last executing test programs:

4.93054036s ago: executing program 1 (id=1071):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@getqdisc={0x24, 0x26, 0x0, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0xfff1}, {0x1, 0x10}, {0xe, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000011)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100000007000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)

4.819739652s ago: executing program 1 (id=1072):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) (async)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, "d20bddda7d1db9342de76eec7967fe97751f13a23aeaacb0565c1c2251560ed1"}})
mq_unlink(&(0x7f0000000000)='.\x00') (async)
r3 = syz_io_uring_setup(0x7325, &(0x7f0000000140)={0x0, 0x0, 0x4}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
r6 = accept4$ax25(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x800)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, r6, 0x0, 0x0}) (async)
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) (async)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r7) (async)
io_pgetevents(0x0, 0x8, 0x1, &(0x7f0000000300)=[{}], &(0x7f0000000340), &(0x7f00000003c0)={&(0x7f0000000380)={[0x1ff, 0x1]}, 0x8}) (async)
pause()

4.740265171s ago: executing program 1 (id=1073):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xf000000}, 0x48)

4.659916255s ago: executing program 1 (id=1074):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x400448ca, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x1})
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="20000000300009000000000000000000010000000c0001800600000005470000"], 0x20}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)=@ipv6_getanyicast={0x14, 0x3e, 0x300, 0x70bd29, 0x25dfdbfd, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040004}, 0x40000)
mkdir(0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
madvise(&(0x7f000058f000/0x3000)=nil, 0x3000, 0xd)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
getpid()
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
pipe(&(0x7f0000000180))
socket$inet_udp(0x2, 0x2, 0x0)

2.89908564s ago: executing program 0 (id=1087):
munlockall()
mmap$IORING_OFF_SQ_RING(&(0x7f0000694000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa31086b8703140000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x40800)
ioctl$KVM_SET_CPUID2(r0, 0x4048aecb, &(0x7f0000000480)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"])
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fff7ffc}, {0x7ff, 0xc, 0x4, 0x3}, {0x2, 0x2, 0x14, 0xfffffff7}, {0x1, 0x0, 0xc, 0x124}]})
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080010080100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)={0xffffffffffffffff, 0x479, 0x8}, 0xc)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCFLSH(r3, 0x404c4701, 0x20000000)
pipe2(&(0x7f0000000000)={0x0, <r4=>0x0}, 0x0)
fcntl$setsig(r4, 0xb, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r5)
close(r5)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r6, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
timer_create(0x0, 0x0, &(0x7f0000000140))

2.459272704s ago: executing program 0 (id=1090):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000280)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r2, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000200)={r2, <r4=>0x0, r3, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r4, r3, 0x0, 0x1, 0x0, 0x7b46, {0x5, 0x1, 0x3, 0x65, 0x1, 0x1, 0x2, 0x4005, 0x4cab, 0xe156, 0x0, 0x1, 0x0, 0x400000, "fe1d0e1cff0017040000003413000000000000000100"}})

2.33048235s ago: executing program 0 (id=1092):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0xc0, r1, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0xac, 0x11d, 0x0, 0x1, [{0xa8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0xa4, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x50, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0xc4a, 0x6, 0x8, 0x5, 0x6, 0x37, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x400, 0x0, 0x800, 0x1ff, 0x100, 0x955, 0xd90]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x5, 0x8, 0x401, 0xb5, 0xc, 0x4, 0x9bbf]}}]}, @NL80211_BAND_60GHZ={0x50, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4c, 0x2, [{0x6, 0x5}, {0x6, 0x9}, {0x2, 0x2}, {0x5, 0x8}, {0x2, 0x1}, {0x2}, {0x0, 0x8}, {0x4, 0x6}, {0x0, 0x1}, {0x4, 0x5}, {0x6, 0x8}, {0x2, 0x2}, {0x0, 0x1}, {0x2, 0x4}, {0x2}, {0x1, 0x5}, {0x5}, {0x0, 0xa}, {0x1, 0x2}, {0x6, 0x3}, {0x4, 0xa}, {0x1, 0x8}, {0x6}, {0x6, 0x2}, {0x1, 0x3}, {}, {0x0, 0x4}, {0x4, 0x9}, {0x4}, {0x4, 0x3}, {0x1}, {0x3, 0x6}, {0x1, 0x1}, {0x3, 0x6}, {0x1, 0x9}, {0x3, 0x8}, {0x3, 0x9}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x0, 0x2}, {0x5, 0x3}, {0x3, 0x1}, {0x1, 0xa}, {0x5, 0x2}, {0x1, 0x5}, {0x0, 0x7}, {0x1, 0x3}, {0x3, 0x6}, {0x7, 0x5}, {0x3, 0x9}, {0x2, 0x4}, {0x0, 0x3}, {0x6, 0x5}, {0x7}, {0x2, 0x6}, {0x3, 0x4}, {0x1, 0x3}, {0x1, 0x8}, {0x7, 0x6}, {}, {0x4, 0x2}, {0x0, 0x9}, {0x7, 0x2}, {0x1, 0x8}, {0x7, 0x4}, {0x5, 0x9}, {0x0, 0x9}, {0x1, 0x5}, {0x7, 0x4}, {0x5, 0x4}, {0x6, 0x8}]}]}]}]}]}]}, 0xc0}}, 0x0)

2.321011619s ago: executing program 0 (id=1093):
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000001080)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4c)
unshare(0x62040200)
unshare(0x62040200)
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) (fail_nth: 3)

2.060303262s ago: executing program 1 (id=1095):
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000000)=<r0=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000180)}], 0x1}}], 0x1, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000dc0)={0x0, &(0x7f0000000380)})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x10000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x10001, 0x0, 0x0, 0x0, 0x7, 0x2004ca, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8000]})
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r7 = syz_open_dev$sg(0x0, 0x0, 0x0)
fcntl$dupfd(r7, 0x0, r7)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r8}, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)

1.920488131s ago: executing program 0 (id=1097):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bind$inet6(r1, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
listen(0xffffffffffffffff, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x80001, 0x0)

1.250440219s ago: executing program 3 (id=1100):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000050002000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000040c00098008000140ff"], 0x90}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000140), 0xffffffffffffffff) (async)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r4=>0x0) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="74bbe54b2a2172fd000000a0aa6cf9f1484fa300", @ANYRES16=r6, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r4, @ANYBLOB], 0x1c}}, 0x0) (async)
sendmsg$NFC_CMD_START_POLL(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r6, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
sendmsg$NFC_CMD_ENABLE_SE(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r2, 0x300, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)

1.199975441s ago: executing program 1 (id=1101):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000040)={0x7}, 0x4)
fdatasync(r0)
socket$inet_tcp(0x2, 0x1, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0x0, <r2=>0x0}, 0x0)
r3 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000082505a8a440000102030109021b0001010000000904000001070101000905010e0002000000"], 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f00000006c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x20, 0x0, 0x1}})
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r1)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r5, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfd38}]}, 0x24}, 0x1, 0x0, 0x0, 0x4064800}, 0x20040000)
pwritev(r4, &(0x7f00000008c0)=[{&(0x7f00000000c0)="ff", 0x1}], 0x1, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.151597187s ago: executing program 3 (id=1102):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_ON(r0, 0x7001)
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0x40046806, 0x0)
pwritev(r0, &(0x7f0000000200)=[{&(0x7f0000001480)="b7807e13300f6a75167d220d4cfb1b4290595039dd1027f1a4e9bf7e8b6121d0db495ab8e3420e1a3d1edc3c91aca9a8d23914c40c78f5e5bc3b94fd077d0b53fa69b1f250ebf5de95f03f8fdfde79e99e8661824bb8a79a9299137688256c36daea74f02a3a7b6cbd1b12687dc72c8d366655e267cef56699a9526fa2eebe803d6c442a413b452f172c0699a22d3b2894287eac8381210d857a46890c24f9c86692b67019ade3751e2269e3b7eeb66c6d16d92ee1155dcf854ca9e4138ab536c15749187a1449a9dfcbba217b2870e42291c4cdbc2e2598cecd1f44d0d11f3a1aa7fe1d95eb0139d02c726bfb1eac46020baebbf1a394e74aebdf4ab2823e150e1a956768d0ed56f66a90317106249d63fa618e73e58f6fbaac93bc63d728f82870389b9c635e3b8d219804dbce27968f055994992938fa7de777bfbc5696e1b89a9fe636fd86d2545818ee9a3e3a2bfae7342d14f55c60c32b4dff75adf8bf701d796e5569159b6ad859025b528a845504b0cea1bf7dc2390cac23e0c2a6e0b41f324c3ee3c936e9a33ec443475876ff506d582f9927da4c9383c639118556767ddfea7a149fd9f8cde065d873d07b5c8505a56e2ded9fe43d0bbbf76147f8acdab8bbcb63356f6f3ef10bcbbacf05ecf6a2c1dbcceb2c83c237dc2f0308f41d2a40e0f84d566218c39d5840928ee0ae00f7ec0fc5a50672ce48a71b7b74a1a4f609336ef4fd477edc3892cf2e800555733388e1ab978c2a9dd95bd3e44c9636ab828e256b0a6a4edd1c0f214728a190c1e37502a330db1e43f440df0aedb692f84234b7ed1c5a1447939cc608db74f8e29d40be96afc7c20e52215ae859f2ac78fb643c7e6a72dee63899fb91ef8818c957577f7d5bb9842a56e4647c2265ceb0bd9410b0dabbe115493ed4f82ba9feb0322ec534c985717da046414e9a53dfb142bd442577bccb8c2362a4b3fb23ddd7002ba321af32730b44688b45aaab66d1762fe0e99aabb9dba5888324ef7e5e02bc2089c0c9cf19c2ad94fa8a3a0c713120e4fd21fc0359895cda0a6b2b9d1c9bd7c462195adcdc5f4daa7c3a5bf57365701099f23ac429dcb20096d2e8e1b87e24eb49cbc4829328c04b1c8464415d9e8bae9d2a547658e4bf548344c86e27fb793fbd4b04d8376e21ede1418242488fdf796104dd010890aeef5e8b50efc241b434d84bd46645f492461e051ee98e8e4a0611aceca5315340c4287f85bcec0e076e4acbee251f71a29c71238918f95164f3badeb8e8da1d2e31b28b12b26b274456bd48aa58a358d506946ad9e3439e97692b4b061dde8a6c3a847c7a953a14de56b2a0863ae7198c99109d736b4156465595b9bd1a0acc0d9fbb15c900af169f17ef5dacd3b86603f30b59e98cec804efb0453f6b3725786f1db53013a5dde89507e24fc4997dc4f96eb8fc2a21bfc8552d902f353aabdc4261d4db6b87b680ade3e87911e013498aa62deca94bc7039f04e7f3b33c184348c06eb8951380060677a8957d83990c1ef578c38e69968dc718d14ad1c9cd5c662806f213043407bef3e060a50cf5138c96ad22df5e5cb742228d59253437d8661749e0b735dc2162bb1a83916420bae13a87515bc686f9d2cda54363c023b81c4e399c41adaddc76797eabad62ccf5e0e3ca042a5aaae5bfc44daa2bf9f36f59c0e6fded2c6e1df56ffda12c92c31abc623de6e270e35781ad51d13642120b3872a00268b3599aec6d3f172424460b1721cde7b97b06caaafc8c9198de901a4d7ec3602e83d1fae1430cdd96831129ec84076a6e0eb9f9ccd75f5e0c7d5ba3ff449e6b39f7a1c2829748834665eee26506bc7f81c89f1a8eac8d8334bf9a6bc1bcf515c29967991c3b0184e54f66f192e1741f8fb8259e55e88778cb161956acb5a832a5581712c3e8be8f18a7cea7f439ddb659495b45115e179ca332c8252ce9c53b4e5740ab7bdeeed58267b04c9a2e6d9e06912e870b456061f91fb0260325771e43cb7e1af5b77de2d6dab2428620565dc0da9b957286b74ebc367dabfbc9a8c8f05e65fe233471840e8b3317c13a22c586d6010e7f002ec7f441d6df5d446a99a5a3615a4c3e6c34232d6c3bd24aab31820dd998d68a48bda4d5f739264fe2e90e7bff5c368f87221bce6bf073842c51a4687d488da5f36ebb7f29d4d2344bb0ce1f4caf64e6efc30010000005091bc52f5f6c072bde232a23f336c8ee16635c8a8322809984874acebb2fd9ac874b8dd49a9e5749617a7cbc0ac7d60f581187c55d90caa638284c0248eb12b555a1d26455207c405417e3b9b4741109d905393e10da0938f9d7397cc67c42cb4ac66e77056adfa053c292119abaf90d08e702b19697250eb3daede5821bcf1b8be90577ea493533c6f25fbc9437287a8d126961f4d25a8952f76c4bb149fa42a8fc78175d15b820b09da6b84663a93f1b2aea0b52f773b99993b03c250cc809e495b6502c9d3427e171c00456d5788a0be6fcdf3fda40124535f62061dbd81ce0440d43b951af107429a32c1f2db5b16a82197e027662a88b4720018e89e647001b3e31a176de4cc6c816051e994e97e50b748878ea48745ae5574e79fe5deaabfe2cd7914ddd8d161610296ec56d5860278a11a6858f9a463f010fdd34a45a16b28f968f575da1f58634c96dfcea6743c0ebca0617a30398e76e59a8a6d917c65896f1dd2b68a5b68d0bf917224dffb0509907eeae771ab1e8a7d1788c4dea711876bae724ed0d862ca5f40ed8b874c3ce8e6d9efd1d2de2561af77b4c2b5248437bb2bd39e3b8a0efaa9f03e676d407d44acf580881870f96100e7882fdd7acb9317b29ea02b919fb8cdfec4b0fed80f2d981ce4782eba5c4489ac6a96b98d069a7c77ac54cd6d993f22c9e1dc7a1c5b9445bb9a784e39208383e6f36feffe43018ef7f10e572c7534b61d85de73aa199c0d1930bb30ca90afb43715a6b9943169d725211b0c2bd188a2d35a3249dcd94fc98c6ed845d144831de855f48f174c19bd28eff13258db4ea7039a206d8a5c7709ed32ecc4481b892b2df8331e37318e04b261d338136b31b51906184ff7b12d31a246dc4ed2d014bb718f0ded54b4e2523a635e7d8853ea4b2994e9b960bf8ddc45bb1cb1535d23eeeef218e1e26a622e38e0b4d7135d61fcf6b8c55f46771818c9cb662ed8fea6c611b56b1b1aa764b503a37a8d55991a7aac9619006beaf6ac8125ef8b69407e10eebab668bc6867ab3daf37b59edf570ecd1ef13f8bb49cbaca9c55eafce35dfb376885060ae3dc0a17161c8357138b07e9208761a2ace3b6be6e2da8f16878f607e9057cbc067f9ed7ed723948e691f4228e9d477803ff5cd5ca2240608a338fc091dc014e1dad8b5ea760df886c764510c3b10a3738e4fae48f197ae7cadc6790a2ff916e3e3f91205b16b831ca7cdb15c2e2b16eef79159256e819e668df1855fee4c20ed97fa646801fadb033d2aaa8c86494eccb56fdbb935d03e17963e71e73da8a2588b8f5d2bb953c0ab6aab9cdbc988d1ef0260390b211ee658942fb86644941c4cfe736eb8056c296a9bd3839369567202437e39feb1526ace01732037074c011f256a41ecff6c7ee339fbffd7a4103a4a54e409b0e8215dbff8fcec28fd416c4c370c78d68d7e0f9f68d4e399ed6c6834f90d28b9f2f8c7cb914739019fd012c35c495555e9abf47a93576bbb7e8de8cea9f9b83501b2d968c703d5fb8482b4d128076082a978fd99fadfc709c0cf85ce3636825d7f599ff0bef5c3880b2b04e38c7dcebf3e746ef1b81f9ec6f15aaab0a4b59c2dc8ce148e07eb4f0bb7c76e2d7c79f36ae6314ea6f0bb3728747c19b5ea30b151ec6f0f23451bb009c577be105897fecacc6b6de302167823fe165e69c92a627be7fde5894e2d7b200dad0beacf4d86464eb2459963f5b019fb341f3f201897cc7cf2892ab652fc74623e91c03767247fe689d79962c40c6ec2ad5809fcf9b5f3b81492511228db1165c246d07d4862150e595723cfc868787ef1a8ddcdb3a93f497b0dfa0bd9f04a5b9f16ee8059375062d84269734c10aa91969ec22e245bb44ea03ffc6ba2431721fa446f496dc4bba06ba0ded9a3d5c50f8d4e0e9cd4a125e159373379ae465f5a217dc39ed7a7e425b4dad8b13d87dbfe1545c32ef864b189bd8af681288e3f2ebd2b12aa923463416d5c8dad5a0428e03f47ae2339c6959eec39e1dffcb454e8996de49ea02b275fe4e5c6979627eb2a78fb4c5ff6e0e0627ad81bb97b10981d14fa3262eb3023e77b0a9d46ff79a94b249bf37c2872f4c7dd18c39ae945ae661c21b7298470a9b757f5c65560ef72bdb0fb572013205a4014a17dd7d4ab4a1774f5d3994a157f5778c00cfcbef4a49a37a14940a6539323e4b1fb53782ead1c9b4e97512c7bae9b72d5a9cd8f6d5990cda15a6cba57e8a2cd9653dc937317f6a2a5c42c60114b10cd9379e85b89e7376c44a953531ebcdd0e1b99cbc5dcd3066bc9750b15bb3ea3f0e8a0085d4823cbc26666c0b7919aecfd807c2ffa3f27bc10d8a20c745e4e5d7e382e5dfcd40cbd078bc50c52c736262ac61391734598bba5007fa583cc700e9c7634c1a6f675146e57942b10fd9a80ffe594cc5b2e23162f6c87ba2eb61f54c16c903b583211f2c7c5aef7ff08f8f20c091278860b3170b952186d6f9359361684197ec211ba1a7fd21be7dae65d08c67b4ae2056ab4ea6bc153ef1eddfcb5be07a3844ff8a95075decefe0bc60d7d3cf20e2a77df024196127096d6eca245797e15e1139229e12bca6eafe8f8e89124ad8bfcc9f3df98228de8c1812a3e728a56f917e90245c54ebc92cde263c96fa32eb592c36cefb97e4cb1f1c5682d063421eb52243e4bd4af499738a454f4b9b1eae489f8a793c2d2a0e6c00817f4632f56f3b83094c0be4ad2f6c658389cfe9d6a93c0910405f70176c522d11e77a1c6f9afc777484515f9a3ad4456a9bdc945cfefe307f650a68231f67bc305234f6bd896d244372c386bf28b801ed04fdcefc7edb8c98750cf1dea60312c525a564e89a66c8cbefb60b857754233f522456ff854063316fa53886460bc13024641fe9d02e109f0952de5a8214ac00f40679dc9b12ea4e815be5aa841ba2e3fbd7887da490da4212a26ed998e9919cbb48f6e3d190f36b1f84612e2e3f32092b04096eaf2fcec3cb1809379adfbe1db7a5323f83ecdc33319babb1245ecd361bb322fa01b74976807275ac78d5845689c01c83f856380d14ad713469ab3a452e0678f5bb863e7523851643d0da117f0cab1f98323873b588b73641f0f66d7a3496a921752ef5a884b624bbaca18418dfb75bd60c575944a4eb0ef7eaec2ff955daea1f5d84d2b3bc2131cf902be0d6de210cfd7f881017be33d111dff0fde6d3dbe150e15da9cc644685ae2e6c3086278852c622b29a2257a9071380cf91ea403bebba4ba0b0cb83b68bb1c9f81b9ad83362793596e1f2d16b48a6d624000ef5411d42e051950b6dadd83f9a030c32721b9719a42df18d591d378f606fe3c7301cb0387bbdb10e0dc78183edaced98dab76cbe1cd085791271d51e768ccd9ee91286ad78c7eb67c838f997a1051b2e0def8343dda9343a9b99d39db6e5444e7ae058fde2098f5aac276a181f683bc9ce415051b587267b6fa5aef4cfe9edb56735518f29b1c89711dca2006dcf1caa112fc8947aa265c3a31c9aefdac8f806e942fa7a8c2f9b3e02eedfa76a75317f44f0f89967fd0e4cefe94c403b90ac5f1d26e3198f508b4c79247e756eef71d74168d629aa72d73ff717c1ab49b6455e72d6d4cd2041fa1497a37b33318202c1a5cf73546d831a9bee7d81bf765a319cae1155c64545641598d3db6a0eb21d47aa3fe73fe482766092434645e94b1e3a96ccd106fc5c63699653d5a12df0b7e147ec9b666dad332c542fcd79691227e177077380ffb47f09b67f06070278ed5cccd3fa7d43caf6b75952a11395d1d6e5f459ca1e45360f3b", 0x10a7}, {&(0x7f0000000040)="91aacc2b991251c6d730b9c4900ab36121d067182ce67a0c5ece71db1f2b8634018fa0a9f141206055ba57c92e658422ad993203af8fb52776d117e27bb152b3c8719356c9c481065e37c9893c7e3c652f15f54428a07776fcb94e4842e0105fb480054495159a558b2cdce6e0df4263854e139b7daf455d42c575bf290f39e045f5eb63a959e37fc5ea3710c765d272f00ddc6f9bdc5a9c36bc20a7edca7c21a4706be5965dbfe6ce1946867ff30dd21d5cf4d046bfefe4ca64181f29c559b1954246cd4f9230e5050f980f37bbf75b7bfa40830a9571d4a46ab87f1201140557eb941d", 0xe4}, {&(0x7f0000001400)="3803925d22a3e1007d457387b6bdb28a8cea6eea2cd55df2015b7e170044f7ecc299261f73b74441e8c63a2cc6d598eab87c2015d6ebd9aa1985296ecfcff0ece65ada53b6572a715ed811040cc33d9b1e6ce90b185f8c7f42acc932d7d604317f6df9e14465a3afe383af35eb871c3679dfef21b4454ec88faedd11", 0x7c}, {&(0x7f0000000140)="a06e581a4de8b76ccd911db8eb47651f4e67ab81941e72eefd1340bb6f1ee85213aa58413f6ca2e19d811f129fb9a562e7a7454fb6354b77c351d7e3d9e36c220d87e0833908af1c2a90283c80f5d038fcc2bdc073e650eef12fba0439fd1c35af8055f55ef4fd84b20359b297924cb2847cfdc63f6519f37942c69ed4a76ecaa17246719847882d96f824dbde23707c64e351799899723d6706cd7de3b6d3a7da2e1f8ffc693ddb2254f3221ac9ab24074b84dd172a03a1d860b141f0bafa09", 0xc0}, {&(0x7f0000001280)="d4b7eb47dd09736c874782009671c3298dd574afdf0e569958517166cdd8af0080834af19478dd", 0x27}, {&(0x7f0000001300)="07a45a9a74d47b06e4fa33bc8ec75e3b05385d332aca4bc418e53519c912c55f1e81c705c5f2d0c53cb0ec74234953a4ba6086bde5b320a57231d2062c1d1a4d10b80b3da949b4abb81a1559e4d2f7ebc0a71d5fde28b98293f2a05091099385745dce5c1a04431cdeca0a82ae2f2d18c08f07b1f4f56f8a2fdc3607bb69d5f95c078fdbcc7075f771988787680a", 0x8e}], 0x6, 0x5, 0x6)

