x1, @local, 0x4}}, {{0xa, 0x4e24, 0x1, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}}, {{0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x1}}, {{0xa, 0x4e20, 0x4, @remote, 0xfffffffa}}, {{0xa, 0x4e24, 0x7fff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}}]}, 0x38c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="60000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="7b130000000000003800128008000100677470002c00028008000100", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES64=r0], 0x60}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r6 = socket(0x2, 0x2, 0x1)
bind$unix(r6, &(0x7f0000000000)=@abs, 0x6e)
r7 = socket(0x2, 0x2, 0x1)
bind$unix(r7, &(0x7f0000000000)=@abs, 0x6e)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r9 = memfd_create(&(0x7f00000002c0)='system.skckpr\x02\x13otonam', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x4000051, r9, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
remap_file_pages(&(0x7f0000491000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
preadv(r8, &(0x7f00000001c0)=[{&(0x7f0000000700)=""/201, 0xc9}], 0x1, 0x10000000, 0x0)
close_range(r4, r5, 0x0)

1.177961808s ago: executing program 3 (id=937):
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r0, r3, 0xfffffffffffffc01, 0x0)
splice(r0, 0x0, r3, 0x0, 0x9aa7, 0x0)
read$FUSE(r2, &(0x7f0000001c40)={0x2020}, 0x2020)

1.014336138s ago: executing program 1 (id=938):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x10, r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000a00), &(0x7f0000000a40)=0x8)

938.70098ms ago: executing program 1 (id=939):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000"], 0x34}}, 0x0)

936.940357ms ago: executing program 1 (id=940):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x20}}}, 0x4)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}})
syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000c57000), 0x0)
r3 = syz_io_uring_setup(0x4da9, &(0x7f0000001280)={0x0, 0xe84a, 0x10100, 0x2}, &(0x7f0000002000), &(0x7f0000000180)=<r4=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000280), &(0x7f0000000040)=<r5=>0x0, &(0x7f00000003c0))
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r3, 0x48e9, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc018aa06, &(0x7f0000000380)={{&(0x7f00007db000/0x2000)=nil, 0x2000}})
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r6 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r6, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'veth0_to_bridge\x00', 0x1}, 0x18)
sendmmsg$inet6(r6, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)='D', 0x1}, {&(0x7f00000000c0)="d711eccf81", 0x7fffefff}], 0x2}}], 0x1, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r8=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r8, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
gettid()
r10 = getpid()
syz_pidfd_open(r10, 0x0)
r11 = syz_open_procfs(r10, &(0x7f0000000040)='net/rt_cache\x00')
preadv(r11, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r11, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000001200), &(0x7f0000000280), 0x0, r9, 0xeeeeeeee})

887.681457ms ago: executing program 3 (id=941):
r0 = socket(0x11, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000000)=0x20)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000f, 0x40a2012, r2, 0x0)
ioctl$SNDCTL_DSP_GETFMTS(r2, 0x8004500b, &(0x7f0000000080))
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/anycast6\x00')
preadv(r4, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/189, 0xbd}, {&(0x7f00000005c0)=""/255, 0xff}, {0x0}, {&(0x7f0000000340)=""/109, 0x6d}], 0x4, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
add_key$keyring(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000000c0)='cifs.spnego\x00', 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

608.126848ms ago: executing program 1 (id=942):
r0 = socket$netlink(0x10, 0x3, 0x9)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x1, 0x200000}, 0xc)

546.841414ms ago: executing program 1 (id=943):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000780)={0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000007c0)=0x10)
shutdown(r0, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x50009401, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000702030000000000000000000000000000695431b012a9407a989ac03b1348ddfbf6a8b39c7316bf5c"], 0x14}}, 0x0)
syz_io_uring_setup(0x5b49, &(0x7f0000000140)={0x0, 0x0, 0x8}, &(0x7f00000001c0), &(0x7f0000000200))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = dup2(r4, r3)
landlock_create_ruleset(0x0, 0x0, 0x0)
pidfd_send_signal(r5, 0x0, 0x0, 0x2)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000140)=[{0x0}], 0x1)
r7 = inotify_init1(0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x0)
r9 = syz_open_dev$video4linux(&(0x7f0000001380), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r9, 0xc0405626, &(0x7f0000000000))
inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0xa)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f00000026c0)='./file0\x00', 0x0, 0x1bd)
preadv2(r10, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

546.116171ms ago: executing program 2 (id=944):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f0000000140)={0x0, 0x0, 0x200a})
write$binfmt_elf64(r0, 0x0, 0x18)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wg2\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x2, 0xfffffffd, 0xfffffffe, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x1}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000180)={{0xa, 0x4e22, 0x0, @private1}, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x24010102}}}, 0x5c)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x4, 0x7ff, 0xa}, &(0x7f0000000040)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x6, 0x7fff, 0xc9}, 0xffffffffffffffae)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="540100001000130700000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414bb0000000000000000000000000000000032000000ac1914aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000d00000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd700000000001c000400070000000000000000000000000000000000000000000000e7662d7b88fed7249af44effb0603567d6e23ea3c2029caaeaa6bd9d19ef13c97951b17eba9d83573373ae652af51796b8a5f4a516763f46724d6bd30f6617168522052e1426e73091bad271c5f78e474d0dd6eff879f6d14623a389e799c64b34546bb7e7966305a5e737b7f7d68640199fb29e51e9b0bc25ea676d850f82ffec51"], 0x154}}, 0x0)
r10 = syz_usbip_server_init(0x3)
r11 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r11, &(0x7f00000000c0)={0x1a, 0x309, 0x0, 0x5, 0x0, 0x0, @remote}, 0x10)
write$usbip_server(r10, &(0x7f0000000980)=@ret_unlink={{0x4, 0x4, 0x0, 0x0, 0x1}, {0x3}}, 0x30)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000011c0)={0x18, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x0, 0x0)
r12 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r12, 0x0, &(0x7f00000000c0))
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040))
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffdfffff})

105.494928ms ago: executing program 3 (id=946):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$AUTOFS_IOC_ASKUMOUNT(0xffffffffffffffff, 0x80049370, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be2566cd0723043c47c896ce0bce66a245ad98a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557343c5ca683a4b6fc89398f2b0000f224ab1bf906536e11d3f38e5c27891060017cfa6fa26fa7a347003900beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc715f9fa75b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@map, r1, 0x4}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8}]}}}]}]}], {0x14}}, 0x74}}, 0x0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000140)='asymmetric\x00', &(0x7f00000001c0)=@keyring={'key_or_keyring:', r2})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000100)=@keyring={'key_or_keyring:', r3})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e1301"], 0x16)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000080)={'veth0_to_bond\x00', @remote})
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1808000000000000000000000300000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000002f000000b70900000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000000)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
r6 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x129002)
dup(r6)

0s ago: executing program 3 (id=947):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_hardware_error={{0x10, 0x1}, {0x20}}}, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}})
syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000c57000), 0x0)
r3 = syz_io_uring_setup(0x4da9, &(0x7f0000001280)={0x0, 0xe84a, 0x10100, 0x2}, &(0x7f0000002000), &(0x7f0000000180)=<r4=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000280), &(0x7f0000000040)=<r5=>0x0, &(0x7f00000003c0))
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r3, 0x48e9, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc018aa06, &(0x7f0000000380)={{&(0x7f00007db000/0x2000)=nil, 0x2000}})
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r6 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r6, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'veth0_to_bridge\x00', 0x1}, 0x18)
sendmmsg$inet6(r6, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)='D', 0x1}, {&(0x7f00000000c0)="d711eccf81", 0x7fffefff}], 0x2}}], 0x1, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r8=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r8, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
gettid()
r10 = getpid()
syz_pidfd_open(r10, 0x0)
r11 = syz_open_procfs(r10, &(0x7f0000000040)='net/rt_cache\x00')
preadv(r11, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r11, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000001200), &(0x7f0000000280), 0x0, r9, 0xeeeeeeee})

kernel console output (not intermixed with test programs):

 119.079412][ T6784] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.082926][ T6784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.086357][ T6784]  </TASK>
[  119.089384][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.092681][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.095838][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.098764][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x1
[  119.101764][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.105044][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.108223][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.111102][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.114076][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.117135][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.120222][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.123497][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.126977][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.130451][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.133875][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.139355][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.142827][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.148423][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.152481][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.156165][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.159514][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.162769][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.166197][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.169192][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.172273][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.175539][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.183983][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.188885][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.192036][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.196325][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.199729][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.202999][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.208204][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.211513][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.216556][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.219479][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.222135][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.226707][ T5246] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  119.233418][ T5246] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  119.787228][ T6793] netlink: 'syz.0.407': attribute type 1 has an invalid length.
[  120.177553][   T55] usb 7-1: USB disconnect, device number 12
[  120.194834][   T55] usblp0: removed
[  120.512734][ T6816] netlink: 'syz.0.416': attribute type 4 has an invalid length.
[  120.761811][ T6829] binder_alloc: 6825: binder_install_single_page failed to insert page at offset 0 with -14
[  120.897185][ T5246] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  121.087008][ T5246] usb 5-1: Using ep0 maxpacket: 8
[  121.091780][ T5246] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  121.095530][ T5246] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  121.103806][ T5246] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  121.112957][ T5246] usb 5-1: config 250 has no interface number 0
[  121.122356][ T5246] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  121.135943][ T5246] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  121.146828][ T5246] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  121.152910][ T5246] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  121.157635][ T5246] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  121.163041][ T5246] usb 5-1: config 250 interface 228 has no altsetting 0
[  121.171461][ T5246] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  121.176995][ T5246] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  121.180374][ T5246] usb 5-1: Product: syz
[  121.182055][ T5246] usb 5-1: SerialNumber: syz
[  121.191622][ T5246] hub 5-1:250.228: bad descriptor, ignoring hub
[  121.194878][ T5246] hub 5-1:250.228: probe with driver hub failed with error -5
[  121.408846][ T5246] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  121.447597][ T6848] FAULT_INJECTION: forcing a failure.
[  121.447597][ T6848] name failslab, interval 1, probability 0, space 0, times 0
[  121.453625][ T6848] CPU: 2 PID: 6848 Comm: syz.3.425 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  121.458270][ T6848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.463563][ T6848] Call Trace:
[  121.465113][ T6848]  <TASK>
[  121.466472][ T6848]  dump_stack_lvl+0x16c/0x1f0
[  121.468674][ T6848]  should_fail_ex+0x497/0x5b0
[  121.470703][ T6848]  should_failslab+0x9/0x20
[  121.473128][ T6848]  kmem_cache_alloc_node_noprof+0x71/0x310
[  121.476045][ T6848]  ? __alloc_skb+0x2b3/0x380
[  121.478115][ T6848]  __alloc_skb+0x2b3/0x380
[  121.480157][ T6848]  ? __pfx___alloc_skb+0x10/0x10
[  121.482373][ T6848]  ? __pfx___might_resched+0x10/0x10
[  121.484787][ T6848]  netlink_alloc_large_skb+0x69/0x130
[  121.487485][ T6848]  netlink_sendmsg+0x689/0xd70
[  121.489625][ T6848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  121.491935][ T6848]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  121.494200][ T6848]  ____sys_sendmsg+0x9b4/0xb50
[  121.496415][ T6848]  ? __pfx_____sys_sendmsg+0x10/0x10
[  121.498728][ T6848]  ? get_compat_msghdr+0x11b/0x170
[  121.501159][ T6848]  ? __pfx___lock_acquire+0x10/0x10
[  121.503397][ T6848]  ___sys_sendmsg+0x135/0x1e0
[  121.505427][ T6848]  ? __pfx____sys_sendmsg+0x10/0x10
[  121.507648][ T6848]  ? ksys_write+0x21c/0x260
[  121.509797][ T6848]  ? __fget_light+0x173/0x210
[  121.511846][ T6848]  __sys_sendmsg+0x117/0x1f0
[  121.514032][ T6848]  ? __pfx___sys_sendmsg+0x10/0x10
[  121.516183][ T6848]  __do_fast_syscall_32+0x73/0x120
[  121.518145][ T6848]  do_fast_syscall_32+0x32/0x80
[  121.520167][ T6848]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  121.522880][ T6848] RIP: 0023:0xf745e579
[  121.524635][ T6848] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  121.534006][ T6848] RSP: 002b:00000000f5d7657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  121.537768][ T6848] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  121.540867][ T6848] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  121.543760][ T6848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  121.546728][ T6848] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  121.550298][ T6848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  121.553673][ T6848]  </TASK>
[  121.756445][   T55] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  121.956656][   T55] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  121.960108][   T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.964833][   T55] usb 7-1: config 0 descriptor??
[  121.970446][   T55] cp210x 7-1:0.0: cp210x converter detected
[  122.506007][   T55] cp210x 7-1:0.0: failed to get vendor val 0x370b size 1: -71
[  122.509386][   T55] cp210x 7-1:0.0: querying part number failed
[  122.521329][   T55] usb 7-1: cp210x converter now attached to ttyUSB0
[  122.527897][   T55] usb 7-1: USB disconnect, device number 13
[  122.535683][   T55] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  122.541827][   T55] cp210x 7-1:0.0: device disconnected
[  122.787482][   T65] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  122.791400][   T65] Bluetooth: hci1: Injecting HCI hardware error event
[  122.795210][ T5202] Bluetooth: hci1: hardware error 0x00
[  123.379034][ T5214] Bluetooth: hci0: hardware error 0x20
[  123.496578][ T5246] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  123.678223][ T6890] binder_alloc: 6888: binder_install_single_page failed to insert page at offset 0 with -14
[  123.695982][ T5246] usb 7-1: Using ep0 maxpacket: 8
[  123.700632][ T5246] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[  123.704360][ T5246] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[  123.708986][ T5246] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[  123.712920][ T5246] usb 7-1: config 250 has no interface number 0
[  123.715607][ T5246] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  123.721362][ T5246] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  123.725985][ T5246] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  123.730936][ T5246] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  123.735351][ T5246] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  123.741970][ T5246] usb 7-1: config 250 interface 228 has no altsetting 0
[  123.751979][ T5246] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  123.757296][ T5236] usb 5-1: USB disconnect, device number 5
[  123.762281][ T5246] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  123.765724][ T5246] usb 7-1: Product: syz
[  123.769443][ T5236] usblp0: removed
[  123.777662][ T5246] usb 7-1: SerialNumber: syz
[  123.792030][ T5246] hub 7-1:250.228: bad descriptor, ignoring hub
[  123.795496][ T5246] hub 7-1:250.228: probe with driver hub failed with error -5
[  123.996491][ T5246] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 14 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  124.160335][ T6884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.177280][ T6884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.465972][ T5246] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[  124.656229][ T5246] usb 5-1: Invalid ep0 maxpacket: 16
[  124.806023][ T5246] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  124.857964][ T5202] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  124.996006][ T5246] usb 5-1: Invalid ep0 maxpacket: 16
[  124.999257][ T5246] usb usb5-port1: attempt power cycle
[  125.416247][ T5214] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  125.470054][ T5246] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[  125.540612][ T5246] usb 5-1: Invalid ep0 maxpacket: 16
[  125.707775][ T5246] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  125.736652][ T5246] usb 5-1: Invalid ep0 maxpacket: 16
[  125.739220][ T5246] usb usb5-port1: unable to enumerate USB device
[  125.755313][ T5202] Bluetooth: hci3: hardware error 0x20
[  126.098256][ T6929] vcan0: entered allmulticast mode
[  126.296250][ T5244] usb 7-1: USB disconnect, device number 14
[  126.301715][ T5244] usblp0: removed
[  126.370023][ T6944] netlink: 12 bytes leftover after parsing attributes in process `syz.1.453'.
[  126.491769][ T5214] Bluetooth: hci3: unexpected event for opcode 0x2036
[  126.965962][ T5246] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  127.155980][ T5246] usb 6-1: Using ep0 maxpacket: 8
[  127.168827][ T5246] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[  127.173335][ T5246] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[  127.178692][ T5246] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[  127.184169][ T5246] usb 6-1: config 250 has no interface number 0
[  127.187008][ T5246] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  127.198874][ T5246] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  127.204804][ T5246] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  127.218412][ T5246] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  127.235980][ T5246] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  127.241787][ T5246] usb 6-1: config 250 interface 228 has no altsetting 0
[  127.257109][ T5246] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  127.260981][ T5246] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  127.264778][ T5246] usb 6-1: Product: syz
[  127.280628][ T5246] usb 6-1: SerialNumber: syz
[  127.296202][ T5246] hub 6-1:250.228: bad descriptor, ignoring hub
[  127.299144][ T5246] hub 6-1:250.228: probe with driver hub failed with error -5
[  127.512911][ T5246] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 4 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  127.690639][ T6975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.696960][ T6975] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.819343][ T5202] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  127.822495][ T5202] Bluetooth: hci3: hardware error 0x20
[  129.089275][ T6989] syzkaller0: entered promiscuous mode
[  129.094498][ T6989] syzkaller0: entered allmulticast mode
[  129.779032][ T5251] usb 6-1: USB disconnect, device number 4
[  129.784116][ T5251] usblp0: removed
[  129.795465][ T7009] FAULT_INJECTION: forcing a failure.
[  129.795465][ T7009] name failslab, interval 1, probability 0, space 0, times 0
[  129.805986][ T7009] CPU: 2 PID: 7009 Comm: syz.1.468 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  129.810307][ T7009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.814935][ T7009] Call Trace:
[  129.816444][ T7009]  <TASK>
[  129.817755][ T7009]  dump_stack_lvl+0x16c/0x1f0
[  129.819945][ T7009]  should_fail_ex+0x497/0x5b0
[  129.822058][ T7009]  should_failslab+0x9/0x20
[  129.824044][ T7009]  kmalloc_trace_noprof+0x6b/0x310
[  129.826310][ T7009]  ? vcs_poll_data_get.part.0+0x43/0x280
[  129.828765][ T7009]  vcs_poll_data_get.part.0+0x43/0x280
[  129.831158][ T7009]  vcs_poll+0x123/0x150
[  129.832981][ T7009]  do_select+0xca0/0x17b0
[  129.834892][ T7009]  ? __pfx_lock_release+0x10/0x10
[  129.837127][ T7009]  ? __pfx_vcs_poll+0x10/0x10
[  129.839213][ T7009]  ? __pfx_do_select+0x10/0x10
[  129.841301][ T7009]  ? mark_lock+0xb5/0xc60
[  129.843227][ T7009]  ? __pfx_mark_lock+0x10/0x10
[  129.845325][ T7009]  ? __pfx___pollwait+0x10/0x10
[  129.847514][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.849577][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.851658][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.853721][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.855816][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.857899][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.859966][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.862057][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.864136][ T7009]  ? __pfx_pollwake+0x10/0x10
[  129.866221][ T7009]  ? compat_core_sys_select+0x1de/0x880
[  129.868640][ T7009]  ? __pfx_lock_release+0x10/0x10
[  129.870847][ T7009]  ? compat_core_sys_select+0x687/0x880
[  129.873268][ T7009]  compat_core_sys_select+0x687/0x880
[  129.875625][ T7009]  ? __pfx_compat_core_sys_select+0x10/0x10
[  129.878192][ T7009]  ? ksys_write+0x12f/0x260
[  129.880179][ T7009]  ? set_compat_user_sigmask+0x20f/0x2a0
[  129.882619][ T7009]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  129.885238][ T7009]  do_compat_pselect+0x202/0x240
[  129.887424][ T7009]  ? __pfx_do_compat_pselect+0x10/0x10
[  129.889733][ T7009]  ? ksys_write+0x1ab/0x260
[  129.891761][ T7009]  __ia32_compat_sys_pselect6_time32+0x141/0x1c0
[  129.894536][ T7009]  __do_fast_syscall_32+0x73/0x120
[  129.896790][ T7009]  do_fast_syscall_32+0x32/0x80
[  129.897061][ T5202] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  129.898933][ T7009]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.898959][ T7009] RIP: 0023:0xf73b2579
[  129.898974][ T7009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.914218][ T7009] RSP: 002b:00000000f5cca57c EFLAGS: 00000292 ORIG_RAX: 0000000000000134
[  129.917870][ T7009] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000200001c0
[  129.921303][ T7009] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000000
[  129.924736][ T7009] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.928170][ T7009] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  129.931618][ T7009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.935112][ T7009]  </TASK>
[  129.936616][    C2] vkms_vblank_simulate: vblank timer overrun
[  130.911186][ T7032] netlink: 766 bytes leftover after parsing attributes in process `syz.2.475'.
[  131.289702][ T7043] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  131.743607][ T7064] TCP: MD5 Hash mismatch for [fe80::bb].0->[ff02::1].20002 [R]L3 index 0
[  132.052298][ T7079] fuse: Bad value for 'fd'
[  132.130389][ T7085] overlayfs: missing 'lowerdir'
[  132.555552][ T7091] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  132.939520][ T1352] ieee802154 phy0 wpan0: encryption failed: -22
[  132.943248][ T1352] ieee802154 phy1 wpan1: encryption failed: -22
[  133.406107][ T5236] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  133.625374][ T5236] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  133.642500][ T5236] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.648158][ T5236] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  133.656334][ T5236] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.672960][ T5236] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  133.677275][ T5236] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  133.680198][ T5236] usb 5-1: Product: syz
[  133.690019][ T5236] usb 5-1: Manufacturer: syz
[  133.735414][ T5236] cdc_wdm 5-1:1.0: skipping garbage
[  133.737941][ T5236] cdc_wdm 5-1:1.0: skipping garbage
[  133.745848][ T5236] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  133.749262][ T5236] cdc_wdm 5-1:1.0: Unknown control protocol
[  133.962115][ T5236] usb 5-1: USB disconnect, device number 10
[  135.175705][ T7116] overlayfs: missing 'lowerdir'
[  135.199909][ T7118] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  135.356457][ T7128] fuse: Bad value for 'fd'
[  135.468908][ T7138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.506'.
[  135.521923][ T7138] syz.2.506: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  135.530018][ T7138] CPU: 1 PID: 7138 Comm: syz.2.506 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  135.534755][ T7138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.539455][ T7138] Call Trace:
[  135.541077][ T7138]  <TASK>
[  135.542452][ T7138]  dump_stack_lvl+0x16c/0x1f0
[  135.544472][ T7138]  warn_alloc+0x24d/0x3a0
[  135.546374][ T7138]  ? __pfx_warn_alloc+0x10/0x10
[  135.548605][ T7138]  ? hlock_class+0x4e/0x130
[  135.550579][ T7138]  ? stack_depot_save_flags+0x28/0x900
[  135.552992][ T7138]  ? kasan_save_stack+0x42/0x60
[  135.555215][ T7138]  ? kasan_save_stack+0x33/0x60
[  135.557239][ T7138]  ? kasan_save_track+0x14/0x30
[  135.559107][ T7138]  ? __kasan_kmalloc+0xaa/0xb0
[  135.561278][ T7138]  ? xskq_create+0x52/0x1d0
[  135.563356][ T7138]  ? xsk_setsockopt+0x8b0/0xac0
[  135.565281][ T7138]  ? __sys_setsockopt+0x1a4/0x270
[  135.567272][ T7138]  ? __ia32_sys_setsockopt+0xbc/0x160
[  135.569247][ T7138]  ? __do_fast_syscall_32+0x73/0x120
[  135.571363][ T7138]  __vmalloc_node_range_noprof+0x10b8/0x1520
[  135.573786][ T7138]  ? xskq_create+0xfb/0x1d0
[  135.575474][ T7138]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  135.578099][ T7138]  ? xskq_create+0xfb/0x1d0
[  135.579835][ T7138]  vmalloc_user_noprof+0x6b/0x90
[  135.581930][ T7138]  ? xskq_create+0xfb/0x1d0
[  135.583836][ T7138]  xskq_create+0xfb/0x1d0
[  135.585676][ T7138]  xsk_setsockopt+0x8b0/0xac0
[  135.587813][ T7138]  ? __pfx_xsk_setsockopt+0x10/0x10
[  135.589880][ T7138]  ? __pfx_aa_sk_perm+0x10/0x10
[  135.591805][ T7138]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  135.593995][ T7138]  ? __pfx_xsk_setsockopt+0x10/0x10
[  135.596089][ T7138]  do_sock_setsockopt+0x222/0x480
[  135.598149][ T7138]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  135.600467][ T7138]  ? __fget_light+0x173/0x210
[  135.602695][ T7138]  __sys_setsockopt+0x1a4/0x270
[  135.605100][ T7138]  ? __pfx___sys_setsockopt+0x10/0x10
[  135.607556][ T7138]  ? xfd_validate_state+0x5d/0x180
[  135.609945][ T7138]  __ia32_sys_setsockopt+0xbc/0x160
[  135.612504][ T7138]  ? lockdep_hardirqs_on+0x7c/0x110
[  135.614902][ T7138]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  135.617902][ T7138]  __do_fast_syscall_32+0x73/0x120
[  135.620257][ T7138]  do_fast_syscall_32+0x32/0x80
[  135.622667][ T7138]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.625603][ T7138] RIP: 0023:0xf73ca579
[  135.629568][ T7138] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.638331][ T7138] RSP: 002b:00000000f5ce257c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  135.641797][ T7138] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 000000000000011b
[  135.645152][ T7138] RDX: 0000000000000002 RSI: 00000000200000c0 RDI: 000000000000001c
[  135.648521][ T7138] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.651489][ T7138] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  135.655001][ T7138] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.658378][ T7138]  </TASK>
[  135.664682][ T7138] Mem-Info:
[  135.668965][ T7138] active_anon:4270 inactive_anon:2 isolated_anon:0
[  135.668965][ T7138]  active_file:10985 inactive_file:27477 isolated_file:0
[  135.668965][ T7138]  unevictable:772 dirty:307 writeback:0
[  135.668965][ T7138]  slab_reclaimable:4684 slab_unreclaimable:56978
[  135.668965][ T7138]  mapped:11976 shmem:829 pagetables:651
[  135.668965][ T7138]  sec_pagetables:328 bounce:0
[  135.668965][ T7138]  kernel_misc_reclaimable:0
[  135.668965][ T7138]  free:122580 free_pcp:3139 free_cma:0
[  135.686634][ T7138] Node 0 active_anon:1452kB inactive_anon:0kB active_file:36kB inactive_file:0kB unevictable:1552kB isolated(anon):0kB isolated(file):0kB mapped:9380kB dirty:32kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10420kB pagetables:2008kB sec_pagetables:1276kB all_unreclaimable? no
[  135.700017][ T7138] Node 1 active_anon:17324kB inactive_anon:8kB active_file:43904kB inactive_file:110208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:38824kB dirty:1300kB writeback:0kB shmem:1780kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1064kB pagetables:604kB sec_pagetables:36kB all_unreclaimable? no
[  135.713652][ T7138] Node 0 DMA free:928kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:144kB inactive_anon:0kB active_file:8kB inactive_file:0kB unevictable:12kB writepending:0kB present:15992kB managed:15360kB mlocked:12kB bounce:0kB free_pcp:236kB local_pcp:20kB free_cma:0kB
[  135.726247][ T7138] lowmem_reserve[]: 0 374 0 0 0
[  135.728407][ T7138] Node 0 DMA32 free:29680kB boost:0kB min:19048kB low:23808kB high:28568kB reserved_highatomic:6144KB active_anon:1308kB inactive_anon:0kB active_file:28kB inactive_file:0kB unevictable:1540kB writepending:32kB present:1032192kB managed:410800kB mlocked:4kB bounce:0kB free_pcp:2636kB local_pcp:240kB free_cma:0kB
[  135.741219][ T7138] lowmem_reserve[]: 0 0 0 0 0
[  135.743268][ T7138] Node 1 DMA32 free:455656kB boost:0kB min:47048kB low:58808kB high:70568kB reserved_highatomic:0KB active_anon:19516kB inactive_anon:8kB active_file:43904kB inactive_file:110508kB unevictable:1536kB writepending:1300kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:9504kB local_pcp:948kB free_cma:0kB
[  135.757370][ T7138] lowmem_reserve[]: 0 0 0 0 0
[  135.759865][ T7138] Node 0 DMA: 0*4kB 1*8kB (U) 14*16kB (UM) 12*32kB (UM) 5*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 936kB
[  135.767639][ T7138] Node 0 DMA32: 360*4kB (UH) 115*8kB (UEH) 44*16kB (UMEH) 101*32kB (UMEH) 50*64kB (UEH) 27*128kB (UMEH) 9*256kB (UE) 10*512kB (UMEH) 3*1024kB (UMH) 3*2048kB (UM) 0*4096kB = 29592kB
[  135.774509][ T7138] Node 1 DMA32: 3*4kB (UME) 1*8kB (U) 1*16kB (U) 82*32kB (UE) 28*64kB (UE) 8*128kB (UE) 3*256kB (UME) 5*512kB (ME) 10*1024kB (M) 13*2048kB (UME) 98*4096kB (UM) = 447076kB
[  135.782540][ T7138] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  135.788909][ T7138] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  135.793356][ T7138] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  135.798491][ T7138] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  135.803291][ T7138] 40251 total pagecache pages
[  135.805637][ T7138] 605 pages in swap cache
[  135.809154][ T7138] Free swap  = 107176kB
[  135.811654][ T7138] Total swap = 124996kB
[  135.813648][ T7138] 524155 pages RAM
[  135.815479][ T7138] 0 pages HighMem/MovableOnly
[  135.818596][ T7138] 181063 pages reserved
[  135.820576][ T7138] 0 pages cma reserved
[  136.727513][ T7165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.516'.
[  136.993802][ T7168] FAULT_INJECTION: forcing a failure.
[  136.993802][ T7168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.002314][ T7168] CPU: 0 PID: 7168 Comm: syz.0.517 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  137.006813][ T7168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.011148][ T7168] Call Trace:
[  137.012448][ T7168]  <TASK>
[  137.013604][ T7168]  dump_stack_lvl+0x16c/0x1f0
[  137.015463][ T7168]  should_fail_ex+0x497/0x5b0
[  137.017354][ T7168]  _copy_to_user+0x30/0xc0
[  137.019273][ T7168]  msr_read+0x155/0x250
[  137.021060][ T7168]  ? __pfx_msr_read+0x10/0x10
[  137.023239][ T7168]  ? security_file_permission+0x98/0xc0
[  137.025583][ T7168]  ? __pfx_msr_read+0x10/0x10
[  137.027829][ T7168]  vfs_read+0x1d4/0xbd0
[  137.029457][ T7168]  ? __pfx_vfs_read+0x10/0x10
[  137.031453][ T7168]  ? __fget_files+0x256/0x400
[  137.033282][ T7168]  ? __fget_light+0x173/0x210
[  137.035463][ T7168]  ksys_read+0x12f/0x260
[  137.037304][ T7168]  ? __pfx_ksys_read+0x10/0x10
[  137.039632][ T7168]  __do_fast_syscall_32+0x73/0x120
[  137.041866][ T7168]  do_fast_syscall_32+0x32/0x80
[  137.044097][ T7168]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.046779][ T7168] RIP: 0023:0xf73e0579
[  137.048665][ T7168] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  137.057059][ T7168] RSP: 002b:00000000f5cf857c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  137.060681][ T7168] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020019680
[  137.064270][ T7168] RDX: 0000000000018ff8 RSI: 0000000000000000 RDI: 0000000000000000
[  137.067632][ T7168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  137.071169][ T7168] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  137.074754][ T7168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  137.078287][ T7168]  </TASK>
[  137.342052][ T7175] fuse: Bad value for 'fd'
[  138.049908][   T55] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  138.236099][   T55] usb 6-1: Using ep0 maxpacket: 8
[  138.240440][   T55] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[  138.244099][   T55] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[  138.254575][   T55] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[  138.264228][   T55] usb 6-1: config 250 has no interface number 0
[  138.267188][   T55] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  138.272051][   T55] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  138.276827][   T55] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  138.281219][   T55] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  138.285457][   T55] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  138.291905][   T55] usb 6-1: config 250 interface 228 has no altsetting 0
[  138.297349][   T55] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  138.301201][   T55] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  138.304591][   T55] usb 6-1: Product: syz
[  138.306756][   T55] usb 6-1: SerialNumber: syz
[  138.313030][   T55] hub 6-1:250.228: bad descriptor, ignoring hub
[  138.317963][   T55] hub 6-1:250.228: probe with driver hub failed with error -5
[  138.571034][   T55] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  138.624947][ T7185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.635322][ T7185] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.894288][ T7200] block nbd3: shutting down sockets
[  140.847285][   T57] usb 6-1: USB disconnect, device number 5
[  140.852846][   T57] usblp0: removed
[  140.864725][ T7211] fuse: Invalid rootmode
[  141.265709][ T7212] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  141.782853][ T7237] VFS: could not find a valid V7 on nullb0.