1.050355691s ago: executing program 3 (id=1103):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000440)={0x53, 0xffffffffffffffff, 0x6, 0xb1, @buffer={0x0, 0x3a, &(0x7f00000000c0)=""/58}, &(0x7f0000000240)="851658ce20ea", 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r2 = memfd_create(&(0x7f0000000a40)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d7,\xde\xf4?\xff\x86\x82\x96\b\x8c\x95\x0fb1}\r\xe8)\xe4\xe4\xf4:>\xbd\x91\x14A 4\xa1A\xa6e,\v\xe0M\xd9\\s]L\xc0\x93\xea0\xc1\x06P\x9e\xdf\a\x1f\xf7l@\xd7\xe5p\x9a\xa6\xc7]p\xac\xc2\x89\xa0\xeeLf&\xa1\xb56\xb32?\xa1p\xb2\xdf\"\xb6\xe8\x05\xe9\x80gG\b\xc69\x97\x899\xc4\xb8\x8d\xdc\x19\xca\x06\x94Fk\x97\xcc\x93\x83]\x06\x0e\x1b\xba$c\xc7\xdc\xd2\xdf\f\x8fc\x0e\x9a\x86\xf8\x1f\x94\x97\xb4P\xb7\x1d-{\x1b\xd7(\xc5k\xd3\x19Z\x91B\xd5P>\x12A\xf25\xdf\xf3x%\x06}\xbeJ\xef-d\x84\xa7\x99t\xbf\xc4\f\xf84\x8c\xf6\xef\x8eK\f\x16u]#\x8a\xfc%\n9N\xd3\xc5\xdbi\x96c@}\xa5\xe4J\xd8\v\x1b?\xd8\v\xc8J', 0x0)
pwritev(r2, &(0x7f0000000440)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000380)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb52203454a05646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b3ef6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e00000000000000", 0x71}, {&(0x7f0000001140)}], 0x5, 0x800000, 0x0) (async)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r1, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0) (async)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x0)
syz_open_dev$media(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000080)=<r3=>0x0)
lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}) (async)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r5=>r0}, './file1\x00'}) (async)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) (async)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000340)={0x1, r8, 0x0, 0x0, 0xf, 0x100, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc01c64b9, &(0x7f0000000500)={&(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, r8, 0xdededede}) (async)
setresuid(r3, r4, 0x0)
r9 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$IPT_SO_GET_INFO(r9, 0x0, 0x40, &(0x7f00000002c0)={'security\x00', 0x0, [0xc, 0x80, 0x9, 0xb, 0x8]}, &(0x7f0000000340)=0x54) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x0, 0x0) (async)
keyctl$update(0x2, 0x0, 0x0, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
gettid()

1.044559621s ago: executing program 2 (id=1105):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}]}, 0x30}}, 0x0)

989.865546ms ago: executing program 2 (id=1106):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0)
connect$phonet_pipe(r1, &(0x7f0000000000), 0x10)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000200)='./bus\x00', 0x6000000b)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = socket(0x2, 0x2, 0x0)
r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCXONC(r4, 0x4b45, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
mq_open(&(0x7f00000001c0)='&/\x00', 0x2, 0x0, &(0x7f0000000200)={0x8be3, 0x1000, 0x8, 0xf8bc})
ioctl$NBD_SET_SOCK(r0, 0xab00, r2)
ioctl$NBD_DO_IT(r3, 0xab03)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x6)
ioctl$NBD_DISCONNECT(r3, 0xab08)
ioctl$NBD_CLEAR_SOCK(r0, 0x125f)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xd)
r6 = epoll_create(0x47f)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000540))
syz_emit_ethernet(0x3e, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000000000000000000080045000030328524592e9a4cfc3fc75e000000000067907800000000e00000012100907812000228250000000000000009000000ac141400e0000001"], 0x0)

989.661457ms ago: executing program 3 (id=1107):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={0x0, &(0x7f0000000280), 0x0, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000008c0)={0x0, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000200), &(0x7f0000000380)=[0x0], &(0x7f0000000340)})

930.216009ms ago: executing program 3 (id=1108):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
getpid()
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000003201"], 0x138)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000015c0)=ANY=[@ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x4, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13f97c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f1e28dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc290f09ae06eb27158cd570aea75b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c822d41accb85c86b4f8ffffff7f000000002c331fca0e541b7ca2d61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754"], &(0x7f0000000300)='syzkaller\x00', 0x8, 0xfffffed4, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x80}}, 0x0)
r6 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r6, &(0x7f00000000c0), 0x2a)
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x5, 0x2, 0x0, 0x5, 0x425223fb})
futex(&(0x7f000000cffc), 0x5, 0x4, 0x0, &(0x7f0000000000), 0x4000000)

530.331898ms ago: executing program 0 (id=1109):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
getpid()
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000003201"], 0x138)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000015c0)=ANY=[@ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x4, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13f97c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f1e28dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc290f09ae06eb27158cd570aea75b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c822d41accb85c86b4f8ffffff7f000000002c331fca0e541b7ca2d61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754"], &(0x7f0000000300)='syzkaller\x00', 0x8, 0xfffffed4, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x80}}, 0x0)
r6 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r6, &(0x7f00000000c0), 0x2a)
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x5, 0x2, 0x0, 0x5, 0x425223fb})
futex(&(0x7f000000cffc), 0x5, 0x4, 0x0, &(0x7f0000000000), 0x4000000)

530.073155ms ago: executing program 2 (id=1110):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000640)=@security={'security\x00', 0xe, 0x4, 0x2a4, 0xffffffff, 0x124, 0x1fc, 0x124, 0xffffffff, 0xffffffff, 0x2c8, 0x2c8, 0x2c8, 0xffffffff, 0x4, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, 0xffffff00, 0x0, 'pimreg1\x00', 'dvmrp1\x00', {0xff}, {}, 0x1d, 0x3}, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x3, 0x0, "e183c87946b9f3a1efc6567f289b18cc4286364f6822bc9129013ab6ec40"}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xffffff00, 0xff, 'veth0_to_batadv\x00', 'vlan1\x00', {0xff}, {0xff}, 0x2f, 0x3, 0x4}, 0x0, 0x70, 0x94, 0x0, {0xff000000}}, @common=@unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x1, {0x1, 0xf}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x36}, @dev={0xac, 0x14, 0x14, 0x3c}, 0xffffffff, 0xffffff00, 'caif0\x00', 'gre0\x00', {}, {}, 0xff, 0x7, 0x10}, 0x0, 0x70, 0xcc}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv4=@remote, [0xffffffff, 0xff, 0xff, 0xff], 0x4e23, 0x4e21, 0x4e21, 0x4e21, 0x5b12, 0x7eec, 0xd, 0xfffffff9}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x300)

470.440515ms ago: executing program 2 (id=1111):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000003", @ANYRES16=r2, @ANYBLOB="e75c00000000000000002c00000008000300", @ANYRES32=r3], 0x1c}}, 0x0)

468.867717ms ago: executing program 2 (id=1112):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c1300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000048aab3dc850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x2, 0x61, 0x2}, 0x18)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, r0, 0x4, 0x1, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r3 = dup2(0xffffffffffffffff, r0)
r4 = openat$vcsa(0xffffff9c, &(0x7f00000001c0), 0x140, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv0\x00', <r5=>0x0})
r6 = openat$vcsa(0xffffff9c, &(0x7f00000005c0), 0x40802, 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000d40)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r7, 0x20, &(0x7f0000000100)={0x0, 0x0, <r8=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001840)=r8, 0x4)
r9 = fsmount(0xffffffffffffffff, 0x0, 0x74)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{0x1, <r10=>0xffffffffffffffff}, &(0x7f0000000680), &(0x7f00000006c0)=r0}, 0x1c)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r12, &(0x7f0000000340), &(0x7f00000006c0)=""/152}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r12], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r13 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
r17 = dup(r16)
ioctl$KVM_SET_CPUID(r17, 0x4008ae8a, &(0x7f00000002c0)=ANY=[@ANYBLOB="000000d8"])
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x13, 0x23, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x9}, @map_val={0x18, 0x2, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x6}, @map_fd={0x18, 0x5, 0x1, 0x0, r2}, @ldst={0x3, 0x0, 0x0, 0x2, 0x5, 0x8}, @map_val={0x18, 0x5, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x5}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffffb}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}]}, &(0x7f00000002c0)='GPL\x00', 0xbd0, 0x72, &(0x7f0000000300)=""/114, 0x40f00, 0x0, '\x00', r5, @fallback=0x20, r6, 0x8, &(0x7f0000000600)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0x0, 0x3ff}, 0x10, r8, r0, 0x0, &(0x7f0000000800)=[r9, 0x1, 0xffffffffffffffff, r10, r11, r12, r13, r17], 0x0, 0x10, 0xb6ab, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x42)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={0xffffffffffffffff, 0x0}, 0x20)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x0)

269.689132ms ago: executing program 2 (id=1113):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={0xffffffffffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0xf500}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
r5 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f00000008c0)="3080", 0x2, r5)

0s ago: executing program 3 (id=1114):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
r0 = shmget$private(0x0, 0x3000, 0x54001800, &(0x7f000010d000/0x3000)=nil)
shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffdfff)
syz_clone3(&(0x7f00000022c0)={0x220942000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180200000000000400000000000000008500000030000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (fail_nth: 13)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4004, @fd=r1, 0x2, &(0x7f0000000900)=""/104, 0x68, 0x4, 0x1})
ioctl$SIOCAX25NOUID(0xffffffffffffffff, 0x89e3, &(0x7f0000000040))
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