[  141.978976][ T7248] netlink: 2 bytes leftover after parsing attributes in process `syz.1.542'.
[  142.036143][ T7249] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 80
[  142.180588][ T7264] fuse: Invalid rootmode
[  142.251247][ T7262] netlink: 44 bytes leftover after parsing attributes in process `syz.3.545'.
[  142.546266][   T35] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  142.728091][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.732985][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.737281][   T35] usb 8-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[  142.741848][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.749789][   T35] usb 8-1: config 0 descriptor??
[  142.969646][   T35] usbhid 8-1:0.0: can't add hid device: -71
[  142.972361][   T35] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  142.984635][   T35] usb 8-1: USB disconnect, device number 3
[  143.117222][ T7276] VFS: could not find a valid V7 on nullb0.
[  143.120182][ T7273] netlink: 766 bytes leftover after parsing attributes in process `syz.1.547'.
[  143.681302][ T7298] Cannot find add_set index 0 as target
[  143.701973][ T7299] fuse: Invalid rootmode
[  143.782833][ T7302] netlink: 766 bytes leftover after parsing attributes in process `syz.1.558'.
[  144.734616][ T7317] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  145.020300][ T7330] process 'syz.2.566' launched './file1' with NULL argv: empty string added
[  145.109569][ T5251] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  145.130902][ T7332] netlink: 766 bytes leftover after parsing attributes in process `syz.0.567'.
[  145.256061][ T5251] usb 8-1: device descriptor read/64, error -71
[  145.388397][ T7338] fuse: Invalid rootmode
[  145.526418][ T5251] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  145.596350][   T55] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  145.676359][ T5251] usb 8-1: device descriptor read/64, error -71
[  145.779625][   T55] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  145.783958][   T55] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.788920][   T55] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.796433][ T5251] usb usb8-port1: attempt power cycle
[  145.800903][   T55] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  145.804954][   T55] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.811678][   T55] usb 7-1: Product: syz
[  145.814385][   T55] usb 7-1: Manufacturer: syz
[  145.817347][   T55] usb 7-1: SerialNumber: syz
[  145.825243][   T55] usb 7-1: selecting invalid altsetting 1
[  146.040217][ T7330] netlink: 16 bytes leftover after parsing attributes in process `syz.2.566'.
[  146.050442][   T55] cdc_ncm 7-1:1.0: failed GET_NTB_PARAMETERS
[  146.054777][   T55] cdc_ncm 7-1:1.0: bind() failure
[  146.066480][   T55] usb 7-1: USB disconnect, device number 15
[  146.216210][ T5251] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  146.219762][ T7348] bridge0: entered allmulticast mode
[  146.223755][ T7348] bridge0: left allmulticast mode
[  146.256564][ T5251] usb 8-1: device descriptor read/8, error -71
[  146.287467][   T39] kauditd_printk_skb: 136 callbacks suppressed
[  146.287483][   T39] audit: type=1326 audit(1754483635.262:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.300311][   T39] audit: type=1326 audit(1754483635.272:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.311916][   T39] audit: type=1326 audit(1754483635.272:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=344 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.321741][   T39] audit: type=1326 audit(1754483635.272:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.331545][   T39] audit: type=1326 audit(1754483635.272:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.341345][   T39] audit: type=1326 audit(1754483635.272:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.352142][   T39] audit: type=1326 audit(1754483635.272:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.362087][   T39] audit: type=1326 audit(1754483635.272:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.372182][   T39] audit: type=1326 audit(1754483635.272:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.383228][   T39] audit: type=1326 audit(1754483635.272:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7349 comm="syz.0.572" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x7ffc0000
[  146.516046][  T968] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  146.546347][ T5251] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  146.552109][ T7352] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  146.556327][ T7352] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  146.585557][ T5251] usb 8-1: device descriptor read/8, error -71
[  146.696292][  T968] usb 6-1: Using ep0 maxpacket: 32
[  146.701387][ T7358] netlink: 766 bytes leftover after parsing attributes in process `syz.2.576'.
[  146.701663][  T968] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.710323][  T968] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.710751][ T5251] usb usb8-port1: unable to enumerate USB device
[  146.714931][  T968] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  146.728967][  T968] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  146.738380][  T968] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  146.742545][  T968] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.746678][  T968] usb 6-1: Product: syz
[  146.748553][  T968] usb 6-1: Manufacturer: syz
[  146.750649][  T968] usb 6-1: SerialNumber: syz
[  146.982856][  T968] cdc_ncm 6-1:1.0: bind() failure
[  146.994385][  T968] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  147.002944][  T968] cdc_ncm 6-1:1.1: bind() failure
[  147.017078][  T968] usb 6-1: USB disconnect, device number 6
[  147.356827][ T7372] syzkaller1: entered promiscuous mode
[  147.359115][ T7372] syzkaller1: entered allmulticast mode
[  147.653147][ T7381] fuse: Invalid rootmode
[  147.913426][ T7388] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  147.917065][ T7388] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  148.234168][ T7393] netlink: 'syz.3.584': attribute type 11 has an invalid length.
[  148.691139][ T7397] netlink: 766 bytes leftover after parsing attributes in process `syz.1.586'.
[  149.292179][ T7409] warning: `syz.2.590' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  149.483057][ T7416] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  149.488824][ T7416] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  149.733015][ T7432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.599'.
[  149.888063][  T968] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  150.066197][  T968] usb 8-1: Using ep0 maxpacket: 8
[  150.070614][  T968] usb 8-1: config index 0 descriptor too short (expected 5924, got 36)
[  150.074753][  T968] usb 8-1: config 250 has an invalid interface number: 228 but max is -1
[  150.079969][  T968] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0
[  150.084034][  T968] usb 8-1: config 250 has no interface number 0
[  150.091851][  T968] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  150.100659][  T968] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  150.105505][  T968] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  150.110563][  T968] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  150.115648][  T968] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  150.121879][  T968] usb 8-1: config 250 interface 228 has no altsetting 0
[  150.126949][  T968] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  150.130893][  T968] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  150.134342][  T968] usb 8-1: Product: syz
[  150.136028][  T968] usb 8-1: SerialNumber: syz
[  150.142530][  T968] hub 8-1:250.228: bad descriptor, ignoring hub
[  150.145808][  T968] hub 8-1:250.228: probe with driver hub failed with error -5
[  150.269477][ T7453] netlink: 12 bytes leftover after parsing attributes in process `syz.1.605'.
[  150.319448][ T7452] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  150.355817][  T968] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  150.521514][ T7458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.531931][ T7458] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.655948][ T7471] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  152.687033][ T1388] usb 8-1: USB disconnect, device number 8
[  152.701229][ T1388] usblp0: removed
[  152.845311][ T7479] FAULT_INJECTION: forcing a failure.
[  152.845311][ T7479] name failslab, interval 1, probability 0, space 0, times 0
[  152.864019][ T7479] CPU: 0 PID: 7479 Comm: syz.0.612 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  152.868443][ T7479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.872930][ T7479] Call Trace:
[  152.874376][ T7479]  <TASK>
[  152.875645][ T7479]  dump_stack_lvl+0x16c/0x1f0
[  152.877716][ T7479]  should_fail_ex+0x497/0x5b0
[  152.879722][ T7479]  should_failslab+0x9/0x20
[  152.881674][ T7479]  kmalloc_node_track_caller_noprof+0xcf/0x440
[  152.886174][ T7479]  ? kstrdup_const+0x63/0x80
[  152.888299][ T7479]  kstrdup+0x3c/0x80
[  152.889902][ T7479]  kstrdup_const+0x63/0x80
[  152.891802][ T7479]  __kernfs_new_node+0x9c/0x890
[  152.894111][ T7479]  ? kobject_add+0x12a/0x240
[  152.896019][ T7479]  ? blk_mq_update_nr_hw_queues+0x4b3/0x1320
[  152.898382][ T7479]  ? nbd_start_device+0x15b/0xed0
[  152.900732][ T7479]  ? __pfx___kernfs_new_node+0x10/0x10
[  152.902729][ T7479]  ? __pfx_mark_lock+0x10/0x10
[  152.907482][ T7479]  kernfs_new_node+0x186/0x240
[  152.909597][ T7479]  kernfs_create_dir_ns+0x4c/0x150
[  152.911980][ T7479]  sysfs_create_dir_ns+0x13b/0x2b0
[  152.914252][ T7479]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  152.916805][ T7479]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.919037][ T7479]  ? kfree+0x12a/0x3b0
[  152.920989][ T7479]  kobject_add_internal+0x2c8/0x990
[  152.923126][ T7479]  kobject_add+0x16f/0x240
[  152.925070][ T7479]  ? __pfx_kobject_add+0x10/0x10
[  152.927536][ T7479]  ? __pfx_xa_find+0x10/0x10
[  152.929564][ T7479]  blk_mq_register_hctx+0x120/0x470
[  152.931849][ T7479]  blk_mq_sysfs_register_hctxs+0x13b/0x190
[  152.934079][ T7479]  ? __pfx_blk_mq_sysfs_register_hctxs+0x10/0x10
[  152.936696][ T7479]  ? blk_mq_update_queue_map+0x357/0x3f0
[  152.939803][ T7479]  ? __blk_mq_alloc_map_and_rqs+0xdb/0x1f0
[  152.942379][ T7479]  blk_mq_update_nr_hw_queues+0x4b3/0x1320
[  152.944948][ T7479]  ? __pfx_blk_mq_update_nr_hw_queues+0x10/0x10
[  152.947620][ T7479]  ? tomoyo_path_number_perm+0x190/0x5b0
[  152.949928][ T7479]  ? __pfx___mutex_lock+0x10/0x10
[  152.952115][ T7479]  nbd_start_device+0x15b/0xed0
[  152.954192][ T7479]  ? bpf_lsm_capable+0x9/0x10
[  152.956150][ T7479]  nbd_ioctl+0x21a/0xfd0
[  152.958179][ T7479]  ? __pfx_nbd_ioctl+0x10/0x10
[  152.960266][ T7479]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  152.963144][ T7479]  ? __pfx_nbd_ioctl+0x10/0x10
[  152.965189][ T7479]  compat_blkdev_ioctl+0x30a/0x770
[  152.967475][ T7479]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  152.970079][ T7479]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  152.972457][ T7479]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  152.974936][ T7479]  __do_compat_sys_ioctl+0x2c3/0x330
[  152.977220][ T7479]  __do_fast_syscall_32+0x73/0x120
[  152.979555][ T7479]  do_fast_syscall_32+0x32/0x80
[  152.981771][ T7479]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  152.984874][ T7479] RIP: 0023:0xf73e0579
[  152.986677][ T7479] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  152.994356][ T7479] RSP: 002b:00000000f5cf857c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  152.997511][ T7479] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ab03
[  153.001550][ T7479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  153.005884][ T7479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.009264][ T7479] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.012492][ T7479] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.015881][ T7479]  </TASK>
[  153.037546][ T7491] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  153.106398][ T7479] kobject: kobject_add_internal failed for 0 (error: -12 parent: mq)
[  153.184314][ T5202] block nbd0: Receive control failed (result -32)
[  153.188919][ T5214] block nbd0: Receive control failed (result -32)
[  153.228336][ T7489] block nbd0: shutting down sockets
[  153.620877][ T7503] overlayfs: missing 'lowerdir'
[  154.249448][ T7513] netlink: 830 bytes leftover after parsing attributes in process `syz.1.622'.
[  154.576879][ T5245] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  154.759434][ T5245] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  154.774854][ T5245] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.780815][ T5245] usb 8-1: too many endpoints for config 1 interface 1 altsetting 237: 105, using maximum allowed: 30
[  154.785713][ T5245] usb 8-1: config 1 interface 1 altsetting 237 has 0 endpoint descriptors, different from the interface descriptor's value: 105
[  154.806287][ T5245] usb 8-1: config 1 interface 1 has no altsetting 0
[  154.818291][ T5245] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.826446][ T5245] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.830309][ T5245] usb 8-1: Product: syz
[  154.832121][ T5245] usb 8-1: Manufacturer: syz
[  154.855932][ T5245] usb 8-1: SerialNumber: syz
[  154.862965][ T5245] usb 8-1: selecting invalid altsetting 1
[  154.865548][ T5245] usb 8-1: selecting invalid altsetting 0
[  154.875990][ T5245] usb 8-1: selecting invalid altsetting 0
[  154.878735][ T5245] cdc_ncm 8-1:1.0: bind() failure
[  155.082472][ T7531] overlayfs: missing 'lowerdir'
[  155.305769][ T7535] evm: overlay not supported
[  157.093682][ T5214] block nbd2: Receive control failed (result -32)
[  157.104290][ T7550] block nbd2: shutting down sockets
[  157.244516][ T5245] usb 8-1: selecting invalid altsetting 0
[  157.266155][ T5245] usbtest 8-1:1.1: probe with driver usbtest failed with error -22
[  157.276648][ T5245] usb 8-1: USB disconnect, device number 9
[  157.285792][ T5209] udevd[5209]: setting mode of /dev/bus/usb/008/009 to 020664 failed: No such file or directory
[  157.296075][ T5209] udevd[5209]: setting owner of /dev/bus/usb/008/009 to uid=0, gid=0 failed: No such file or directory
[  158.507561][ T7575] usb usb8: usbfs: process 7575 (syz.3.642) did not claim interface 0 before use
[  159.333384][ T7580] trusted_key: encrypted_key: insufficient parameters specified
[  159.896010][   T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  160.117921][   T35] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  160.122910][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.128559][   T35] usb 6-1: too many endpoints for config 1 interface 1 altsetting 237: 105, using maximum allowed: 30
[  160.133689][   T35] usb 6-1: config 1 interface 1 altsetting 237 has 0 endpoint descriptors, different from the interface descriptor's value: 105
[  160.140110][   T35] usb 6-1: config 1 interface 1 has no altsetting 0
[  160.145660][   T35] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  160.152165][   T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.155987][   T35] usb 6-1: Product: syz
[  160.158390][   T35] usb 6-1: Manufacturer: syz
[  160.160404][   T35] usb 6-1: SerialNumber: syz
[  160.175318][   T35] usb 6-1: selecting invalid altsetting 1
[  160.179181][   T35] usb 6-1: selecting invalid altsetting 0
[  160.181731][   T35] usb 6-1: selecting invalid altsetting 0
[  160.184136][   T35] cdc_ncm 6-1:1.0: bind() failure
[  161.599641][ T1388] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  161.775983][ T1388] usb 5-1: Using ep0 maxpacket: 8
[  161.783286][ T1388] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  161.787172][ T1388] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  161.793862][ T1388] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  161.801326][ T1388] usb 5-1: config 250 has no interface number 0
[  161.804203][ T1388] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  161.814163][ T1388] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  161.825310][ T1388] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  161.834344][ T1388] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  161.843479][ T1388] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  161.859119][ T1388] usb 5-1: config 250 interface 228 has no altsetting 0
[  161.884369][ T1388] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  161.889132][ T1388] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  161.893467][ T1388] usb 5-1: Product: syz
[  161.895274][ T1388] usb 5-1: SerialNumber: syz
[  161.901459][ T1388] hub 5-1:250.228: bad descriptor, ignoring hub
[  161.907461][ T1388] hub 5-1:250.228: probe with driver hub failed with error -5
[  162.130331][ T1388] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 11 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  162.188958][ T7606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.193807][ T7606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.213248][ T7608] netlink: 4 bytes leftover after parsing attributes in process `syz.2.649'.
[  162.541725][   T35] usb 6-1: selecting invalid altsetting 0
[  162.543812][   T35] usbtest 6-1:1.1: probe with driver usbtest failed with error -22
[  162.554308][   T35] usb 6-1: USB disconnect, device number 7
[  163.232137][ T7615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  163.303017][ T7615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  163.323593][ T7615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.444444][ T1388] usb 5-1: USB disconnect, device number 11
[  164.448404][ T1388] usblp0: removed
[  165.076268][ T7640] block device autoloading is deprecated and will be removed.
[  165.249849][ T7644] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  165.474516][ T7648] FAULT_INJECTION: forcing a failure.
[  165.474516][ T7648] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.496107][ T7648] CPU: 2 PID: 7648 Comm: syz.2.662 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  165.501403][ T7648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.507573][ T7648] Call Trace:
[  165.509153][ T7648]  <TASK>
[  165.510864][ T7648]  dump_stack_lvl+0x16c/0x1f0
[  165.513095][ T7648]  should_fail_ex+0x497/0x5b0
[  165.515138][ T7648]  _copy_to_user+0x30/0xc0
[  165.517007][ T7648]  simple_read_from_buffer+0xd0/0x160
[  165.519813][ T7648]  proc_fail_nth_read+0x1b0/0x290
[  165.522108][ T7648]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.524612][ T7648]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.527175][ T7648]  vfs_read+0x1d4/0xbd0
[  165.529066][ T7648]  ? __fdget_pos+0xeb/0x180
[  165.531113][ T7648]  ? __pfx_vfs_read+0x10/0x10
[  165.533271][ T7648]  ? __pfx___mutex_lock+0x10/0x10
[  165.535607][ T7648]  ? __fget_files+0x256/0x400
[  165.537750][ T7648]  ksys_read+0x12f/0x260
[  165.539611][ T7648]  ? __pfx_ksys_read+0x10/0x10
[  165.541981][ T7648]  __do_fast_syscall_32+0x73/0x120
[  165.544277][ T7648]  do_fast_syscall_32+0x32/0x80
[  165.546481][ T7648]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  165.549301][ T7648] RIP: 0023:0xf73ca579
[  165.551122][ T7648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  165.559483][ T7648] RSP: 002b:00000000f5ce25b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  165.563118][ T7648] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5ce2630
[  165.566474][ T7648] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  165.569964][ T7648] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  165.573578][ T7648] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  165.577212][ T7648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  165.580388][ T7648]  </TASK>
[  168.021957][ T7695] netlink: 766 bytes leftover after parsing attributes in process `syz.0.674'.
[  168.298289][ T7698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.675'.
[  168.866623][ T5202] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  168.872775][ T5202] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  168.878000][ T5202] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  168.883257][ T5202] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  168.902603][ T5202] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  168.926890][ T5202] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  169.385537][ T7711] netlink: 32 bytes leftover after parsing attributes in process `syz.0.678'.
[  169.390613][ T7711] netlink: 4 bytes leftover after parsing attributes in process `syz.0.678'.
[  169.442361][ T7711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.678'.
[  169.448672][ T7711] netlink: 104 bytes leftover after parsing attributes in process `syz.0.678'.
[  169.452541][ T7711] netlink: 104 bytes leftover after parsing attributes in process `syz.0.678'.
[  169.617533][   T82] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.643864][ T7705] chnl_net:caif_netlink_parms(): no params data found
[  169.722497][ T7715] net veth1_virt_wifi ªªªªªª: renamed from virt_wifi0
[  169.790127][   T82] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.816108][ T5246] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  169.850292][ T7705] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.853259][ T7705] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.866941][ T7705] bridge_slave_0: entered allmulticast mode
[  169.871112][ T7705] bridge_slave_0: entered promiscuous mode
[  169.902037][   T82] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.913852][ T7705] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.917444][ T7705] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.920595][ T7705] bridge_slave_1: entered allmulticast mode
[  169.924522][ T7705] bridge_slave_1: entered promiscuous mode
[  169.996020][ T5246] usb 5-1: Using ep0 maxpacket: 16
[  170.000161][ T5246] usb 5-1: config 0 has no interfaces?
[  170.007292][ T5246] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  170.011822][ T5246] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  170.025374][ T5246] usb 5-1: Product: syz
[  170.027444][ T5246] usb 5-1: SerialNumber: syz
[  170.037646][ T5246] usb 5-1: config 0 descriptor??
[  170.038368][ T7705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.089924][   T82] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.103968][ T7705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.112707][ T7723] FAULT_INJECTION: forcing a failure.
[  170.112707][ T7723] name failslab, interval 1, probability 0, space 0, times 0
[  170.119201][ T7723] CPU: 2 PID: 7723 Comm: syz.1.680 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  170.123663][ T7723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.128409][ T7723] Call Trace:
[  170.129954][ T7723]  <TASK>
[  170.131296][ T7723]  dump_stack_lvl+0x16c/0x1f0
[  170.133418][ T7723]  should_fail_ex+0x497/0x5b0
[  170.135561][ T7723]  should_failslab+0x9/0x20
[  170.137632][ T7723]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  170.140095][ T7723]  ? prepare_creds+0x2e/0x750
[  170.142233][ T7723]  prepare_creds+0x2e/0x750
[  170.144281][ T7723]  __sys_setresgid+0x4af/0x1150
[  170.146505][ T7723]  __do_fast_syscall_32+0x73/0x120
[  170.148686][ T7723]  do_fast_syscall_32+0x32/0x80
[  170.150905][ T7723]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.153758][ T7723] RIP: 0023:0xf73b2579
[  170.155663][ T7723] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.164255][ T7723] RSP: 002b:00000000f5cca57c EFLAGS: 00000292 ORIG_RAX: 00000000000000aa
[  170.167909][ T7723] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  170.171106][ T7723] RDX: 00000000ffffff00 RSI: 0000000000000000 RDI: 0000000000000000
[  170.174327][ T7723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  170.177715][ T7723] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  170.181102][ T7723] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.184303][ T7723]  </TASK>
[  170.238724][ T7705] team0: Port device team_slave_0 added
[  170.244987][ T7705] team0: Port device team_slave_1 added
[  170.315776][ T7705] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.321394][ T7705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.333305][ T7705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.364240][ T7705] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.369102][ T7705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.380240][ T7705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.403407][ T7730] netlink: 766 bytes leftover after parsing attributes in process `syz.1.683'.
[  170.416696][   T82] bridge_slave_1: left allmulticast mode
[  170.418927][   T82] bridge_slave_1: left promiscuous mode
[  170.421488][   T82] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.427369][   T82] bridge_slave_0: left allmulticast mode
[  170.429622][   T82] bridge_slave_0: left promiscuous mode
[  170.431948][   T82] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.516782][ T7736] netlink: 5300 bytes leftover after parsing attributes in process `syz.1.684'.
[  170.521227][ T7736] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  170.743714][   T82] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.759056][   T82] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.766682][   T82] bond0 (unregistering): Released all slaves
[  170.908157][ T7705] hsr_slave_0: entered promiscuous mode
[  170.911895][ T7705] hsr_slave_1: entered promiscuous mode
[  170.915180][ T7705] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  170.921610][ T7705] Cannot create hsr debugfs directory
[  171.016120][ T5214] Bluetooth: hci4: command tx timeout
[  171.247083][   T82] hsr_slave_0: left promiscuous mode
[  171.250419][   T82] hsr_slave_1: left promiscuous mode
[  171.253461][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.257140][   T82] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.261295][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.265449][   T82] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.311645][ T7755] netlink: 104 bytes leftover after parsing attributes in process `syz.1.687'.
[  171.332359][ T7755] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  171.335476][ T7755] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  171.346270][ T7755] vhci_hcd vhci_hcd.0: Device attached
[  171.349003][   T82] veth1_macvtap: left promiscuous mode
[  171.351542][   T82] veth0_macvtap: left promiscuous mode
[  171.354412][   T82] veth1_vlan: left promiscuous mode
[  171.356985][   T82] veth0_vlan: left promiscuous mode
[  171.626114][ T5246] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[  172.189670][ T7756] vhci_hcd: connection reset by peer
[  172.208038][   T11] vhci_hcd: stop threads
[  172.209970][   T11] vhci_hcd: release socket
[  172.211931][   T11] vhci_hcd: disconnect device
[  172.286825][   T82] team0 (unregistering): Port device team_slave_1 removed
[  172.381004][   T82] team0 (unregistering): Port device team_slave_0 removed
[  172.529285][    T8] usb 5-1: USB disconnect, device number 12
[  173.096180][ T5214] Bluetooth: hci4: command tx timeout
[  173.622749][ T7705] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  173.639723][ T7705] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  173.663545][ T7705] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  173.682131][ T7705] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  173.811643][ T7705] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.837327][ T7705] 8021q: adding VLAN 0 to HW filter on device team0
[  173.856705][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.863235][ T5245] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.888763][  T968] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.891948][  T968] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.160738][ T7705] 8021q: adding VLAN 0 to HW filter on device batadv0
[  174.259117][ T7705] veth0_vlan: entered promiscuous mode
[  174.270832][ T7705] veth1_vlan: entered promiscuous mode
[  174.320154][ T7705] veth0_macvtap: entered promiscuous mode
[  174.338099][ T7705] veth1_macvtap: entered promiscuous mode
[  174.359059][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.363350][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.373450][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.382306][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.396264][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.400723][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.404731][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.420322][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.436637][ T7705] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.448693][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.453482][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.475991][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.482149][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.500631][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.505767][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.510420][ T7705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.514779][ T7705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.521770][ T7705] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.540276][ T7705] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.543943][ T7705] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.550017][ T7705] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.554458][ T7705] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.731914][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.735302][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.769130][ T1087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.772357][ T1087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.176033][ T5214] Bluetooth: hci4: command tx timeout
[  175.225966][   T57] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  175.409875][   T57] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  175.414582][   T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.425948][   T57] usb 8-1: too many endpoints for config 1 interface 1 altsetting 237: 105, using maximum allowed: 30
[  175.435986][   T57] usb 8-1: config 1 interface 1 altsetting 237 has 0 endpoint descriptors, different from the interface descriptor's value: 105
[  175.452941][   T57] usb 8-1: config 1 interface 1 has no altsetting 0
[  175.463152][   T57] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  175.475957][   T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.479456][   T57] usb 8-1: Product: syz
[  175.481198][   T57] usb 8-1: Manufacturer: syz
[  175.483219][   T57] usb 8-1: SerialNumber: syz
[  175.500715][   T57] usb 8-1: selecting invalid altsetting 1
[  175.503806][   T57] usb 8-1: selecting invalid altsetting 0
[  175.516770][   T57] usb 8-1: selecting invalid altsetting 0
[  175.519435][   T57] cdc_ncm 8-1:1.0: bind() failure
[  176.976016][ T5246] vhci_hcd: vhci_device speed not set
[  177.091949][ T7846] netlink: 766 bytes leftover after parsing attributes in process `syz.0.700'.
[  177.256036][ T5214] Bluetooth: hci4: command tx timeout
[  177.421028][ T7856] xt_NFQUEUE: number of total queues is 0
[  177.880688][ T7863] sd 0:0:0:0: PR command failed: 1026
[  177.883455][ T7863] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  177.887871][ T7863] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  177.966974][   T57] usb 8-1: selecting invalid altsetting 0
[  177.969676][   T57] usbtest 8-1:1.1: probe with driver usbtest failed with error -22
[  177.984769][   T57] usb 8-1: USB disconnect, device number 10
[  178.026176][ T5543] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  178.211983][ T5543] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.220782][ T5543] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.230518][ T5543] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.238116][ T5543] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  178.243863][ T5543] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.249944][ T5543] usb 5-1: Product: syz
[  178.251662][ T5543] usb 5-1: Manufacturer: syz
[  178.254749][ T5543] usb 5-1: SerialNumber: syz
[  178.263898][ T5543] usb 5-1: selecting invalid altsetting 1
[  178.422253][ T7871] netlink: 766 bytes leftover after parsing attributes in process `syz.1.709'.
[  178.445359][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.475388][ T5543] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[  178.478382][ T5543] cdc_ncm 5-1:1.0: bind() failure
[  178.493052][ T5543] usb 5-1: USB disconnect, device number 13
[  178.574586][ T7878] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'.
[  178.791909][ T7885] 9pnet_virtio: no channels available for device 127.0.0.1
[  178.988832][ T7894] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  179.175682][ T7908] futex_wake_op: syz.1.721 tries to shift op by -1; fix this program
[  179.206863][ T7910] netlink: 'syz.3.717': attribute type 10 has an invalid length.
[  179.238781][ T7910] team0: Failed to send options change via netlink (err -105)
[  179.242166][ T7910] team0: Port device netdevsim0 added
[  179.254431][ T5206] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  179.256851][ T7914] xt_policy: too many policy elements
[  179.270697][ T7904] netlink: 'syz.3.717': attribute type 10 has an invalid length.
[  179.297891][ T7904] team0: Failed to send options change via netlink (err -105)
[  179.301454][ T7904] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  179.307703][ T7904] team0: Port device netdevsim0 removed
[  179.313860][ T7904] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  179.325075][ T7905] netlink: 766 bytes leftover after parsing attributes in process `syz.0.718'.
[  179.331875][ T5214] Bluetooth: Unexpected start frame (len 18)
[  179.334815][ T5214] Bluetooth: Frame is too long (len 18, expected len 4)
[  179.477523][ T7927] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  179.546295][ T7934] netlink: 24 bytes leftover after parsing attributes in process `syz.0.728'.
[  179.590426][ T7930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.728'.
[  179.596151][ T7930] netlink: 2432 bytes leftover after parsing attributes in process `syz.0.728'.
[  179.646148][   T35] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  179.875983][   T35] usb 8-1: Using ep0 maxpacket: 8
[  179.891319][   T35] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  179.895047][   T35] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  179.905514][ T7947] mmap: syz.1.732 (7947) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  179.915986][   T35] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  179.920170][   T35] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  179.924379][   T35] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  179.931123][   T35] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  179.935084][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.152387][   T35] usb 8-1: usb_control_msg returned -32
[  180.158257][   T35] usbtmc 8-1:16.0: can't read capabilities
[  180.442209][ T7950] FAULT_INJECTION: forcing a failure.