  140.749352][ T7713]  ? __pfx__copy_from_iter+0x10/0x10
[  140.750707][ T7713]  ? __virt_addr_valid+0x1a4/0x590
[  140.752043][ T7713]  copy_page_from_iter+0xa5/0x120
[  140.753366][ T7713]  skb_copy_datagram_from_iter+0x29b/0x710
[  140.754845][ T7713]  tun_get_user+0x1964/0x3d70
[  140.755998][ T7713]  ? __pfx_tun_get_user+0x10/0x10
[  140.757226][ T7713]  ? find_held_lock+0x2d/0x110
[  140.758427][ T7713]  ? __pfx_lock_release+0x10/0x10
[  140.759699][ T7713]  tun_chr_write_iter+0xdc/0x210
[  140.760943][ T7713]  vfs_write+0x6b5/0x1140
[  140.762048][ T7713]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  140.763648][ T7713]  ? trace_lock_acquire+0x14a/0x1d0
[  140.764985][ T7713]  ? __pfx_vfs_write+0x10/0x10
[  140.766213][ T7713]  ? __fget_files+0x40/0x3f0
[  140.767385][ T7713]  ksys_write+0x12f/0x260
[  140.768462][ T7713]  ? __pfx_ksys_write+0x10/0x10
[  140.769701][ T7713]  __do_fast_syscall_32+0x73/0x120
[  140.770988][ T7713]  do_fast_syscall_32+0x32/0x80
[  140.772207][ T7713]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.773816][ T7713] RIP: 0023:0xf7f13579
[  140.774848][ T7713] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.779490][ T7713] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  140.781525][ T7713] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  140.783466][ T7713] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  140.785388][ T7713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.787354][ T7713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.789275][ T7713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.791204][ T7713]  </TASK>
[  140.792014][    C2] vkms_vblank_simulate: vblank timer overrun
[  140.793911][    C2] hpet_rtc_timer_reinit: 113 callbacks suppressed
[  140.793918][    C2] hpet: Lost 3 RTC interrupts
[  141.109921][ T7730] cannot load conntrack support for proto=3
[  141.222500][   T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  141.386953][   T25] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  141.389780][   T25] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  141.392354][   T25] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  141.394734][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.407789][ T7715] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  141.419219][   T25] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  141.665464][ T1282] usb 6-1: USB disconnect, device number 17
[  141.692899][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout
[  141.790861][ T7743] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  141.793715][ T7743] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  141.808889][ T7743] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  141.811430][ T7743] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  141.842000][ T7752] netlink: 820 bytes leftover after parsing attributes in process `syz.3.713'.
[  142.066185][ T7754] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  142.807148][ T7775] vivid-004: disconnect
[  142.882668][   T39] audit: type=1326 audit(1728503480.203:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  142.902946][   T39] audit: type=1326 audit(1728503480.213:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  142.908913][   T39] audit: type=1326 audit(1728503480.223:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  142.915351][ T1282] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  142.947214][   T39] audit: type=1326 audit(1728503480.223:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  142.983579][   T39] audit: type=1326 audit(1728503480.223:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  143.007139][   T39] audit: type=1326 audit(1728503480.223:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  143.046730][   T39] audit: type=1326 audit(1728503480.223:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  143.074962][   T39] audit: type=1326 audit(1728503480.223:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  143.083084][   T39] audit: type=1326 audit(1728503480.233:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.717" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  143.092443][ T1282] usb 6-1: Using ep0 maxpacket: 16
[  143.100589][ T1282] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  143.104098][ T1282] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.106374][ T1282] usb 6-1: Product: syz
[  143.107642][ T1282] usb 6-1: Manufacturer: syz
[  143.110313][ T1282] usb 6-1: SerialNumber: syz
[  143.113082][ T7777] FAULT_INJECTION: forcing a failure.
[  143.113082][ T7777] name failslab, interval 1, probability 0, space 0, times 0
[  143.117753][ T7777] CPU: 3 UID: 0 PID: 7777 Comm: syz.0.721 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  143.120826][ T1282] usb 6-1: config 0 descriptor??
[  143.121114][ T7777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.125341][ T7777] Call Trace:
[  143.126175][ T7777]  <TASK>
[  143.126942][ T7777]  dump_stack_lvl+0x16c/0x1f0
[  143.128137][ T7777]  should_fail_ex+0x497/0x5b0
[  143.129345][ T7777]  ? fs_reclaim_acquire+0xae/0x160
[  143.130680][ T7777]  should_failslab+0xc2/0x120
[  143.131895][ T7777]  __kmalloc_noprof+0xcb/0x410
[  143.133156][ T7777]  p9pdu_readf+0x1040/0x23d0
[  143.134347][ T7777]  ? __pfx_p9pdu_readf+0x10/0x10
[  143.135612][ T7777]  ? __pfx_autoremove_wake_function+0x10/0x10
[  143.135650][ T1282] as10x_usb: device has been detected
[  143.137171][ T7777]  ? p9_fd_poll+0x1db/0x2c0
[  143.138730][ T1282] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  143.139725][ T7777]  ? p9_fd_create+0x328/0x490
[  143.143126][ T7777]  ? __pfx_p9_fd_create+0x10/0x10
[  143.144398][ T7777]  ? p9_client_create+0x776/0x1150
[  143.145759][ T7777]  p9_client_create+0xc2a/0x1150
[  143.147025][ T7777]  ? __pfx_p9_client_create+0x10/0x10
[  143.148396][ T7777]  ? __raw_spin_lock_init+0x3a/0x110
[  143.149758][ T7777]  v9fs_session_init+0x1f8/0x1a80
[  143.151044][ T7777]  ? __pfx_v9fs_session_init+0x10/0x10
[  143.152422][ T7777]  ? kasan_save_track+0x14/0x30
[  143.153679][ T7777]  v9fs_mount+0xc6/0xa50
[  143.154773][ T7777]  ? __pfx_v9fs_mount+0x10/0x10
[  143.156033][ T7777]  ? __pfx_v9fs_mount+0x10/0x10
[  143.157298][ T7777]  legacy_get_tree+0x109/0x220
[  143.158521][ T7777]  vfs_get_tree+0x8f/0x380
[  143.159662][ T7777]  path_mount+0x6e1/0x1f10
[  143.160803][ T7777]  ? kmem_cache_free+0x152/0x4b0
[  143.162123][ T7777]  ? __pfx_path_mount+0x10/0x10
[  143.162581][ T1282] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  143.163362][ T7777]  ? putname+0x12e/0x170
[  143.167180][ T7777]  __ia32_sys_mount+0x292/0x310
[  143.168444][ T7777]  ? __pfx___ia32_sys_mount+0x10/0x10
[  143.169847][ T7777]  __do_fast_syscall_32+0x73/0x120
[  143.171096][ T7777]  do_fast_syscall_32+0x32/0x80
[  143.172268][ T7777]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  143.172954][ T1282] as10x_usb: error during firmware upload part1
[  143.173886][ T7777] RIP: 0023:0xf7f13579
[  143.176968][ T7777] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  143.177451][ T1282] Registered device Sky IT Digital Key (green led)
[  143.181608][ T7777] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  143.181626][ T7777] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  143.181633][ T7777] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 00000000200000c0
[  143.181640][ T7777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  143.181646][ T7777] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  143.181652][ T7777] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  143.181665][ T7777]  </TASK>
[  143.339836][ T7771] random: crng reseeded on system resumption
[  143.385235][ T1282] usb 6-1: USB disconnect, device number 18
[  143.395543][ T1282] Unregistered device Sky IT Digital Key (green led)
[  143.397796][ T1282] as10x_usb: device has been disconnected
[  143.515208][ T7769] vivid-004: reconnect
[  144.131792][ T7796] fuse: Unknown parameter 'æM'
[  144.310410][ T7808] netlink: 8 bytes leftover after parsing attributes in process `syz.0.733'.
[  144.498399][ T7815] vivid-000: disconnect
[  144.522406][ T1426] usb 7-1: new low-speed USB device number 7 using dummy_hcd
[  144.582418][ T1282] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  144.682382][ T1426] usb 7-1: Invalid ep0 maxpacket: 32
[  144.742349][ T1282] usb 6-1: Using ep0 maxpacket: 16
[  144.750553][ T1282] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  144.752933][ T1282] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.755022][ T1282] usb 6-1: Product: syz
[  144.756122][ T1282] usb 6-1: Manufacturer: syz
[  144.757407][ T1282] usb 6-1: SerialNumber: syz
[  144.775084][ T1282] usb 6-1: config 0 descriptor??
[  144.784616][ T1282] as10x_usb: device has been detected
[  144.788709][ T1282] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  144.799252][ T1282] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  144.802742][ T1282] as10x_usb: error during firmware upload part1
[  144.804857][ T1282] Registered device Sky IT Digital Key (green led)
[  144.812422][ T1426] usb 7-1: new low-speed USB device number 8 using dummy_hcd
[  144.981972][ T7811] random: crng reseeded on system resumption
[  144.982389][ T1426] usb 7-1: Invalid ep0 maxpacket: 32
[  144.985180][ T1426] usb usb7-port1: attempt power cycle
[  144.996588][   T63] usb 6-1: USB disconnect, device number 19
[  145.008467][   T63] Unregistered device Sky IT Digital Key (green led)
[  145.009451][   T63] as10x_usb: device has been disconnected
[  145.051628][ T7810] vivid-000: reconnect
[  145.207717][ T7824] netlink: 256 bytes leftover after parsing attributes in process `syz.3.737'.
[  145.210983][ T7824] openvswitch: netlink: EtherType 0 is less than min 600
[  145.332350][ T1426] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  145.355497][ T1426] usb 7-1: Invalid ep0 maxpacket: 32
[  145.492318][ T1426] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  145.512970][ T1426] usb 7-1: Invalid ep0 maxpacket: 32
[  145.514991][ T1426] usb usb7-port1: unable to enumerate USB device
[  145.605540][ T7833] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  146.189176][ T7842] vivid-002: disconnect
[  146.790626][ T7844] netlink: 12 bytes leftover after parsing attributes in process `syz.3.745'.
[  146.812885][ T7844] Cannot find add_set index 2 as target
[  146.885308][ T7839] vivid-002: reconnect
[  147.147609][ T7849] FAULT_INJECTION: forcing a failure.
[  147.147609][ T7849] name failslab, interval 1, probability 0, space 0, times 0
[  147.152160][ T7849] CPU: 1 UID: 0 PID: 7849 Comm: syz.3.747 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  147.154933][ T7849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.157656][ T7849] Call Trace:
[  147.158532][ T7849]  <TASK>
[  147.159315][ T7849]  dump_stack_lvl+0x16c/0x1f0
[  147.160557][ T7849]  should_fail_ex+0x497/0x5b0
[  147.161873][ T7849]  ? fs_reclaim_acquire+0xae/0x160
[  147.163331][ T7849]  should_failslab+0xc2/0x120
[  147.165056][ T7849]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  147.166861][ T7849]  ? getname_kernel+0x52/0x370
[  147.168141][ T7849]  getname_kernel+0x52/0x370
[  147.169375][ T7849]  kern_path+0x1d/0x50
[  147.170445][ T7849]  lookup_bdev+0xd9/0x280
[  147.171582][ T7849]  ? __pfx_lookup_bdev+0x10/0x10
[  147.172890][ T7849]  ? aa_get_newest_label+0x376/0x680
[  147.174310][ T7849]  ? kfree+0x274/0x4b0
[  147.175385][ T7849]  get_tree_bdev+0xbd/0x610
[  147.176618][ T7849]  ? __pfx_minix_fill_super+0x10/0x10
[  147.178052][ T7849]  ? __pfx_get_tree_bdev+0x10/0x10
[  147.179388][ T7849]  ? apparmor_capable+0x114/0x1d0
[  147.180710][ T7849]  ? bpf_lsm_capable+0x9/0x10
[  147.181960][ T7849]  vfs_get_tree+0x8f/0x380
[  147.183149][ T7849]  path_mount+0x6e1/0x1f10
[  147.184320][ T7849]  ? kmem_cache_free+0x152/0x4b0
[  147.185625][ T7849]  ? __pfx_path_mount+0x10/0x10
[  147.186943][ T7849]  ? putname+0x12e/0x170
[  147.188067][ T7849]  __ia32_sys_mount+0x292/0x310
[  147.189354][ T7849]  ? __pfx___ia32_sys_mount+0x10/0x10
[  147.190749][ T7849]  __do_fast_syscall_32+0x73/0x120
[  147.192098][ T7849]  do_fast_syscall_32+0x32/0x80
[  147.193466][ T7849]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.195102][ T7849] RIP: 0023:0xf7fc0579
[  147.196167][ T7849] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.201122][ T7849] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  147.203298][ T7849] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000020000080
[  147.205337][ T7849] RDX: 0000000020000180 RSI: 0000000001008010 RDI: 0000000000000000
[  147.207388][ T7849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.209501][ T7849] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.211553][ T7849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.213585][ T7849]  </TASK>
[  147.216788][ T7849] /dev/nullb0: Can't lookup blockdev
[  147.408851][ T7851] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  147.410363][ T7851] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  147.417062][ T7851] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  147.421573][ T7851] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  147.662367][   T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  147.746884][ T7871] netlink: 'syz.1.755': attribute type 2 has an invalid length.
[  147.749731][ T7871] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.755'.
[  147.792418][ T7871] mmap: syz.1.755 (7871) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  147.812329][   T25] usb 5-1: Using ep0 maxpacket: 16
[  147.824145][   T25] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  147.826520][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.828596][   T25] usb 5-1: Product: syz
[  147.829702][   T25] usb 5-1: Manufacturer: syz
[  147.830964][   T25] usb 5-1: SerialNumber: syz
[  147.844139][   T25] usb 5-1: config 0 descriptor??
[  147.855322][   T25] as10x_usb: device has been detected
[  147.857577][   T25] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  147.876392][   T25] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  147.879581][   T25] as10x_usb: error during firmware upload part1
[  147.881624][   T25] Registered device Sky IT Digital Key (green led)
[  148.054542][ T7858] random: crng reseeded on system resumption
[  148.060854][   T57] usb 5-1: USB disconnect, device number 14
[  148.071246][   T57] Unregistered device Sky IT Digital Key (green led)
[  148.071677][   T57] as10x_usb: device has been disconnected
[  148.168900][ T7895] vivid-004: disconnect
[  148.643466][ T7898] 9pnet: Found fid 0 not clunked
[  148.793286][ T7903] FAULT_INJECTION: forcing a failure.
[  148.793286][ T7903] name failslab, interval 1, probability 0, space 0, times 0
[  148.796788][ T7903] CPU: 0 UID: 0 PID: 7903 Comm: syz.0.764 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  148.799444][ T7903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.802322][ T7903] Call Trace:
[  148.803203][ T7903]  <TASK>
[  148.803993][ T7903]  dump_stack_lvl+0x16c/0x1f0
[  148.805255][ T7903]  should_fail_ex+0x497/0x5b0
[  148.806499][ T7903]  ? fs_reclaim_acquire+0xae/0x160
[  148.807848][ T7903]  should_failslab+0xc2/0x120
[  148.809104][ T7903]  __kmalloc_cache_noprof+0x6b/0x310
[  148.810508][ T7903]  ? shrinker_alloc+0xf8/0xb00
[  148.811779][ T7903]  shrinker_alloc+0xf8/0xb00
[  148.813019][ T7903]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  148.814560][ T7903]  ? rcu_is_watching+0x12/0xc0
[  148.815820][ T7903]  ? pcpu_alloc_noprof+0x1f5/0x16c0
[  148.817236][ T7903]  ? __pfx_shrinker_alloc+0x10/0x10
[  148.818645][ T7903]  ? lockdep_init_map_type+0x16d/0x7d0
[  148.820077][ T7903]  ? lockdep_init_map_type+0x16d/0x7d0
[  148.821539][ T7903]  ? __raw_spin_lock_init+0x3a/0x110
[  148.822930][ T7903]  ? __init_rwsem+0x12d/0x1b0
[  148.824160][ T7903]  alloc_super+0x7cc/0xbd0
[  148.825359][ T7903]  ? __pfx_super_s_dev_test+0x10/0x10
[  148.826771][ T7903]  sget_fc+0x116/0xb90
[  148.827851][ T7903]  ? kfree+0x274/0x4b0
[  148.828929][ T7903]  ? __pfx_super_s_dev_set+0x10/0x10
[  148.830327][ T7903]  get_tree_bdev+0x155/0x610
[  148.831541][ T7903]  ? __pfx_vfat_fill_super+0x10/0x10
[  148.833016][ T7903]  ? __pfx_get_tree_bdev+0x10/0x10
[  148.834385][ T7903]  ? bpf_lsm_capable+0x9/0x10
[  148.835634][ T7903]  vfs_get_tree+0x8f/0x380
[  148.836821][ T7903]  path_mount+0x6e1/0x1f10
[  148.838004][ T7903]  ? kmem_cache_free+0x152/0x4b0
[  148.839316][ T7903]  ? __pfx_path_mount+0x10/0x10
[  148.840571][ T7903]  ? putname+0x12e/0x170
[  148.841706][ T7903]  __ia32_sys_mount+0x292/0x310
[  148.843060][ T7903]  ? __pfx___ia32_sys_mount+0x10/0x10
[  148.844478][ T7903]  __do_fast_syscall_32+0x73/0x120
[  148.845839][ T7903]  do_fast_syscall_32+0x32/0x80
[  148.847128][ T7903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.848867][ T7903] RIP: 0023:0xf7f13579
[  148.849961][ T7903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  148.854968][ T7903] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  148.857168][ T7903] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000200000c0
[  148.859189][ T7903] RDX: 0000000020001200 RSI: 0000000000008002 RDI: 0000000000000000
[  148.861265][ T7903] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.863836][ T7903] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  148.866784][ T7903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.869678][ T7903]  </TASK>
[  148.875319][ T7892] vivid-004: reconnect
[  149.139082][ T7914] netlink: 12 bytes leftover after parsing attributes in process `syz.1.768'.
[  149.377988][ T5359] Bluetooth: hci1: command 0x0c1a tx timeout
[  149.452458][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout
[  149.454707][ T5359] Bluetooth: hci3: command 0x0405 tx timeout
[  149.456900][ T5359] Bluetooth: hci2: command 0x0c1a tx timeout
[  149.791974][ T7929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[  149.812515][ T7929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[  150.116858][ T7936] vivid-004: disconnect
[  150.843291][ T7930] vivid-004: reconnect
[  150.859300][ T7938] syz.0.775: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  150.864662][ T7938] CPU: 0 UID: 0 PID: 7938 Comm: syz.0.775 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  150.867377][ T7938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.870133][ T7938] Call Trace:
[  150.870997][ T7938]  <TASK>
[  150.871770][ T7938]  dump_stack_lvl+0x16c/0x1f0
[  150.873027][ T7938]  warn_alloc+0x24d/0x3a0
[  150.874191][ T7938]  ? __pfx_warn_alloc+0x10/0x10
[  150.875492][ T7938]  __vmalloc_node_range_noprof+0x114a/0x15a0
[  150.877035][ T7938]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  150.878367][ T7938]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  150.880045][ T7938]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  150.881395][ T7938]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  150.882812][ T7938]  vmalloc_user_noprof+0x6b/0x90
[  150.884095][ T7938]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  150.885478][ T7938]  vb2_vmalloc_alloc+0x11e/0x3d0
[  150.886767][ T7938]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  150.888174][ T7938]  __vb2_queue_alloc+0x896/0x1230
[  150.889497][ T7938]  vb2_core_reqbufs+0xa73/0xfb0
[  150.890764][ T7938]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  150.892165][ T7938]  ? __pfx___mutex_trylock_common+0x10/0x10
[  150.893974][ T7938]  ? rcu_is_watching+0x12/0xc0