[  180.442209][ T7950] name failslab, interval 1, probability 0, space 0, times 0
[  180.452667][ T7950] CPU: 1 PID: 7950 Comm: syz.2.733 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  180.456671][ T7950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.461956][ T7950] Call Trace:
[  180.463525][ T7950]  <TASK>
[  180.464830][ T7950]  dump_stack_lvl+0x16c/0x1f0
[  180.466973][ T7950]  should_fail_ex+0x497/0x5b0
[  180.469082][ T7950]  should_failslab+0x9/0x20
[  180.471098][ T7950]  __kmalloc_noprof+0xcf/0x420
[  180.472787][ T7950]  ? __pfx___mutex_lock+0x10/0x10
[  180.474908][ T7950]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  180.477834][ T7950]  genl_start+0x18e/0x950
[  180.479636][ T7950]  __netlink_dump_start+0x622/0x9c0
[  180.481839][ T7950]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  180.484202][ T7950]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  180.486601][ T7950]  ? __pfx_genl_get_cmd+0x10/0x10
[  180.488669][ T7950]  ? __pfx_genl_start+0x10/0x10
[  180.490303][ T7950]  ? __pfx_genl_dumpit+0x10/0x10
[  180.492156][ T7950]  ? __pfx_genl_done+0x10/0x10
[  180.493883][ T7950]  ? __radix_tree_lookup+0x21f/0x2c0
[  180.495892][ T7950]  genl_rcv_msg+0x470/0x800
[  180.497298][ T7950]  ? __pfx_genl_rcv_msg+0x10/0x10
[  180.498877][ T7950]  ? __pfx_nl802154_list_associations+0x10/0x10
[  180.501246][ T7950]  ? __pfx___lock_acquire+0x10/0x10
[  180.503278][ T7950]  netlink_rcv_skb+0x165/0x410
[  180.505159][ T7950]  ? __pfx_genl_rcv_msg+0x10/0x10
[  180.507508][ T7950]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  180.509878][ T7950]  ? down_read+0xc9/0x330
[  180.511828][ T7950]  ? __pfx_down_read+0x10/0x10
[  180.513966][ T7950]  ? netlink_deliver_tap+0x1ae/0xcf0
[  180.516390][ T7950]  genl_rcv+0x28/0x40
[  180.518231][ T7950]  netlink_unicast+0x542/0x820
[  180.520374][ T7950]  ? __pfx_netlink_unicast+0x10/0x10
[  180.522794][ T7950]  ? __phys_addr_symbol+0x30/0x80
[  180.525060][ T7950]  ? __check_object_size+0x48e/0x720
[  180.527571][ T7950]  netlink_sendmsg+0x8b8/0xd70
[  180.529748][ T7950]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.532099][ T7950]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  180.534427][ T7950]  ____sys_sendmsg+0x9b4/0xb50
[  180.536550][ T7950]  ? __pfx_____sys_sendmsg+0x10/0x10
[  180.538969][ T7950]  ? get_compat_msghdr+0x11b/0x170
[  180.541270][ T7950]  ? __pfx___lock_acquire+0x10/0x10
[  180.543588][ T7950]  ___sys_sendmsg+0x135/0x1e0
[  180.545709][ T7950]  ? __pfx____sys_sendmsg+0x10/0x10
[  180.548056][ T7950]  ? ksys_write+0x21c/0x260
[  180.550373][ T7950]  ? __fget_light+0x173/0x210
[  180.552770][ T7950]  __sys_sendmsg+0x117/0x1f0
[  180.554850][ T7950]  ? __pfx___sys_sendmsg+0x10/0x10
[  180.557158][ T7950]  __do_fast_syscall_32+0x73/0x120
[  180.559796][ T7950]  do_fast_syscall_32+0x32/0x80
[  180.562270][ T7950]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.565310][ T7950] RIP: 0023:0xf73ca579
[  180.567174][ T7950] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  180.576060][ T7950] RSP: 002b:00000000f5ce257c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  180.579837][ T7950] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000300
[  180.583614][ T7950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  180.587565][ T7950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.591056][ T7950] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  180.594700][ T7950] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.598251][ T7950]  </TASK>
[  180.599790][    C1] vkms_vblank_simulate: vblank timer overrun
[  181.027097][ T7964] usbtmc 8-1:16.0: usb_control_msg returned -32
[  181.230004][ T5251] usb 8-1: USB disconnect, device number 11
[  181.416045][ T5214] Bluetooth: hci4: command tx timeout
[  181.763508][ T7994] 9p: Unknown Cache mode or invalid value mmapA
[  182.739243][  T968] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  182.906073][  T968] usb 8-1: device descriptor read/64, error -71
[  183.027805][ T8037] FAULT_INJECTION: forcing a failure.
[  183.027805][ T8037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.039017][ T8037] CPU: 0 PID: 8037 Comm: syz.0.759 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  183.043282][ T8037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.047845][ T8037] Call Trace:
[  183.049295][ T8037]  <TASK>
[  183.050585][ T8037]  dump_stack_lvl+0x16c/0x1f0
[  183.052603][ T8037]  should_fail_ex+0x497/0x5b0
[  183.054694][ T8037]  _copy_from_user+0x30/0xf0
[  183.056687][ T8037]  get_compat_msghdr+0xa8/0x170
[  183.058795][ T8037]  ? __pfx_get_compat_msghdr+0x10/0x10
[  183.061160][ T8037]  ? kfree+0x245/0x3b0
[  183.062944][ T8037]  ? find_held_lock+0x2d/0x110
[  183.065045][ T8037]  ___sys_recvmsg+0x193/0x1a0
[  183.067138][ T8037]  ? __pfx____sys_recvmsg+0x10/0x10
[  183.069436][ T8037]  ? __pfx___might_resched+0x10/0x10
[  183.071702][ T8037]  ? __fget_light+0x173/0x210
[  183.073788][ T8037]  do_recvmmsg+0x51a/0x750
[  183.075722][ T8037]  ? __pfx_do_recvmmsg+0x10/0x10
[  183.077849][ T8037]  ? __pfx_lock_release+0x10/0x10
[  183.079991][ T8037]  ? vfs_write+0x14d/0x1140
[  183.082010][ T8037]  __sys_recvmmsg+0x21e/0x280
[  183.084060][ T8037]  ? __pfx___sys_recvmmsg+0x10/0x10
[  183.086299][ T8037]  ? __pfx_ksys_write+0x10/0x10
[  183.088482][ T8037]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  183.091169][ T8037]  ? lockdep_hardirqs_on+0x7c/0x110
[  183.093407][ T8037]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  183.096293][ T8037]  __do_fast_syscall_32+0x73/0x120
[  183.098536][ T8037]  do_fast_syscall_32+0x32/0x80
[  183.100632][ T8037]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  183.103134][ T8037] RIP: 0023:0xf73e0579
[  183.104710][ T8037] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  183.111843][ T8037] RSP: 002b:00000000f5cf857c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  183.115189][ T8037] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200055c0
[  183.118544][ T8037] RDX: 000000000400023c RSI: 0000000000000302 RDI: 0000000000000000
[  183.121917][ T8037] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  183.125327][ T8037] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  183.128720][ T8037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  183.132084][ T8037]  </TASK>
[  183.209994][  T968] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  183.377086][  T968] usb 8-1: device descriptor read/64, error -71
[  183.410924][ T8046] ip6gretap0: entered allmulticast mode
[  183.497119][  T968] usb usb8-port1: attempt power cycle
[  183.623407][ T8059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.769'.
[  183.651529][ T8056] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  183.806219][ T8066] netlink: 'syz.2.772': attribute type 10 has an invalid length.
[  183.809801][ T8066] netlink: 2 bytes leftover after parsing attributes in process `syz.2.772'.
[  183.813722][ T8066] bond0: entered promiscuous mode
[  183.820219][ T8066] bond_slave_0: entered promiscuous mode
[  183.823267][ T8066] bond_slave_1: entered promiscuous mode
[  183.827871][ T8066] bridge0: port 3(bond0) entered blocking state
[  183.831457][ T8066] bridge0: port 3(bond0) entered disabled state
[  183.834586][ T8066] bond0: entered allmulticast mode
[  183.837952][ T8066] bond_slave_0: entered allmulticast mode
[  183.840480][ T8066] bond_slave_1: entered allmulticast mode
[  183.848220][ T8066] bridge0: port 3(bond0) entered blocking state
[  183.850755][ T8066] bridge0: port 3(bond0) entered forwarding state
[  183.924834][ T8069] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[  183.928644][  T968] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  183.931626][ T8069] PKCS7: Only support pkcs7_signedData type
[  183.940600][ T8069] tmpfs: Bad value for 'mpol'
[  183.956612][  T968] usb 8-1: device descriptor read/8, error -71
[  184.253354][  T968] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  184.297123][  T968] usb 8-1: device descriptor read/8, error -71
[  184.427191][  T968] usb usb8-port1: unable to enumerate USB device
[  184.832696][ T8072] VFS: could not find a valid V7 on nullb0.
[  186.182760][ T8107] FAULT_INJECTION: forcing a failure.
[  186.182760][ T8107] name failslab, interval 1, probability 0, space 0, times 0
[  186.189331][ T8107] CPU: 3 PID: 8107 Comm: syz.3.785 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  186.193841][ T8107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.198549][ T8107] Call Trace:
[  186.200192][ T8107]  <TASK>
[  186.201887][ T8107]  dump_stack_lvl+0x16c/0x1f0
[  186.204125][ T8107]  should_fail_ex+0x497/0x5b0
[  186.206211][ T8107]  should_failslab+0x9/0x20
[  186.208253][ T8107]  __kmalloc_noprof+0xcf/0x420
[  186.210457][ T8107]  __list_lru_init+0xee/0x650
[  186.212537][ T8107]  alloc_super+0x90d/0xbd0
[  186.214535][ T8107]  ? __pfx_test_bdev_super+0x10/0x10
[  186.216905][ T8107]  sget+0x11b/0x6c0
[  186.218545][ T8107]  ? __pfx_set_bdev_super+0x10/0x10
[  186.220863][ T8107]  ? __pfx_jfs_fill_super+0x10/0x10
[  186.223096][ T8107]  mount_bdev+0x108/0x2d0
[  186.224987][ T8107]  ? __pfx_mount_bdev+0x10/0x10
[  186.227086][ T8107]  ? apparmor_capable+0x126/0x1e0
[  186.229272][ T8107]  ? __pfx_jfs_do_mount+0x10/0x10
[  186.231132][ T8107]  legacy_get_tree+0x109/0x220
[  186.232791][ T8107]  vfs_get_tree+0x8f/0x380
[  186.234724][ T8107]  path_mount+0x6e1/0x1f10
[  186.236462][ T8107]  ? kmem_cache_free+0x12f/0x3a0
[  186.238576][ T8107]  ? __pfx_path_mount+0x10/0x10
[  186.240725][ T8107]  ? putname+0x12e/0x170
[  186.242542][ T8107]  __ia32_sys_mount+0x295/0x320
[  186.244622][ T8107]  ? __pfx___ia32_sys_mount+0x10/0x10
[  186.247058][ T8107]  __do_fast_syscall_32+0x73/0x120
[  186.249316][ T8107]  do_fast_syscall_32+0x32/0x80
[  186.251470][ T8107]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.253940][ T8107] RIP: 0023:0xf7450579
[  186.255621][ T8107] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.263458][ T8107] RSP: 002b:00000000f5d6857c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  186.266680][ T8107] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 00000000200002c0
[  186.270035][ T8107] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000020000340
[  186.273422][ T8107] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.276828][ T8107] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  186.280208][ T8107] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.283534][ T8107]  </TASK>
[  186.712826][ T8122] IPVS: set_ctl: invalid protocol: 43 255.255.255.255:20000
[  187.193106][ T8134] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  187.349493][ T5236] IPVS: starting estimator thread 0...
[  187.446244][ T8138] IPVS: using max 21 ests per chain, 50400 per kthread
[  187.584286][ T8144] FAULT_INJECTION: forcing a failure.
[  187.584286][ T8144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.590018][ T8144] CPU: 1 PID: 8144 Comm: syz.1.797 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  187.593972][ T8144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.594291][ T8142] Illegal XDP return value 4294967274 on prog  (id 213) dev N/A, expect packet loss!
[  187.598261][ T8144] Call Trace:
[  187.598270][ T8144]  <TASK>
[  187.598275][ T8144]  dump_stack_lvl+0x16c/0x1f0
[  187.598299][ T8144]  should_fail_ex+0x497/0x5b0
[  187.608266][ T8144]  _copy_to_user+0x30/0xc0
[  187.610274][ T8144]  simple_read_from_buffer+0xd0/0x160
[  187.612469][ T8144]  proc_fail_nth_read+0x1b0/0x290
[  187.614505][ T8144]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.616590][ T8144]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.618704][ T8144]  vfs_read+0x1d4/0xbd0
[  187.620240][ T8144]  ? __fdget_pos+0xeb/0x180
[  187.621784][ T8144]  ? __pfx_vfs_read+0x10/0x10
[  187.623365][ T8144]  ? __pfx___mutex_lock+0x10/0x10
[  187.625055][ T8144]  ? __fget_files+0x256/0x400
[  187.626856][ T8144]  ksys_read+0x12f/0x260
[  187.628569][ T8144]  ? __pfx_ksys_read+0x10/0x10
[  187.630625][ T8144]  __do_fast_syscall_32+0x73/0x120
[  187.632763][ T8144]  do_fast_syscall_32+0x32/0x80
[  187.634813][ T8144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.637541][ T8144] RIP: 0023:0xf73b2579
[  187.639287][ T8144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.646601][ T8144] RSP: 002b:00000000f5cca5b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  187.650010][ T8144] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5cca630
[  187.653283][ T8144] RDX: 000000000000000f RSI: 00000000f739cff4 RDI: 0000000000000000
[  187.656671][ T8144] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  187.660112][ T8144] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.663445][ T8144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.666758][ T8144]  </TASK>
[  188.757728][    C2] vkms_vblank_simulate: vblank timer overrun
[  188.980234][ T8175] FAULT_INJECTION: forcing a failure.
[  188.980234][ T8175] name failslab, interval 1, probability 0, space 0, times 0
[  188.986091][ T8175] CPU: 0 PID: 8175 Comm: syz.3.808 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  188.990714][ T8175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.995144][ T8175] Call Trace:
[  188.996675][ T8175]  <TASK>
[  188.997903][ T8175]  dump_stack_lvl+0x16c/0x1f0
[  188.999696][ T8175]  should_fail_ex+0x497/0x5b0
[  189.001966][ T8175]  should_failslab+0x9/0x20
[  189.004339][ T8175]  __kmalloc_noprof+0xcf/0x420
[  189.007234][ T8175]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  189.010576][ T8175]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  189.013150][ T8175]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  189.015873][ T8175]  ? ns_capable+0xd7/0x110
[  189.017820][ T8175]  genl_rcv_msg+0x565/0x800
[  189.019757][ T8175]  ? __pfx_genl_rcv_msg+0x10/0x10
[  189.021987][ T8175]  ? __dev_queue_xmit+0x85d/0x4130
[  189.024128][ T8175]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  189.026429][ T8175]  ? __pfx_nl80211_connect+0x10/0x10
[  189.028637][ T8175]  ? __pfx_nl80211_post_doit+0x10/0x10
[  189.030966][ T8175]  netlink_rcv_skb+0x165/0x410
[  189.032948][ T8175]  ? __pfx_genl_rcv_msg+0x10/0x10
[  189.035145][ T8175]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  189.037434][ T8175]  ? down_read+0xc9/0x330
[  189.039308][ T8175]  ? __pfx_down_read+0x10/0x10
[  189.041368][ T8175]  ? netlink_deliver_tap+0x1ae/0xcf0
[  189.043625][ T8175]  genl_rcv+0x28/0x40
[  189.045322][ T8175]  netlink_unicast+0x542/0x820
[  189.047482][ T8175]  ? __pfx_netlink_unicast+0x10/0x10
[  189.049801][ T8175]  ? __phys_addr_symbol+0x30/0x80
[  189.052071][ T8175]  ? __check_object_size+0x48e/0x720
[  189.054593][ T8175]  netlink_sendmsg+0x8b8/0xd70
[  189.056798][ T8175]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.059018][ T8175]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  189.061577][ T8175]  ____sys_sendmsg+0x9b4/0xb50
[  189.063534][ T8175]  ? __pfx_____sys_sendmsg+0x10/0x10
[  189.065654][ T8175]  ? get_compat_msghdr+0x11b/0x170
[  189.068551][ T8175]  ? __pfx___lock_acquire+0x10/0x10
[  189.070722][ T8175]  ___sys_sendmsg+0x135/0x1e0
[  189.072698][ T8175]  ? __pfx____sys_sendmsg+0x10/0x10
[  189.074986][ T8175]  ? ksys_write+0x21c/0x260
[  189.076960][ T8175]  ? __fget_light+0x173/0x210
[  189.078954][ T8175]  __sys_sendmsg+0x117/0x1f0
[  189.080862][ T8175]  ? __pfx___sys_sendmsg+0x10/0x10
[  189.082954][ T8175]  __do_fast_syscall_32+0x73/0x120
[  189.086708][ T8175]  do_fast_syscall_32+0x32/0x80
[  189.090978][ T8175]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  189.093822][ T8175] RIP: 0023:0xf7450579
[  189.095627][ T8175] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.103772][ T8175] RSP: 002b:00000000f5d6857c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  189.107282][ T8175] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  189.110957][ T8175] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  189.114622][ T8175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  189.118085][ T8175] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  189.121853][ T8175] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.125755][ T8175]  </TASK>
[  190.076026][ T5246] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  190.299246][ T5246] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  190.304293][ T5246] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  190.309064][ T5246] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  190.312876][ T5246] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.318289][ T8191] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  190.532034][ T5246] usb 5-1: USB disconnect, device number 14
[  190.542316][ T8214] FAULT_INJECTION: forcing a failure.