[  150.895326][ T7938]  ? trace_contention_end+0xea/0x140
[  150.896718][ T7938]  vb2_reqbufs+0x1a5/0x1f0
[  150.897909][ T7938]  ? __video_do_ioctl+0x4a2/0xf00
[  150.899227][ T7938]  ? __pfx_vb2_reqbufs+0x10/0x10
[  150.900522][ T7938]  ? __pfx___mutex_lock+0x10/0x10
[  150.901845][ T7938]  ? find_held_lock+0x2d/0x110
[  150.903098][ T7938]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  150.904814][ T7938]  v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0
[  150.906747][ T7938]  v4l_reqbufs+0x193/0x1d0
[  150.908202][ T7938]  __video_do_ioctl+0xaf0/0xf00
[  150.909475][ T7938]  ? __pfx___video_do_ioctl+0x10/0x10
[  150.910866][ T7938]  video_usercopy+0x426/0x1500
[  150.912137][ T7938]  ? __pfx___video_do_ioctl+0x10/0x10
[  150.913552][ T7938]  ? __pfx_video_usercopy+0x10/0x10
[  150.914932][ T7938]  ? __pfx_video_ioctl2+0x10/0x10
[  150.916245][ T7938]  v4l2_ioctl+0x1ba/0x250
[  150.917379][ T7938]  v4l2_compat_ioctl32+0x214/0x2c0
[  150.918706][ T7938]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  150.920159][ T7938]  __do_compat_sys_ioctl+0x259/0x2b0
[  150.921540][ T7938]  __do_fast_syscall_32+0x73/0x120
[  150.922881][ T7938]  do_fast_syscall_32+0x32/0x80
[  150.924163][ T7938]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  150.926457][ T7938] RIP: 0023:0xf7f13579
[  150.927939][ T7938] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  150.932924][ T7938] RSP: 002b:00000000f543156c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  150.935102][ T7938] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c0145608
[  150.937138][ T7938] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  150.939177][ T7938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  150.941225][ T7938] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  150.943325][ T7938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.945845][ T7938]  </TASK>
[  150.947480][ T7938] Mem-Info:
[  150.948598][ T7938] active_anon:4462 inactive_anon:154 isolated_anon:0
[  150.948598][ T7938]  active_file:7004 inactive_file:36130 isolated_file:0
[  150.948598][ T7938]  unevictable:854 dirty:132 writeback:0
[  150.948598][ T7938]  slab_reclaimable:4818 slab_unreclaimable:51771
[  150.948598][ T7938]  mapped:18867 shmem:1783 pagetables:972
[  150.948598][ T7938]  sec_pagetables:318 bounce:0
[  150.948598][ T7938]  kernel_misc_reclaimable:0
[  150.948598][ T7938]  free:73063 free_pcp:1924 free_cma:0
[  150.961515][ T7938] Node 0 active_anon:304kB inactive_anon:20kB active_file:0kB inactive_file:36kB unevictable:1880kB isolated(anon):0kB isolated(file):0kB mapped:5504kB dirty:24kB writeback:0kB shmem:1544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9872kB pagetables:1604kB sec_pagetables:1220kB all_unreclaimable? no
[  150.972126][ T7938] Node 1 active_anon:17672kB inactive_anon:468kB active_file:28016kB inactive_file:144484kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:69964kB dirty:504kB writeback:0kB shmem:5588kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1992kB pagetables:2284kB sec_pagetables:52kB all_unreclaimable? no
[  150.984392][ T7938] Node 0 DMA free:980kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:4kB writepending:0kB present:15992kB managed:15360kB mlocked:4kB bounce:0kB free_pcp:220kB local_pcp:132kB free_cma:0kB
[  150.991687][ T7938] lowmem_reserve[]: 0 273 0 0 0
[  150.993788][ T7938] Node 0 DMA32 free:19024kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:2048KB active_anon:304kB inactive_anon:20kB active_file:0kB inactive_file:36kB unevictable:1876kB writepending:24kB present:1032196kB managed:306280kB mlocked:340kB bounce:0kB free_pcp:1904kB local_pcp:36kB free_cma:0kB
[  151.003399][ T7938] lowmem_reserve[]: 0 0 0 0 0
[  151.004874][ T7938] Node 1 DMA32 free:272040kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:17672kB inactive_anon:468kB active_file:28016kB inactive_file:144484kB unevictable:1536kB writepending:504kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:5860kB local_pcp:2568kB free_cma:0kB
[  151.012831][ T7938] lowmem_reserve[]: 0 0 0 0 0
[  151.014532][ T7938] Node 0 DMA: 26*4kB (U) 2*8kB (U) 22*16kB (U) 16*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 984kB
[  151.019008][ T7938] Node 0 DMA32: 268*4kB (UME) 124*8kB (UMEH) 32*16kB (UMEH) 74*32kB (UMEH) 60*64kB (UMEH) 32*128kB (UMEH) 14*256kB (UM) 3*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 19024kB
[  151.025847][ T7938] Node 1 DMA32: 162*4kB (UM) 282*8kB (ME) 355*16kB (UME) 234*32kB (UME) 97*64kB (UME) 40*128kB (UME) 49*256kB (UME) 103*512kB (UME) 37*1024kB (UM) 9*2048kB (UM) 30*4096kB (UM) = 271880kB
[  151.033266][ T7938] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.035817][ T7938] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  151.038303][ T7938] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.042025][ T7938] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  151.045305][ T7938] 45753 total pagecache pages
[  151.046896][ T7938] 750 pages in swap cache
[  151.048086][ T7938] Free swap  = 111356kB
[  151.049616][ T7938] Total swap = 124996kB
[  151.050807][ T7938] 524155 pages RAM
[  151.051926][ T7938] 0 pages HighMem/MovableOnly
[  151.053406][ T7938] 206682 pages reserved
[  151.054724][ T7938] 0 pages cma reserved
[  151.602585][   T63] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  151.752358][   T63] usb 7-1: Using ep0 maxpacket: 8
[  151.757310][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  151.760335][   T63] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  151.765234][   T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.771765][   T63] usb 7-1: config 0 descriptor??
[  151.984039][   T63] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  152.181525][   T63] IPVS: starting estimator thread 0...
[  152.243844][ T7974] netlink: 12 bytes leftover after parsing attributes in process `syz.1.788'.
[  152.256380][ T1282] usb 7-1: USB disconnect, device number 11
[  152.258886][ T1282] iowarrior 7-1:0.0: I/O-Warror #0 now disconnected
[  152.282567][ T7976] netlink: 'syz.0.789': attribute type 10 has an invalid length.
[  152.284550][ T7976] netlink: 40 bytes leftover after parsing attributes in process `syz.0.789'.
[  152.287041][ T7969] IPVS: using max 35 ests per chain, 84000 per kthread
[  152.287302][ T7976] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  152.460806][ T7982] vivid-002: disconnect
[  152.485497][   T66] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  152.486883][   T66] Bluetooth: hci1: SCO packet for unknown connection handle 1039
[  153.104552][ T7979] vivid-002: reconnect
[  153.124737][ T7995] capability: warning: `syz.0.796' uses 32-bit capabilities (legacy support in use)
[  153.130364][ T7996] netlink: 12 bytes leftover after parsing attributes in process `syz.0.796'.
[  153.133079][ T7996] netlink: 56 bytes leftover after parsing attributes in process `syz.0.796'.
[  153.135568][ T7996] netlink: 12 bytes leftover after parsing attributes in process `syz.0.796'.
[  153.187315][ T8003] FAULT_INJECTION: forcing a failure.
[  153.187315][ T8003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.201336][ T8003] CPU: 2 UID: 0 PID: 8003 Comm: syz.2.798 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  153.204224][ T8003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.207040][ T8003] Call Trace:
[  153.208021][ T8003]  <TASK>
[  153.208797][ T8003]  dump_stack_lvl+0x16c/0x1f0
[  153.210045][ T8003]  should_fail_ex+0x497/0x5b0
[  153.211280][ T8003]  _copy_from_user+0x30/0xf0
[  153.212486][ T8003]  user_termios_to_kernel_termios_1+0x21/0x30
[  153.214073][ T8003]  set_termios+0x3a5/0x7f0
[  153.215238][ T8003]  ? __lock_acquire+0x163e/0x3ce0
[  153.216553][ T8003]  ? __pfx_set_termios+0x10/0x10
[  153.217843][ T8003]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  153.219294][ T8003]  ? tty_ldisc_ref_wait+0x24/0x80
[  153.220602][ T8003]  tty_mode_ioctl+0x549/0xd20
[  153.221843][ T8003]  ? __pfx_tty_mode_ioctl+0x10/0x10
[  153.223195][ T8003]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[  153.224771][ T8003]  ? lock_acquire+0x2f/0xb0
[  153.226006][ T8003]  ? sp_get+0x18/0xf0
[  153.227039][ T8003]  ? do_raw_read_unlock+0x44/0xe0
[  153.228340][ T8003]  ? __pfx_ppp_synctty_ioctl+0x10/0x10
[  153.229746][ T8003]  ppp_synctty_ioctl+0x163/0x260
[  153.231031][ T8003]  ? __pfx_ppp_synctty_ioctl+0x10/0x10
[  153.232432][ T8003]  tty_ioctl+0x6ee/0x1640
[  153.233584][ T8003]  ? __pfx_tty_ioctl+0x10/0x10
[  153.234836][ T8003]  ? trace_lock_acquire+0x14a/0x1d0
[  153.236202][ T8003]  ? __fget_files+0x244/0x3f0
[  153.237443][ T8003]  tty_compat_ioctl+0x24a/0x4d0
[  153.238705][ T8003]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  153.240089][ T8003]  __do_compat_sys_ioctl+0x259/0x2b0
[  153.241461][ T8003]  __do_fast_syscall_32+0x73/0x120
[  153.242794][ T8003]  do_fast_syscall_32+0x32/0x80
[  153.244042][ T8003]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.245719][ T8003] RIP: 0023:0xf7f70579
[  153.246776][ T8003] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.251703][ T8003] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  153.253865][ T8003] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005404
[  153.255897][ T8003] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[  153.257974][ T8003] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.260003][ T8003] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.262075][ T8003] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.264113][ T8003]  </TASK>
[  153.265284][    C2] hpet_rtc_timer_reinit: 20 callbacks suppressed
[  153.265292][    C2] hpet: Lost 3 RTC interrupts
[  153.452765][ T4508] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  153.602367][ T4508] usb 5-1: Using ep0 maxpacket: 16
[  153.608033][ T4508] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  153.610545][ T4508] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.613228][ T4508] usb 5-1: Product: syz
[  153.614370][ T4508] usb 5-1: Manufacturer: syz
[  153.615587][ T4508] usb 5-1: SerialNumber: syz
[  153.617708][ T4508] usb 5-1: config 0 descriptor??
[  153.621956][ T8020] netlink: 'syz.1.805': attribute type 10 has an invalid length.
[  153.622580][ T4508] as10x_usb: device has been detected
[  153.624958][ T8020] netlink: 40 bytes leftover after parsing attributes in process `syz.1.805'.
[  153.626256][ T4508] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  153.628912][ T8020] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  153.634509][ T4508] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  153.638289][ T4508] as10x_usb: error during firmware upload part1
[  153.639949][ T4508] Registered device Sky IT Digital Key (green led)
[  153.682576][ T8022] trusted_key: encrypted_key: insufficient parameters specified
[  153.750345][    C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  153.824966][ T8008] random: crng reseeded on system resumption
[  153.852949][ T4508] usb 5-1: USB disconnect, device number 15
[  153.880426][ T4508] Unregistered device Sky IT Digital Key (green led)
[  153.881172][ T4508] as10x_usb: device has been disconnected
[  154.326954][ T8032] vivid-002: disconnect
[  154.623097][ T8039] syzkaller1: entered promiscuous mode
[  154.624609][ T8039] syzkaller1: entered allmulticast mode
[  154.972115][ T8031] vivid-002: reconnect
[  155.323965][ T8049] netlink: 'syz.1.815': attribute type 10 has an invalid length.
[  155.326131][ T8049] netlink: 40 bytes leftover after parsing attributes in process `syz.1.815'.
[  155.328709][ T8049] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  155.799569][ T8070] FAULT_INJECTION: forcing a failure.
[  155.799569][ T8070] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  155.803414][ T8070] CPU: 1 UID: 0 PID: 8070 Comm: syz.1.822 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  155.806315][ T8070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.809108][ T8070] Call Trace:
[  155.809998][ T8070]  <TASK>
[  155.810788][ T8070]  dump_stack_lvl+0x16c/0x1f0
[  155.812057][ T8070]  should_fail_ex+0x497/0x5b0
[  155.813318][ T8070]  ? fs_reclaim_acquire+0xae/0x160
[  155.814860][ T8070]  should_fail_alloc_page+0xe7/0x130
[  155.816797][ T8070]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  155.818811][ T8070]  ? __pfx_mark_lock+0x10/0x10
[  155.820098][ T8070]  __alloc_pages_noprof+0x190/0x25c0
[  155.821494][ T8070]  ? mark_lock+0xb5/0xc60
[  155.822638][ T8070]  ? __pfx_mark_lock+0x10/0x10
[  155.823901][ T8070]  ? lock_acquire.part.0+0x11b/0x380
[  155.825451][ T8070]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  155.826953][ T8070]  ? hlock_class+0x4e/0x130
[  155.828148][ T8070]  ? __lock_acquire+0xbdd/0x3ce0
[  155.829458][ T8070]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  155.831009][ T8070]  ? policy_nodemask+0xea/0x4e0
[  155.832302][ T8070]  alloc_pages_mpol_noprof+0x2c9/0x610
[  155.834085][ T8070]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  155.836249][ T8070]  ? find_held_lock+0x2d/0x110
[  155.837966][ T8070]  folio_alloc_mpol_noprof+0x36/0xd0
[  155.839365][ T8070]  shmem_alloc_folio+0x135/0x160
[  155.840672][ T8070]  shmem_alloc_and_add_folio+0x48b/0xc00
[  155.842166][ T8070]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  155.843784][ T8070]  ? shmem_allowable_huge_orders+0x208/0x440
[  155.845517][ T8070]  shmem_get_folio_gfp+0x689/0x1530
[  155.846854][ T8070]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  155.848312][ T8070]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  155.849766][ T8070]  ? __pfx___might_resched+0x10/0x10
[  155.851148][ T8070]  shmem_fallocate+0x7c0/0xfb0
[  155.852419][ T8070]  ? __pfx_shmem_fallocate+0x10/0x10
[  155.853817][ T8070]  ? __pfx___lock_acquire+0x10/0x10
[  155.855590][ T8070]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  155.857500][ T8070]  ? rcu_is_watching+0x12/0xc0
[  155.858758][ T8070]  ? trace_lock_acquire+0x14a/0x1d0
[  155.860131][ T8070]  ? compat_ioctl_preallocate+0x1b0/0x220
[  155.861640][ T8070]  ? __pfx_shmem_fallocate+0x10/0x10
[  155.863041][ T8070]  vfs_fallocate+0x459/0xf90
[  155.864292][ T8070]  compat_ioctl_preallocate+0x1b0/0x220
[  155.865749][ T8070]  ? __pfx_compat_ioctl_preallocate+0x10/0x10
[  155.867345][ T8070]  __do_compat_sys_ioctl+0x1b7/0x2b0
[  155.868730][ T8070]  __do_fast_syscall_32+0x73/0x120
[  155.870091][ T8070]  do_fast_syscall_32+0x32/0x80
[  155.871374][ T8070]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.873047][ T8070] RIP: 0023:0xf7ff8579
[  155.874119][ T8070] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.879043][ T8070] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  155.881278][ T8070] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000402c5828
[  155.883344][ T8070] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  155.885415][ T8070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.887470][ T8070] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.889540][ T8070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.891608][ T8070]  </TASK>
[  156.051056][ T8075] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  156.053200][ T8075] macsec0: entered allmulticast mode
[  156.054638][ T8075] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  156.064186][ T8075] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  156.066034][ T8075] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  156.413184][ T8063] syz.2.820 (8063): drop_caches: 1
[  156.440536][ T8063] syz.2.820 (8063): drop_caches: 1
[  157.024703][ T8088] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  157.026312][   T39] audit: type=1326 audit(1728503494.353:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.828" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x0
[  157.026368][ T8088] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  157.033409][ T8088] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  157.035034][ T8088] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  157.178299][ T8093] FAULT_INJECTION: forcing a failure.
[  157.178299][ T8093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.181911][ T8093] CPU: 1 UID: 0 PID: 8093 Comm: syz.3.829 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  157.184656][ T8093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.187426][ T8093] Call Trace:
[  157.188312][ T8093]  <TASK>
[  157.189102][ T8093]  dump_stack_lvl+0x16c/0x1f0
[  157.190343][ T8093]  should_fail_ex+0x497/0x5b0
[  157.191584][ T8093]  _copy_from_user+0x30/0xf0
[  157.192883][ T8093]  get_compat_msghdr+0xa8/0x170
[  157.194172][ T8093]  ? __pfx_get_compat_msghdr+0x10/0x10
[  157.195588][ T8093]  ? __pfx___lock_acquire+0x10/0x10
[  157.196955][ T8093]  ___sys_sendmsg+0x1b0/0x1e0
[  157.198202][ T8093]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.199571][ T8093]  ? lock_acquire+0x2f/0xb0
[  157.200769][ T8093]  ? __fget_files+0x40/0x3f0
[  157.201998][ T8093]  ? __pfx___might_resched+0x10/0x10
[  157.203374][ T8093]  ? fdget+0x176/0x210
[  157.204454][ T8093]  __sys_sendmmsg+0x2a5/0x450
[  157.205699][ T8093]  ? __pfx___sys_sendmmsg+0x10/0x10
[  157.207075][ T8093]  ? vfs_write+0x14d/0x1140
[  157.208314][ T8093]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  157.209900][ T8093]  ? fput+0x30/0x390
[  157.210937][ T8093]  ? ksys_write+0x1ad/0x260
[  157.212133][ T8093]  ? __pfx_ksys_write+0x10/0x10
[  157.213453][ T8093]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  157.214959][ T8093]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  157.216544][ T8093]  __do_fast_syscall_32+0x73/0x120
[  157.217895][ T8093]  do_fast_syscall_32+0x32/0x80
[  157.219105][ T8093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.220638][ T8093] RIP: 0023:0xf7fc0579
[  157.221707][ T8093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  157.226620][ T8093] RSP: 002b:00000000f572556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  157.228778][ T8093] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020006740
[  157.230835][ T8093] RDX: 0000000000000300 RSI: 0000000000000000 RDI: 0000000000000000
[  157.232897][ T8093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.234949][ T8093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  157.236997][ T8093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.239099][ T8093]  </TASK>
[  157.477943][ T8095] netlink: 'syz.1.830': attribute type 10 has an invalid length.
[  157.480045][ T8095] netlink: 40 bytes leftover after parsing attributes in process `syz.1.830'.
[  157.483503][ T8095] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  157.923593][ T8103] FAULT_INJECTION: forcing a failure.
[  157.923593][ T8103] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  157.927408][ T8103] CPU: 2 UID: 0 PID: 8103 Comm: syz.2.834 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  157.930632][ T8103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.933395][ T8103] Call Trace:
[  157.934260][ T8103]  <TASK>
[  157.935027][ T8103]  dump_stack_lvl+0x16c/0x1f0
[  157.936260][ T8103]  should_fail_ex+0x497/0x5b0
[  157.937492][ T8103]  ? fs_reclaim_acquire+0xae/0x160
[  157.938814][ T8103]  should_fail_alloc_page+0xe7/0x130
[  157.940223][ T8103]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  157.942125][ T8103]  ? __pfx_mark_lock+0x10/0x10
[  157.943364][ T8103]  __alloc_pages_noprof+0x190/0x25c0
[  157.945173][ T8103]  ? mark_lock+0xb5/0xc60
[  157.946728][ T8103]  ? __pfx_mark_lock+0x10/0x10
[  157.947971][ T8103]  ? lock_acquire.part.0+0x11b/0x380