[  190.542316][ T8214] name failslab, interval 1, probability 0, space 0, times 0
[  190.547492][ T8214] CPU: 1 PID: 8214 Comm: syz.3.822 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  190.551769][ T8214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.556293][ T8214] Call Trace:
[  190.557817][ T8214]  <TASK>
[  190.559144][ T8214]  dump_stack_lvl+0x16c/0x1f0
[  190.561347][ T8214]  should_fail_ex+0x497/0x5b0
[  190.563128][ T8214]  should_failslab+0x9/0x20
[  190.564852][ T8214]  kmalloc_trace_noprof+0x6b/0x310
[  190.566819][ T8214]  ? autofs_wait+0x30d/0x1c40
[  190.568950][ T8214]  autofs_wait+0x30d/0x1c40
[  190.570945][ T8214]  ? __pfx_lock_release+0x10/0x10
[  190.573003][ T8214]  ? find_held_lock+0x2d/0x110
[  190.575135][ T8214]  ? __pfx_autofs_wait+0x10/0x10
[  190.577443][ T8214]  ? find_held_lock+0x2d/0x110
[  190.579711][ T8214]  ? autofs_d_automount+0x386/0x7f0
[  190.582044][ T8214]  ? __pfx_lock_release+0x10/0x10
[  190.584283][ T8214]  autofs_mount_wait+0x132/0x380
[  190.586445][ T8214]  autofs_d_automount+0x390/0x7f0
[  190.588657][ T8214]  __traverse_mounts+0x192/0x760
[  190.590878][ T8214]  step_into+0x888/0x2230
[  190.592813][ T8214]  ? __pfx_step_into+0x10/0x10
[  190.594886][ T8214]  walk_component+0xfc/0x5b0
[  190.596699][ T8214]  path_lookupat+0x17f/0x770
[  190.598532][ T8214]  filename_lookup+0x1e5/0x5b0
[  190.600611][ T8214]  ? __pfx_lock_release+0x10/0x10
[  190.602846][ T8214]  ? __pfx_filename_lookup+0x10/0x10
[  190.605252][ T8214]  ? getname_flags.part.0+0x1e1/0x4f0
[  190.607957][ T8214]  user_path_at_empty+0x42/0x60
[  190.610220][ T8214]  __ia32_sys_chdir+0xc2/0x270
[  190.612543][ T8214]  ? ksys_write+0x1ab/0x260
[  190.614830][ T8214]  ? __pfx___ia32_sys_chdir+0x10/0x10
[  190.617165][ T8214]  __do_fast_syscall_32+0x73/0x120
[  190.619536][ T8214]  do_fast_syscall_32+0x32/0x80
[  190.621854][ T8214]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.624634][ T8214] RIP: 0023:0xf7450579
[  190.626596][ T8214] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.635015][ T8214] RSP: 002b:00000000f5d6857c EFLAGS: 00000292 ORIG_RAX: 000000000000000c
[  190.638665][ T8214] RAX: ffffffffffffffda RBX: 0000000020000140 RCX: 0000000000000000
[  190.642114][ T8214] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  190.645503][ T8214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.648668][ T8214] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.668297][ T8214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.671817][ T8214]  </TASK>
[  190.908697][ T8245] FAULT_INJECTION: forcing a failure.
[  190.908697][ T8245] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.914716][ T8245] CPU: 1 PID: 8245 Comm: syz.3.830 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  190.919037][ T8245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.923699][ T8245] Call Trace:
[  190.925303][ T8245]  <TASK>
[  190.926665][ T8245]  dump_stack_lvl+0x16c/0x1f0
[  190.928649][ T8245]  should_fail_ex+0x497/0x5b0
[  190.930647][ T8245]  _copy_from_iter+0x27a/0xfb0
[  190.932643][ T8245]  ? __alloc_skb+0x200/0x380
[  190.934519][ T8245]  ? __pfx___alloc_skb+0x10/0x10
[  190.936643][ T8245]  ? __pfx__copy_from_iter+0x10/0x10
[  190.938744][ T8245]  ? __lock_acquire+0x1410/0x3b30
[  190.940837][ T8245]  ? __virt_addr_valid+0x5e/0x590
[  190.942990][ T8245]  ? const_folio_flags.constprop.0+0x56/0x150
[  190.945521][ T8245]  ? __phys_addr_symbol+0x30/0x80
[  190.947302][ T8245]  ? __check_object_size+0x48e/0x720
[  190.949238][ T8245]  tcp_sendmsg_locked+0x18d7/0x3550
[  190.951458][ T8245]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  190.953837][ T8245]  ? tcp_sendmsg+0x20/0x50
[  190.955388][ T8245]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  190.957459][ T8245]  ? __local_bh_enable_ip+0xa4/0x120
[  190.959481][ T8245]  tcp_sendmsg+0x2e/0x50
[  190.961679][ T8245]  ? __pfx_tcp_sendmsg+0x10/0x10
[  190.964178][ T8245]  inet_sendmsg+0xb9/0x140
[  190.966362][ T8245]  __sys_sendto+0x42c/0x4e0
[  190.968550][ T8245]  ? __pfx___sys_sendto+0x10/0x10
[  190.970709][ T8245]  ? ksys_write+0x1ab/0x260
[  190.972442][ T8245]  ? __pfx_ksys_write+0x10/0x10
[  190.974345][ T8245]  __ia32_sys_sendto+0xdd/0x1b0
[  190.976482][ T8245]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.978759][ T8245]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  190.981515][ T8245]  __do_fast_syscall_32+0x73/0x120
[  190.983766][ T8245]  do_fast_syscall_32+0x32/0x80
[  190.986065][ T8245]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.988987][ T8245] RIP: 0023:0xf7450579
[  190.990820][ T8245] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.998757][ T8245] RSP: 002b:00000000f5d6857c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[  191.002774][ T8245] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000740
[  191.006239][ T8245] RDX: 0000000000000001 RSI: 0000000000000011 RDI: 0000000000000000
[  191.009726][ T8245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.013142][ T8245] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.016740][ T8245] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.020099][ T8245]  </TASK>
[  191.055671][ T8253] FAULT_INJECTION: forcing a failure.
[  191.055671][ T8253] name failslab, interval 1, probability 0, space 0, times 0
[  191.063264][ T8253] CPU: 0 PID: 8253 Comm: syz.3.834 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  191.066768][ T8253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.070475][ T8253] Call Trace:
[  191.071675][ T8253]  <TASK>
[  191.072739][ T8253]  dump_stack_lvl+0x16c/0x1f0
[  191.074677][ T8253]  should_fail_ex+0x497/0x5b0
[  191.076518][ T8253]  should_failslab+0x9/0x20
[  191.078366][ T8253]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  191.080568][ T8253]  ? build_skb+0x48/0x2e0
[  191.082313][ T8253]  build_skb+0x48/0x2e0
[  191.083921][ T8253]  __tun_build_skb+0x2c/0x340
[  191.085811][ T8253]  tun_build_skb.constprop.0+0x7df/0x1250
[  191.088217][ T8253]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  191.090638][ T8253]  ? hlock_class+0x4e/0x130
[  191.092468][ T8253]  ? __lock_acquire+0xc5d/0x3b30
[  191.094485][ T8253]  tun_get_user+0x888/0x3c20
[  191.096632][ T8253]  ? __pfx_tun_get_user+0x10/0x10
[  191.098624][ T8253]  ? find_held_lock+0x2d/0x110
[  191.100442][ T8253]  ? __pfx_lock_release+0x10/0x10
[  191.102485][ T8253]  tun_chr_write_iter+0xe8/0x210
[  191.104280][ T8253]  vfs_write+0x6b6/0x1140
[  191.105754][ T8253]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  191.107905][ T8253]  ? __pfx_vfs_write+0x10/0x10
[  191.109790][ T8253]  ? __fget_files+0x256/0x400
[  191.111598][ T8253]  ? __fget_light+0x173/0x210
[  191.113344][ T8253]  ksys_write+0x12f/0x260
[  191.115044][ T8253]  ? __pfx_ksys_write+0x10/0x10
[  191.116781][ T8253]  __do_fast_syscall_32+0x73/0x120
[  191.118845][ T8253]  do_fast_syscall_32+0x32/0x80
[  191.120710][ T8253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.123185][ T8253] RIP: 0023:0xf7450579
[  191.124861][ T8253] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.131378][ T8253] RSP: 002b:00000000f5d68540 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  191.134552][ T8253] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000080
[  191.137491][ T8253] RDX: 0000000000000026 RSI: 00000000f743aff4 RDI: 0000000000000000
[  191.140520][ T8253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.143626][ T8253] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.146610][ T8253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.149338][ T8253]  </TASK>
[  191.455969][ T8258] infiniband syz1: set down
[  191.457507][ T5246] infiniband syz1: ib_query_port failed (-19)
[  191.458639][ T8258] infiniband syz1: added syzkaller0
[  191.465150][ T8258] syz1: rxe_create_cq: returned err = -12
[  191.476888][ T8258] infiniband syz1: Couldn't create ib_mad CQ
[  191.486472][ T8258] infiniband syz1: Couldn't open port 1
[  191.534021][ T8258] RDS/IB: syz1: added
[  191.547382][ T8258] smc: adding ib device syz1 with port count 1
[  191.550257][ T8258] smc:    ib device syz1 port 1 has pnetid 
[  191.569542][ T8258] smc: removing ib device syz1
[  191.855760][ T8258] rdma_rxe: rxe_newlink: failed to add syzkaller0
[  193.896076][   T57] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  194.085968][   T57] usb 7-1: Using ep0 maxpacket: 8
[  194.097526][   T57] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[  194.100909][   T57] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[  194.114853][   T57] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[  194.125938][   T57] usb 7-1: config 250 has no interface number 0
[  194.128204][   T57] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  194.133332][   T57] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  194.142185][   T57] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  194.156252][   T57] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  194.160911][   T57] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  194.172136][   T57] usb 7-1: config 250 interface 228 has no altsetting 0
[  194.177968][   T57] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  194.181843][   T57] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  194.185283][   T57] usb 7-1: Product: syz
[  194.193244][   T57] usb 7-1: SerialNumber: syz
[  194.199305][   T57] hub 7-1:250.228: bad descriptor, ignoring hub
[  194.201728][   T57] hub 7-1:250.228: probe with driver hub failed with error -5
[  194.384716][ T1352] ieee802154 phy0 wpan0: encryption failed: -22
[  194.387616][ T1352] ieee802154 phy1 wpan1: encryption failed: -22
[  194.417473][   T57] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 16 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  194.457600][ T8330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.461692][ T8330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.666558][   T35] usb 7-1: USB disconnect, device number 16
[  196.671646][   T35] usblp0: removed
[  197.638896][   T55] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  197.817108][   T55] usb 6-1: Using ep0 maxpacket: 8
[  197.820237][ T8402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.874'.
[  197.821694][   T55] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[  197.827808][   T55] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[  197.832369][   T55] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[  197.836974][   T55] usb 6-1: config 250 has no interface number 0
[  197.839845][   T55] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  197.844749][   T55] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  197.849367][   T55] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  197.853898][   T55] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  197.859804][   T55] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  197.865689][   T55] usb 6-1: config 250 interface 228 has no altsetting 0
[  197.866000][ T8401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.874'.
[  197.871508][   T55] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  197.876017][   T55] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  197.879573][   T55] usb 6-1: Product: syz
[  197.881375][   T55] usb 6-1: SerialNumber: syz
[  197.889431][   T55] hub 6-1:250.228: bad descriptor, ignoring hub
[  197.892396][   T55] hub 6-1:250.228: probe with driver hub failed with error -5
[  198.093864][   T55] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  198.240216][ T8389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.243754][ T8389] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.846023][ T5206] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  199.031570][ T5206] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.036340][ T5206] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.041454][ T5206] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  199.045498][ T5206] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.054510][ T5206] usb 7-1: config 0 descriptor??
[  199.291687][ T8431] netlink: 1068 bytes leftover after parsing attributes in process `syz.3.882'.
[  199.476341][ T8421] qnx6: unable to set blocksize
[  199.494001][ T5206] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  199.499594][ T5206] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  199.502573][ T5206] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  199.505525][ T5206] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  199.509054][ T5206] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  199.513290][ T5206] cm6533_jd 0003:0D8C:0022.0004: No inputs registered, leaving
[  199.514846][ T8437] netlink: 8 bytes leftover after parsing attributes in process `syz.3.884'.
[  199.523318][ T8437] netlink: 16 bytes leftover after parsing attributes in process `syz.3.884'.
[  199.531713][ T8437] gtp0: entered promiscuous mode
[  199.533986][ T8437] gtp0: entered allmulticast mode
[  199.534404][ T5206] cm6533_jd 0003:0D8C:0022.0004: hiddev1,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  199.698175][ T5246] usb 7-1: USB disconnect, device number 17
[  200.448096][ T5251] usb 6-1: USB disconnect, device number 8
[  200.459785][ T5251] usblp0: removed
[  200.858211][ T8472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.893'.
[  200.862094][ T8472] netlink: 16 bytes leftover after parsing attributes in process `syz.1.893'.
[  200.873526][ T8472] gtp0: entered promiscuous mode
[  200.875817][ T8472] gtp0: entered allmulticast mode
[  201.131225][ T8476] program syz.2.895 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.503508][ T8485] overlayfs: failed to resolve './file1': -2
[  201.836386][ T8488] netlink: 1068 bytes leftover after parsing attributes in process `syz.1.899'.
[  203.045292][ T8517] program syz.3.906 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  203.420481][ T8539] FAULT_INJECTION: forcing a failure.