[  157.949387][ T8103]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  157.951038][ T8103]  ? hlock_class+0x4e/0x130
[  157.952710][ T8103]  ? __lock_acquire+0xbdd/0x3ce0
[  157.954358][ T8103]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.955892][ T8103]  ? policy_nodemask+0xea/0x4e0
[  157.957182][ T8103]  alloc_pages_mpol_noprof+0x2c9/0x610
[  157.958610][ T8103]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  157.960194][ T8103]  ? find_held_lock+0x2d/0x110
[  157.961454][ T8103]  folio_alloc_mpol_noprof+0x36/0xd0
[  157.962836][ T8103]  shmem_alloc_folio+0x135/0x160
[  157.964128][ T8103]  shmem_alloc_and_add_folio+0x48b/0xc00
[  157.965599][ T8103]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  157.967197][ T8103]  ? shmem_allowable_huge_orders+0x208/0x440
[  157.968754][ T8103]  shmem_get_folio_gfp+0x689/0x1530
[  157.970507][ T8103]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  157.971972][ T8103]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  157.973385][ T8103]  ? __pfx___might_resched+0x10/0x10
[  157.974756][ T8103]  shmem_fallocate+0x7c0/0xfb0
[  157.976007][ T8103]  ? __pfx_shmem_fallocate+0x10/0x10
[  157.977387][ T8103]  ? __pfx___lock_acquire+0x10/0x10
[  157.978741][ T8103]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  157.980221][ T8103]  ? rcu_is_watching+0x12/0xc0
[  157.981481][ T8103]  ? trace_lock_acquire+0x14a/0x1d0
[  157.982830][ T8103]  ? compat_ioctl_preallocate+0x1b0/0x220
[  157.984501][ T8103]  ? __pfx_shmem_fallocate+0x10/0x10
[  157.985848][ T8103]  vfs_fallocate+0x459/0xf90
[  157.986982][ T8103]  compat_ioctl_preallocate+0x1b0/0x220
[  157.988430][ T8103]  ? __pfx_compat_ioctl_preallocate+0x10/0x10
[  157.990208][ T8103]  __do_compat_sys_ioctl+0x1b7/0x2b0
[  157.992012][ T8103]  __do_fast_syscall_32+0x73/0x120
[  157.993829][ T8103]  do_fast_syscall_32+0x32/0x80
[  157.995574][ T8103]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.997824][ T8103] RIP: 0023:0xf7f70579
[  157.999263][ T8103] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  158.005883][ T8103] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  158.008707][ T8103] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000402c5828
[  158.010638][ T8103] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  158.012604][ T8103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.014653][ T8103] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  158.016634][ T8103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.018581][ T8103]  </TASK>
[  158.019937][    C2] hpet: Lost 4 RTC interrupts
[  158.275799][ T8113] netlink: 9 bytes leftover after parsing attributes in process `syz.1.837'.
[  158.653346][   T39] audit: type=1326 audit(1728503495.983:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.659459][   T39] audit: type=1326 audit(1728503495.983:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.665698][   T39] audit: type=1326 audit(1728503495.983:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.682395][   T39] audit: type=1326 audit(1728503495.983:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.687855][   T39] audit: type=1326 audit(1728503495.983:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.696534][   T39] audit: type=1326 audit(1728503495.983:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.702038][   T39] audit: type=1326 audit(1728503495.983:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.704000][ T8128] netlink: 'syz.3.843': attribute type 10 has an invalid length.
[  158.707736][   T39] audit: type=1326 audit(1728503495.983:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.709626][ T8128] netlink: 40 bytes leftover after parsing attributes in process `syz.3.843'.
[  158.716100][   T39] audit: type=1326 audit(1728503495.983:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.719070][ T8128] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  158.726635][   T39] audit: type=1326 audit(1728503495.983:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8122 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.792349][ T4508] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  158.812440][   T66] Bluetooth: hci1: command 0x0c1a tx timeout
[  158.926350][ T8132] vivid-004: disconnect
[  158.952316][ T4508] usb 6-1: Using ep0 maxpacket: 16
[  158.956892][ T4508] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  158.959350][ T4508] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.961458][ T4508] usb 6-1: Product: syz
[  158.963371][ T4508] usb 6-1: Manufacturer: syz
[  158.964717][ T4508] usb 6-1: SerialNumber: syz
[  158.969959][ T4508] usb 6-1: config 0 descriptor??
[  158.976353][ T4508] as10x_usb: device has been detected
[  158.978607][ T4508] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  158.986934][ T4508] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  158.992519][ T4508] as10x_usb: error during firmware upload part1
[  158.994317][ T4508] Registered device Sky IT Digital Key (green led)
[  159.062446][   T66] Bluetooth: hci0: command 0x0c1a tx timeout
[  159.062613][ T5359] Bluetooth: hci3: command 0x0405 tx timeout
[  159.064255][   T66] Bluetooth: hci2: command 0x0c1a tx timeout
[  159.192124][ T8120] random: crng reseeded on system resumption
[  159.197859][ T4508] usb 6-1: USB disconnect, device number 20
[  159.205714][ T4508] Unregistered device Sky IT Digital Key (green led)
[  159.208996][ T4508] as10x_usb: device has been disconnected
[  159.483354][ T8152] fuse: Bad value for 'fd'
[  159.487275][ T8152] fuseblk: Bad value for 'fd'
[  159.490801][ T8152] overlayfs: failed to resolve './file1': -2
[  159.560430][ T8150] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  159.562707][ T8150] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  159.564467][ T8150] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  159.566162][ T8150] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  159.585886][ T8133] vivid-004: reconnect
[  159.626450][ T8155] futex_wake_op: syz.3.852 tries to shift op by 36; fix this program
[  159.694378][ T8158] netlink: 'syz.2.853': attribute type 10 has an invalid length.
[  159.696388][ T8158] netlink: 40 bytes leftover after parsing attributes in process `syz.2.853'.
[  159.698939][ T8158] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  159.776111][ T8165] tmpfs: Bad value for 'mpol'
[  159.797188][ T8165] cgroup: Unexpected value for 'cpuset_v2_mode'
[  159.896346][ T8168] FAULT_INJECTION: forcing a failure.
[  159.896346][ T8168] name failslab, interval 1, probability 0, space 0, times 0
[  159.899802][ T8168] CPU: 1 UID: 0 PID: 8168 Comm: syz.1.857 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  159.902696][ T8168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.905492][ T8168] Call Trace:
[  159.906381][ T8168]  <TASK>
[  159.907166][ T8168]  dump_stack_lvl+0x16c/0x1f0
[  159.908423][ T8168]  should_fail_ex+0x497/0x5b0
[  159.909675][ T8168]  ? fs_reclaim_acquire+0xae/0x160
[  159.911070][ T8168]  should_failslab+0xc2/0x120
[  159.912328][ T8168]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  159.913766][ T8168]  ? __kernfs_new_node+0xd3/0x890
[  159.915101][ T8168]  __kernfs_new_node+0xd3/0x890
[  159.916395][ T8168]  ? __pfx___kernfs_new_node+0x10/0x10
[  159.917838][ T8168]  ? __pfx_lock_release+0x10/0x10
[  159.919177][ T8168]  ? kernfs_add_one+0x39d/0x520
[  159.920473][ T8168]  ? up_write+0x1b2/0x520
[  159.921623][ T8168]  kernfs_new_node+0x186/0x240
[  159.922898][ T8168]  __kernfs_create_file+0x53/0x350
[  159.924254][ T8168]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  159.925678][ T8168]  internal_create_group+0x565/0xe50
[  159.927116][ T8168]  ? __pfx_internal_create_group+0x10/0x10
[  159.928649][ T8168]  ? kernfs_create_link+0x1bd/0x240
[  159.930026][ T8168]  internal_create_groups+0x9d/0x150
[  159.931425][ T8168]  device_add+0x733/0x1a70
[  159.932612][ T8168]  ? __pfx_device_add+0x10/0x10
[  159.933913][ T8168]  input_register_device+0x860/0x10e0
[  159.935326][ T8168]  uinput_ioctl_handler.isra.0+0x130c/0x1d70
[  159.936902][ T8168]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  159.938568][ T8168]  ? trace_lock_acquire+0x14a/0x1d0
[  159.939941][ T8168]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.941507][ T8168]  ? __pfx_uinput_compat_ioctl+0x10/0x10
[  159.943050][ T8168]  __do_compat_sys_ioctl+0x259/0x2b0
[  159.944464][ T8168]  __do_fast_syscall_32+0x73/0x120
[  159.945828][ T8168]  do_fast_syscall_32+0x32/0x80
[  159.947113][ T8168]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  159.948775][ T8168] RIP: 0023:0xf7ff8579
[  159.949864][ T8168] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  159.955065][ T8168] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  159.957232][ T8168] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005501
[  159.959301][ T8168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  159.961364][ T8168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  159.963416][ T8168] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  159.965472][ T8168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  159.967526][ T8168]  </TASK>
[  160.381492][ T8191] vivid-000: disconnect
[  161.015211][ T8188] vivid-000: reconnect
[  161.162807][ T8201] netlink: 'syz.2.866': attribute type 10 has an invalid length.
[  161.164889][ T8201] netlink: 40 bytes leftover after parsing attributes in process `syz.2.866'.
[  161.167538][ T8201] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  161.376915][ T8214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.869'.
[  161.379282][ T8214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.869'.
[  161.523962][ T8224] FAULT_INJECTION: forcing a failure.
[  161.523962][ T8224] name failslab, interval 1, probability 0, space 0, times 0
[  161.530164][ T8224] CPU: 0 UID: 0 PID: 8224 Comm: syz.2.872 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  161.532864][ T8224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.535657][ T8224] Call Trace:
[  161.536575][ T8224]  <TASK>
[  161.537384][ T8224]  dump_stack_lvl+0x16c/0x1f0
[  161.538621][ T8224]  should_fail_ex+0x497/0x5b0
[  161.539822][ T8224]  ? fs_reclaim_acquire+0xae/0x160
[  161.541121][ T8224]  should_failslab+0xc2/0x120
[  161.542356][ T8224]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[  161.543845][ T8224]  ? alloc_inode+0xba/0x230
[  161.545021][ T8224]  alloc_inode+0xba/0x230
[  161.546116][ T8224]  new_inode+0x22/0x210
[  161.547201][ T8224]  ? start_creating.part.0+0x25d/0x3a0
[  161.548573][ T8224]  __debugfs_create_file+0x11a/0x660
[  161.549929][ T8224]  kvm_dev_ioctl+0x14b9/0x1ab0
[  161.551195][ T8224]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  161.552590][ T8224]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  161.553961][ T8224]  __do_compat_sys_ioctl+0x259/0x2b0
[  161.555349][ T8224]  __do_fast_syscall_32+0x73/0x120
[  161.556667][ T8224]  do_fast_syscall_32+0x32/0x80
[  161.557922][ T8224]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  161.559534][ T8224] RIP: 0023:0xf7f70579
[  161.560591][ T8224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  161.565617][ T8224] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  161.567762][ T8224] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01
[  161.569838][ T8224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  161.571899][ T8224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  161.574027][ T8224] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  161.576090][ T8224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  161.578163][ T8224]  </TASK>
[  161.581785][   T66] Bluetooth: hci1: command 0x0c1a tx timeout
[  161.592953][ T8224] debugfs: out of free dentries, can not create file 'mmu_recycled'
[  161.622398][   T66] Bluetooth: hci0: command 0x0c1a tx timeout
[  161.622424][ T4777] Bluetooth: hci3: command 0x0405 tx timeout
[  161.624060][   T66] Bluetooth: hci2: command 0x0c1a tx timeout
[  161.784323][   T66] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  162.008155][ T8252] netlink: 'syz.2.878': attribute type 10 has an invalid length.
[  162.018990][ T8252] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.021861][ T8252] team0: Port device bond0 added
[  162.474601][ T8268] netlink: 'syz.1.881': attribute type 10 has an invalid length.
[  162.476649][ T8268] netlink: 40 bytes leftover after parsing attributes in process `syz.1.881'.
[  162.479716][ T8268] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  162.705162][ T8271] netlink: 'syz.0.882': attribute type 1 has an invalid length.
[  162.707291][ T8271] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.882'.
[  163.100797][ T8288] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  163.259591][ T8291] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  163.586447][ T8313] netlink: 'syz.3.895': attribute type 10 has an invalid length.
[  163.588488][ T8313] netlink: 40 bytes leftover after parsing attributes in process `syz.3.895'.
[  163.591425][ T8313] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  163.790650][   T39] kauditd_printk_skb: 161 callbacks suppressed
[  163.790661][   T39] audit: type=1326 audit(1728503501.113:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.0.896" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  163.806514][   T39] audit: type=1326 audit(1728503501.113:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.0.896" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  164.051356][   T66] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  164.082396][   T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  164.233443][   T25] usb 5-1: Using ep0 maxpacket: 32
[  164.237793][   T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  164.242658][   T25] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  164.245167][   T25] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  164.247480][   T25] usb 5-1: Product: syz
[  164.248585][   T25] usb 5-1: Manufacturer: syz
[  164.250002][   T25] usb 5-1: SerialNumber: syz
[  164.252168][   T25] usb 5-1: config 0 descriptor??
[  164.258614][ T8319] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  164.652537][   T25] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  164.740663][ T4508] usb 5-1: USB disconnect, device number 16
[  164.833512][   T25] usb 6-1: Using ep0 maxpacket: 16
[  164.839805][   T25] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  164.842113][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.844285][   T25] usb 6-1: Product: syz
[  164.845817][   T25] usb 6-1: Manufacturer: syz
[  164.847492][   T25] usb 6-1: SerialNumber: syz
[  164.850191][   T25] usb 6-1: config 0 descriptor??
[  164.856372][   T25] as10x_usb: device has been detected
[  164.857856][   T25] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  164.866785][   T25] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  164.871097][   T25] as10x_usb: error during firmware upload part1
[  164.872841][   T25] Registered device Sky IT Digital Key (green led)
[  165.058354][ T8331] random: crng reseeded on system resumption
[  165.067278][ T1282] usb 6-1: USB disconnect, device number 21
[  165.091554][ T1282] Unregistered device Sky IT Digital Key (green led)
[  165.093016][ T1282] as10x_usb: device has been disconnected
[  165.571153][   T39] audit: type=1326 audit(1728503502.893:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.588203][ T8344] netlink: 'syz.2.906': attribute type 10 has an invalid length.
[  165.590590][   T39] audit: type=1326 audit(1728503502.893:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.596831][ T8344] netlink: 40 bytes leftover after parsing attributes in process `syz.2.906'.
[  165.599504][ T8344] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  165.603535][   T39] audit: type=1326 audit(1728503502.893:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.608940][   T39] audit: type=1326 audit(1728503502.913:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.621205][   T39] audit: type=1326 audit(1728503502.913:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.629129][   T39] audit: type=1326 audit(1728503502.913:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8345 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.636153][   T39] audit: type=1326 audit(1728503502.913:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  165.652032][   T39] audit: type=1326 audit(1728503502.913:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  166.199756][ T8376] vivid-004: disconnect
[  166.922427][ T8373] vivid-004: reconnect
[  166.983031][ T8404] netlink: 24 bytes leftover after parsing attributes in process `syz.2.923'.
[  166.985392][ T8404] netlink: 'syz.2.923': attribute type 1 has an invalid length.
[  166.987576][ T8404] netlink: 'syz.2.923': attribute type 2 has an invalid length.
[  166.990010][ T8404] netlink: 24 bytes leftover after parsing attributes in process `syz.2.923'.
[  167.036143][ T8408] FAULT_INJECTION: forcing a failure.
[  167.036143][ T8408] name failslab, interval 1, probability 0, space 0, times 0
[  167.039474][ T8408] CPU: 3 UID: 0 PID: 8408 Comm: syz.2.925 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  167.042048][ T8408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.044766][ T8408] Call Trace:
[  167.045608][ T8408]  <TASK>
[  167.046340][ T8408]  dump_stack_lvl+0x16c/0x1f0
[  167.047583][ T8408]  should_fail_ex+0x497/0x5b0
[  167.048774][ T8408]  ? fs_reclaim_acquire+0xae/0x160
[  167.050061][ T8408]  should_failslab+0xc2/0x120
[  167.051273][ T8408]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  167.052831][ T8408]  ? __kernfs_new_node+0xd3/0x890
[  167.054199][ T8408]  __kernfs_new_node+0xd3/0x890
[  167.055402][ T8408]  ? __pfx___kernfs_new_node+0x10/0x10
[  167.056786][ T8408]  ? __pfx_lock_release+0x10/0x10
[  167.058023][ T8408]  ? kernfs_add_one+0x39d/0x520
[  167.059202][ T8408]  ? up_write+0x1b2/0x520
[  167.060313][ T8408]  kernfs_new_node+0x186/0x240
[  167.061577][ T8408]  __kernfs_create_file+0x53/0x350
[  167.062912][ T8408]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  167.064318][ T8408]  internal_create_group+0x565/0xe50
[  167.065676][ T8408]  ? __pfx_internal_create_group+0x10/0x10
[  167.067176][ T8408]  ? kernfs_create_link+0x1bd/0x240
[  167.068516][ T8408]  internal_create_groups+0x9d/0x150
[  167.069929][ T8408]  device_add+0x6d3/0x1a70
[  167.071103][ T8408]  ? rcu_is_watching+0x12/0xc0
[  167.072362][ T8408]  ? __pfx_device_add+0x10/0x10
[  167.073624][ T8408]  ? kstrdup+0x5c/0x80
[  167.074676][ T8408]  device_create_groups_vargs+0x1f8/0x270
[  167.076111][ T8408]  device_create+0xe9/0x130
[  167.077315][ T8408]  ? __pfx_device_create+0x10/0x10
[  167.078661][ T8408]  ? __pfx_vsnprintf+0x10/0x10
[  167.079906][ T8408]  bdi_register_va+0x116/0x820
[  167.081156][ T8408]  ? __pfx_bdi_register_va+0x10/0x10
[  167.082585][ T8408]  ? do_init_timer+0xc9/0x110
[  167.083843][ T8408]  super_setup_bdi_name+0x100/0x250
[  167.085210][ T8408]  ? __pfx_super_setup_bdi_name+0x10/0x10
[  167.086687][ T8408]  ? shrinker_register+0x1a8/0x260
[  167.088027][ T8408]  afs_get_tree+0xc1f/0x14c0
[  167.089243][ T8408]  ? security_capable+0x7e/0x260
[  167.090486][ T8408]  vfs_get_tree+0x8f/0x380
[  167.091597][ T8408]  path_mount+0x6e1/0x1f10
[  167.092773][ T8408]  ? kmem_cache_free+0x152/0x4b0
[  167.094053][ T8408]  ? __pfx_path_mount+0x10/0x10
[  167.095328][ T8408]  ? putname+0x12e/0x170