[  203.420481][ T8539] name failslab, interval 1, probability 0, space 0, times 0
[  203.426239][ T8539] CPU: 2 PID: 8539 Comm: syz.2.912 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  203.430348][ T8539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.434742][ T8539] Call Trace:
[  203.436204][ T8539]  <TASK>
[  203.437482][ T8539]  dump_stack_lvl+0x16c/0x1f0
[  203.439172][ T8539]  should_fail_ex+0x497/0x5b0
[  203.442204][ T8539]  should_failslab+0x9/0x20
[  203.444233][ T8539]  kmem_cache_alloc_node_noprof+0x71/0x310
[  203.446650][ T8539]  ? alloc_vmap_area+0x636/0x2a70
[  203.448782][ T8539]  alloc_vmap_area+0x636/0x2a70
[  203.450865][ T8539]  ? __pfx_alloc_vmap_area+0x10/0x10
[  203.453199][ T8539]  __get_vm_area_node+0x17e/0x2d0
[  203.455429][ T8539]  ? mark_lock+0xb5/0xc60
[  203.457357][ T8539]  __vmalloc_node_range_noprof+0x276/0x1520
[  203.459957][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.462474][ T8539]  ? mark_lock+0xb5/0xc60
[  203.464503][ T8539]  ? __pfx_mark_lock+0x10/0x10
[  203.466739][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.469248][ T8539]  ? hlock_class+0x4e/0x130
[  203.471618][ T8539]  ? mark_lock+0xb5/0xc60
[  203.473649][ T8539]  ? aa_get_newest_label+0x376/0x680
[  203.475981][ T8539]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  203.478779][ T8539]  ? __pfx_aa_get_newest_label+0x10/0x10
[  203.481272][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.483699][ T8539]  __vmalloc_noprof+0x6d/0x90
[  203.485764][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.488358][ T8539]  bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.490817][ T8539]  bpf_prog_alloc+0x3b/0x240
[  203.492997][ T8539]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  203.495610][ T8539]  bpf_prog_load+0x1758/0x2670
[  203.497707][ T8539]  ? __pfx_bpf_prog_load+0x10/0x10
[  203.499943][ T8539]  ? find_held_lock+0x2d/0x110
[  203.502181][ T8539]  ? security_bpf+0x8c/0xc0
[  203.504176][ T8539]  __sys_bpf+0x9d2/0x5830
[  203.506094][ T8539]  ? __pfx___sys_bpf+0x10/0x10
[  203.508240][ T8539]  ? ksys_write+0x21c/0x260
[  203.510210][ T8539]  ? __pfx_lock_release+0x10/0x10
[  203.512361][ T8539]  ? __mutex_unlock_slowpath+0x164/0x650
[  203.514487][ T8539]  ? fput+0x32/0x390
[  203.516222][ T8539]  ? ksys_write+0x1ab/0x260
[  203.518243][ T8539]  ? __pfx_ksys_write+0x10/0x10
[  203.520315][ T8539]  __ia32_sys_bpf+0x76/0xe0
[  203.522293][ T8539]  __do_fast_syscall_32+0x73/0x120
[  203.524610][ T8539]  do_fast_syscall_32+0x32/0x80
[  203.526863][ T8539]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.529585][ T8539] RIP: 0023:0xf73ca579
[  203.531040][ T8539] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  203.538583][ T8539] RSP: 002b:00000000f5ce257c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  203.542210][ T8539] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000600
[  203.545642][ T8539] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  203.549093][ T8539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.552431][ T8539] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  203.555636][ T8539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  203.558542][ T8539]  </TASK>
[  203.575462][ T8539] warn_alloc: 1 callbacks suppressed
[  203.575478][ T8539] syz.2.912: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  203.588116][ T8539] CPU: 3 PID: 8539 Comm: syz.2.912 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  203.592326][ T8539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.596760][ T8539] Call Trace:
[  203.598330][ T8539]  <TASK>
[  203.599632][ T8539]  dump_stack_lvl+0x16c/0x1f0
[  203.601588][ T8539]  warn_alloc+0x24d/0x3a0
[  203.603508][ T8539]  ? __pfx_warn_alloc+0x10/0x10
[  203.605673][ T8539]  ? lockdep_hardirqs_on+0x7c/0x110
[  203.607990][ T8539]  ? __get_vm_area_node+0x27d/0x2d0
[  203.610311][ T8539]  ? __get_vm_area_node+0x1bc/0x2d0
[  203.612648][ T8539]  __vmalloc_node_range_noprof+0xc1e/0x1520
[  203.615278][ T8539]  ? mark_lock+0xb5/0xc60
[  203.617893][ T8539]  ? __pfx_mark_lock+0x10/0x10
[  203.620033][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.622489][ T8539]  ? hlock_class+0x4e/0x130
[  203.624537][ T8539]  ? mark_lock+0xb5/0xc60
[  203.626512][ T8539]  ? aa_get_newest_label+0x376/0x680
[  203.628858][ T8539]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  203.631667][ T8539]  ? __pfx_aa_get_newest_label+0x10/0x10
[  203.634143][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.636541][ T8539]  __vmalloc_noprof+0x6d/0x90
[  203.638445][ T8539]  ? bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.640950][ T8539]  bpf_prog_alloc_no_stats+0x54/0x5e0
[  203.643378][ T8539]  bpf_prog_alloc+0x3b/0x240
[  203.645508][ T8539]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  203.648202][ T8539]  bpf_prog_load+0x1758/0x2670
[  203.650361][ T8539]  ? __pfx_bpf_prog_load+0x10/0x10
[  203.652630][ T8539]  ? find_held_lock+0x2d/0x110
[  203.654908][ T8539]  ? security_bpf+0x8c/0xc0
[  203.657034][ T8539]  __sys_bpf+0x9d2/0x5830
[  203.658970][ T8539]  ? __pfx___sys_bpf+0x10/0x10
[  203.661115][ T8539]  ? ksys_write+0x21c/0x260
[  203.663176][ T8539]  ? __pfx_lock_release+0x10/0x10
[  203.665392][ T8539]  ? __mutex_unlock_slowpath+0x164/0x650
[  203.667581][ T8539]  ? fput+0x32/0x390
[  203.669193][ T8539]  ? ksys_write+0x1ab/0x260
[  203.671208][ T8539]  ? __pfx_ksys_write+0x10/0x10
[  203.673340][ T8539]  __ia32_sys_bpf+0x76/0xe0
[  203.675334][ T8539]  __do_fast_syscall_32+0x73/0x120
[  203.677561][ T8539]  do_fast_syscall_32+0x32/0x80
[  203.679674][ T8539]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.682507][ T8539] RIP: 0023:0xf73ca579
[  203.684399][ T8539] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  203.692993][ T8539] RSP: 002b:00000000f5ce257c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  203.697324][ T8539] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000600
[  203.700603][ T8539] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  203.704283][ T8539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.707776][ T8539] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  203.711408][ T8539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  203.714779][ T8539]  </TASK>
[  203.718135][ T8539] Mem-Info:
[  203.719674][ T8539] active_anon:5965 inactive_anon:60 isolated_anon:0
[  203.719674][ T8539]  active_file:3473 inactive_file:35565 isolated_file:0
[  203.719674][ T8539]  unevictable:791 dirty:366 writeback:0
[  203.719674][ T8539]  slab_reclaimable:4883 slab_unreclaimable:57965
[  203.719674][ T8539]  mapped:12033 shmem:844 pagetables:688
[  203.719674][ T8539]  sec_pagetables:329 bounce:0
[  203.719674][ T8539]  kernel_misc_reclaimable:0
[  203.719674][ T8539]  free:116185 free_pcp:3210 free_cma:0
[  203.739102][ T8539] Node 0 active_anon:128kB inactive_anon:2484kB active_file:60kB inactive_file:56kB unevictable:1628kB isolated(anon):0kB isolated(file):0kB mapped:6020kB dirty:88kB writeback:0kB shmem:1916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10132kB pagetables:1956kB sec_pagetables:1280kB all_unreclaimable? no
[  203.752459][ T8539] Node 1 active_anon:21360kB inactive_anon:128kB active_file:13832kB inactive_file:142204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:42112kB dirty:1376kB writeback:0kB shmem:1460kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1336kB pagetables:796kB sec_pagetables:36kB all_unreclaimable? no
[  203.764734][ T8539] Node 0 DMA free:832kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:28kB active_file:0kB inactive_file:0kB unevictable:8kB writepending:0kB present:15992kB managed:15360kB mlocked:8kB bounce:0kB free_pcp:200kB local_pcp:8kB free_cma:0kB
[  203.777925][ T8539] lowmem_reserve[]: 0 374 0 0 0
[  203.794965][ T8539] Node 0 DMA32 free:30504kB boost:0kB min:19048kB low:23808kB high:28568kB reserved_highatomic:6144KB active_anon:348kB inactive_anon:2256kB active_file:116kB inactive_file:0kB unevictable:1620kB writepending:88kB present:1032192kB managed:410800kB mlocked:84kB bounce:0kB free_pcp:2400kB local_pcp:408kB free_cma:0kB
[  203.807705][ T8539] lowmem_reserve[]: 0 0 0 0 0
[  203.809772][ T8539] Node 1 DMA32 free:435692kB boost:0kB min:47048kB low:58808kB high:70568kB reserved_highatomic:0KB active_anon:21360kB inactive_anon:128kB active_file:13832kB inactive_file:142204kB unevictable:1536kB writepending:1376kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:8488kB local_pcp:5228kB free_cma:0kB
[  203.842987][ T8539] lowmem_reserve[]: 0 0 0 0 0
[  203.844700][ T8539] Node 0 DMA: 10*4kB (U) 28*8kB (U) 34*16kB (U) 8*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1064kB
[  203.850030][ T8539] Node 0 DMA32: 760*4kB (UMEH) 251*8kB (UMEH) 29*16kB (UEH) 133*32kB (UMEH) 49*64kB (UEH) 28*128kB (UMEH) 13*256kB (ME) 11*512kB (UMEH) 1*1024kB (H) 2*2048kB (M) 0*4096kB = 30568kB
[  203.857140][ T8539] Node 1 DMA32: 23*4kB (UME) 49*8kB (UE) 47*16kB (UE) 38*32kB (UME) 151*64kB (UME) 145*128kB (UME) 92*256kB (UME) 29*512kB (ME) 22*1024kB (UM) 10*2048kB (ME) 79*4096kB (UM) = 435668kB
[  203.863658][ T8539] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  203.867179][ T8539] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  203.870269][ T8539] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  203.874335][ T8539] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  203.879709][ T8539] 40521 total pagecache pages
[  203.881899][ T8539] 616 pages in swap cache
[  203.883310][ T8539] Free swap  = 107528kB
[  203.884802][ T8539] Total swap = 124996kB
[  203.886896][ T8539] 524155 pages RAM
[  203.888319][ T8539] 0 pages HighMem/MovableOnly
[  203.890089][ T8539] 181063 pages reserved
[  203.891670][ T8539] 0 pages cma reserved
[  204.122449][ T8552] program syz.3.917 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  204.228821][ T8560] FAULT_INJECTION: forcing a failure.
[  204.228821][ T8560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.234626][ T8560] CPU: 0 PID: 8560 Comm: syz.1.920 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  204.238762][ T8560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.243232][ T8560] Call Trace:
[  204.244657][ T8560]  <TASK>
[  204.245873][ T8560]  dump_stack_lvl+0x16c/0x1f0
[  204.247821][ T8560]  should_fail_ex+0x497/0x5b0
[  204.249720][ T8560]  strncpy_from_user+0x38/0x300
[  204.251764][ T8560]  strncpy_from_user_nofault+0x7f/0x180
[  204.254063][ T8560]  bpf_probe_read_user_str+0x26/0x70
[  204.256159][ T8560]  bpf_prog_02a70dbeb5f742df+0x42/0x44
[  204.258285][ T8560]  bpf_trace_run2+0x231/0x590
[  204.259999][ T8560]  ? __pfx_bpf_trace_run2+0x10/0x10
[  204.262118][ T8560]  ? tomoyo_realpath_from_path+0xb2/0x710
[  204.264619][ T8560]  ? tomoyo_realpath_from_path+0xb2/0x710
[  204.267198][ T8560]  __traceiter_kfree+0x2d/0x50
[  204.269330][ T8560]  kfree+0x229/0x3b0
[  204.271065][ T8560]  ? __kmalloc_noprof+0x20b/0x420
[  204.273239][ T8560]  tomoyo_realpath_from_path+0xb2/0x710
[  204.275561][ T8560]  ? tomoyo_fill_path_info+0x233/0x420
[  204.277833][ T8560]  tomoyo_mount_acl+0x1af/0x880
[  204.279710][ T8560]  ? hlock_class+0x4e/0x130
[  204.282097][ T8560]  ? __lock_acquire+0x14f4/0x3b30
[  204.284514][ T8560]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  204.286755][ T8560]  ? putname+0x12e/0x170
[  204.288568][ T8560]  ? __pfx___lock_acquire+0x10/0x10
[  204.290872][ T8560]  ? stack_trace_save+0x95/0xd0
[  204.293013][ T8560]  ? __pfx_stack_trace_save+0x10/0x10
[  204.295420][ T8560]  ? tomoyo_domain+0xbb/0x150
[  204.297531][ T8560]  ? tomoyo_profile+0x47/0x60
[  204.299616][ T8560]  tomoyo_mount_permission+0x16b/0x410
[  204.301990][ T8560]  ? tomoyo_mount_permission+0x146/0x410
[  204.304448][ T8560]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  204.306633][ T8560]  ? get_current_fs_domain+0x188/0x1f0
[  204.308513][ T8560]  security_sb_mount+0x8d/0xe0
[  204.310492][ T8560]  path_mount+0x129/0x1f10
[  204.312288][ T8560]  ? kmem_cache_free+0x12f/0x3a0
[  204.313961][ T8560]  ? __pfx_path_mount+0x10/0x10
[  204.315837][ T8560]  ? putname+0x12e/0x170
[  204.317518][ T8560]  __ia32_sys_mount+0x295/0x320
[  204.319472][ T8560]  ? __pfx___ia32_sys_mount+0x10/0x10
[  204.321533][ T8560]  __do_fast_syscall_32+0x73/0x120
[  204.323236][ T8560]  do_fast_syscall_32+0x32/0x80
[  204.325007][ T8560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.327257][ T8560] RIP: 0023:0xf73b2579
[  204.328720][ T8560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.335996][ T8560] RSP: 002b:00000000f5cca57c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  204.339115][ T8560] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000020000540
[  204.342428][ T8560] RDX: 0000000020000580 RSI: 0000000000000000 RDI: 0000000020000000
[  204.345729][ T8560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.348467][ T8560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.351840][ T8560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.355127][ T8560]  </TASK>
[  204.464416][ T8566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.922'.
[  204.469039][ T8566] netlink: 16 bytes leftover after parsing attributes in process `syz.3.922'.
[  204.476351][ T8566] gtp1: entered promiscuous mode
[  204.478583][ T8566] gtp1: entered allmulticast mode
[  205.028356][ T8580] FAULT_INJECTION: forcing a failure.
[  205.028356][ T8580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.034168][ T8580] CPU: 1 PID: 8580 Comm: syz.3.926 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  205.038391][ T8580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.043954][ T8580] Call Trace:
[  205.045794][ T8580]  <TASK>
[  205.047343][ T8580]  dump_stack_lvl+0x16c/0x1f0
[  205.049697][ T8580]  should_fail_ex+0x497/0x5b0
[  205.051889][ T8580]  _copy_from_user+0x30/0xf0
[  205.053551][ T8580]  ucma_write+0x135/0x340
[  205.055125][ T8580]  ? __pfx_ucma_write+0x10/0x10
[  205.057254][ T8580]  ? security_file_permission+0x98/0xc0
[  205.059790][ T8580]  ? __pfx_ucma_write+0x10/0x10
[  205.061883][ T8580]  vfs_writev+0x6ec/0xde0
[  205.063662][ T8580]  ? __pfx_vfs_writev+0x10/0x10
[  205.065782][ T8580]  ? __fget_files+0x24c/0x400
[  205.067863][ T8580]  ? do_writev+0x287/0x370
[  205.069794][ T8580]  do_writev+0x287/0x370
[  205.071532][ T8580]  ? __pfx_do_writev+0x10/0x10
[  205.073540][ T8580]  __do_fast_syscall_32+0x73/0x120
[  205.075959][ T8580]  do_fast_syscall_32+0x32/0x80
[  205.077991][ T8580]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  205.080599][ T8580] RIP: 0023:0xf7450579
[  205.082321][ T8580] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  205.091951][ T8580] RSP: 002b:00000000f5d6857c EFLAGS: 00000292 ORIG_RAX: 0000000000000092
[  205.096131][ T8580] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  205.100349][ T8580] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[  205.103630][ T8580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  205.107211][ T8580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  205.110790][ T8580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  205.114013][ T8580]  </TASK>
[  205.115350][    C1] vkms_vblank_simulate: vblank timer overrun
[  205.184940][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.928'.
[  205.193755][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.928'.
[  205.205117][ T8585] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  205.208078][ T8585] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  205.215006][ T8585] vhci_hcd vhci_hcd.0: Device attached
[  205.245938][ T8586] vhci_hcd: cannot find the pending unlink 4
[  205.313917][ T8586] vhci_hcd: connection closed
[  205.315264][ T1089] vhci_hcd: stop threads
[  205.320068][ T1089] vhci_hcd: release socket
[  205.322107][ T1089] vhci_hcd: disconnect device
[  205.577734][ T8602] netlink: 'syz.1.932': attribute type 9 has an invalid length.
[  205.581352][ T8602] netlink: 'syz.1.932': attribute type 6 has an invalid length.
[  206.486138][ T8613] netlink: 8 bytes leftover after parsing attributes in process `syz.1.936'.
[  206.489800][ T8613] netlink: 16 bytes leftover after parsing attributes in process `syz.1.936'.
[  206.496423][ T8613] gtp1: entered promiscuous mode
[  206.498489][ T8613] gtp1: entered allmulticast mode
[  207.510302][ T8637] netlink: 4 bytes leftover after parsing attributes in process `syz.2.944'.
[  207.529325][ T8637] netlink: 4 bytes leftover after parsing attributes in process `syz.2.944'.