[  167.096441][ T8408]  __ia32_sys_mount+0x292/0x310
[  167.097712][ T8408]  ? __pfx___ia32_sys_mount+0x10/0x10
[  167.099106][ T8408]  __do_fast_syscall_32+0x73/0x120
[  167.100347][ T8408]  do_fast_syscall_32+0x32/0x80
[  167.101562][ T8408]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.103195][ T8408] RIP: 0023:0xf7f70579
[  167.104260][ T8408] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.109008][ T8408] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  167.111119][ T8408] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000020000080
[  167.113064][ T8408] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000020000400
[  167.115091][ T8408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.117122][ T8408] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  167.119081][ T8408] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.121075][ T8408]  </TASK>
[  168.414658][ T8436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.933'.
[  169.574038][   T39] kauditd_printk_skb: 126 callbacks suppressed
[  169.574054][   T39] audit: type=1326 audit(1728503506.903:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.600300][   T39] audit: type=1326 audit(1728503506.913:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.612333][   T39] audit: type=1326 audit(1728503506.933:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8447 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.619751][   T39] audit: type=1326 audit(1728503506.933:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.627624][   T39] audit: type=1326 audit(1728503506.933:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.635917][   T39] audit: type=1326 audit(1728503506.943:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.643799][   T39] audit: type=1326 audit(1728503506.943:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.652234][   T39] audit: type=1326 audit(1728503506.943:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.660230][   T39] audit: type=1326 audit(1728503506.943:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff8598 code=0x7ffc0000
[  169.668641][   T39] audit: type=1326 audit(1728503506.943:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.1.936" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  169.696968][ T8449] netlink: 'syz.3.937': attribute type 10 has an invalid length.
[  169.699890][ T8449] autofs: Bad value for 'fd'
[  170.340646][ T8469] fuse: Unknown parameter 'd'
[  170.340827][ T8468] fuse: Unknown parameter 'd'
[  170.648237][ T8477] netlink: 'syz.3.945': attribute type 4 has an invalid length.
[  170.650928][ T8477] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.945'.
[  170.797483][ T8484] FAULT_INJECTION: forcing a failure.
[  170.797483][ T8484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.800943][ T8484] CPU: 1 UID: 0 PID: 8484 Comm: syz.3.947 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  170.803762][ T8484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.806532][ T8484] Call Trace:
[  170.807411][ T8484]  <TASK>
[  170.808202][ T8484]  dump_stack_lvl+0x16c/0x1f0
[  170.809462][ T8484]  should_fail_ex+0x497/0x5b0
[  170.810722][ T8484]  _copy_from_user+0x30/0xf0
[  170.812186][ T8484]  get_compat_msghdr+0xa8/0x170
[  170.813550][ T8484]  ? __pfx_get_compat_msghdr+0x10/0x10
[  170.815340][ T8484]  ? find_held_lock+0x2d/0x110
[  170.817065][ T8484]  ___sys_recvmsg+0x193/0x1a0
[  170.818365][ T8484]  ? __pfx____sys_recvmsg+0x10/0x10
[  170.820031][ T8484]  ? lock_acquire+0x2f/0xb0
[  170.821336][ T8484]  ? __fget_files+0x40/0x3f0
[  170.822558][ T8484]  ? __pfx___might_resched+0x10/0x10
[  170.823944][ T8484]  ? fdget+0x176/0x210
[  170.825027][ T8484]  do_recvmmsg+0x51a/0x750
[  170.826222][ T8484]  ? __pfx_do_recvmmsg+0x10/0x10
[  170.827532][ T8484]  ? __pfx_lock_release+0x10/0x10
[  170.828862][ T8484]  ? vfs_write+0x14d/0x1140
[  170.830097][ T8484]  ? __fget_files+0x244/0x3f0
[  170.831349][ T8484]  __sys_recvmmsg+0x21e/0x280
[  170.832628][ T8484]  ? __pfx___sys_recvmmsg+0x10/0x10
[  170.834014][ T8484]  ? __pfx_ksys_write+0x10/0x10
[  170.835291][ T8484]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  170.836934][ T8484]  ? lockdep_hardirqs_on+0x7c/0x110
[  170.838301][ T8484]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  170.840020][ T8484]  __do_fast_syscall_32+0x73/0x120
[  170.841383][ T8484]  do_fast_syscall_32+0x32/0x80
[  170.842666][ T8484]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.844331][ T8484] RIP: 0023:0xf7fc0579
[  170.845420][ T8484] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.850485][ T8484] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  170.852672][ T8484] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000d80
[  170.854752][ T8484] RDX: 000000000000036f RSI: 0000000000020102 RDI: 0000000000000000
[  170.856818][ T8484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  170.858895][ T8484] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  170.860965][ T8484] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.863037][ T8484]  </TASK>
[  173.493641][ T8522] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  174.472355][ T1426] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  174.474041][ T8556] netlink: 20 bytes leftover after parsing attributes in process `syz.1.970'.
[  174.556969][ T8557] overlayfs: failed to resolve './file1': -2
[  174.632429][ T1426] usb 7-1: Using ep0 maxpacket: 32
[  174.641120][ T1426] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  174.644053][ T1426] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  174.646437][ T1426] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.649051][ T1426] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  174.651385][ T1426] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  174.655450][ T1426] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  174.658005][ T1426] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  174.661341][ T1426] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  174.666581][ T1426] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.670513][ T1426] usb 7-1: config 0 descriptor??
[  175.050744][ T8562] netlink: 'syz.3.972': attribute type 10 has an invalid length.
[  175.062987][ T8562] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.066209][ T8562] team0: Port device bond0 added
[  175.113821][ T8554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.116240][ T8554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.389883][    T9] usb 7-1: USB disconnect, device number 12
[  175.392464][   T39] kauditd_printk_skb: 152 callbacks suppressed
[  175.392473][   T39] audit: type=1326 audit(1728503512.723:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.400773][   T66] Bluetooth: hci0: unexpected event for opcode 0x2031
[  175.402402][   T39] audit: type=1326 audit(1728503512.723:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.408102][   T39] audit: type=1326 audit(1728503512.723:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8577 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.422314][   T39] audit: type=1326 audit(1728503512.723:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.429496][   T39] audit: type=1326 audit(1728503512.723:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.442445][   T39] audit: type=1326 audit(1728503512.723:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.449218][   T39] audit: type=1326 audit(1728503512.723:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.464643][   T39] audit: type=1326 audit(1728503512.723:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  175.475685][ T8581] netlink: 'syz.3.978': attribute type 10 has an invalid length.
[  175.477049][   T39] audit: type=1326 audit(1728503512.723:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc0598 code=0x7ffc0000
[  175.477703][ T8581] netlink: 40 bytes leftover after parsing attributes in process `syz.3.978'.
[  175.478020][ T8581] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  175.488716][   T39] audit: type=1326 audit(1728503512.723:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz.3.977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000
[  176.533055][   T56] libceph: connect (1)[c::]:6789 error -101
[  176.535040][   T56] libceph: mon0 (1)[c::]:6789 connect error
[  176.596291][ T5359] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  176.599213][ T5359] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  176.604276][ T5359] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  176.608016][ T5359] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  176.610375][ T5359] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  176.612936][ T5359] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  176.726036][ T8646] chnl_net:caif_netlink_parms(): no params data found
[  176.748407][ T8658] FAULT_INJECTION: forcing a failure.
[  176.748407][ T8658] name failslab, interval 1, probability 0, space 0, times 0
[  176.752945][ T8658] CPU: 2 UID: 0 PID: 8658 Comm: syz.2.1002 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  176.756765][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.760433][ T8658] Call Trace:
[  176.761655][ T8658]  <TASK>
[  176.762673][ T8658]  dump_stack_lvl+0x16c/0x1f0
[  176.764259][ T8658]  should_fail_ex+0x497/0x5b0
[  176.765827][ T8658]  ? fs_reclaim_acquire+0xae/0x160
[  176.767535][ T8658]  should_failslab+0xc2/0x120
[  176.768899][ T8658]  kmem_cache_alloc_node_noprof+0x71/0x310
[  176.770424][ T8658]  ? alloc_vmap_area+0x636/0x2a70
[  176.771685][ T8658]  alloc_vmap_area+0x636/0x2a70
[  176.772929][ T8658]  ? __pfx_alloc_vmap_area+0x10/0x10
[  176.774229][ T8658]  __get_vm_area_node+0x17e/0x2d0
[  176.775495][ T8658]  __vmalloc_node_range_noprof+0x26a/0x15a0
[  176.776965][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.778261][ T8658]  ? __might_fault+0xe3/0x190
[  176.779523][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.781290][ T8658]  ? __lock_acquire+0x163e/0x3ce0
[  176.783059][ T8658]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  176.785268][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.787031][ T8658]  vmalloc_noprof+0x6b/0x90
[  176.788659][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.790373][ T8658]  compat_do_replace+0x1ae/0x750
[  176.791675][ T8658]  ? __pfx_compat_do_replace+0x10/0x10
[  176.793516][ T8658]  ? aa_get_newest_label+0x376/0x680
[  176.795390][ T8658]  ? __pfx_aa_get_newest_label+0x10/0x10
[  176.797483][ T8658]  ? bpf_lsm_capable+0x9/0x10
[  176.799174][ T8658]  ? security_capable+0x7e/0x260
[  176.800941][ T8658]  do_ebt_set_ctl+0x4af/0x580
[  176.802605][ T8658]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  176.804442][ T8658]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  176.806297][ T8658]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  176.808377][ T8658]  nf_setsockopt+0x8a/0xf0
[  176.810001][ T8658]  ip_setsockopt+0xcb/0xf0
[  176.811602][ T8658]  raw_setsockopt+0xb8/0x290
[  176.813287][ T8658]  ? __pfx_raw_setsockopt+0x10/0x10
[  176.815159][ T8658]  ? sock_common_setsockopt+0x2e/0xf0
[  176.817064][ T8658]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  176.819161][ T8658]  do_sock_setsockopt+0x222/0x480
[  176.820968][ T8658]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  176.822941][ T8658]  ? fdget+0x176/0x210
[  176.824395][ T8658]  __sys_setsockopt+0x1a4/0x270
[  176.826083][ T8658]  ? __pfx___sys_setsockopt+0x10/0x10
[  176.827943][ T8658]  ? fput+0x30/0x390
[  176.829090][ T8658]  ? ksys_write+0x1ad/0x260
[  176.830480][ T8658]  ? __pfx_ksys_write+0x10/0x10
[  176.831976][ T8658]  __ia32_sys_setsockopt+0xbc/0x160
[  176.833424][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  176.834780][ T8658]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  176.836491][ T8658]  __do_fast_syscall_32+0x73/0x120
[  176.837966][ T8658]  do_fast_syscall_32+0x32/0x80
[  176.839495][ T8658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  176.841572][ T8658] RIP: 0023:0xf7f70579
[  176.842795][ T8658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  176.848247][ T8658] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  176.850498][ T8658] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  176.852557][ T8658] RDX: 0000000000000080 RSI: 0000000020000000 RDI: 00000000000000e0
[  176.855170][ T8658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  176.858101][ T8658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  176.860638][ T8658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  176.863391][ T8658]  </TASK>
[  176.864476][    C2] vkms_vblank_simulate: vblank timer overrun
[  176.871487][   T56] libceph: connect (1)[c::]:6789 error -101
[  176.873660][   T56] libceph: mon0 (1)[c::]:6789 connect error
[  176.875526][ T8658] syz.2.1002: vmalloc error: size 128, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  176.881770][ T8658] CPU: 2 UID: 0 PID: 8658 Comm: syz.2.1002 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  176.884783][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.888037][ T8658] Call Trace:
[  176.889071][ T8658]  <TASK>
[  176.890028][ T8658]  dump_stack_lvl+0x16c/0x1f0
[  176.891591][ T8658]  warn_alloc+0x24d/0x3a0
[  176.893227][ T8658]  ? __pfx_warn_alloc+0x10/0x10
[  176.894985][ T8658]  ? kfree+0x14f/0x4b0
[  176.896387][ T8658]  ? __get_vm_area_node+0x1bc/0x2d0
[  176.898105][ T8658]  __vmalloc_node_range_noprof+0xd27/0x15a0
[  176.899971][ T8658]  ? __might_fault+0xe3/0x190
[  176.901501][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.903115][ T8658]  ? __lock_acquire+0x163e/0x3ce0
[  176.904662][ T8658]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  176.906605][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.908178][ T8658]  vmalloc_noprof+0x6b/0x90
[  176.909546][ T8658]  ? compat_do_replace+0x1ae/0x750
[  176.910952][ T8658]  compat_do_replace+0x1ae/0x750
[  176.912252][ T8658]  ? __pfx_compat_do_replace+0x10/0x10
[  176.913792][ T8658]  ? aa_get_newest_label+0x376/0x680
[  176.915184][ T8658]  ? __pfx_aa_get_newest_label+0x10/0x10
[  176.916942][ T8658]  ? bpf_lsm_capable+0x9/0x10
[  176.918220][ T8658]  ? security_capable+0x7e/0x260
[  176.919629][ T8658]  do_ebt_set_ctl+0x4af/0x580
[  176.921132][ T8658]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  176.922473][ T8658]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  176.923922][ T8658]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  176.925820][ T8658]  nf_setsockopt+0x8a/0xf0
[  176.927004][ T8658]  ip_setsockopt+0xcb/0xf0
[  176.928186][ T8658]  raw_setsockopt+0xb8/0x290
[  176.929413][ T8658]  ? __pfx_raw_setsockopt+0x10/0x10
[  176.930753][ T8658]  ? sock_common_setsockopt+0x2e/0xf0
[  176.932138][ T8658]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  176.933699][ T8658]  do_sock_setsockopt+0x222/0x480
[  176.935008][ T8658]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  176.936442][ T8658]  ? fdget+0x176/0x210
[  176.937518][ T8658]  __sys_setsockopt+0x1a4/0x270
[  176.938815][ T8658]  ? __pfx___sys_setsockopt+0x10/0x10
[  176.940237][ T8658]  ? fput+0x30/0x390
[  176.941267][ T8658]  ? ksys_write+0x1ad/0x260
[  176.942458][ T8658]  ? __pfx_ksys_write+0x10/0x10
[  176.943737][ T8658]  __ia32_sys_setsockopt+0xbc/0x160
[  176.945097][ T8658]  ? lockdep_hardirqs_on+0x7c/0x110
[  176.946464][ T8658]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  176.948146][ T8658]  __do_fast_syscall_32+0x73/0x120
[  176.949478][ T8658]  do_fast_syscall_32+0x32/0x80
[  176.950744][ T8658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  176.952380][ T8658] RIP: 0023:0xf7f70579
[  176.953467][ T8658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  176.958385][ T8658] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  176.960912][ T8658] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  176.962922][ T8658] RDX: 0000000000000080 RSI: 0000000020000000 RDI: 00000000000000e0
[  176.964904][ T8658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  176.966874][ T8658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  176.968913][ T8658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  176.971156][ T8658]  </TASK>
[  176.972255][    C2] vkms_vblank_simulate: vblank timer overrun
[  176.976340][ T8658] Mem-Info:
[  176.977349][ T8658] active_anon:4035 inactive_anon:123 isolated_anon:0
[  176.977349][ T8658]  active_file:11440 inactive_file:1340 isolated_file:0
[  176.977349][ T8658]  unevictable:852 dirty:130 writeback:0
[  176.977349][ T8658]  slab_reclaimable:4762 slab_unreclaimable:52211
[  176.977349][ T8658]  mapped:21104 shmem:977 pagetables:1125
[  176.977349][ T8658]  sec_pagetables:319 bounce:0
[  176.977349][ T8658]  kernel_misc_reclaimable:0
[  176.977349][ T8658]  free:109209 free_pcp:3945 free_cma:0
[  176.991220][ T8658] Node 0 active_anon:72kB inactive_anon:36kB active_file:0kB inactive_file:32kB unevictable:1868kB isolated(anon):0kB isolated(file):0kB mapped:5556kB dirty:20kB writeback:0kB shmem:1548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9964kB pagetables:1624kB sec_pagetables:1220kB all_unreclaimable? no
[  177.000401][ T8658] Node 1 active_anon:16068kB inactive_anon:456kB active_file:45760kB inactive_file:5328kB unevictable:1540kB isolated(anon):0kB isolated(file):0kB mapped:78860kB dirty:500kB writeback:0kB shmem:2360kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2436kB pagetables:2876kB sec_pagetables:56kB all_unreclaimable? no
[  177.009370][ T8658] Node 0 DMA free:908kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:132kB local_pcp:12kB free_cma:0kB
[  177.011447][ T8646] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.016294][ T8658] lowmem_reserve[]: 0 273 0 0 0
[  177.016324][ T8658] Node 0 DMA32 free:20792kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:156kB inactive_anon:48kB active_file:0kB inactive_file:32kB unevictable:1868kB writepending:20kB present:1032196kB managed:306280kB mlocked:332kB bounce:0kB free_pcp:924kB local_pcp:596kB free_cma:0kB
[  177.020351][ T8646] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.028058][ T8658] lowmem_reserve[]: 0 0 0 0 0
[  177.030831][ T8658] Node 1 DMA32 free:415804kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:16116kB inactive_anon:456kB active_file:45760kB inactive_file:5328kB unevictable:1540kB writepending:512kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:14808kB local_pcp:5676kB free_cma:0kB
[  177.032252][ T8646] bridge_slave_0: entered allmulticast mode
[  177.038896][ T8658] lowmem_reserve[]: 0 0 0 0 0
[  177.041567][ T8658] Node 0 DMA: 13*4kB (U) 2*8kB (U) 20*16kB 
[  177.041671][ T8646] bridge_slave_0: entered promiscuous mode
[  177.041719][ T8658] (U) 
[  177.044698][ T8646] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.045278][ T8658] 15*32kB 
[  177.045735][ T8646] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.047467][ T8658] (U) 
[  177.048577][ T8646] bridge_slave_1: entered allmulticast mode
[  177.050413][ T8658] 0*64kB 
[  177.052623][ T8646] bridge_slave_1: entered promiscuous mode
[  177.056064][ T8658] 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 868kB
[  177.058171][ T8658] Node 0 DMA32: 234*4kB (UMEH) 204*8kB (UMEH) 59*16kB (UMEH) 108*32kB (UMEH) 55*64kB (UMEH) 30*128kB (UMEH) 14*256kB (UM) 3*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 20472kB
[  177.063280][ T8658] Node 1 DMA32: 17*4kB (UME) 964*8kB (UME) 604*16kB (UME) 627*32kB (ME) 222*64kB (ME) 115*128kB (UME) 153*256kB (UME) 106*512kB (UME) 21*1024kB (UM) 12*2048kB (UM) 51*4096kB (UM) = 414852kB
[  177.068938][ T8658] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  177.071576][ T8658] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  177.074477][ T8658] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  177.076970][ T8658] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  177.079353][ T8658] 14593 total pagecache pages
[  177.080586][ T8658] 779 pages in swap cache
[  177.081749][ T8658] Free swap  = 111152kB
[  177.084733][ T8658] Total swap = 124996kB
[  177.085872][ T8658] 524155 pages RAM
[  177.086875][ T8658] 0 pages HighMem/MovableOnly
[  177.088244][ T8658] 206682 pages reserved
[  177.089437][ T8658] 0 pages cma reserved
[  177.097672][ T8646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.101654][ T8646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.130859][ T8646] team0: Port device team_slave_0 added
[  177.135509][ T8646] team0: Port device team_slave_1 added
[  177.156652][ T8646] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.158539][ T8646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.166151][ T8646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.170318][ T8646] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.172188][ T8646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.179485][ T8646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.205897][ T8646] hsr_slave_0: entered promiscuous mode
[  177.208440][ T8646] hsr_slave_1: entered promiscuous mode
[  177.210317][ T8646] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  177.212207][ T8646] Cannot create hsr debugfs directory
[  177.315635][ T8646] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.320337][ T8635] ceph: No mds server is up or the cluster is laggy
[  177.418729][ T8674] FAULT_INJECTION: forcing a failure.
[  177.418729][ T8674] name failslab, interval 1, probability 0, space 0, times 0
[  177.424499][ T8674] CPU: 3 UID: 0 PID: 8674 Comm: syz.2.1007 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  177.427369][ T8674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  177.430150][ T8674] Call Trace:
[  177.431031][ T8674]  <TASK>
[  177.431813][ T8674]  dump_stack_lvl+0x16c/0x1f0
[  177.433323][ T8674]  should_fail_ex+0x497/0x5b0
[  177.434637][ T8674]  ? fs_reclaim_acquire+0xae/0x160
[  177.436177][ T8674]  should_failslab+0xc2/0x120
[  177.437432][ T8674]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  177.438844][ T8674]  ? is_subdir+0x19e/0x3e0
[  177.440015][ T8674]  ? alloc_vfsmnt+0x23/0x6e0
[  177.441268][ T8674]  ? trace_lock_acquire+0x14a/0x1d0
[  177.442768][ T8674]  alloc_vfsmnt+0x23/0x6e0
[  177.443945][ T8674]  clone_mnt+0x6d/0xf90
[  177.445046][ T8674]  ? is_subdir+0x1ad/0x3e0
[  177.446220][ T8674]  clone_private_mount+0x296/0x3a0
[  177.447550][ T8674]  ovl_fill_super+0x855/0x6970
[  177.448786][ T8674]  ? shrinker_register+0x154/0x260
[  177.450109][ T8674]  ? __pfx_lock_release+0x10/0x10
[  177.451442][ T8674]  ? __mutex_lock+0x1a6/0x9c0
[  177.452749][ T8674]  ? __pfx___mutex_lock+0x10/0x10
[  177.454061][ T8674]  ? __pfx_ovl_fill_super+0x10/0x10
[  177.455403][ T8674]  ? lockdep_init_map_type+0x16d/0x7d0
[  177.456879][ T8674]  ? lockdep_init_map_type+0x16d/0x7d0
[  177.458318][ T8674]  ? __init_swait_queue_head+0xca/0x150
[  177.459747][ T8674]  ? shrinker_register+0x1a8/0x260
[  177.461066][ T8674]  ? sget_fc+0x488/0xb90
[  177.462167][ T8674]  ? __pfx_ovl_fill_super+0x10/0x10
[  177.463521][ T8674]  ? get_tree_nodev+0xda/0x190
[  177.464752][ T8674]  get_tree_nodev+0xda/0x190
[  177.465936][ T8674]  vfs_get_tree+0x8f/0x380
[  177.467023][ T8674]  path_mount+0x6e1/0x1f10
[  177.468178][ T8674]  ? kmem_cache_free+0x152/0x4b0
[  177.469470][ T8674]  ? __pfx_path_mount+0x10/0x10
[  177.470662][ T8674]  ? putname+0x12e/0x170
[  177.471737][ T8674]  __ia32_sys_mount+0x292/0x310
[  177.472967][ T8674]  ? __pfx___ia32_sys_mount+0x10/0x10
[  177.474351][ T8674]  __do_fast_syscall_32+0x73/0x120
[  177.475619][ T8674]  do_fast_syscall_32+0x32/0x80
[  177.476810][ T8674]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  177.478457][ T8674] RIP: 0023:0xf7f70579
[  177.479514][ T8674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  177.484396][ T8674] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  177.486452][ T8674] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[  177.488433][ T8674] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000400
[  177.490474][ T8674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  177.492440][ T8674] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  177.494422][ T8674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  177.496437][ T8674]  </TASK>
[  177.500530][ T8674] overlayfs: failed to clone upperpath
[  177.527722][ T8646] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.634010][ T8646] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.734103][ T8646] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.915108][ T8646] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  177.920685][ T8646] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  177.924885][ T8646] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  177.930035][ T8646] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  177.970277][ T8646] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.983083][ T8646] 8021q: adding VLAN 0 to HW filter on device team0
[  177.988926][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.990810][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.998085][   T89] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.999915][   T89] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.107822][ T8646] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.133619][ T8646] veth0_vlan: entered promiscuous mode
[  178.140020][ T8646] veth1_vlan: entered promiscuous mode
[  178.156426][ T8646] veth0_macvtap: entered promiscuous mode
[  178.160004][ T8646] veth1_macvtap: entered promiscuous mode
[  178.166974][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.170535][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.173897][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.177410][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.180776][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.184729][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.187917][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.191522][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.196139][ T8646] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.201526][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.205195][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.208503][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.212024][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.215420][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.218885][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.222195][ T8646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.226289][ T8646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.230288][ T8646] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.234274][ T8646] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.236742][ T8646] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.239046][ T8646] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.241325][ T8646] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.281862][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.286701][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.297659][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.299889][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.525085][ T8708] kernel profiling enabled (shift: 0)
[  178.652615][ T5359] Bluetooth: hci4: command tx timeout
[  179.222843][ T8742] netlink: 'syz.3.1026': attribute type 10 has an invalid length.
[  179.224978][ T8742] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1026'.
[  179.227557][ T8742] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  179.454102][ T5359] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  179.456508][ T5359] Bluetooth: hci0: Injecting HCI hardware error event
[  179.459794][ T5359] Bluetooth: hci0: hardware error 0x00
[  179.622318][ T8768] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1032'.
[  180.241325][ T8794] netlink: 'syz.0.1042': attribute type 10 has an invalid length.
[  180.243613][ T8794] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1042'.
[  180.246418][ T8794] bridge0: port 3(batadv0) entered blocking state
[  180.248267][ T8794] bridge0: port 3(batadv0) entered disabled state
[  180.250088][ T8794] batadv0: entered allmulticast mode
[  180.251997][ T8794] batadv0: entered promiscuous mode
[  180.257475][ T8794] bridge0: port 3(batadv0) entered blocking state
[  180.259538][ T8794] bridge0: port 3(batadv0) entered forwarding state
[  180.338192][   T12] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  180.340633][   T12] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  180.352353][ T5398] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  180.433604][ T8796] FAULT_INJECTION: forcing a failure.
[  180.433604][ T8796] name failslab, interval 1, probability 0, space 0, times 0
[  180.437037][ T8796] CPU: 0 UID: 0 PID: 8796 Comm: syz.3.1043 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  180.439770][ T8796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.442634][ T8796] Call Trace:
[  180.443508][ T8796]  <TASK>
[  180.444284][ T8796]  dump_stack_lvl+0x16c/0x1f0
[  180.445548][ T8796]  should_fail_ex+0x497/0x5b0
[  180.446784][ T8796]  ? fs_reclaim_acquire+0xae/0x160
[  180.448122][ T8796]  should_failslab+0xc2/0x120
[  180.449362][ T8796]  __kmalloc_noprof+0xcb/0x410
[  180.450610][ T8796]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  180.452212][ T8796]  constrain_params_by_rules+0x176/0xca0
[  180.453683][ T8796]  ? arch_stack_walk+0xa7/0x100
[  180.454961][ T8796]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  180.456448][ T8796]  ? stack_trace_save+0x95/0xd0
[  180.457775][ T8796]  ? __pfx_stack_trace_save+0x10/0x10
[  180.459261][ T8796]  ? snd_pcm_oss_change_params_locked+0x13d7/0x3a50
[  180.461000][ T8796]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[  180.462586][ T8796]  ? snd_pcm_oss_sync+0x326/0x7f0
[  180.463907][ T8796]  ? snd_pcm_oss_release+0x28b/0x310
[  180.465292][ T8796]  ? __fput+0x3f6/0xb60
[  180.466384][ T8796]  ? task_work_run+0x14e/0x250
[  180.467637][ T8796]  ? snd_interval_refine+0x2fa/0x580
[  180.469029][ T8796]  snd_pcm_hw_refine+0x7ef/0xad0
[  180.470341][ T8796]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  180.471764][ T8796]  snd_pcm_hw_param_last+0x32d/0x6e0
[  180.473218][ T8796]  snd_pcm_hw_param_near.constprop.0+0x57d/0x8f0
[  180.474773][ T8796]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  180.476513][ T8796]  ? kfree+0x14f/0x4b0
[  180.477594][ T8796]  ? calc_src_frames.isra.0+0x187/0x1d0
[  180.478914][ T8796]  ? calc_dst_frames.constprop.0.isra.0+0x103/0x130
[  180.480493][ T8796]  snd_pcm_oss_change_params_locked+0x13d7/0x3a50
[  180.482128][ T8796]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  180.483781][ T8796]  ? __mutex_lock+0x1a6/0x9c0
[  180.485020][ T8796]  ? snd_pcm_oss_sync+0x306/0x7f0
[  180.486332][ T8796]  ? __pfx___mutex_lock+0x10/0x10
[  180.487649][ T8796]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  180.489233][ T8796]  snd_pcm_oss_sync+0x326/0x7f0
[  180.490513][ T8796]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  180.491972][ T8796]  snd_pcm_oss_release+0x28b/0x310
[  180.493329][ T8796]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  180.494783][ T8796]  __fput+0x3f6/0xb60
[  180.495815][ T8796]  task_work_run+0x14e/0x250
[  180.496973][ T8796]  ? __pfx_task_work_run+0x10/0x10
[  180.498247][ T8796]  syscall_exit_to_user_mode+0x27b/0x2a0
[  180.499643][ T8796]  do_int80_emulation+0x111/0x200
[  180.500961][ T8796]  asm_int80_emulation+0x1a/0x20
[  180.502264][ T8796] RIP: 0023:0xf7fc0579
[  180.503332][ T8796] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  180.503618][ T5398] usb 6-1: Using ep0 maxpacket: 16
[  180.508316][ T8796] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000033
[  180.511880][ T8796] RAX: fffffffffffffff3 RBX: 0000000020000140 RCX: 0000000000000000
[  180.513955][ T8796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  180.516007][ T8796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.516345][ T5398] usb 6-1: config 1 descriptor has 1 excess byte, ignoring
[  180.518055][ T8796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  180.518066][ T8796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.518078][ T8796]  </TASK>
[  180.532299][ T5398] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.545057][ T5398] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.547574][ T5398] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  180.550417][ T5398] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  180.559992][ T5398] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  180.565936][ T5398] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  180.568514][ T5398] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  180.578932][ T5398] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  180.581262][ T5398] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  180.584618][ T5398] usb 6-1: SerialNumber: syz
[  180.589760][ T5398] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[  180.732401][   T66] Bluetooth: hci4: command tx timeout
[  180.790278][   T39] kauditd_printk_skb: 247 callbacks suppressed
[  180.790290][   T39] audit: type=1326 audit(1728503518.113:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.803052][   T39] audit: type=1326 audit(1728503518.113:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.808260][   T39] audit: type=1326 audit(1728503518.123:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.820750][   T39] audit: type=1326 audit(1728503518.143:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8810 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.826832][ T8808] bridge0: port 3(batadv0) entered disabled state
[  180.828576][ T8808] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.830529][ T8808] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.834317][   T39] audit: type=1326 audit(1728503518.143:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.839429][   T39] audit: type=1326 audit(1728503518.143:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.850473][ T8808] batadv0: left allmulticast mode
[  180.851803][ T8808] batadv0: left promiscuous mode
[  180.853331][   T39] audit: type=1326 audit(1728503518.143:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.858888][ T8808] bridge0: port 3(batadv0) entered disabled state
[  180.860747][   T39] audit: type=1326 audit(1728503518.143:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.867397][ T8808] bridge_slave_1: left allmulticast mode
[  180.868874][ T8808] bridge_slave_1: left promiscuous mode
[  180.870370][ T8808] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.873137][   T39] audit: type=1326 audit(1728503518.143:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  180.879121][   T39] audit: type=1326 audit(1728503518.143:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8805 comm="syz.0.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73de598 code=0x7ffc0000
[  180.885536][ T8808] bridge_slave_0: left allmulticast mode
[  180.887015][ T8808] bridge_slave_0: left promiscuous mode
[  180.888525][ T8808] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.532385][ T5359] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  182.650008][ T8824] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1050'.
[  182.808675][ T5398] usb 6-1: USB disconnect, device number 22
[  182.822350][ T5359] Bluetooth: hci4: command tx timeout
[  182.897380][ T8833] netlink: 'syz.1.1053': attribute type 10 has an invalid length.
[  182.900140][ T8833] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1053'.
[  182.903162][ T8833] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  183.693908][ T8859] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1061'.
[  184.077388][ T8874] vivid-000: disconnect
[  184.566820][ T8871] vivid-000: reconnect
[  184.713697][ T8887] netlink: 'syz.1.1067': attribute type 10 has an invalid length.
[  184.717301][ T8887] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1067'.
[  184.721719][ T8887] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  184.905086][ T5359] Bluetooth: hci4: command tx timeout
[  185.346830][ T8899] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  185.569124][ T8908] netlink: 'syz.1.1074': attribute type 1 has an invalid length.
[  185.792340][   T39] kauditd_printk_skb: 7114 callbacks suppressed
[  185.792352][   T39] audit: type=1326 audit(1728503523.113:8395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.802560][   T39] audit: type=1326 audit(1728503523.113:8396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.808431][   T39] audit: type=1326 audit(1728503523.113:8397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.814488][   T39] audit: type=1326 audit(1728503523.113:8398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.820640][   T39] audit: type=1326 audit(1728503523.113:8399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.827665][   T39] audit: type=1326 audit(1728503523.113:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.835074][   T39] audit: type=1326 audit(1728503523.113:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.842376][   T39] audit: type=1326 audit(1728503523.113:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.848648][   T39] audit: type=1326 audit(1728503523.113:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.856190][   T39] audit: type=1326 audit(1728503523.113:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7fc00000
[  185.904698][ T8909] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1074'.
[  185.914818][ T8909] netlink: 173 bytes leftover after parsing attributes in process `syz.1.1074'.
[  186.344867][ T8918] netlink: 'syz.3.1078': attribute type 10 has an invalid length.
[  186.347336][ T8918] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1078'.
[  186.350738][ T8918] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  187.258629][ T8947] netlink: 191384 bytes leftover after parsing attributes in process `syz.2.1085'.
[  187.261991][ T8947] netlink: 8446 bytes leftover after parsing attributes in process `syz.2.1085'.
[  187.352778][ T8951] netlink: 'syz.0.1087': attribute type 10 has an invalid length.
[  187.357813][ T8951] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1087'.
[  187.361257][ T8951] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  188.093193][ T8974] FAULT_INJECTION: forcing a failure.
[  188.093193][ T8974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.093612][ T8968] FAULT_INJECTION: forcing a failure.
[  188.093612][ T8968] name failslab, interval 1, probability 0, space 0, times 0
[  188.096593][ T8974] CPU: 1 UID: 0 PID: 8974 Comm: syz.3.1094 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  188.096609][ T8974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.096615][ T8974] Call Trace:
[  188.096619][ T8974]  <TASK>
[  188.096624][ T8974]  dump_stack_lvl+0x16c/0x1f0
[  188.096643][ T8974]  should_fail_ex+0x497/0x5b0
[  188.096661][ T8974]  strncpy_from_user+0x3b/0x2a0
[  188.096677][ T8974]  bpf_prog_load+0x1c3f/0x2670