[  207.554157][ T8637] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  207.557286][ T8637] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  207.566907][ T8637] vhci_hcd vhci_hcd.0: Device attached
[  207.592803][ T8640] vhci_hcd: cannot find the pending unlink 4
[  207.686134][ T8640] vhci_hcd: connection closed
[  207.687786][ T1089] vhci_hcd: stop threads
[  207.691920][ T1089] vhci_hcd: release socket
[  207.699837][ T1089] vhci_hcd: disconnect device
[  207.766150][   T55] vhci_hcd: vhci_device speed not set
[  207.906800][ T5214] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  207.912126][ T5214] CPU: 0 PID: 5214 Comm: kworker/u33:6 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  207.916962][ T5214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  207.922584][ T5214] Workqueue: hci4 hci_rx_work
[  207.924761][ T5214] Call Trace:
[  207.926155][ T5214]  <TASK>
[  207.927444][ T5214]  dump_stack_lvl+0x16c/0x1f0
[  207.929747][ T5214]  sysfs_warn_dup+0x7f/0xa0
[  207.931977][ T5214]  sysfs_create_dir_ns+0x24d/0x2b0
[  207.934348][ T5214]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  207.936725][ T5214]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  207.939019][ T5214]  ? do_raw_spin_unlock+0x172/0x230
[  207.941398][ T5214]  kobject_add_internal+0x2c8/0x990
[  207.943847][ T5214]  kobject_add+0x16f/0x240
[  207.946132][ T5214]  ? __pfx_kobject_add+0x10/0x10
[  207.948236][ T5214]  ? do_raw_spin_unlock+0x172/0x230
[  207.950416][ T5214]  ? kobject_put+0xbe/0x5b0
[  207.952356][ T5214]  device_add+0x289/0x1a70
[  207.954479][ T5214]  ? __pfx_dev_set_name+0x10/0x10
[  207.956449][   T65] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  207.956678][ T5214]  ? __pfx_device_add+0x10/0x10
[  207.963016][ T5214]  ? mgmt_send_event_skb+0x2f0/0x460
[  207.963052][   T65] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  207.964916][ T5214]  hci_conn_add_sysfs+0x17e/0x230
[  207.970368][   T65] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  207.971367][   T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  207.973309][ T5214]  le_conn_complete_evt+0xfc7/0x1cf0
[  207.973348][ T5214]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  207.978933][   T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  207.979014][ T5214]  ? trace_contention_end+0xea/0x140
[  207.982579][   T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  207.984814][ T5214]  hci_le_conn_complete_evt+0x23c/0x370
[  207.992514][ T5214]  hci_le_meta_evt+0x2e2/0x5d0
[  207.994498][ T5214]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  207.997214][ T5214]  hci_event_packet+0x664/0x1190
[  207.999271][ T5214]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  208.001370][ T5214]  ? __pfx_hci_event_packet+0x10/0x10
[  208.003585][ T5214]  ? mark_held_locks+0x9f/0xe0
[  208.005711][ T5214]  ? kcov_remote_start+0x3d1/0x6e0
[  208.007992][ T5214]  ? lockdep_hardirqs_on+0x7c/0x110
[  208.010258][ T5214]  hci_rx_work+0x2c4/0x1610
[  208.012437][ T5214]  process_one_work+0x958/0x1ad0
[  208.014740][ T5214]  ? __pfx_lock_acquire+0x10/0x10
[  208.017256][ T5214]  ? __pfx_process_one_work+0x10/0x10
[  208.019709][ T5214]  ? assign_work+0x1a0/0x250
[  208.021859][ T5214]  worker_thread+0x6c8/0xf30
[  208.023935][ T5214]  ? __pfx_worker_thread+0x10/0x10
[  208.026342][ T5214]  kthread+0x2c1/0x3a0
[  208.028014][ T5214]  ? _raw_spin_unlock_irq+0x23/0x50
[  208.030404][ T5214]  ? __pfx_kthread+0x10/0x10
[  208.032060][ T1097] ------------[ cut here ]------------
[  208.032359][ T5214]  ret_from_fork+0x45/0x80
[  208.032382][ T5214]  ? __pfx_kthread+0x10/0x10
[  208.035050][ T1097] WARNING: CPU: 3 PID: 1097 at net/wireless/nl80211.c:19473 cfg80211_bss_color_notify+0x60b/0x7d0
[  208.036801][ T5214]  ret_from_fork_asm+0x1a/0x30
[  208.036835][ T5214]  </TASK>
[  208.038333][ T5214] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  208.039070][ T1097] Modules linked in:
[  208.043578][ T5214] Bluetooth: hci4: failed to register connection device
[  208.047969][ T1097] CPU: 3 PID: 1097 Comm: kworker/u32:9 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  208.055336][ T5214] Bluetooth: hci4: hardware error 0x20
[  208.060995][ T1097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.080625][ T1097] Workqueue: phy7 ieee80211_color_collision_detection_work
[  208.083807][ T1097] RIP: 0010:cfg80211_bss_color_notify+0x60b/0x7d0
[  208.086951][ T1097] Code: 3c 5b f7 49 8d 7f 68 be ff ff ff ff e8 9e 3a a9 00 31 ff 89 c3 89 c6 e8 93 37 5b f7 85 db 0f 85 16 fb ff ff e8 86 3c 5b f7 90 <0f> 0b 90 e9 08 fb ff ff e8 78 3c 5b f7 0f b6 44 24 1c ba 01 00 00
SYZFAIL: failed to recv rpc
[  208.115202][ T1097] RSP: 0018:ffffc90006c67bf8 EFLAGS: 00010293
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  208.118381][ T1097] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a33528d
[  208.121954][ T1097] RDX: ffff8880206e4880 RSI: ffffffff8a33529a RDI: 0000000000000005
[  208.125362][ T1097] RBP: 000000000000008d R08: 0000000000000005 R09: 0000000000000000
[  208.128866][ T1097] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880587cc000
[  208.132395][ T1097] R13: ffff8880154b0000 R14: ffff8880587cccb0 R15: ffff88802bf40700
[  208.135831][ T1097] FS:  0000000000000000(0000) GS:ffff88802c300000(0000) knlGS:0000000000000000
[  208.139551][ T1097] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.142038][ T1097] CR2: 0000000000000000 CR3: 000000001b674000 CR4: 0000000000350ef0
[  208.145035][ T1097] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  208.148177][ T1097] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  208.151614][ T1097] Call Trace:
[  208.153067][ T1097]  <TASK>
[  208.154365][ T1097]  ? show_regs+0x8c/0xa0
[  208.156286][ T1097]  ? __warn+0xe5/0x3c0
[  208.158094][ T1097]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  208.160722][ T1097]  ? report_bug+0x3c0/0x580
[  208.162723][ T1097]  ? handle_bug+0x3d/0x70
[  208.168666][ T1097]  ? exc_invalid_op+0x17/0x50
[  208.172262][ T1097]  ? asm_exc_invalid_op+0x1a/0x20
[  208.175554][ T1097]  ? cfg80211_bss_color_notify+0x5fd/0x7d0
[  208.178669][ T1097]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  208.181463][ T1097]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  208.184261][ T1097]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  208.187203][ T1097]  ? __pfx_lock_acquire+0x10/0x10
[  208.189451][ T1097]  ? __pfx_cfg80211_bss_color_notify+0x10/0x10
[  208.192388][ T1097]  process_one_work+0x958/0x1ad0
[  208.194767][ T1097]  ? __pfx_lock_acquire+0x10/0x10
[  208.197527][ T1097]  ? __pfx_process_one_work+0x10/0x10
[  208.200182][ T1097]  ? assign_work+0x1a0/0x250
[  208.202371][ T1097]  worker_thread+0x6c8/0xf30
[  208.204528][ T1097]  ? __kthread_parkme+0x148/0x220
[  208.207013][ T1097]  ? __pfx_worker_thread+0x10/0x10
[  208.209170][ T1097]  kthread+0x2c1/0x3a0
[  208.210957][ T1097]  ? _raw_spin_unlock_irq+0x23/0x50
[  208.213555][ T1097]  ? __pfx_kthread+0x10/0x10
[  208.216768][ T1097]  ret_from_fork+0x45/0x80
[  208.219196][ T1097]  ? __pfx_kthread+0x10/0x10
[  208.221374][ T1097]  ret_from_fork_asm+0x1a/0x30
[  208.223656][ T1097]  </TASK>
[  208.225158][ T1097] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  208.228650][ T1097] CPU: 3 PID: 1097 Comm: kworker/u32:9 Not tainted 6.10.0-rc7-syzkaller-00256-gd0d0cd380055 #0
[  208.233607][ T1097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.239392][ T1097] Workqueue: phy7 ieee80211_color_collision_detection_work
[  208.242816][ T1097] Call Trace:
[  208.244350][ T1097]  <TASK>
[  208.245998][ T1097]  dump_stack_lvl+0x3d/0x1f0
[  208.247846][ T1097]  panic+0x6f5/0x7a0
[  208.249559][ T1097]  ? __pfx_panic+0x10/0x10
[  208.251377][ T1097]  ? show_trace_log_lvl+0x363/0x500
[  208.253589][ T1097]  ? check_panic_on_warn+0x1f/0xb0
[  208.255813][ T1097]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  208.258320][ T1097]  check_panic_on_warn+0xab/0xb0
[  208.260357][ T1097]  __warn+0xf1/0x3c0
[  208.262073][ T1097]  ? cfg80211_bss_color_notify+0x60b/0x7d0
[  208.264561][ T1097]  report_bug+0x3c0/0x580
[  208.266778][ T1097]  handle_bug+0x3d/0x70
[  208.268982][ T1097]  exc_invalid_op+0x17/0x50
[  208.271136][ T1097]  asm_exc_invalid_op+0x1a/0x20
[  208.273265][ T1097] RIP: 0010:cfg80211_bss_color_notify+0x60b/0x7d0
[  208.276000][ T1097] Code: 3c 5b f7 49 8d 7f 68 be ff ff ff ff e8 9e 3a a9 00 31 ff 89 c3 89 c6 e8 93 37 5b f7 85 db 0f 85 16 fb ff ff e8 86 3c 5b f7 90 <0f> 0b 90 e9 08 fb ff ff e8 78 3c 5b f7 0f b6 44 24 1c ba 01 00 00
[  208.284899][ T1097] RSP: 0018:ffffc90006c67bf8 EFLAGS: 00010293
[  208.288397][ T1097] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a33528d
[  208.292044][ T1097] RDX: ffff8880206e4880 RSI: ffffffff8a33529a RDI: 0000000000000005
[  208.295579][ T1097] RBP: 000000000000008d R08: 0000000000000005 R09: 0000000000000000
[  208.299746][ T1097] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880587cc000
[  208.304072][ T1097] R13: ffff8880154b0000 R14: ffff8880587cccb0 R15: ffff88802bf40700
[  208.307406][ T1097]  ? cfg80211_bss_color_notify+0x5fd/0x7d0
[  208.309961][ T1097]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  208.312407][ T1097]  ? cfg80211_bss_color_notify+0x60a/0x7d0
[  208.314822][ T1097]  ? __pfx_lock_acquire+0x10/0x10
[  208.316939][ T1097]  ? __pfx_cfg80211_bss_color_notify+0x10/0x10
[  208.319600][ T1097]  process_one_work+0x958/0x1ad0
[  208.321382][ T1097]  ? __pfx_lock_acquire+0x10/0x10
[  208.323421][ T1097]  ? __pfx_process_one_work+0x10/0x10
[  208.325629][ T1097]  ? assign_work+0x1a0/0x250
[  208.327419][ T1097]  worker_thread+0x6c8/0xf30
[  208.329102][ T1097]  ? __kthread_parkme+0x148/0x220
[  208.330972][ T1097]  ? __pfx_worker_thread+0x10/0x10
[  208.333129][ T1097]  kthread+0x2c1/0x3a0
[  208.334934][ T1097]  ? _raw_spin_unlock_irq+0x23/0x50
[  208.337152][ T1097]  ? __pfx_kthread+0x10/0x10
[  208.338863][ T1097]  ret_from_fork+0x45/0x80
[  208.340509][ T1097]  ? __pfx_kthread+0x10/0x10
[  208.342328][ T1097]  ret_from_fork_asm+0x1a/0x30
[  208.344153][ T1097]  </TASK>
[  208.345891][ T1097] Kernel Offset: disabled
[  208.347594][ T1097] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:50:05  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000040000 RBX=0000000000000001 RCX=ffffffff816f9f2e RDX=ffff8880206e2440
RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000035 RSP=ffffc900033f7730
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003
R12=0000000000000200 R13=ffff8880206e4880 R14=ffffffff8c693e80 R15=ffffc900033f77b8
RIP=ffffffff818e8871 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000046cf0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000039 RCX=ffffffff81f550ce RDX=ffff8880195a4880
RSI=0000000000000039 RDI=00000000ffffffff RBP=ffff88801eff21d0 RSP=ffffc90000e9f730
R8 =0000000000000006 R9 =0000000000000011 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000011 R14=0000000000000001 R15=ffff888027b99400
RIP=ffffffff81f55156 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000000d97a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000008 RBX=0000000000000000 RCX=0000000000000001 RDX=0000000000000005
RSI=0000000000000002 RDI=0000000000000004 RBP=ffffffff8b29c600 RSP=ffffc90022b07088
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000002 R11=0000000000000002
R12=0000000000000004 R13=0000000000000001 R14=0000000000000008 R15=ffffc90022b0716d
RIP=ffffffff818e8ac0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557dff2ab000 CR3=00000000560d6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=69d4440169d44401 69d4440169d44401 69d4440169d44401 69d4440169d44401 69d4440169d44401 69d4440169d44401 69d4440169d44401 69d4440169d44401
ZMM22=7a08fa587a08fa58 7a08fa587a08fa58 7a08fa587a08fa58 7a08fa587a08fa58 7a08fa587a08fa58 7a08fa587a08fa58 7a08fa587a08fa58 7a08fa587a08fa58
ZMM23=92273c2692273c26 92273c2692273c26 92273c2692273c26 92273c2692273c26 92273c2692273c26 92273c2692273c26 92273c2692273c26 92273c2692273c26
ZMM24=7412462374124623 7412462374124623 7412462374124623 7412462374124623 7412462374124623 7412462374124623 7412462374124623 7412462374124623
ZMM25=2ce83c192ce83c19 2ce83c192ce83c19 2ce83c192ce83c19 2ce83c192ce83c19 2ce83c192ce83c19 2ce83c192ce83c19 2ce83c192ce83c19 2ce83c192ce83c19
ZMM26=e11ce04ce11ce04c e11ce04ce11ce04c e11ce04ce11ce04c e11ce04ce11ce04c e11ce04ce11ce04c e11ce04ce11ce04c e11ce04ce11ce04c e11ce04ce11ce04c
ZMM27=d8588d3ad8588d3a d8588d3ad8588d3a d8588d3ad8588d3a d8588d3ad8588d3a d8588d3ad8588d3a d8588d3ad8588d3a d8588d3ad8588d3a d8588d3ad8588d3a
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=1a0700001a070000 1a0700001a070000 1a0700001a070000 1a0700001a070000 1a0700001a070000 1a0700001a070000 1a0700001a070000 1a0700001a070000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816f9f2e RDX=ffff8880206e4880
RSI=ffffffff816f9f1c RDI=0000000000000001 RBP=000000000000005c RSP=ffffc90006c678e0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002
R12=0000000000000200 R13=ffff8880206e2440 R14=ffffffff8c800c60 R15=ffffc90006c67960
RIP=ffffffff816f9f1e RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000001b674000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=000000000000ffdf Opmask03=2040000404420020
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe2494da30 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3bad1e829a127622 737325386759d627
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000564e70cd8200 44455a494c414954 494e495f43455355
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000000003130323a 306963682f306963
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 48de6df1e9610551 0000564b142a29bb 00000000000003a1 0000000033346c6c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 48de6df1e9610551 0000564b142a9748 0000000000000071 0000003177617264
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3a263e383a3a26 39383a3a2638383a 3a263b383a3a263a 383a3a26493b3a3a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000