[  188.096695][ T8974]  ? __pfx_bpf_prog_load+0x10/0x10
[  188.096708][ T8974]  ? find_held_lock+0x2d/0x110
[  188.096756][ T8974]  __sys_bpf+0x4c8c/0x5780
[  188.096770][ T8974]  ? ksys_write+0x21e/0x260
[  188.116199][ T8974]  ? __pfx___sys_bpf+0x10/0x10
[  188.117427][ T8974]  ? vfs_write+0x14d/0x1140
[  188.118589][ T8974]  ? __mutex_unlock_slowpath+0x164/0x650
[  188.119961][ T8974]  ? fput+0x30/0x390
[  188.120976][ T8974]  ? ksys_write+0x1ad/0x260
[  188.122077][ T8974]  ? __pfx_ksys_write+0x10/0x10
[  188.123320][ T8974]  __ia32_sys_bpf+0x76/0xe0
[  188.124522][ T8974]  __do_fast_syscall_32+0x73/0x120
[  188.125881][ T8974]  do_fast_syscall_32+0x32/0x80
[  188.127160][ T8974]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  188.128826][ T8974] RIP: 0023:0xf7fc0579
[  188.129897][ T8974] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  188.134874][ T8974] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  188.137038][ T8974] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000700
[  188.139090][ T8974] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  188.141140][ T8974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  188.143204][ T8974] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  188.145252][ T8974] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  188.147299][ T8974]  </TASK>
[  188.150484][ T8968] CPU: 2 UID: 0 PID: 8968 Comm: syz.0.1093 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  188.153290][ T8968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.156046][ T8968] Call Trace:
[  188.156932][ T8968]  <TASK>
[  188.157711][ T8968]  dump_stack_lvl+0x16c/0x1f0
[  188.158951][ T8968]  should_fail_ex+0x497/0x5b0
[  188.160187][ T8968]  ? fs_reclaim_acquire+0xae/0x160
[  188.161537][ T8968]  should_failslab+0xc2/0x120
[  188.162776][ T8968]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  188.164420][ T8968]  ? ebt_register_table+0x15f/0xec0
[  188.165795][ T8968]  kmemdup_noprof+0x29/0x60
[  188.166993][ T8968]  ebt_register_table+0x15f/0xec0
[  188.168316][ T8968]  compat_do_ebt_get_ctl+0x54d/0xb90
[  188.169713][ T8968]  ? find_held_lock+0x2d/0x110
[  188.170972][ T8968]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[  188.172507][ T8968]  ? bpf_lsm_capable+0x9/0x10
[  188.173752][ T8968]  ? security_capable+0x7e/0x260
[  188.175047][ T8968]  do_ebt_get_ctl+0x321/0x7b0
[  188.176277][ T8968]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[  188.177646][ T8968]  ? find_held_lock+0x2d/0x110
[  188.178901][ T8968]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  188.180462][ T8968]  nf_getsockopt+0x79/0xe0
[  188.181649][ T8968]  ip_getsockopt+0x18e/0x1e0
[  188.182857][ T8968]  ? __pfx_ip_getsockopt+0x10/0x10
[  188.184187][ T8968]  ? find_held_lock+0x2d/0x110
[  188.185442][ T8968]  raw_getsockopt+0x4d/0x1e0
[  188.186650][ T8968]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  188.188183][ T8968]  do_sock_getsockopt+0x3fe/0x870
[  188.189500][ T8968]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  188.190938][ T8968]  ? __fget_files+0x244/0x3f0
[  188.192177][ T8968]  __sys_getsockopt+0x1a1/0x270
[  188.193564][ T8968]  ? __pfx___sys_getsockopt+0x10/0x10
[  188.194968][ T8968]  ? fput+0x30/0x390
[  188.196025][ T8968]  ? ksys_write+0x1ad/0x260
[  188.197227][ T8968]  ? __pfx_ksys_write+0x10/0x10
[  188.198495][ T8968]  __ia32_sys_getsockopt+0xbc/0x160
[  188.199851][ T8968]  ? lockdep_hardirqs_on+0x7c/0x110
[  188.201214][ T8968]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  188.202949][ T8968]  __do_fast_syscall_32+0x73/0x120
[  188.204284][ T8968]  do_fast_syscall_32+0x32/0x80
[  188.205574][ T8968]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  188.207226][ T8968] RIP: 0023:0xf73de579
[  188.208293][ T8968] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  188.213266][ T8968] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  188.215417][ T8968] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  188.217507][ T8968] RDX: 0000000000000081 RSI: 0000000020005400 RDI: 0000000020005480
[  188.219561][ T8968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  188.221632][ T8968] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  188.223691][ T8968] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  188.225754][ T8968]  </TASK>
[  188.260341][ T8968] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  188.440648][ T8989] netlink: 'syz.3.1099': attribute type 10 has an invalid length.
[  188.458017][ T8989] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1099'.
[  188.463089][ T8989] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  188.582427][   T56] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  188.732361][   T56] usb 5-1: Using ep0 maxpacket: 16
[  188.737878][   T56] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  188.740417][   T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.742720][   T56] usb 5-1: Product: syz
[  188.743898][   T56] usb 5-1: Manufacturer: syz
[  188.745422][   T56] usb 5-1: SerialNumber: syz
[  188.758351][   T56] usb 5-1: config 0 descriptor??
[  188.767845][   T56] as10x_usb: device has been detected
[  188.778359][   T56] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  188.806905][   T56] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  188.827652][   T56] as10x_usb: error during firmware upload part1
[  188.832469][   T56] Registered device Sky IT Digital Key (green led)
[  188.972375][ T1426] usb 5-1: USB disconnect, device number 17
[  188.987430][ T1426] Unregistered device Sky IT Digital Key (green led)
[  188.993676][ T1426] as10x_usb: device has been disconnected
[  189.160958][ T9005] loop7: detected capacity change from 0 to 16384
[  189.322977][ T1282] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  189.512402][ T9017] nbd2: detected capacity change from 0 to 12
[  189.517283][ T5358] block nbd2: Send control failed (result -89)
[  189.519455][ T5358] block nbd2: Request send failed, requeueing
[  189.521739][ T9019] block nbd2: NBD_DISCONNECT
[  189.522329][ T5359] block nbd2: Receive control failed (result -32)
[  189.525370][ T5358] block nbd2: Disconnected due to user request.
[  189.529076][ T9019] block nbd2: Send disconnect failed -89
[  189.532342][   T54] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.534688][   T54] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.539213][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.542141][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.544314][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.546836][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.549562][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.551884][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.554815][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.557104][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.559489][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.561956][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.564083][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.566315][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.568314][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.570590][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.572630][ T5358] ldm_validate_partition_table(): Disk read failed.
[  189.574323][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.576601][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.578704][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  189.581281][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read
[  189.583507][ T5358] Dev nbd2: unable to read RDB block 0
[  189.585056][ T5358]  nbd2: unable to read partition table
[  189.586576][ T5358] nbd2: partition table beyond EOD, truncated
[  189.674740][ T5358] ldm_validate_partition_table(): Disk read failed.
[  189.676667][ T5358] Dev nbd2: unable to read RDB block 0
[  189.680043][ T5358]  nbd2: unable to read partition table
[  189.681700][ T5358] nbd2: partition table beyond EOD, truncated
[  189.692361][ T1282] usb 6-1: Using ep0 maxpacket: 8
[  189.696459][ T1282] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  189.698821][ T1282] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.701134][ T1282] usb 6-1: Product: syz
[  189.702222][ T1282] usb 6-1: Manufacturer: syz
[  189.703491][ T1282] usb 6-1: SerialNumber: syz
[  189.933183][ T1282] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  190.190253][    C0] usblp0: nonzero write bulk status received: -71
[  190.194237][ T1282] usb 6-1: USB disconnect, device number 23
[  190.196959][ T1282] usblp0: removed
[  190.281298][ T9039] FAULT_INJECTION: forcing a failure.
[  190.281298][ T9039] name failslab, interval 1, probability 0, space 0, times 0
[  190.284866][ T9039] CPU: 0 UID: 0 PID: 9039 Comm: syz.3.1114 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  190.288242][ T9039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.291986][ T9039] Call Trace:
[  190.293229][ T9039]  <TASK>
[  190.294325][ T9039]  dump_stack_lvl+0x16c/0x1f0
[  190.296060][ T9039]  should_fail_ex+0x497/0x5b0
[  190.297783][ T9039]  ? fs_reclaim_acquire+0xae/0x160
[  190.299625][ T9039]  should_failslab+0xc2/0x120
[  190.301339][ T9039]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  190.303224][ T9039]  ? mas_alloc_nodes+0x172/0x830
[  190.305004][ T9039]  mas_alloc_nodes+0x172/0x830
[  190.306759][ T9039]  mas_node_count_gfp+0x105/0x130
[  190.308547][ T9039]  mas_preallocate+0x53b/0xcd0
[  190.310247][ T9039]  ? __pfx_mas_preallocate+0x10/0x10
[  190.312019][ T9039]  ? shmem_get_inode+0x703/0xea0
[  190.313843][ T9039]  mmap_region+0x165e/0x2a50
[  190.315686][ T9039]  ? __pfx_mmap_region+0x10/0x10
[  190.317511][ T9039]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.319419][ T9039]  ? __pfx_mark_lock+0x10/0x10
[  190.321152][ T9039]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.322685][ T9039]  ? do_mmap+0x3c1/0xfc0
[  190.324234][ T9039]  do_mmap+0xc00/0xfc0
[  190.325767][ T9039]  vm_mmap_pgoff+0x1ba/0x360
[  190.327476][ T9039]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  190.329375][ T9039]  ? ksys_write+0x1ad/0x260
[  190.331045][ T9039]  ksys_mmap_pgoff+0x7d/0x5c0
[  190.332803][ T9039]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  190.334745][ T9039]  __do_fast_syscall_32+0x73/0x120
[  190.336602][ T9039]  do_fast_syscall_32+0x32/0x80
[  190.338378][ T9039]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.340655][ T9039] RIP: 0023:0xf7fc0579
[  190.342162][ T9039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.348980][ T9039] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  190.351966][ T9039] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000
[  190.354812][ T9039] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 00000000ffffffff
[  190.357589][ T9039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.360335][ T9039] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.363184][ T9039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.366043][ T9039]  </TASK>
[  190.390884][ T9039] ------------[ cut here ]------------
[  190.393376][ T9039] kernel BUG at mm/page_table_check.c:90!
[  190.394967][ T9039] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  190.397239][ T9039] CPU: 0 UID: 0 PID: 9039 Comm: syz.3.1114 Not tainted 6.12.0-rc2-syzkaller-00058-g75b607fab38d #0
[  190.401964][ T9039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.404495][ T9039] RIP: 0010:page_table_check_clear.part.0+0x389/0x540
[  190.406102][ T9039] Code: 00 e8 cb 1a f4 ff b8 ff ff ff ff f0 0f c1 43 04 8d 58 ff 31 ff 89 de e8 55 cc 92 ff 85 db 0f 89 7d fe ff ff e8 08 ca 92 ff 90 <0f> 0b e8 00 ca 92 ff 48 89 ef e8 b8 f1 ff ff 48 83 c4 10 5b 5d 41
[  190.410639][ T9039] RSP: 0018:ffffc90002c8f408 EFLAGS: 00010293
[  190.412083][ T9039] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: ffffffff81f9eeab
[  190.414001][ T9039] RDX: ffff88801ef8c880 RSI: ffffffff81f9eeb8 RDI: 0000000000000005
[  190.415951][ T9039] RBP: ffff888041c1e050 R08: 0000000000000005 R09: 0000000000000000
[  190.417826][ T9039] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000001
[  190.419670][ T9039] R13: 0000000000000200 R14: 0000000000000000 R15: dffffc0000000000
[  190.421510][ T9039] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5746b40
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  190.423641][ T9039] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  190.425407][ T9039] CR2: 00000000f7fb9ef4 CR3: 0000000074d40000 CR4: 0000000000352ef0
[  190.427810][ T9039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000fe0
[  190.430025][ T9039] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  190.432123][ T9039] Call Trace:
[  190.433030][ T9039]  <TASK>
[  190.433908][ T9039]  ? die+0x31/0x80
[  190.434950][ T9039]  ? do_trap+0x232/0x430
[  190.436117][ T9039]  ? page_table_check_clear.part.0+0x389/0x540
[  190.438281][ T9039]  ? page_table_check_clear.part.0+0x389/0x540
[  190.440618][ T9039]  ? do_error_trap+0xf4/0x230
[  190.442505][ T9039]  ? page_table_check_clear.part.0+0x389/0x540
[  190.444712][ T9039]  ? handle_invalid_op+0x34/0x40
[  190.446030][ T9039]  ? page_table_check_clear.part.0+0x389/0x540
[  190.447815][ T9039]  ? exc_invalid_op+0x2e/0x50
[  190.449112][ T9039]  ? asm_exc_invalid_op+0x1a/0x20
[  190.450426][ T9039]  ? page_table_check_clear.part.0+0x37b/0x540
[  190.452015][ T9039]  ? page_table_check_clear.part.0+0x388/0x540
[  190.453684][ T9039]  ? page_table_check_clear.part.0+0x389/0x540
[  190.455350][ T9039]  ? page_table_check_clear.part.0+0x388/0x540
[  190.457218][ T9039]  __page_table_check_pmd_clear+0x3a9/0x600
[  190.459452][ T9039]  ? __pfx___page_table_check_pmd_clear+0x10/0x10
[  190.461112][ T9039]  zap_huge_pmd+0x264/0x1380
[  190.462305][ T9039]  unmap_page_range+0x15ef/0x3ce0
[  190.463612][ T9039]  ? setup_conf+0x1b4e/0x2f50
[  190.464914][ T9039]  ? mark_lock+0xb5/0xc60
[  190.466076][ T9039]  ? __pfx_unmap_page_range+0x10/0x10
[  190.467493][ T9039]  ? unmap_vmas+0x1d1/0x490
[  190.468714][ T9039]  ? __pfx_lock_release+0x10/0x10
[  190.470087][ T9039]  ? trace_lock_acquire+0x14a/0x1d0
[  190.471432][ T9039]  unmap_single_vma+0x194/0x2b0
[  190.472741][ T9039]  unmap_vmas+0x22f/0x490
[  190.473864][ T9039]  ? __pfx_unmap_vmas+0x10/0x10
[  190.475198][ T9039]  ? __pfx_lock_release+0x10/0x10
[  190.476555][ T9039]  ? lock_acquire+0x2f/0xb0
[  190.477814][ T9039]  ? mlock_drain_local+0x6f/0x4f0
[  190.479110][ T9039]  unmap_region+0x201/0x480
[  190.480362][ T9039]  ? __pfx_unmap_region+0x10/0x10
[  190.481672][ T9039]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  190.483254][ T9039]  mmap_region+0x1c00/0x2a50
[  190.484494][ T9039]  ? __pfx_mmap_region+0x10/0x10
[  190.485832][ T9039]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.487228][ T9039]  ? __pfx_mark_lock+0x10/0x10
[  190.488476][ T9039]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.489830][ T9039]  ? do_mmap+0x3c1/0xfc0
[  190.490930][ T9039]  do_mmap+0xc00/0xfc0
[  190.491994][ T9039]  vm_mmap_pgoff+0x1ba/0x360
[  190.493220][ T9039]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  190.494591][ T9039]  ? ksys_write+0x1ad/0x260
[  190.495824][ T9039]  ksys_mmap_pgoff+0x7d/0x5c0
[  190.497209][ T9039]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  190.499161][ T9039]  __do_fast_syscall_32+0x73/0x120
[  190.500659][ T9039]  do_fast_syscall_32+0x32/0x80
[  190.501973][ T9039]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.503619][ T9039] RIP: 0023:0xf7fc0579
[  190.504725][ T9039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.509733][ T9039] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  190.511866][ T9039] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000
[  190.513912][ T9039] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 00000000ffffffff
[  190.516013][ T9039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.518108][ T9039] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.520187][ T9039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.522270][ T9039]  </TASK>
[  190.523072][ T9039] Modules linked in:
[  190.524252][ T9039] ---[ end trace 0000000000000000 ]---
[  190.525951][ T9039] RIP: 0010:page_table_check_clear.part.0+0x389/0x540
[  190.527833][ T9039] Code: 00 e8 cb 1a f4 ff b8 ff ff ff ff f0 0f c1 43 04 8d 58 ff 31 ff 89 de e8 55 cc 92 ff 85 db 0f 89 7d fe ff ff e8 08 ca 92 ff 90 <0f> 0b e8 00 ca 92 ff 48 89 ef e8 b8 f1 ff ff 48 83 c4 10 5b 5d 41
[  190.533091][ T9039] RSP: 0018:ffffc90002c8f408 EFLAGS: 00010293
[  190.534781][ T9039] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: ffffffff81f9eeab
[  190.536939][ T9039] RDX: ffff88801ef8c880 RSI: ffffffff81f9eeb8 RDI: 0000000000000005
[  190.538975][ T9039] RBP: ffff888041c1e050 R08: 0000000000000005 R09: 0000000000000000
[  190.541023][ T9039] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000001
[  190.543325][ T9039] R13: 0000000000000200 R14: 0000000000000000 R15: dffffc0000000000
[  190.545489][ T9039] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5746b40
[  190.548444][ T9039] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  190.550847][ T9039] CR2: 00000000f7fb9ef4 CR3: 0000000074d40000 CR4: 0000000000352ef0
[  190.553886][ T9039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000fe0
[  190.555968][ T9039] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  190.558216][ T9039] Kernel panic - not syncing: Fatal exception
[  190.560255][ T9039] Kernel Offset: disabled
[  190.561354][ T9039] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:52:07  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850374c5 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc90002c8ed20
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=7973203a6d6d6f43
R12=0000000000000000 R13=0000000000000039 R14=ffffffff85037460 R15=0000000000000000
RIP=ffffffff850374ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7fb9ef4 CR3=0000000074d40000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000fe0 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000008762c7 RBX=0000000000000001 RCX=ffffffff8b131a39 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb123e0 RBP=ffffed10036e9910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000
R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901cd248 R15=0000000000000000
RIP=ffffffff8b132e1f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5745fbc CR3=0000000054a44000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000fe0 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016000000000 0000000600000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81c74384 RDX=0000000000000000
RSI=0000000000000000 RDI=0000000000000005 RBP=ffffea0000ae5280 RSP=ffffc90000e3f330
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=ffffea0000ae5280 R14=ffffea0000ae12c8 R15=dffffc0000000000
RIP=ffffffff818cb949 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7485008 CR3=000000002aa20000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000fe0 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b740080 RCX=ffffffff8180d1a4 RDX=ffff88801b748000
RSI=ffffffff8180d17f RDI=0000000000000005 RBP=ffffc90000457d78 RSP=ffffc90000457ca0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1bb853e
R12=1ffff9200008af98 R13=0000000000000001 R14=0000000000000003 R15=ffffed10056e8011
RIP=ffffffff8180d181 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f56f5538 CR3=0000000000614000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000